Peer-To-Peer News - The Week In Review - July 31st, '10

[JackSpratts]

Since 2002


































"We've started collecting information, such as IP addresses, logs and screen captures. We are initiating a conversation with enforcement agencies and we are willing to provide all the information we have." – Andrey Ternovskiy, Chatroulette


"It goes against all common sense. These are just drawings; no children have been harmed." – Leif Silbersky
































DMCA Update

Every three years, in a provision from 1998, the Librarian of Congress must revisit a copyright law know as the DMCA and tweak it by adding or removing temporary exemptions depending on need and comment.

This week the Librarian announced exemptions that take some of the bite out of what is generally regarded as one of the two most controversial communications and copyright bills in American history, along with the so-called Sonny Bono Copyright Term Extension Act which became law that same year.

These are big changes and whether or not they signal a true shift in direction remains to be seen but they do come at the same time a court ruled on one aspect of the legislation and instituted its own permanent exemption under general first amendment constitutional provisions.

Thee latest exemptions allow users to:

- crack broken or unsupported dongles if the encryption blocks access to licensed content (allowed by the courts this month)

- break e-book locks when all versions of a title prevent it from being read aloud by automated reading software

- crack DVD restrictions for clip captures under limited circumstances

- break video game DRM for investigative purposes

- “jailbreak” cell phones

These "new rights" must be renewed every three years because only the one judged by the court is permanent, but since the Librarian took so long to make this decision the next deadline is arriving in just two years. Needless to say it’s critical they continue to be renewed.

There is a long way to go before the DMCA is legitimized but if these latest decisions stand the journey won’t be quite as far.

Oh yeah. To celebrate, I cracked DeCSS and ripped a DVD. Or two.
















Enjoy,

Jack















July 31st, 2010




Mass BitTorrent Lawsuits Now Target Private Trackers
enigmax

Mass lawsuits against alleged file-sharers, such as those from the US Copyright Group and lawyers ACS:Law and Gallant MacMillan in the UK, are generally accepted to have been generated from evidence gathered from big public BitTorrent sites. Now it appears that at least one other firm has jumped on the bandwagon, this time targeting a large private tracker.

Mass lawsuits against alleged file-sharers are spreading like a plague of locusts from Europe over to the United States. By now, their action is clear. Gather IP address evidence against as many alleged file-sharers as possible and take legal action in order to discover their names and addresses. Once those details are learned, pressure the recipient by post with threatening financial ruination unless an early settlement of a few hundred dollars up to a couple of thousand is forthcoming.

While lawyers in Germany and the UK (ACS:Law, Davenport Lyons and now Gallant MacMillan) have been doing most of the pioneering work for this business model, it is the US Copyright Group and its pursuit of Hurt Locker file-sharers that has grabbed most of the headlines.

What all these lawyers have in common, is that none of them reveal where their evidence has been gathered from and since no cases have ever gone to court – that’s none, zero, nada – then no one has ever forced them to. From our dealings with specific and verified UK cases and from the scale of the US operation, it is fairly clear that the IP addresses used have been collated from public trackers.

Now it appears that adult movie company Lucas Entertainment have bucked the trend.

“You only have to conduct a quick Google search to see the rampant piracy all over the internet,” says Lucas Entertainment President/CEO Michael Lucas. “I am always surprised that users would deal with torrent sites and all the hassle that requires instead of streaming through LucasEntertainment.com, but I guess there are many people out there who have endless patience. We appreciate our fans wherever they are but business is business and we have to make some money off our content.”

To this end, not only has the company announced the filing of a lawsuit in Texas Northern District Court on July 19 which targets 65 defendants, but they have also uniquely revealed that they tracked the ‘John Does’ on a private BitTorrent tracker.

Although fairly niche when compared to the wide appeal of say, The Pirate Bay, Gay-Torrents.net (GT) is still a very big tracker. In existence since 2001 with more than 235,000 members, its users have now become the latest target in these lucrative ‘pay or else’ schemes. Copyright owners and lawyers want money from file-sharers, no matter where they live or what material they choose to obtain. And Lucas Entertainment are no different, although they are yet to announce exactly how much money they want.

This case should be of unique and special interest to all private tracker users because it raises some very interesting questions. GT, like all private sites, is a members only venue. This means that either Mr Lucas in person (or potentially one of his agents) is an active member of GT and must have actively participated in swarms.

Of course, this is true of public trackers too, but private trackers keep records – lots of them – so discovering the account connected with that can prove a trivial process. If it’s discovered that the account in question has been uploading, the litigation waters could get muddied significantly. In regular cases against file-sharers only anti-piracy groups carry evidence. Evidence on private trackers cuts both ways.

TorrentFreak spoke with an admin at GT who told us that they “would be somewhat displeased with any Member who sought to make a profit or take legal advantage of his torrenting activities via GT.”

That said, we are told that other GT members are indeed connected with the movie industry.

“Some GT Members are heavily involved in the same industry as Mr Lucas and also participate in filesharing because it is recognised that such activities are to their mutual benefit as movie producer, consumer and, in full agreement with GT and with our collaboration, as free advertiser and distributor,” TorrentFreak was told.

“The latter agreement would include a term that we advertise their new title and ban new productions for a specific period of time following release in order to encourage sales. Rather strangely some producers such as Lucas Entertainment appear to prefer a more litigious route rather than one of mutual cooperation,” explained a GT admin.

Nevertheless, more formal agreements aside, GT appears to be a somewhat considerate tracker.

“As a general courtesy to ALL studios (including our producer-Membership and their future uploads), we already impose a blanket ban on ALL pre-release titles regardless of Membership with GT. Our aim is to work in cooperation with the industry, but if the recent stories of further litigation are well-founded it appears some poorly advised studios stubbornly choose to view our Membership as common thieves rather than with respect as potential customers, and as free advertisers and distributors,” the admin concludes.

GT told TorrentFreak that they lay the blame for these lawsuits firmly at the door of outdated copyright laws applied to 21st century life, business and technology.

“Quite simply, governments and businesses worldwide need to catch up but we fear ACTA (the impending Anti-Counterfeiting Trade Agreement) will apply 20th century principles and shall deter innovation and quash new business models otherwise fit for modern societies.”

In the meantime copyright holders are making the best of it. Show them the money.
http://torrentfreak.com/mass-bittorr...racker-100725/





Tech News Sites Tout Misleading BitTorrent Piracy Study
Ernesto

A new study has been making the rounds, concluding that only 0.3% of all files available on BitTorrent are confirmed to be ‘legal’. The results of the study were promoted by anti-piracy outfit AFACT and have been picked up by several news outlets, including Ars Technica and ZDNet, who all failed to see that the report is bogus.

Every so often a new study surfaces that attempts to describe the BitTorrent landscape. Yesterday a study by the Internet Commerce Security Laboratory (ICSL) was publicized ([url=http://torrentfreak.com/static/bt_report_final.pdfpdf[/url]) and the researchers found that only 0.3% of all torrents were confirmed legal. Good enough for a catchy headline, but how accurate is the study really?

Unfortunately, the results of these type of studies are pushed by anti-piracy outfits and taken for granted by outsiders, even by respected news outlets on the Internet such as Ars Technica and ZDNet. In this case their reporters were completely taken in by the report.

Just a few minutes into reading the study we were shaking our heads here at the TorrentFreak headquarters. Mistake after mistake is made in the report and conclusions are drawn based on painfully inaccurate data and methodologies. We’ll lay out the most critical errors below, which represent just the tip of the iceberg.

The study aims to answer four questions. We will state each question and indicate what’s wrong with the answers.

1. How many files are shared using BitTorrent and what are the categories of shared files?

ICSL claims that there are slightly more than a million torrent files to be found online, according to data obtained from 17 BitTorrent trackers this spring. They further come up with an overview of categories where applications account for 2.3% of all torrents, while movies and TV-shows are good for more than 70%.

Both conclusions are horribly wrong.

We’re not sure how the researchers came up with the one million torrents because the OpenBitTorrent tracker, which is included in their sample, reports it has 2,5 million torrents alone. In addition, sites such as isoHunt index over 5 million unique torrents. Needless to say, ICSL’s data collection methods are far from accurate.

An even bigger flaw is found in the categorization process. The categories are not based on the entire set of torrents, but only on the most-seeded ones, which heavily skews the data. Books and applications generally have a lower seed count than movie and TV-shows which means that they are underrepresented in the category overview.

2. At a given point in time, how much sharing of files is actually occurring using BitTorrent?

“For the trackers that we scraped, we recorded a minimum of 117,420,061 current seeds. This value is calculated by determining the highest available seeder count for each torrent from any tracker that was scraped,” the researchers answer in their report.

Again this is figure is bogus, but this time it’s wrong on the other end of the scale. As will become clear later in our analysis, the researchers have made a critical mistake by including various trackers that report false seed counts. We had to chuckle when we saw 2-year-old torrents with more than a million seeders in their report. The real seed count at any given time lies between 10 and 20 million.

3. For each shared file, how many times has it been shared in total?

Here’s where the researchers make total fools out of themselves. In their answer to the question they refer to a table of the top 10 most seeded torrents. As noted before, the most seeded file was uploaded nearly two years ago (The Incredible Hulk) and has a massive 1,112,628 seeders. The torrent in 10th place is not doing bad either with 277,043 seeds. All false data.

We’re not sure where these numbers originate from but the best seeded torrent at the moment only has 13,739 seeders, that’s 1% of what the study reports. Also, the fact that the release is nearly two years old should have sounded some alarm bells. It appears that the researchers have pulled data from a bogus tracker, and it wouldn’t be a big surprise if all the torrents in their top 10 are actually fake.

4. Overall, what is the number and percentage of shared files which are infringing, both by number of files and total downloads?

Here the researchers conclude that 97.9% of all files on BitTorrent are copyright infringing, and only 0.3% confirmed ‘legal’. Based on our previous conclusions it is hard to believe that these figures are even remotely accurate, and they aren’t. There are too many flaws in the methodology to list here, but for one this statistic is grossly inaccurate because it’s based on the most popular files, of which many are fake.

The researchers should have at least tried to determine the percentage of infringing files on their whole (inaccurate) dataset instead of the most seeded ones (of which many are fake). We’re not trying to argue that the majority of the torrents are legit, but the selection of torrents and sources is extremely biased towards discovering copyright infringing torrents.

To back this up, we only have to take a look at isoHunt. According to isoHunt their site indexes 5,451,959 unique torrent files, and 85,457 of these come from Jamendo, a site that publishes only Creative Commons licensed music. So that’s already 1.5% torrents that can be shared legally, without mentioning any Linux distros.

Bottom line is that this ‘Academic’ paper is one of the most inaccurate reports we’ve seen thus far, and the mainstream tech media either didn’t spend long reading the report or simply didn’t have the specialist knowledge to read the results and come to their own conclusions. Even worse, the Australian anti-piracy outfit AFACT will probably use this ‘credible’ report in court to convince the court that the local ISP iiNet responsible for the copyright infringements of its customers.

Let’s hope that Ars and others will update their reports accordingly.

We’ve contacted Paul Watters, one of the researchers, for a comment but haven’t heard back from him yet.
http://torrentfreak.com/tech-news-si...-study-100724/





Is MMS Just Like Limewire? New Lawsuit Against AT&T, Verizon, Sprint & T-Mobile Says So...
from the say-what-now dept

Regular Techdirt commenter Max Davis (who I believe may be involved in this lawsuit) passed along the news that all the big US mobile operators have been sued -- including AT&T, Verizon Wireless, Sprint and T-Mobile -- under the claim that their MMS platforms are really illegal file sharing networks, and that these operators are no different than Limewire or Gnuttella. Yes, seriously -- the email Max sent repeatedly refers to MMS and Limewire as if they were the same.

Honestly, the whole lawsuit seems ridiculous. Here's the crux of it:

Defendants, and each of them, enabled the transfer/transmission and publication of this copyright protected content via mobile devices by building and implementing a peer to peer file sharing network with the dedicated purpose of enabling end users to share multimedia files via this MMS network. Defendants, and each of them, profited from these activities by charging the transmitter and receivers of this content a fee or flat rate for the transfer/transmission that resulted in the publication of said content. Despite charging the transmitter and receiver a fee for the delivery of this copyrighted content, Defendants, and each of them, failed to compensate the holder of the copyrights for this content that was necessary in generating the MMS data revenue. Furthermore, Defendants, and each of them failed or refused to provide a system where an adequate accounting of the transfer/transmission and publication of this copyrighted content could be made.

Basically, this company, Luvdarts, made MMS content, and it got distributed via MMS. Since recipients of MMS can forward the MMS data they receive, such content got forwarded around. Since the mobile operators receive revenue for MMS data, Luvdarts is effectively claiming that they are profiting off the infringement of Luvdarts content. This makes no sense. It's like saying that any email provider is infringing on the copyrights of email writers by letting recipients forward emails. You know those chain emails that get passed around? Imagine if one of the authors of those then sued all the big email providers. It would get laughed out of court. Hopefully, this lawsuit gets laughed out of court too.

The one oddity is that the lawsuit claims that the mobile operators do not qualify for DMCA safe harbor protections, because they're "not service providers" as defined in the DMCA. Specifically:

The transmission of this MMS data is not covered by the exemption for Internet Service Providers as set forth in 17 U.S.C. §512 because the wireless carriers are not Internet Service Providers as defined by §512 while providing a dedicated MMS network for multimedia file sharing.

Really? If you haven't read your §512 lately, why not go take a look and explain how a mobile operator offering MMS is not covered. It certainly seems covered by the definition:

Definitions.--
(1) Service provider--
(A) As used in subsection (a), the term "service provider" means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received.
(B) As used in this section, other than subsection (a), the term "service provider" means a provider of online services or network access, or the operator of facilities therefor, and includes an entity described in subparagraph (A).

Help me out. Where are mobile operators offering MMS features excluded? Looks like yet another frivolous lawsuit. But, of course, Luvdarts is demanding the statutory maximum of $150,000 per infringement, and claims "9,999 to 100,000 counts of infringement" (broad enough range there?). Good luck, Max.
http://www.techdirt.com/blog/wireles...45710327.shtml





Bill to Ban File-Sharing 'Goes too Far'
Andrea Vance

Banning file-sharing in a crackdown on internet piracy could target emails, web browsing, and some forms of journalism, MPs will be told today.

File-sharing is the sharing of computer data such as music or videos.

The Copyright (Infringing File Sharing) Amendment Bill is before the commerce select committee and seeks to toughen the penalties for illegal downloading.

The Creative Freedom Foundation (CFF), which represents 20,000 artists, will tell the committee's MPs the definition of file-sharing in the bill is too broad.

It could apply to anyone who is sent an email, chat message, or article containing material which breaches copyright.

CFF director Bronwyn Holloway-Smith said the legislation should be restricted to "uploading" files providing data online.

"The internet is a great big copying machine and when you interact with it ... you are constantly downloading content. That definition should be restricted to ... uploading so that you are not breaking the law when someone emails you something that is infringing [copyright], because you are a passive recipient of that."

The bill would allow copyright owners to ask for a six-month suspension of the internet accounts of those who repeatedly infringe.

But the charity says the penalty should be fines, limited to the retail cost of the downloaded material.

Last week, internet entrepreneur Lance Wiggs told the committee the recording and film industries needed to give a "legal alternative" to piracy, with better access to movies and music in New Zealand.

Ms Holloway-Smith said: "We have suggested that if the downloaded item isn't available legally on the internet we don't see how you can claim a lost sale."

Trade Me will also appear before MPs this morning. In a submission, general counsel Christine Lanham said the company supported "several aspects" of the legislation
http://www.stuff.co.nz/national/poli...g-goes-too-far





Court Backs Dismissal of Digital Copyright Claim

General Electric did not infringe on a power supplier's digital copyrights when it used protected software unlocked through a hacked security key, the 5th Circuit ruled.

"Merely bypassing a technological protection that restricts a user from viewing or using a work is insufficient to trigger the (Digital Millennium Copyright Act's) anti-circumvention provision," Judge Garza wrote for the New Orleans-based court.

"The DMCA prohibits only forms of access that would violate or impinge on the protections that the Copyright Act otherwise affords copyright owners."

The ruling stems from a lawsuit filed by MGE UPS Systems, a manufacturer of uninterruptible power supply machines used by companies like Power Maintenance International (PMI), which was bought by GE in 2001.

To fix the machines, technicians have to use MGE's copyrighted software programs. The software can be unlocked with an external hardware security key, called a "dongle."

Dongles have expiration dates, passwords and a maximum number of uses.

Years after MGE introduced this technology, hackers posted information online on how to bypass the hardware key. Once a key is cracked, the software can be freely used and copied.

In its lawsuit against GE and PMI, MGE claimed a group of PMI employees had at least one copy of software obtained from a hacked machine. It said GE used the software 428 times between June 2000 and May 2002, even after a judge barred GE from using MGE's software and trade secrets.

A jury awarded MGE more than $4.6 million in damages for copyright infringement and misappropriation of trade secrets, but the trial judge dismissed its Digital Millennium Copyright Act claim.

MGE appealed, arguing that its dongles barred the kind of access to its software that the Act is meant to prevent.

But the 5th Circuit said MGE "advances too broad a definition of 'access.'"

"Without showing a link between 'access' and 'protection' of the copyrighted work, the DMCA's anti-circumvention provision does not apply," Judge Emilio Garza wrote.

"The owner's technological measure must protect the copyrighted material against an infringement of a right that the Copyright Act protects, not from mere use or viewing."
http://www.courthousenews.com/2010/07/23/29099.htm





Artists Lose Out as Fans Stop Burning CDs

Musicians, actors and other artists have seen their revenues from blank CDs and DVDs plummet as file sharers adapt their habits and embrace a range of technologies.

Income generated from a copy fee built in to the price of recordable CDs and DVDs – and shared among artists and copyright holders – has almost halved over the last two years. In 2007, sales of blank discs generated 200 million kronor ($28 million) for artists, compared to just 113 million kronor in 2009.

Copyswede, the umbrella organisation for copyright groups that administers the fee, believes the plunge in revenue can be attributed to a shift in the ways music and films are now consumed.

“We’re seeing a technology shift whereby the discs in themselves are no longer of interest. File sharers and others have started using different technologies. Things can instead be stored on people’s computer hard drives or their telephones,” Copyswede’s managing director Mattias Åkerlind told news agency TT.

Copyswede distributes the funds generated from fees that are included in the prices of recordable hard drives, mp3 players, and blank discs. But as its members’ revenues shrink, the organization is pushing for legislation that will extend the fees to other technologies.

“We don’t currently receive any revenue from hard drives or telephones despite legislation decreeing that fees should apply to any products that are particularly suitable for piracy. The pattern we think we’re seeing is one of piracy moving to external hard drives and USB flash drives while telephones are being used for storage,” said Åkerlind.

Copyswede’s proposed fee would add around 100 kronor to the cost of a mobile phone with 32 gigabytes of memory. But negotiations have stalled of late, with the organisation enjoying scant support from electronics retailers opposed to price hikes on goods like telephones and hard disks.

“We’ll probably have to ask the legislator for help and we’ve already approached the justice ministry about this matter. We’re hoping for a reaction by autumn,” said Åkerlind.
http://www.thelocal.se/27860/20100718/





ASCAP Boss Refuses To Debate Lessig; Claims That It's An Attempt To 'Silence' ASCAP
from the you-and-me-against-the-world dept

We were among those who were amazed at ASCAP's misguided and factually incorrect attack on EFF, Public Knowledge and Creative Commons. ASCAP's Paul Williams falsely made the claim that those three groups were against copyright and against compensating content creators. Nothing could be further from the truth. All three groups responded politely to the bizarre and factually incorrect attack, and many ASCAP members who support these groups and use Creative Commons licenses expressed their displeasure with ASCAP for such a blatantly misleading letter. Larry Lessig responded with a blog post, again pointing out the blatant errors in ASCAP's attack, noting that these groups actually look to help content creators by providing them tools to better exercise their rights. In that blog post, Lessig also challenged Williams to a debate so they could iron out their differences and ASCAP could (hopefully) retract their false attacks on these groups, and focus on helping artists again.

Hephaestus points out that Williams and ASCAP have refused to debate Lessig, with an open letter that is so bizarre that I keep rereading it to make sure it's not a joke. But, apparently, it's no joke, and it gets more and more bizarre the further you read, down to the point where Williams suggests Lessig's request for a debate is really an attempt to "silence" him. But, let's start at the beginning:

Quote:

Anti-copyright crusaders are currently engaged in a publicity campaign to discredit ASCAP's efforts to defend the copyrights of our professional songwriter and composer members.

Again, the groups that Williams mentioned (though, amusingly, he does not rename them here) are not anti-copyright. And the statement is wrong as well. The only thing people are trying to "discredit," are the blatantly false claims that EFF, Public Knowledge and Creative Commons are trying to undermine copyright or that "their mission is to spread the word that our music should be free." None of those groups makes any such claim.

Quote:

The copyleft movement has encouraged a culture of disrespect for copyright by defending corporate and individual infringers; undermining every effort to provide more effective protection, no matter how limited or reasonable; promoting a reduction in copyright protection; supporting the dismantling of our rights through the courts; and questioning the basic premise that the tidal wave of infringements and unlicensed uses online hurts creators.

Well, that's one way of looking at things. Even if it's wrong. First of all, Creative Commons has done no such thing in "defending" infringers. That's just false. EFF and Public Knowledge don't defend infringement, either. They defend consumer rights, and advocate balance in how copyright law treats consumers. Copyright law in the US was always supposed to be about providing more benefit to society as a whole, not about protectionism of artists. That EFF and Public Knowledge get attacked for simply reminding people of that fact seems like a travesty. As for the final point: "questioning the basic premise that the tidal wave of infringements and unlicensed uses online hurts creators." How does asking whether or not a claim made by certain organizations is true or false undermine copyright?

Has ASCAP really sunk so low that simply looking to see if something is factual is somehow "undermining" copyright? Really?

Then, in responding directly to Lessig's debate challenge, Williams spends a few paragraphs talking about his own success as a songwriter, and how he now spends all of his time fighting for the right of songwriters to make a living. And, because of that, he doesn't have time to debate Lessig, because he doesn't see how it will "help" in this neverending fight.

Of course, this is ridiculous. Everyone wants content creators to be fairly compensated and to earn a good living. The EFF has even put together a proposal (which I don't agree with) to create an ASCAP-like setup for digital music. Creative Commons gives content creators more options in easily licensing their music, to make it easier for them to get heard and to use within a business model. As for Public Knowledge, just a few months ago I was at an event they put on, which celebrated various content creators and their success stories in figuring out smart ways to earn a living. And, of course, many others who are regularly derided as being a part of the "copyleft" are successful content creators ourselves, and regularly highlight smart ways for content creators to earn a living. Suggesting that any of us are against helping content creators earn a living is both false and extremely disingenuous.

And then it gets bizarre. Williams simply repeats the false claims that were clearly debunked by tons of people in responding to his original letter:

Quote:

I am well aware of those "copyleft" mouthpieces who take a highly critical view of ASCAP's efforts to protect our members' rights. That will not change ASCAP's commitment to doing so. ASCAP exists for one purpose -- fair payment to music creators for the use of their music by businesses and others who seek to attract viewers and customers. ASCAP has long welcomed and licensed new technological means of performing its members works, seeking only reasonable fees for those performances. Our members have every right to give their music away for free if they choose, but they should not be forced to do so.

People aren't upset that ASCAP is trying to protect members' rights. They're upset that (1) ASCAP seems to stretch the legal boundaries to do so -- such as claiming that ringtones or the 30-second "previews" on iTunes are "public performances" that require a separate licensing fee and (2) that you falsely claimed any of these groups were somehow seeking to "force" musicians to give away their music for free. No one has ever suggested that at all. That's what got everyone upset. For Wiliams' response to simply repeat that blatantly false claim is strange.

And then there's this:

Quote:

What I find most fascinating is that those who purport to support a climate of free culture work so hard to silence opposing points of view. They will not silence me.

Huh?!? No one has tried, at all, to silence Williams. In fact, people seem to have done the exact opposite. They've asked you to come out and talk about stuff in a public debate. That's the opposite of trying to silence you. No one has any interest in silencing Williams at all. We just want him to stop making totally false claims and attacking groups who have worked hard to support artists as well by falsely suggesting they seek to undermine artists.
http://www.techdirt.com/articles/201...70310388.shtml





French Nuns In Music Deal Get Death Threat – Report

Benedictine nuns from a secluded convent in southern France have received death threats after winning a deal aimed at creating a chart-topping album, a newspaper reported on Thursday.

The nuns from the Abbaye de Notre-Dame de l'Annonciation near Avignon had their prayers answered last week after beating 70 other religious orders from North America and Africa to the deal with Universal Music.

The sisters, whose album is set to be released in November, put a clip of their Gregorian chants online, but realized on Tuesday a raft of death threats had been put at the bottom of the clip, La Provence reported on its website.

"There were threats written in English saying that these nuns had to be killed," the newspaper reported, citing a person close to the matter.

The newspaper said the nuns had informed the police and asked them to keep a closer eye on the convent.

The sisters are not allowed to leave the convent or receive guests and only communicate with visitors through a grill.

The comments were no longer on the website on Thursday with only messages of encouragement left.

The nuns join a label that includes the likes of Elton John, The Rolling Stones and convent-educated chart topper Lady Gaga.

(Reporting by John Irish and Laure Bretton; Editing by Michael Roddy)
http://www.reuters.com/article/idUSTRE66S4OA20100729





Study: Libraries Top The Competition In Lending Movies
Kim Velsey

Red boxes, red envelopes and the blue and yellow Blockbuster stores may dominate the movie rental landscape, but according to a recent survey, when Americans want to watch a DVD, they are most likely to turn to their local library.

The survey, released this year by OCLC, a nonprofit library co-operative and research organization, found that public libraries in the United States lend an average 2.1 million videos every day, slightly more than the 2 million that Netflix ships. The other top two competitors, Redbox and Blockbuster, come in at 1.4 million and 1.2 million respectively, according to daily averages provided by company representatives.

The findings were part of a report called "How Libraries Stack Up," which highlights the many roles that libraries play in communities, according to OCLC market analysis manager Peggy Gallagher. It also includes statistics on career assistance and Wi-Fi use — the extent of which might be surprising to the general public or even to businesses offering similar services.

"I think of libraries as places for books," said Steve Swasey, Netflix's vice president of corporate communications, adding that Netflix doesn't view public libraries as a competitor.

"It's free," said Swasey, "so it's a whole different model."

Libraries have been lending movies for decades, of course, but the size and scope of the offerings have changed vastly, from smatterings of PBS documentaries on VHS to smorgasbords of new releases, art house and hard-to-find foreign films, children's movies and TV shows on DVD and Blue-ray.

In the past 10 years, public libraries in the United States have doubled their movie collections — from 73.5 video materials per 1,000 people in 1999 to 166.7 in 2008, according to the most recent study by the Institute of Museum and Library Services. At the same time, print materials fell from 2,846 volumes per 1,000 people to 2,767 volumes.

In Connecticut, as in the rest of the country, books still make up the vast majority of library collections — 14.2 million books to 927,000 movies — but movies have a much higher circulation rate, according to Connecticut State Library statistician Tom Newman. They account for about 27 percent of library circulation.

"People think we're all about books," said Debbie Herman, president of the Connecticut Library Association. "But we have all these other resources to offer."

Netflix still dominates in Connecticut, with some 55,000 movies being shipped out of the Hartford distribution center daily, vs. 23,923 library checkouts (Redbox, a far runner-up, rents 13,000 movies per day from Connecticut kiosks). But librarians say that demand for movies is growing.

"Friday nights, the hour before we close, it's like a video store," said Simsbury Library Director Susan Bullock. "People are running to get their movies before the weekend."

Catering to patrons has contributed to the circulation surge at Simsbury and many other libraries. Bullock said that circulation boomed after the library figured out what kinds of movies people want to see: "24," "Inspector Poirot," "Star Trek," "Stargate," "I Love Lucy," "The Dick Cavett Show," BBC shows and foreign films.

Barbara Bailey, director of Glastonbury's Welles-Turner Memorial Library, said that the library also welcomes requests, buying multiple copies of new releases and each year's Oscar-nominated films.

"Traditionally, libraries have tried to concentrate on educational movies and award winners," Bailey said. "Right now … if it looks like something that will be watched by many people, we go ahead and buy it."

The policy results in both critically acclaimed and blockbuster titles: Due to popular demand, West Hartford just added 200 titles from the Criterion collection, an art house distributor, according to community services librarian Joseph Cadieux.

"Libraries want to serve our communities," said Herman of the Connecticut Library Association.

There is, of course, another enormous reason for library movies' popularity: They're free, a not insignificant quality, especially during the recession, when library use rose in Connecticut and across the country.

Felix Kossi, a student at Capital Community College, said that he checks movies out of Hartford Public Library twice a week. The visits, he said, were economically motivated, although not by the recession.

"I used to buy movies," Kossi said. "But I stopped because my friends would borrow them and not bring them back."

Jose Rosa, browsing the DVD selection in Manchester's Mary Cheney Library last week, said that cost is a factor for him as well — he's a big movie watcher and supplements a streaming Netflix subscription with the library's variety of older titles.

Largely, though, he likes the library because it's a library. He can look at movies while his 12-year-old son finds books to take home.

He noted that it also provides a personal touch: The librarians are really helpful. With neighborhood video stores nearly extinct, libraries are one of the few places where people can flip through movies and trade recommendations with one another.

"Netflix will give you the newest releases," said Library Director Douglas McDonough, "but there is a big social function to libraries."

Herman added that the debate over whether movies belong in libraries, has, she believes, been settled.

"Do movies help educate, promote literacy, contribute to the forum of ideas?" said Herman. "Then I think there is a place for them."
http://www.courant.com/business/hc-l...,2847883.story





The Web's New Gold Mine: Your Secrets

A Journal investigation finds that one of the fastest-growing businesses on the Internet is the business of spying on consumers. First in a series.
Julia Angwin

Hidden inside Ashley Hayes-Beaty's computer, a tiny file helps gather personal details about her, all to be put up for sale for a tenth of a penny.

The file consists of a single code— 4c812db292272995e5416a323e79bd37—that secretly identifies her as a 26-year-old female in Nashville, Tenn.

The code knows that her favorite movies include "The Princess Bride," "50 First Dates" and "10 Things I Hate About You." It knows she enjoys the "Sex and the City" series. It knows she browses entertainment news and likes to take quizzes.

"Well, I like to think I have some mystery left to me, but apparently not!" Ms. Hayes-Beaty said when told what that snippet of code reveals about her. "The profile is eerily correct."

Ms. Hayes-Beaty is being monitored by Lotame Solutions Inc., a New York company that uses sophisticated software called a "beacon" to capture what people are typing on a website—their comments on movies, say, or their interest in parenting and pregnancy. Lotame packages that data into profiles about individuals, without determining a person's name, and sells the profiles to companies seeking customers. Ms. Hayes-Beaty's tastes can be sold wholesale (a batch of movie lovers is $1 per thousand) or customized (26-year-old Southern fans of "50 First Dates").

"We can segment it all the way down to one person," says Eric Porres, Lotame's chief marketing officer.

One of the fastest-growing businesses on the Internet, a Wall Street Journal investigation has found, is the business of spying on Internet users.

The Journal conducted a comprehensive study that assesses and analyzes the broad array of cookies and other surveillance technology that companies are deploying on Internet users. It reveals that the tracking of consumers has grown both far more pervasive and far more intrusive than is realized by all but a handful of people in the vanguard of the industry.

• The study found that the nation's 50 top websites on average installed 64 pieces of tracking technology onto the computers of visitors, usually with no warning. A dozen sites each installed more than a hundred. The nonprofit Wikipedia installed none.

• Tracking technology is getting smarter and more intrusive. Monitoring used to be limited mainly to "cookie" files that record websites people visit. But the Journal found new tools that scan in real time what people are doing on a Web page, then instantly assess location, income, shopping interests and even medical conditions. Some tools surreptitiously re-spawn themselves even after users try to delete them.

• These profiles of individuals, constantly refreshed, are bought and sold on stock-market-like exchanges that have sprung up in the past 18 months.

The new technologies are transforming the Internet economy. Advertisers once primarily bought ads on specific Web pages—a car ad on a car site. Now, advertisers are paying a premium to follow people around the Internet, wherever they go, with highly specific marketing messages.

It's rarely a coincidence when you see Web ads for products that match your interests. WSJ's Christina Tsuei explains how advertisers use cookies to track your online habits.

In between the Internet user and the advertiser, the Journal identified more than 100 middlemen—tracking companies, data brokers and advertising networks—competing to meet the growing demand for data on individual behavior and interests.

The data on Ms. Hayes-Beaty's film-watching habits, for instance, is being offered to advertisers on BlueKai Inc., one of the new data exchanges.

"It is a sea change in the way the industry works," says Omar Tawakol, CEO of BlueKai. "Advertisers want to buy access to people, not Web pages."

The Journal examined the 50 most popular U.S. websites, which account for about 40% of the Web pages viewed by Americans. (The Journal also tested its own site, WSJ.com.) It then analyzed the tracking files and programs these sites downloaded onto a test computer.

As a group, the top 50 sites placed 3,180 tracking files in total on the Journal's test computer. Nearly a third of these were innocuous, deployed to remember the password to a favorite site or tally most-popular articles.

But over two-thirds—2,224—were installed by 131 companies, many of which are in the business of tracking Web users to create rich databases of consumer profiles that can be sold.

The top venue for such technology, the Journal found, was IAC/InterActive Corp.'s Dictionary.com. A visit to the online dictionary site resulted in 234 files or programs being downloaded onto the Journal's test computer, 223 of which were from companies that track Web users.

The information that companies gather is anonymous, in the sense that Internet users are identified by a number assigned to their computer, not by a specific person's name. Lotame, for instance, says it doesn't know the name of users such as Ms. Hayes-Beaty—only their behavior and attributes, identified by code number. People who don't want to be tracked can remove themselves from Lotame's system.

And the industry says the data are used harmlessly. David Moore, chairman of 24/7 RealMedia Inc., an ad network owned by WPP PLC, says tracking gives Internet users better advertising.

"When an ad is targeted properly, it ceases to be an ad, it becomes important information," he says.

Tracking isn't new. But the technology is growing so powerful and ubiquitous that even some of America's biggest sites say they were unaware, until informed by the Journal, that they were installing intrusive files on visitors' computers.

The Journal found that Microsoft Corp.'s popular Web portal, MSN.com, planted a tracking file packed with data: It had a prediction of a surfer's age, ZIP Code and gender, plus a code containing estimates of income, marital status, presence of children and home ownership, according to the tracking company that created the file, Targus Information Corp.

Both Targus and Microsoft said they didn't know how the file got onto MSN.com, and added that the tool didn't contain "personally identifiable" information.

Tracking is done by tiny files and programs known as "cookies," "Flash cookies" and "beacons." They are placed on a computer when a user visits a website. U.S. courts have ruled that it is legal to deploy the simplest type, cookies, just as someone using a telephone might allow a friend to listen in on a conversation. Courts haven't ruled on the more complex trackers.

The most intrusive monitoring comes from what are known in the business as "third party" tracking files. They work like this: The first time a site is visited, it installs a tracking file, which assigns the computer a unique ID number. Later, when the user visits another site affiliated with the same tracking company, it can take note of where that user was before, and where he is now. This way, over time the company can build a robust profile.

One such ecosystem is Yahoo Inc.'s ad network, which collects fees by placing targeted advertisements on websites. Yahoo's network knows many things about recent high-school graduate Cate Reid. One is that she is a 13- to 18-year-old female interested in weight loss. Ms. Reid was able to determine this when a reporter showed her a little-known feature on Yahoo's website, the Ad Interest Manager, that displays some of the information Yahoo had collected about her.

Yahoo's take on Ms. Reid, who was 17 years old at the time, hit the mark: She was, in fact, worried that she may be 15 pounds too heavy for her 5-foot, 6-inch frame. She says she often does online research about weight loss.

"Every time I go on the Internet," she says, she sees weight-loss ads. "I'm self-conscious about my weight," says Ms. Reid, whose father asked that her hometown not be given. "I try not to think about it…. Then [the ads] make me start thinking about it."

Yahoo spokeswoman Amber Allman says Yahoo doesn't knowingly target weight-loss ads at people under 18, though it does target adults.

"It's likely this user received an untargeted ad," Ms. Allman says. It's also possible Ms. Reid saw ads targeted at her by other tracking companies.

Information about people's moment-to-moment thoughts and actions, as revealed by their online activity, can change hands quickly. Within seconds of visiting eBay.com or Expedia.com, information detailing a Web surfer's activity there is likely to be auctioned on the data exchange run by BlueKai, the Seattle startup.

Each day, BlueKai sells 50 million pieces of information like this about specific individuals' browsing habits, for as little as a tenth of a cent apiece. The auctions can happen instantly, as a website is visited.

Spokespeople for eBay Inc. and Expedia Inc. both say the profiles BlueKai sells are anonymous and the people aren't identified as visitors of their sites. BlueKai says its own website gives consumers an easy way to see what it monitors about them.

Tracking files get onto websites, and downloaded to a computer, in several ways. Often, companies simply pay sites to distribute their tracking files.

But tracking companies sometimes hide their files within free software offered to websites, or hide them within other tracking files or ads. When this happens, websites aren't always aware that they're installing the files on visitors' computers.

Often staffed by "quants," or math gurus with expertise in quantitative analysis, some tracking companies use probability algorithms to try to pair what they know about a person's online behavior with data from offline sources about household income, geography and education, among other things.

The goal is to make sophisticated assumptions in real time—plans for a summer vacation, the likelihood of repaying a loan—and sell those conclusions.

Some financial companies are starting to use this formula to show entirely different pages to visitors, based on assumptions about their income and education levels.

Life-insurance site AccuquoteLife.com, a unit of Byron Udell & Associates Inc., last month tested a system showing visitors it determined to be suburban, college-educated baby-boomers a default policy of $2 million to $3 million, says Accuquote executive Sean Cheyney. A rural, working-class senior citizen might see a default policy for $250,000, he says.

"We're driving people down different lanes of the highway," Mr. Cheyney says.

Consumer tracking is the foundation of an online advertising economy that racked up $23 billion in ad spending last year. Tracking activity is exploding. Researchers at AT&T Labs and Worcester Polytechnic Institute last fall found tracking technology on 80% of 1,000 popular sites, up from 40% of those sites in 2005.

The Journal found tracking files that collect sensitive health and financial data. On Encyclopaedia Britannica Inc.'s dictionary website Merriam-Webster.com, one tracking file from Healthline Networks Inc., an ad network, scans the page a user is viewing and targets ads related to what it sees there. So, for example, a person looking up depression-related words could see Healthline ads for depression treatments on that page—and on subsequent pages viewed on other sites.

Healthline says it doesn't let advertisers track users around the Internet who have viewed sensitive topics such as HIV/AIDS, sexually transmitted diseases, eating disorders and impotence. The company does let advertisers track people with bipolar disorder, overactive bladder and anxiety, according to its marketing materials.

Targeted ads can get personal. Last year, Julia Preston, a 32-year-old education-software designer in Austin, Texas, researched uterine disorders online. Soon after, she started noticing fertility ads on sites she visited. She now knows she doesn't have a disorder, but still gets the ads.

It's "unnerving," she says.

Tracking became possible in 1994 when the tiny text files called cookies were introduced in an early browser, Netscape Navigator. Their purpose was user convenience: remembering contents of Web shopping carts.

Back then, online advertising barely existed. The first banner ad appeared the same year. When online ads got rolling during the dot-com boom of the late 1990s, advertisers were buying ads based on proximity to content—shoe ads on fashion sites.

The dot-com bust triggered a power shift in online advertising, away from websites and toward advertisers. Advertisers began paying for ads only if someone clicked on them. Sites and ad networks began using cookies aggressively in hopes of showing ads to people most likely to click on them, thus getting paid.

Targeted ads command a premium. Last year, the average cost of a targeted ad was $4.12 per thousand viewers, compared with $1.98 per thousand viewers for an untargeted ad, according to an ad-industry-sponsored study in March.

The Journal examined three kinds of tracking technology—basic cookies as well as more powerful "Flash cookies" and bits of software code called "beacons."

More than half of the sites examined by the Journal installed 23 or more "third party" cookies. Dictionary.com installed the most, placing 159 third-party cookies.

Cookies are typically used by tracking companies to build lists of pages visited from a specific computer. A newer type of technology, beacons, can watch even more activity.

Beacons, also known as "Web bugs" and "pixels," are small pieces of software that run on a Web page. They can track what a user is doing on the page, including what is being typed or where the mouse is moving.

The majority of sites examined by the Journal placed at least seven beacons from outside companies. Dictionary.com had the most, 41, including several from companies that track health conditions and one that says it can target consumers by dozens of factors, including zip code and race.

Dictionary.com President Shravan Goli attributed the presence of so many tracking tools to the fact that the site was working with a large number of ad networks, each of which places its own cookies and beacons. After the Journal contacted the company, it cut the number of networks it uses and beefed up its privacy policy to more fully disclose its practices.

The widespread use of Adobe Systems Inc.'s Flash software to play videos online offers another opportunity to track people. Flash cookies originally were meant to remember users' preferences, such as volume settings for online videos.

But Flash cookies can also be used by data collectors to re-install regular cookies that a user has deleted. This can circumvent a user's attempt to avoid being tracked online. Adobe condemns the practice.

Most sites examined by the Journal installed no Flash cookies. Comcast.net installed 55.

That finding surprised the company, which said it was unaware of them. Comcast Corp. subsequently determined that it had used a piece of free software from a company called Clearspring Technologies Inc. to display a slideshow of celebrity photos on Comcast.net. The Flash cookies were installed on Comcast's site by that slideshow, according to Comcast.

Clearspring, based in McLean, Va., says the 55 Flash cookies were a mistake. The company says it no longer uses Flash cookies for tracking.

CEO Hooman Radfar says Clearspring provides software and services to websites at no charge. In exchange, Clearspring collects data on consumers. It plans eventually to sell the data it collects to advertisers, he says, so that site users can be shown "ads that don't suck." Comcast's data won't be used, Clearspring says.

Wittingly or not, people pay a price in reduced privacy for the information and services they receive online. Dictionary.com, the site with the most tracking files, is a case study.

The site's annual revenue, about $9 million in 2009 according to an SEC filing, means the site is too small to support an extensive ad-sales team. So it needs to rely on the national ad-placing networks, whose business model is built on tracking.

Dictionary.com executives say the trade-off is fair for their users, who get free access to its dictionary and thesaurus service.

"Whether it's one or 10 cookies, it doesn't have any impact on the customer experience, and we disclose we do it," says Dictionary.com spokesman Nicholas Graham. "So what's the beef?"

The problem, say some industry veterans, is that so much consumer data is now up for sale, and there are no legal limits on how that data can be used.

Until recently, targeting consumers by health or financial status was considered off-limits by many large Internet ad companies. Now, some aim to take targeting to a new level by tapping online social networks.

Media6Degrees Inc., whose technology was found on three sites by the Journal, is pitching banks to use its data to size up consumers based on their social connections. The idea is that the creditworthy tend to hang out with the creditworthy, and deadbeats with deadbeats.

"There are applications of this technology that can be very powerful," says Tom Phillips, CEO of Media6Degrees. "Who knows how far we'd take it?"

—Emily Steel, Jennifer Valentino-DeVries and Tom McGinty contributed to this report.
http://online.wsj.com/article/SB1000...12989404.html#





Senators Fail to Agree on Privacy Approach
Declan McCullagh

After six months worth of allegations of privacy invasions involving some of the largest Internet companies, it should come as no surprise that politicians are calling for new laws. The fact that it's an election year probably made it inevitable.

But an unusually lengthy Senate Commerce Committee hearing on Tuesday, titled "Consumer Online Privacy," made it clear that there was zero consensus of what approach to take.

Politicians fretted about everything from Amazon.com keeping records of what customers purchased, unsubscribing from spammers' lists, peer-to-peer software vulnerabilities, the now-defunct NebuAd, cancer patients whose sensitive e-mail is redistributed, Facebook "commercially scanning" its users' information, which regulators should be in charge, and whether mandating credit card-like disclosure statements for Web sites would be a good idea.

Don't look for any actual legislation to be enacted anytime soon, in other words.

The hearing comes as U.S. companies' data collection and use practices are being subjected to increasing scrutiny on Capitol Hill, in part because of high-profile privacy missteps by Facebook, Google's accidental capturing of some unencrypted Wi-Fi traffic, and allegations that everything from Twitter to smart grids and in-store advertising has become overly privacy-invasive. And there was AT&T's data breach last month that potentially exposed some personal information about more than 100,000 Apple iPad owners.

Meanwhile, two lengthy--and highly regulatory--data use bills recently have been proposed in the House of Representatives. Internet industry representatives have warned they could cause economic harm.

Even if the members of the Senate Commerce Committee agreed on legislation tomorrow, there's scant time left to enact it this year. But in addition to allowing senators to position themselves as pro-privacy in relation to a topic that's been in the news, Tuesday's hearing could set the stage for an actual law in 2011.

The question is just what form it might take. Tuesday's committee meeting ranged so widely it's difficult to find an apt analogy: it was rather like an armed services committee veering from discussions of Wikileaks to Taiwanese tank purchases to nuclear arms reduction to what military bases to close.

Sen. Claire McCaskill (D-Mo.), for instance, was worried that after she "looked up a foreign SUV" on the Internet, she visited another Web site and "there were a bunch of ads for foreign SUVs." (McCaskill carefully assured the cameras that if, in fact, she were to go through with a purchase of an SUV, "it would certainly be an American SUV.")

McCaskill then asked Google privacy engineer Alma Whitten what happens if someone prints out a coupon with a bar code and takes it into a store. "Isn't it true that at this point...embedded in that bar code is a whole bunch of information about you?"

Whitten tactfully replied that Google does not "engage in" the practice of offering grocery store coupons.

Committee Chairman Jay Rockefeller (D-W.Va.), who appeared not to be a frequent customer of Amazon.com or eBay, was worried that an online retailer "records every book you purchase" and "these machines, as I call them, are storing all of this information about you."

Sen. George LeMieux (R-Fla.) wanted "uniformity like I know we've done with credit cards with the box that you see on your credit card statement that is in bold." In the past, LeMieux said, "Congress passed that regulation (which) allows you to see in clear writing what it is and there's some uniformity to it, I think that that is good for consumers."

LeMieux didn't go into details about what kind of boxes Web sites would be required to post, or how mobile devices would display it. (There are some related industry efforts afoot to do that for browsers.)

Sen. John Thune (R-S.D.) was more concerned with what happens when government agencies move to cloud computing--something that this week's security announcement by Google makes more likely.

"Does that improve the data security of that information?" Thune asked. "And are there particular security or privacy threats that we ought to be cognizant of as government agencies make that transition?"

Julius Genachowski, the chairman of the Federal Communications Commission, replied with a boilerplate answer: "Well, cloud computing, I think, can in some instances increase the efficiency and more options for businesses, small businesses that want to store data."

One of the few electric moments came when the committee chairman accused Facebook's chief technology officer, Bret Taylor, of lying.

"When somebody asked you the question, 'Who's responsible for privacy protection,' you said, 'Everybody who works at Facebook is. Everybody who works there is' and I found that somehow suspicious and disingenuous," Rockefeller said."

He added: "I think companies have to be divided up in certain things and people don't spend all of their time on every single question that comes before them saying, 'What's the--what are the privacy consequences of this. I don't believe what you said."

Taylor was briefly taken aback by being called a liar. "I think that's a very fair point, Mr. Chairman," he replied. "What I intended to say is that the engineers and product managers who are developing the products at Facebook take into account privacy at every aspect of the product design. We do have a team devoted exclusively to (security)."

Rockefeller appeared to be mollified by that response. "I like that," he said. "I accept that."

Perhaps the best line came from Sen. John Kerry, the Massachusetts Democrat. "There is a lot of confusion and a lot of anxiety among the public at large about what power they have over the collection of information and over their lives," he said.

Confusion and anxiety about technology? The same could, perhaps, be said about the members of the Senate Commerce Committee.
http://news.cnet.com/8301-31921_3-20011884-281.html





UK ISP TalkTalk Monitoring its Customers Online Activity Without Consent
MarkJ

Broadband ISP TalkTalk UK could be about to incur the wrath of privacy campaigners after some of its customers spotted that their online website browsing activity was being monitored and recorded without consent. The situation has caused a significant amount of concern with many end-users worried about the impact upon their personal privacy.

TalkTalk has since confirmed that the monitoring, which was first discovered on the ISPs discussion forum during the middle of July (here), is part of a future Malware/Security/Parental Guidance tool to be provided by Chinese vendor Huawei. This is due to launch before the end of 2010.

The system, which is not yet fully in place, aims to help block dangerous websites (e.g. those designed to spread malware) by comparing the URL that a person visits against a list of good and bad/dangerous sites. Bad sites will then be restricted.

TalkTalk's Official Statement

Quote:

We are developing some really exciting new security and parental control services, which will be based deep within our network infrastructure, to provide our customers with greater protection for all the devices they connect to their broadband line with. We’ve had considerable feedback from customers that PC-based software only deals with part of the wider security problem facing today's internet users, so we’ve developed these new services to help improve our customers online experience with us.

In preparation for the launch of these services, as our users surf the internet, details of websites visited are put into a list. Scanning engines then compare this list to a blacklist (sites that have been found to contain recent threats) and whitelist (sites that have been recently scanned with no threats found); if the site is not on either of these, it will visit the site and scan it for malicious code. Sites that are already on either list are not scanned again until the following day.

Our scanning engines receive no knowledge about which users visited what sites (e.g. telephone number, account number, IP address), nor do they store any data for us to cross-reference this back to our customers. We are not interested in who has visited which site - we are simply scanning a list of sites which our customers, as a whole internet community, have visited. What we are interested in is making the web a safer place for all our customers.

In due course we will be trialing and launching these services. We hope to be able to share more info on all of this soon.

At present the affected customers cannot opt-out of TalkTalk's data collection exercise, while the actual malware/block tool itself has yet to be enabled and will also be subjected to optional customer testing before it is. The resulting system will apparently only be available if you opt-in to use it.

As a result the systems first stage is currently just monitoring and recording URLs, which TalkTalk says is an anonymous process; no end-user IP address or personal details are revealed. However some customer posts have suggested that the TalkTalk system also reads the code for sites, at least the ones it cannot identify, which could in theory pose a security risk if the URL you visited was for a private admin page. Some of these would be pages that even Google cannot find.

It's worth pointing out that ISPs are already required to record website and email accesses (but not content), including dates and times, as part of the previous governments Data Retention Directive. However this is a closed process for use by specific public/security services and should not be confused with what TalkTalk is doing.

TalkTalk claims that its new system does not require prior customer consent because it is effectively just gathering an anonymous list of public website addresses (retained for 24 hours). The data itself will also be stored in a network device and at the moment only Huawei has visibility of this information. That last bit doesn't inspire confidence.

A TalkTalk spokesperson told The Register :

"Our scanning engines receive no knowledge about which users visited what sites (e.g. telephone number, account number, IP address), nor do they store any data for us to cross-reference this back to our customers."

Given the absence of any technical data that could explain precisely how this system works it would be very difficult to assess the reality of their words. The situation also harks back to BT's secret trials of Phorm technology, which pledged to offer a similar website filtering system alongside its controversial behavioural advertising "service".

Many likened Phorm's Deep Packet Inspection (DPI) system to spyware and it was eventually hounded out of the UK and lost its major UK ISP support, which at the time also included TalkTalk. In fairness the ISP is not proposing to do exactly what Phorm did, although the similarities are there.

TalkTalk are intercepting their customers communications data (protected by the law) and passing it to a profiling system, which a third party firm appears to have visibility of, for the purpose of launching a commercially advantageous system. There are some legally grey areas here. It might also clash with what TalkTalk's boss recently said as part of its opposition to the Digital Economy Act 2010 (DEA).

Charles Dunstone, Chairman of the TalkTalk Group, said:

"The Digital Economy Act's measures will cost the UK hundreds of millions and many people believe they are unfair, unwarranted and won't work. So it’s no surprise that in Nick Clegg’s call for laws to repeal, this Act is top of the public’s ‘wish list’. Innocent broadband customers will suffer and citizens will have their privacy invaded."

At least one of TalkTalk's forum administrators agrees that the ISP could have told people that the URL collecting had started, in fact they should have informed them BEFORE it started. Such a system was always going to be contentious and clearly needed prior discussion. On the upside at least TalkTalk are owning up to it instead of trying to disguise their activity.

Furthermore we have to ask whether this kind of service is even needed. TalkTalk claims that it is but similar systems already exist through Google searches, anti-virus software and most modern website browsers. Do we really need a fourth level of protection that is trying to perform almost exactly the same task?

UPDATE 2:40pm

We've also seen some reports that the new system confuses login sessions for certain websites and web-based games that require a degree of IP authentication, although at this stage it's difficult to know if the problem is directly related.
http://www.ispreview.co.uk/story/201...t-consent.html





Chatroulette Collecting IP Addresses, Screenshots

Bid to crack down on indecent exposures.

The founder of online video chat-room sensation 'Chatroulette' has revealed the company has been storing the IP addresses and even taking screenshots of users engaged in inappropriate conduct whilst connected to the service.

Chatroulette, for those unfamiliar, is a site where users are randomly connected to one of the tens of thousands of people also using the site via their webcam and microphone.

As discovered by iTnews' unfortunate mascot Coco earlier this year, the concept caught on among netizens at lightning speed, but all too often users were turned off after being connected to pranksters out to shock or disgust random strangers.

Now Andrey Ternovskiy, chief executive officer at Chatroulette has had enough.

"I believe that Chatroulette was great in the first honeymoon days after it was launched, before it was discovered by a strange people, who started to abuse the true freedom and democratic nature of the service," he wrote on the site's blog, upset at "difficulties raising venture capital", dealing with "negative feedback" and doing what he could to ensure the site was still "legally operating in the United States territory."

Ternovskiy said that he has had a "breakthrough" in dealing with these dramas by applying "the laws of a real world on an internet application."

"We've started collecting information, such as IP addresses, logs and screen captures of offenders who actually break US/UN laws by broadcasting inappropriate content in a specific situations," he said.

"We've captured and saved thousands of IP addresses of alleged offenders, along with logs and screenshots which prove wrong behaviour.

"We are initiating a conversation with enforcement agencies and we are willing to provide all the information we have."
http://www.itnews.com.au/News/221105...reenshots.aspx





Second Student Sues School District Over Webcam Spying
David Kravets

A webcam scandal at a suburban Philadelphia school district expanded Tuesday to include a second student alleging his school-issued laptop secretly snapped images of him.

The brouhaha commenced in February, when a student of Lower Merion School District was called into an administrator’s office. Sophomore Blake Robbins was shown a picture of himself that officials suggested was him popping pills. The family claimed it was candy.

An invasion-of-privacy lawsuit followed, alleging the district had snapped thousands of pictures of its students using webcams affixed to the 2,300 Apple laptops the district issued. Some of the images included pictures of youths at home, in bed or even “partially dressed,” according to a filing in the case. Students’ online chats were also captured, as well as a record of the websites they visited.

The latest allegations Tuesday, brought by an 18-year-old former student who had just graduated from Lower Merion High, came to light in the discovery phase of Robbins’ suit.

Student Jalil Hasan reported his laptop lost December 18, and it was returned to him three days later, according to the suit.

But the LanRev Theft Track program, which the district activated when the computer was reported missing, was never turned off after the computer was given back to Hasan, according to the lawsuit.

The tracking software on Hasan’s computer wasn’t turned off until February 18, when Robbins filed suit, the suit alleges, claiming that at least 469 photographs and 543 screenshots were taken by Hasan’s computer without his knowledge.

Hasan’s suit said the images “were taken without Jalil’s knowledge, without his authorization and to his utter shock, dismay, panic, embarrassment and disgust.”

A federal judge presiding over the matter, who is weighing whether to allow a class-action lawsuit against the district, has blocked administrators from activating the LanRev program again. The district said the cameras were activated only when a laptop was reported stolen or missing — assertions lawyers suing the district dispute.

Two school district employees who controlled the LanRev activation process have been placed on paid, administrative leave.

The district declined comment. Federal prosecutors have also been given evidence generated from Robbins’ suit.
http://www.wired.com/threatlevel/201...ndal-broadens/





Privacy Lawsuit Targets Net Giants Over ‘Zombie’ Cookies
Ryan Singel

A wide swath of the net’s top websites, including MTV, ESPN, MySpace, Hulu, ABC, NBC and Scribd, were sued in federal court Friday on the grounds they violated federal computer intrusion law by secretly using storage in Adobe’s Flash player to re-create cookies deleted by users.

At issue is technology from Quantcast, also targeted in the lawsuit. Quantcast created Flash cookies that track users across the web, and used them to re-create traditional browser cookies that users deleted from their computers. These “zombie” cookies came to light last year, after researchers at UC Berkeley documented deleted browser cookies returning to life. Quantcast quickly fixed the issue, calling it an unintended consequence of trying to measure web traffic accurately.

Flash cookies are used by many of the net’s top websites for a variety of purposes, from setting default volume levels on video players to assigning a unique ID to users that tracks them no matter what browser they use. (Disclosure: The last time we reported on this issue, we found that Wired.com used one to set video preferences.)

The lawsuit, filed in U.S. district court in San Francisco, asks the court to find that the practice violated eavesdropping and hacking laws, and that the practice of secretly tracking users also violated state and federal fair trade laws. The lawsuit alleges a “pattern of covert online surveillance” and seeks status as a class action lawsuit. The lawsuit was filed by Joseph Malley, a privacy activist lawyer who also played key roles in other high profile privacy lawsuits, including a $9.5 million settlement earlier this year from Facebook over its ill-fated Beacon program and a settlement with Netflix after the company gave imperfectly anonymized data to contestants in a movie recommendation contest.

“The objective of this scheme was the online harvesting of consumers’ personal information for Defendants’ use in online marketing activities,” wrote Malley, who called the technique “as simple as it was deceptive and devious.”

Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.

Adobe’s Flash software is installed on an estimated 98 percent of personal computers, and has been a key component in the explosion of online video, powering video players for sites such as YouTube and Hulu.

Websites can store up to 100 kilobytes of information in the plug-in, 25 times what a browser cookie can hold. Sites like Pandora.com also use Flash’s storage capability to pre-load portions of songs or videos to ensure smooth playback.

QuantCast was using the same user ID in its HTML and Flash cookies, and when a user got rid of the former, Quantcast would reach into the Flash storage bin, retrieve the user’s old number and reapply it so the customer’s browsing history around the net would not be cut off.

Quantcast’s behavior stopped last August, after Wired.com reported on the research from then-grad student Ashkan Soltani.

Quantcast is used by thousands of sites to measure the number of unique visitors and to get information on the kinds of people visiting their site — athletic, older, interested in food, etc.

The lawsuit seeks unspecified damages and a court order requiring the companies to delete data collected, stop the practice in the future and provide an easy way to opt out.

All modern browsers now include fine-grained controls to let users decide what cookies to accept and which to get rid of, but Flash cookies are handled differently. These are fixed through a web page on Adobe’s site, and the controls are not easily understood (There is a panel for Global Privacy Settings and another for Website Privacy Settings — the difference is unclear). In fact, the controls are so odd, the page has to tell you that it actually is the control for your computer, not just a tutorial on how to use the control.

Firefox users can prevent or delete Flash cookies using a free add-on called BetterPrivacy.

Scribd, Hulu, and ESPN both declined to comment, saying they had not yet been served with the lawsuit.

Quantcast and MTV’s parent company, Viacom, did not respond to requests for comment.

The case number is 10-CV-5484, U.S. District Court for the Northern District of California.
http://www.wired.com/threatlevel/201...okies-lawsuit/





FTC Leaning Toward Do-Not-Track List for Online Ads
Kenneth Corbin

As it prepares a major report with guidelines for protecting consumer privacy online, the Federal Trade Commission is mulling a simple mechanism that would allow users to opt out of behavioral tracking across the Web, the head of the agency told a Senate panel on Tuesday.

FTC Chairman Jon Leibowitz said the system would be similar to the Do-Not-Call registry that enables consumers to shield their phone numbers from telemarketers.

The agency has been conducting a series of workshops regarding online privacy and advertising for several months, and plans to release a report detailing its recommendations later this fall. Throughout those sessions, Leibowitz said that staffers consistently heard from consumers and advocacy groups that online privacy controls need to be simpler than the current options.

"To this end, one idea we may explore in the context of behavioral advertising is a do-not-track mechanism that's more comprehensive and easier to use than the procedures currently available," Leibowitz told members of the Senate Commerce Committee. "Under such a mechanism, users could opt out of behavioral advertising more easily rather than having to make choices on website-by-website basis."

It's an issue that could have a potentially dramatic impact on everyone from website publishers to ecommerce marketers. Industry coalitions involving some of the largest Internet players have developed tools for consumers to opt out of behavioral tracking across their sites and ad networks, but Leibowitz suggested a browser-based tool that would give users the option of blocking data collection across the Web.

But he acknowledged, with some disappointment, that the FTC is limited in the extent to which it can exercise oversight authority over the online advertising industry.

Leibowitz and Commerce Committee Chairman John Rockefeller had fought to include provisions in the recent financial reform bill that would give the FTC broad rulemaking authority, but that language was stripped out of the final version, thanks, in part, to a concerted lobbying effort by the advertising industry.

That defeat preserved the status quo at the FTC, leaving it with very limited rulemaking powers outside of authorities specifically granted by an act of Congress, such as its ability to police abuses of the Do-Not-Call registry.

Since no such authority has been established in online advertising, the recommendations the commission produces this fall will almost certainly advance its position of urging the industry to unite in a broad-based self-regulatory framework that would protect consumers and punish -- or at least shun -- bad actors.

In the event of resistance from the industry, Leibowitz said the FTC would use its "bully pulpit" to pressure companies to adopt its recommendations for protecting privacy, which would also likely include guidelines to clarify for consumers the information sharing among various players in the online advertising sector that goes on behind the scenes.

"One of the things that became absolutely clear to us during our roundtables this year is that there's a huge disconnect between what consumers think happens to their data and what really happens to their data," Leibowitz said. "Most consumers believe that a privacy policy protects their privacy. Instead, a privacy policy delineates their rights and their lack thereof."

Absent the explicit rulemaking authority Leibowitz sought under the stimulus bill, a condition he described today as a "limitation," he noted that the FTC still enjoys a broad mandate to pursue civil actions against companies on the grounds of unfair or deceptive trade practices.

But if the agency is still unable to rein in or shut down the bad actors, and the self-regulatory guidelines it issues later this year still fall short on protecting privacy, Leibowitz said that momentum for specific privacy legislation would likely build in Congress. House lawmakers have only begun to debate legislation, and some Senate members have signaled that they are interested in introducing a privacy bill. But ahead of the FTC's report in an election-shortened session, the prospects for passage this year are slim.

"It's really in the hands of the private sector," Leibowitz said. "If they want to do a better job of ... giving clear choices and have clearer notice, then I think it's in their hands to avoid legislation. I think if they don't, and if we don't see more progress, I think you're going to see probably in the next Congress a fair amount of interest in moving legislation forward to have more prescriptive rules."
http://www.ecommerce-guide.com/article.php/3895466





100 Million Facebook Pages Leaked on Torrent Site

Who forgot their security settings, then?
James Nixon

A directory containing personal details about more than 100 million Facebook users has surfaced on an Internet file-sharing site.

The 2.8GB torrent was compiled by hacker Ron Bowes of Skull Security, who created a web crawler program that harvested data on users contained in Facebook's open access directory, which lists all users who haven't bothered to change their privacy settings to make their pages unavailable to search engines.

Bowes' directory contains 171 million entries, relating to more than 100 million individual users - more than one in five of Facebook's recently trumpeted half billion user base.

The file contains user account names and a URL for each user's profile page, from which details such as addresses, dates of birth or phone numbers can be accessed. Accessing a user's page from the list will also enable you to click through to friends' profiles - even if those friends have made themselves non-searchable.

There's absolutely nothing illegal about what Bowes has done - the information is, after all, publicly available - but perhaps the existence of a stalker's online black book might finally persuade less security-minded Facebook users to get their arses in gear.
http://www.thinq.co.uk/2010/7/28/100...-torrent-site/





Hackers to Get Eavesdropping Lessons on Cell Calls
Jim Finkle

A security expert said he has devised a simple and relatively inexpensive way to snoop on cellphone conversations, claiming that most wireless networks are incapable of guaranteeing calls won't be intercepted.

Law enforcement has long had access to expensive cell-phone tapping equipment known as IMSI catchers that each cost hundreds of thousands of dollars.

But Chris Paget, who does technology security consulting work, says he has figured out how to build an IMSI catcher using a $1,500 piece of hardware and free, open-source software.

"It's really not hard to build these things," he said.

Paget will teach other hackers how to make their own IMSI catchers on Saturday during in a presentation at the annual Defcon security conference in Las Vegas.

His technique only works with wireless systems based on GSM technology, which is used by most of the world's wireless carriers. In the United States, AT&T and T-Mobile USA, a unit of Deutsche Telekom AG operate on GSM systems.

"GSM is broken," Paget said on Tuesday in a telephone interview. He said he plans to demonstrate his low-cost IMSI catcher by asking audience members to make calls using GSM phones, than tap into their conversations from the podium.

A spokesman for AT&T Inc, the largest U.S. carrier that runs a GSM network, declined comment. Officials with T-Mobile were not immediately available for comment.

Thousands of hackers will attend the Defcon conference in Las Vegas that starts on Friday, where researchers like Paget will disclose security vulnerabilities in systems from cell phones and business software to systems that run the electrical grid.

Their intention in teaching people how to break into things is generally to make the public aware of security risks and get manufacturers to boost protection in their products.

(Reporting by Jim Finkle, editing by Leslie Gevirtz)
http://www.reuters.com/article/idUSTRE66Q6NS20100727





Security Researchers Catalog Mobile Vulnerabilities
Nick Bilton

A group of researchers and security experts from the mobile security company Lookout announced on Tuesday that they were creating a catalog of applications for mobile phones, calling their effort the App Genome Project.

Their goal, they said, is to identify security threats on mobile devices, especially situations in which applications surreptitiously collect personal information or threaten a phone owner’s privacy.

In the most recent example of such a threat, on Monday Citigroup said it had discovered a bug in its iPhone application that accidentally recorded personal information to a secret file on the iPhone. The bank has since fixed the bug.

Lookout’s researchers said they had already scanned nearly 300,000 mobile applications and have mapped nearly a third, which were specifically designed for the Apple iPhone and Google’s Android platform.

John Hering, co-founder of Lookout, said in a phone interview that the viruses and malware creeping onto phones are coming in all shapes and sizes. For example, Mr. Hering said, the researchers found an example in a simple wallpaper application that can be used to change the background image on a mobile phone.

“We found that the wallpaper application was actually trying to collect personal information from the phone and then sending it to an unknown IP address in China,” Mr. Hering said. “This just underscores that application developers need to be more careful with users’ personal information on a mobile phone.”

In a release, Lookout said “applications on Android are generally less likely than applications on iPhone to be capable of accessing a person’s contact list or retrieving their location, with 29 percent of free applications on Android having the ability to access a user’s location, compared with 33 percent of free applications on iPhone.”

When asked about this report, an Apple spokeswoman, Natalie Kerris, said: “We take customer privacy very seriously and our developer agreement clearly spells out our privacy policy. Anyone collecting information needs to ask the customer first if it’s o.k.”

At the AllThingsD conference earlier this year, Steven P. Jobs, Apple’s chief executive, told Walt Mossberg of The Wall Street Journal that the company takes security and privacy on the iPhone “really seriously,” specifically when it comes to sharing location data from the phone.

Kevin Mahaffey, chief technology officer at Lookout and one of the researchers working on the project, said in the release that the vulnerability of mobile apps “places a greater burden of responsibility on both developers and users.”

The Lookout researchers also found that some of the apps it has already examined use third-party code, usually used for advertising, so that they can collect personal information about a phone’s owner. They found that 23 percent of applications on the iPhone include third-party code, versus 47 percent of applications on the Android platform.

The researchers plan to release the project’s findings so far at the Black Hat Security conference in Las Vegas this week.
http://bits.blogs.nytimes.com/2010/0...ulnerabilites/





Software Released for Attacking Android Phones
Jim Finkle

Two security experts said on Friday they released a tool for attacking smartphones that use Google Inc's Android operating system to persuade manufacturers to fix a bug that lets hackers read a victim's email and text messages.

"It wasn't difficult to build," said Nicholas Percoco, head of Spider Labs, who along with a colleague, released the tool at the Defcon hacker's conference in Las Vegas on Friday.

Percoco said it took about two weeks to build the malicious software that could allow criminals to steal precious information from Android smartphones.

"There are people who are much more motivated to do these things than we are," he added.

The tool is a so-called root kit that, once installed, allows its developer to gain total control of Android devices, which are being activated by consumers at a rate of about 160,000 units per day, according to Google.

"We could be doing what we want to do and there is no clue that we are there," Percoco said.

The test attacks were conducted on HTC Corp's Android-based Legend and Desire phones, but he believed it could be conducted on other Android phones.

The tool was released on a DVD given to conference attendees. Percoco was scheduled to discuss it during a talk on Saturday.

Google and HTC did not immediately return calls for comment.

Some 10,000 hackers and security experts are attending the Defcon conference, the world's largest gathering of its type, where computer geeks mix with federal security officials.

Attendees pay $140 in cash to attend and are not required to provide their names to attend the conference. Law enforcement posts undercover agents in the audience to spot criminals and government officials recruit workers to fight computer crimes and for the Department of Defense.

Organizers of the conference say presenters release tools such as Percoco's root kit to pressure manufacturers to fix bugs.

(Reporting by Jim Finkle; additional reporting by Alexei Oreskovic in San Francisco; editing by Andre Grenon)
http://www.reuters.com/article/idUSTRE66T52O20100730





Stuxnet May Be the New New Thing in Malware
Dennis Fisher

As more information continues to come out about the Stuxnet worm and the vulnerabilities that it exploits, it's becoming increasingly clear that this kind of attack may be a preview of the attacks that are likely to become commonplace in the months and years ahead.

There are several interesting pieces to the Stuxnet puzzle: its use of a zero-day flaw in the Windows shell to spread; the fact that it has drivers and a separate binary signed by two separate digital certificates belonging to legitimate technology vendors; and its use of pre-owned USB drives to infect PCs. But perhaps the most troubling aspect of the Stuxnet attack is that it appears to have been designed specifically to exploit a weakness in a particular SCADA control software package.

The vulnerability itself is as elementary as it comes: a hard-code password built into the WinCC SCADA control system produced by Siemens. The problem is a design flaw that's common in many purpose-built software packages, and Siemens officials have said that they are advising customer not to change the password, because it could affect the system's stability and operation. Once the malware is on a WinCC system, it tries to establish a connection to a remote server and then tries to exfiltrate sensitive data.

"Changing the access data would impede communication between WinCC and the database and is therefore not recommended. Tightening up authentication procedures is being examined," the company said in an advisory to customers about the Stuxnet attack.

As Chris Wysopal, CTO of Veracode, points out in his analysis of the Stuxnet attack, this all being done the wrong way.

"Siemens has put their customers at risk with this egregious vulnerability in their software. Worse, in my book however, is all the customers who purchased the software not knowing of its risk. Software customers that are operating SCADA systems on critical infrastructure or their factories with the WinCC Software had a duty to their customers and shareholders to not purchase this software without proper security testing," Wysopal wrote. "We should ask the question, 'Why didn’t Siemens fix the hard coded password vulnerability when it was first publicly disclosed?' They waited 2+ years and started to fix it only after a worm exploited it. We should also ask the question, 'Is it negligence when you don’t fix a critical known vulnerability and wait for your customers to get exploited?'"

However, the most interesting aspect of all of this is the fact that the attackers behind Stuxnet clearly knew about the vulnerability in the Siemens WinCC system before the malware was written. That implies that the malware authors had some advance intelligence about the configuration of the Siemens software and knew exactly where there was a weakness.

That's a serious problem, and it's one that we may be seeing quite a bit more of in the near future. Targeted attacks, with some serious research and planning behind them, are now the order of the day, and as the Stuxnet attack shows, the attackers are most definitely doing their homework.
http://threatpost.com/en_us/blogs/st...malware-072210





Hackers With Enigmatic Motives Vex Companies
Nick Bilton

The world of hackers can be roughly divided into three groups. “Black hats” break into corporate computer systems for fun and profit, taking credit card numbers and e-mail addresses to sell and trade with other hackers, while the “white hats” help companies stop their disruptive counterparts.

But it is the third group, the “gray hats,” that are the most vexing for companies. These hackers play it any number of ways, which can leave a company vulnerable to lost assets as well as a tarnished reputation as security breaches are exposed. (The terms are a nod to westerns, with the villain wearing a black hat and the hero a white one.)

These gray-hat hackers surreptitiously break into corporate computers to find security weaknesses. They then choose whether to notify the company and stay silent until the hole has been patched or embarrass the company by exposing the problem.

The debate among all of these groups over the best course of action has never been settled and will be an undercurrent at the Def Con 18 hackers conference starting Friday in Las Vegas.

For companies, the best strategy for finding software flaws is just as unsettled. Facebook encourages its employees to try to hack the company site. Some companies encourage outsiders to break in. For example, Mint.com, a personal finance Web site owned by Intuit, enlists hackers to test its security once a quarter.

Others just wish the hackers would simply go away, as AT&T did after a group discovered a loophole on the company’s Web site in June that exposed 114,000 e-mail addresses and cellular identification numbers for owners of the iPad 3G.

“Some will say that the public is better off if we just tell everyone,” said Dean Turner, director of Symantec’s antivirus security response teams.

Some companies, he points out, prefer to turn hackers from the dark side by fixing the problem and giving them public credit. Salesforce, Facebook, PayPal and Microsoft have notices on their sites encouraging researchers to find flaws in their systems.

If the hackers adhere to a set of rules, the companies pledge not to initiate legal action. And the companies promise to work with the hackers to fix the problem and give them the appropriate credit for finding the flaw.

Mike Reavey, director of Microsoft’s Security Response Center, says Microsoft wants the researchers to report flaws without fear of repercussions. “We take security very seriously; our focus is to put customer safety first,” Mr. Reavey said. “We realize we can’t do this alone, which is why we want to partner with the research community.”

Dino A. Dai Zovi, a prominent white hat computer security expert at Trail of Bits, a New York security firm, said he liked to work with companies.

“If you find something new not only are you protecting people that use a system, but there’s the excitement and thrill of finding something new that no one else knows about,” Mr. Dai Zovi said.

He is also motivated by the money available to the bug hunters, as they are also known. In 2006 he won $10,000 at a major white hat competition sponsored by Tipping Point, a security company, by breaking into an Apple laptop through a vulnerability in the Safari Web browser and video player. Mozilla, the maker of the Firefox Web browser, and Google both announced last week that they would begin paying for new bug discoveries, too.

Gray hats may bask in the recognition, but some can also seek to make money from an exploit. One of the gray hats, a security researcher based in Singapore who would not share his real name and goes by the online pseudonym The Grugq, chooses not to tell companies about the bugs he finds, he said via instant message. Telling Microsoft about a loophole earns only a “gold star,” The Grugq said.

Hackers can sell or trade the flaws they uncover in what is called the bug market, until the company plugs the hole and renders it worthless. “The people actively using the bugs get very upset when they die,” wrote The Grugq. Some bugs can sell for as much as $75,000 online.

Credit card numbers were once the main product traded. Jeff Moss, who organizes conferences for hackers, says more gray hats are tempted to gain access to systems as the value of security holes increases. “There’s a vulnerability marketplace that has been steadily increasing,” he said. “The cost of e-mail addresses is worth more money now than it was 10 years ago, and there’s a big demand for fresh vulnerabilities and information.”

Some companies want to lead the gray-hat hackers toward the white-hat camp.

Other companies, including AT&T, are still wrestling with the distinctions between security researchers trying to help and those gray hats with murky motives. AT&T would not comment on its policy for dealing with gray-hat hackers.

Chris Paget, the co-founder and professed chief hacker of H4rdw4re, a phone and hardware security company, said it seemed that AT&T was attacking researchers instead of working with them. “I think there’s a good case to be made that AT&T just isn’t used to dealing with this kind of situation,” he said. “A lot of companies aren’t.”

Mr. Moss, known online as The Dark Tangent, said the involvement of the F.B.I. in the iPad 3G case had given some researchers reason to reconsider disclosing online holes. “It’s a wait and see effect in the community right now,” Mr. Moss said.

The threat of legal action is not the only reason hackers are taking stock. “There’s a lot of money to be made in identify theft, credit card numbers and e-mail lists,” Mr. Dai Zovi said. “White hats are sick of giving away information; they want to be paid for the work now too.”
http://www.nytimes.com/2010/07/26/te...6security.html





Defcon Contest Rattles Nerves at FBI, Security Groups
Robert McMillan

A Defcon [1]contest that invites contestants to trick employees at U.S. corporations into revealing not-so-sensitive data has rattled some nerves.

Contest organizers have been called by the U.S. Federal Bureau of Investigation and seen warnings issued by security [2] groups and the Financial Services Information Sharing and Analysis Center, (FS-ISAC) an industry group that provides information on security threats affecting the banking industry.

[ Also on InfoWorld: Hackers at Defcon target cell phone security [3]. | Get your systems up to snuff with InfoWorld's interactive Security iGuide [4]. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter [5]. ]

"The stories that I'm getting are a lot of financial people were really concerned that we were going to be targeting personal information and stuff like that," said Chris Hadnagy, the operations manager with Offensive Security, who is organizing the contest. [6] These concerns are unfounded, he says.

Over the next three days participants will try their best to unearth data from an undisclosed list of about 30 U.S. companies. The contest will take place in a room in the Riviera hotel in Las Vegas furnished with a soundproof booth and a speaker, so an audience can hear the contestants call companies and try to weasel out what data they can get from unwitting employees.

This is social engineering: the art of tricking people into disclosing information and doing things that they shouldn't.

Conference organizers have to walk a fine line in running a contest that focuses on real-world targets. But after consulting with Electronic Frontier Foundation lawyers, they've come up with a set of contest rules and -- more importantly -- a do-not-do list.

Contestants can't ask for sensitive data or passwords. They can't make their victims feel like they're at risk. They can't pretend to be law enforcement or generally do anything that feels wrong. "If something seems unethical – don’t do it. If you have questions, ask a judge," the rules state. [7]

What participants can do is collect data on less sensitive subjects such as, "who does your dumpster removal; who takes care of your paper shredding," Hadnagy said.

The winner will be selected by judges, based not only on the quantity of data collected, but also the general excellence of the social engineering work, he said. First prize: an iPad.

Security companies are often give the green light to use social engineering techniques against their clients as a way to test what might happen in a real-world incident and identify weaknesses. In these tests, security experts will often try to sneak into secure areas or trick employees into giving up passwords with phishing e-mails, things that are prohibited in this contest.

The Defcon contestant's primary tool will be the telephone. Contestants have been allowed to do Internet reconnaissance on their targets, and they will get 20 minutes in the phone booth to call the target companies and attempt their attack.

Hadnagy sees the contest as an experiment, of sorts, and plans to compile a report analyzing what happens. "We started it up to raise awareness for social engineering and give a venue to learn what makes a good social engineer," he said. "The easiest route into a company is still people."

Last month the FS-ISAC issued a warning [8] about the contest, which Hadnagy posted to his blog. "Financial institutions should be aware of this upcoming contest, and should brief their personnel, especially call centers and legal departments regarding this event," the advisory states.

Around the same time, Hadnagy got a call from the FBI's Cyber Division. "They had questions on what our intent really was and what we were doing and what our goals were with the contest," he said. He forwarded the contest's rules to the FBI. "Once I passed that through to them… I think that stopped a lot of the government concern," he said.

Defcon's founder Jeff Moss said Thursday that he has fielded a few inquiries as well, including one from the FS-ISAC.

They needn't worry. Targets companies will come from the technology sector and other industries, but there won't be any financial, health care, educational or government organizations, Hadnagy said.
http://infoworld.com/d/security-cent...ity-groups-289





FBI Releases 400-Page Howard Zinn File

Feds investigated left-wing historian for 25 years for Communist ties and antiwar activism
Justin Elliott

Surprising no one, the FBI announced today it had tracked the left-wing historian Howard Zinn for 25 years, despite having apparently no evidence that he ever committed a crime.

The bureau released over 400 pages of its file on Zinn, covering 1949 to 1974 -- when the bureau says its investigations ended -- in response to FOIA requests. Download the documents here. (See anything interesting? Leave a comment or shoot us an e-mail.)
As we often learn with these FBI releases, the bureau expended a remarkable amount of resources tracking the writings and movements of those who were linked to Communists (even by three or four degrees of separation) or who opposed the Vietnam War.

One document (Page 217) records that Zinn, who died in January, participated in a public anti-draft meeting on Boston Common in November 1967. This fact was observed by no less than five special agents of the FBI, whose names are recorded.

There are scores of pages of fairly banal details like this. Take the following section in which the FBI drew on its substantial network of confidential informants to establish Zinn's presence on the mailing list of a questionable bookstore:

Quote:

On April 5, 1950, Confidential Information T-3 stated that HOWARD ZINN , 890 East 6th Street, New York City, was on the 1957-1949 Mailing List of the Workers Book Shop, 50 East 13th Street, Manhattan, New York.

On March 29, 1947, Confidential Information T-8, of known reliability, advised that the Workers Book Shop is an outlet for Communist Party literature. According to this Information, it is a self-supporting establishment, operated by a Communist Party member, and an integral part of the Communist Party.

There's also a fair amount here about Zinn's 1974 trip to North Vietnam with the Rev. Daniel Berrigan, during which they received three freed American POWs. Gawker has some more.
http://www.salon.com/news/politics/w..._zinn_fbi_file





In Disclosing Secret Documents, WikiLeaks Seeks ‘Transparency’
Eric Schmitt

WikiLeaks.org, the online organization that was to post tens of thousands of classified military field reports about the Afghan war on Sunday, says its goal in disclosing secret documents is to reveal “unethical behavior” by governments and corporations.

Since it was founded in December 2006, WikiLeaks has exposed internal memos about the dumping of toxic material off the African coast, the membership rolls of a racist British party, and the American military’s manual for operating its prison in Guantánamo Bay, Cuba.

“We believe that transparency in government activities leads to reduced corruption, better government and stronger democracies,” the organization’s Web site says. “All governments can benefit from increased scrutiny by the world community, as well as their own people. We believe this scrutiny requires information.”

The trove of war reports to be posted Sunday dwarfs the scope and volume of documents that the organization has made public in the past.

In a telephone interview from London, the organization’s founder, Julian Assange, said the documents would reveal broader and more pervasive levels of violence in Afghanistan than the military or the news media had previously reported. “It shows not only the severe incidents but the general squalor of war, from the death of individual children to major operations that kill hundreds,” he said.

Mr. Assange said in the interview and a subsequent e-mail message that some 15,000 documents would be withheld from release for a few days until WikiLeaks could redact names of individuals in the reports whose safety could be jeopardized.

WikiLeaks’ critics range from the military, which says it jeopardizes operations, to some open government advocates who say the organization is endangering the privacy rights of others in favor of self promotion.

Steven Aftergood, head of the project on government secrecy at the Federation of American Scientists, in his blog posting on June 28 accused WikiLeaks of “information vandalism” with no regard for privacy or social usefulness. “WikiLeaks must be counted among the enemies of open society because it does not respect the rule of law nor does it honor the rights of individuals,” he wrote.

The release of the data comes nearly three weeks after new charges were filed against an American soldier in Iraq who had been arrested on charges of leaking a video of a deadly American helicopter attack in Baghdad in 2007 that killed 12 people, including a reporter and photographer from the news agency Reuters. He was also charged with downloading more than 150,000 highly classified diplomatic cables.

WikiLeaks made public a 38-minute video of the helicopter attack as well as a 17-minute edited version that it called “Collateral Murder.” The abridged version drew criticism for failing to make clear that the attacks happened during clashes in a Baghdad neighborhood and that one of the men fired on by the helicopter was carrying a rocket-propelled grenade.

WikiLeaks has also made public a cable entitled “Reykjavik13,” about the banking crisis in Iceland, which was cited in the criminal charges against the soldier, Pfc. Bradley E. Manning, 22, an Army intelligence analyst. In keeping with its policy to protect the anonymity of its sources, WikiLeaks has not acknowledged receiving the cables or video from Private Manning. In the telephone interview, Mr. Assange, an Australian activist, refused to say whether the war reports came from Private Manning. But Mr. Assange said that WikiLeaks had offered to help pay for Private Manning’s legal counsel or provide lawyers to defend him.

Adrian Lamo, a computer hacker who earlier this year traded instant messages with Private Manning, said the soldier claimed he had leaked the cables and video to WikiLeaks. Mr. Lamo, who in 2004 pleaded guilty to hacking into the internal computer system of The New York Times, said he turned in Private Manning to the authorities for national security reasons. Private Manning, who served with the Second Brigade of the 10th Mountain Division, based at Contingency Operating Station Hammer east of Baghdad, was arrested in May after the military authorities said that he had revealed his activities in online chats with Mr. Lamo.

Investigators now believe that Private Manning exploited a loophole in Defense Department security to copy thousands of files onto compact discs over a six-month period.

WikiLeaks has a core group of about half a dozen full-time volunteers, and there are 800 to 1,000 people whom the group can call on for expertise in areas like encryption, programming and writing news releases.

Mr. Assange, 39, said the site operated from servers in several countries, including Sweden and Belgium, where laws provided more protection for its disclosures.
http://www.nytimes.com/2010/07/26/world/26wiki.html





Analysis: WikiLeaks Cuts a New, Wired Path for Journalism
Robert MacMillan and Peter Griffiths

The Pentagon said it could take weeks to determine how much damage WikiLeaks' release of military documents on the war in Afghanistan did to national security. It took only minutes to gauge its effect on the way people get news.

WikiLeaks posted some 91,000 documents on its website, but to make sure they got attention and heavy exposure, they shared them first with The New York Times, London's Guardian newspaper and German news magazine Der Spiegel.

The episode underscores how the Web and social media give groups that did not exist a few years ago central roles in journalism, and how mainstream media outlets still play a key role in analyzing and disseminating news.

It also shows that the brand names of those outlets, even as their luster fades in the Web age, can amplify the perceived importance of news based on how prominently they cover it.

The question is whether WikiLeaks is journalism, a term whose plasticity has been tested by organizations publishing on blogs and Twitter as the Web threatens traditional outlets' finances and loosens their grip on who publishes the news.

"I don't know what you call what WikiLeaks is doing, and I don't mean that in a disparaging way," said Paul Steiger, editor-in-chief of investigative journalism group ProPublica and former managing editor of The Wall Street Journal. "They're a new phenomenon."

Whereas newspapers like The New York Times look to historical guideposts of "All the news that's fit to print" and reporting the news "without fear or favor," WikiLeaks founder Julian Assange told Der Spiegel, "I enjoy helping people who are vulnerable. And I enjoy crushing the bastards."

WikiLeaks has published thousands of documents from sources that it says expose corporate and government corruption. It posted a video of a U.S. helicopter attack in Iraq in 2007 that killed a dozen people, including two Reuters journalists.

WikiLeaks proclaims its opinions, calling the helicopter attack video "Collateral Murder."

That video garnered as much criticism for WikiLeaks as the U.S. military got for the attack. Some detractors accused WikiLeaks of selective editing to buttress its point of view, though to be sure, mainstream media outlets have been hit with similar accusations for hundreds of years.

In the latest case, WikiLeaks got lots of attention on the Afghanistan documents by limiting initial distribution of its documents to traditional news outlets that are world famous for their journalism, if not universally trusted.

Their decisions to play up the documents ensured that their impact rippled throughout the world, even as many observers said there was little new information in them. Within minutes of their release online, links to the stories appeared on Twitter, blogs discussions began and news websites picked up the reports.

"Everywhere"

"The more important a leak is and the bigger it is, the less chance it has of being properly reported if it is released at once to everyone," the thin, white-maned 39-year-old said at a news conference in London on Monday. WikiLeaks shared the material with the mainstream papers a month before publication, giving them time to study the documents.

Assange has no home and stays with friends around the world. His network, he said, includes 800 part-time volunteers and 10,000 "supporters." WikiLeaks relies on servers in several countries where laws give it more protection for its disclosures, The New York Times reported.

The WikiLeaks page on Twitter lists its location as "everywhere."

According to a June article in The New Yorker, the Australian Assange and his colleagues use encrypted communications and a suspicion of surveillance prevails.

In some ways, WikiLeaks is vaporizing traditional notions of reporting.

Using a network of people to pore through documents is what journalism experts call "crowdsourcing" -- using many people to learn things instead of relying on the lone investigative reporter meeting Deep Throat in a parking lot.

In this case, WikiLeaks employed its network to sort through the documents, but essentially enlisted the Times, the Guardian and Der Spiegel as fact checkers and well-recognized stamps of approval for the quality of the information -- a form of collaboration that rarely if ever happened before the Web.

"Had they simply posted all of the material they'd gotten, they could be accused of being grossly irresponsible," said Edward Wasserman, a media ethics professor at Washington and Lee University in Lexington, Virginia. "And they would never have achieved the kind of prominence and never received the kind of publicity that they've received."

(Reporting By Robert MacMillan in New York and Peter Griffiths in London, Editing by Howard Goller and Jackie Frank)
http://www.reuters.com/article/idUSTRE66P5JV20100726





WikiLeaks Rolled Dice to Raise Its Profile

Website Collaborated With Mainstream Media on Afghan Leaks After Previous Scoops Failed to Win Enough Attention
Jessica E. Vascellaro

WikiLeaks, frustrated at the lack of splash of recent leaks on its whistle-blowing website, has rolled the dice to try to raise its profile by teaming up with news organizations in its latest dump of classified documents.

WSJ Afghanistan correspondent Matthew Rosenberg speaks with Amol Sharma about the significance of the leak of thousands of documents related to the Afghanistan war and the possible effects on the perception of the war among American and Afghan citizens.

The site's secretive founder Julian Assange surfaced in London on Monday to give a rare news conference as part of that new strategy. The white-haired Australian computer hacker schooled a packed room of reporters on how to navigate the 76,000 documents just released, arguing they contained evidence of war crimes and could work as "deterrents" to further abuses.

WikiLeaks was launched in 2007 by self-described Chinese dissidents and Internet hackers as a warehouse of leaked documents. Through its bare-bones site Wikileaks.org, it has landed big scoops, including its most infamous disclosure—video footage of American soldiers shooting down a group of people in Iraq in 2007. Representatives for the site have repeatedly declined to say how they obtain their material and their activities have prompted investigations by federal authorities.

People familiar with the matter say Mr. Assange is frustrated that some of the site's other disclosures, such as a database of military procurements in Iraq and Afghanistan, didn't garner more attention. Some senior members of the group also want to combat the perception that the site is veering into the realm of opinion, one of the people said. The site took flak from some commentators for editing the 2007 Iraq video and for dubbing the video "Collateral Murder."

Mr. Assange launched a new plan this summer in a Brussels cafe. He offered a U.K. newspaper, the Guardian, advance access to documents the site planned to release about the war in Afghanistan, according to the Guardian's account. They came up with a password for accessing the trove based on the logo on the cafe's napkins.

A Brief History of WikiLeaks

* January 2007: Website launches, inviting anonymous whistleblowers to publish classified or sensitive documents.
* August 2007: Releases 110-page investigative dossier about alleged corruption by former Kenyan leader's family.
* September 2008: Posts content of Yahoo account belonging to Sarah Palin during presidential election campaign.
* November 2009: Releases halfmillion intercepts of pager messages from day of Sept. 11 attacks.
* November 2009: Releases halfmillion intercepts of pager messages from day of Sept. 11 attacks.

Monday, the Guardian, along with the New York Times and German weekly Der Spiegel, published a flood of stories based on mostly raw field reports, citing WikiLeaks as the source. They say they weren't told how the site obtained them but tried to verify them independently.

A spokesman for WikiLeaks said the group didn't pay for the leaked documents.

Mr. Assange told reporters on Monday that he limited his outreach to these three organizations out of expediency and that more collaborations with traditional media are on the horizon. "We had hoped to partner with a network to do a more significant investigation, but limited time and resources eclipsed that," he said. "We do hope to do that next time."

The release of the documents raises legal questions about WikiLeaks' approach and legal experts said the site could be investigated. The U.S. Constitution protects organizations that publish classified material if they did nothing to influence obtaining it, legal experts say.

Ashby Jones looks at what First Amendment specialists say will be the legal fallout from the Wikileaks case.

"It is clearly illegal, to put it bluntly, to steal classified documents. It is clearly protected by the First Amendment to publish documents obtained illegally as long as the publisher has not been involved in illegality," said Frederick Schauer, a law professor at the University of Virginia. "That is the lesson of the Pentagon Papers." In 1971, the U.S. Supreme Court ruled that the First Amendment allowed the New York Times and Washington Post to publish sections of the Pentagon Papers, a classified study of U.S. involvement in Vietnam.

It might be difficult, said Jack Balkin, a Yale University law professor, for the Department of Justice to gain jurisdiction against a foreign entity like WikiLeaks, which has an Australian mailing address and is rumored to be based in Sweden. Even if it did—and then won a judgment against it—the judgment could be hard to enforce.

Journal Community

WikiLeaks has long been shrouded in secrecy. At the beginning, its organizers were anonymous, soliciting documents and eventually vetting them before selecting what to put up, according to members of the group. More recently, Mr. Assange, who is in his late 30s, has emerged as its chief spokesman and refers to himself as the site's "editor-in-chief" and as a journalist. He and other organizers have been trying to raise money for lawyers and to keep the site functioning. Monday, the site was inaccessible much of the day, overwhelmed by traffic.

Bob Steele, the director of the Prindle Institute for Ethics at DePauw University, said that if WikiLeaks founders are fashioning themselves as journalists, they should be more open and transparent about their methods.

Mr. Assange said on Monday that WikiLeaks had controlled the embargo date. The New York Times and the Guardian said the publications worked independently. Each also said WikiLeaks had no involvement in the publication of their articles.

The editors discussed the WikiLeaks deal among themselves, Mr. Assange said. Guardian reporter Nick Davies brokered arrangements to an editor at the Guardian who reached out to Der Spiegel and the New York Times.

—Ashby Jones and Dionne Searcey contributed to this article.
http://online.wsj.com/article/SB1000...45777642.html#





Pirate Party Offers Servers and Hosting To Wikileaks
enigmax

This week Wikileaks released more than 90,000 government documents related to the war in Afghanistan. When added to the perceived damage caused by its earlier leaking of the ‘Collateral Murder’ video, Wikileaks is now undoubtedly a serious target for U.S. authorities. After becoming The Pirate Bay’s ISP, The Pirate Party now says that if needed, they will supply servers and hosting to Wikileaks.

After giving The New York Times, The Guardian and Germany’s Der Spiegel an early viewing, this week WikiLeaks released tens of thousands of confidential U.S. military documents.

Since then there have been thousands of follow up stories which continue today, as people pick through the information on offer and try to work out what it means for authorities around the world and especially the U.S. Government.

While some are trying to play down the implications for the ongoing war in Afghanistan, Wikileaks chief Julian Assange has been more forceful and has suggested that some of the documents show evidence of war crimes carried out by the U.S. military.

When added to the outrage caused by the recent ‘Collateral Murder‘ video, Wikileaks is developing quite a problem for itself. Yesterday Assange revealed that he had learned that there had been discussions to charge him “as a co-conspirator to espionage.”

Although it appears those discussions were later dropped, Assange still believes that he could be forcefully detained by the U.S. as a witness in the prosecution of intelligence analyst and video-leaker, Bradley Manning. But while concerns persist over Assange’s personal position, some are already considering the implications for the Wikileaks site itself.

“It would not surprise me at all if Sweden is shortly subjected to American pressure to shut down Wikileaks,” says Anna Troberg of the Swedish Pirate Party. “They have acted similarly in terms of The Pirate Bay, and given that Wikileaks’ activities strikes at the very heart of American power, it’s probably just a matter of time before they act.”

“Now is the moment of truth for our Swedish politicians. Will they have enough backbone to stand up on Wikileaks and democracy, or will they give way to the U.S. and go after PRQ and Wikileaks?”

PRQ is the Sweden-based company run by Gottfrid Svartholm and Fredrik Neij of Pirate Bay fame that currently provides hosting to Wikileaks. Although absolutely no stranger to coming under pressure over the sites they host, should PRQ become vulnerable, Wikileaks now have a backup offer on the table.

Never an entity to shy away from the free flow of information, no matter where it lies or whoever might claim ownership of it, the Swedish Pirate Party recently announced that it would become bandwidth supplier to The Pirate Bay. It now says that if the going gets too rough for Wikileaks and PRQ, they will offer the whistleblower site both servers and hosting too.

“The Pirate Party will under no circumstances give in to pressure,” says Troberg. “We now help democracy activists in Iran, including communication via anonymous servers. We provide bandwidth to our greatest political opinion leaders, The Pirate Bay. If Wikileaks is attacked again, we will immediately offer them both server space and bandwidth.”

“The Pirate Party believes in democracy and we are not afraid to stand up for it.”
http://torrentfreak.com/pirate-party...ileaks-100728/





Exclusive: Google, CIA Invest in ‘Future’ of Web Monitoring
Noah Shachtman

The investment arms of the CIA and Google are both backing a company that monitors the web in real time — and says it uses that information to predict the future.

The company is called Recorded Future, and it scours tens of thousands of websites, blogs and Twitter accounts to find the relationships between people, organizations, actions and incidents — both present and still-to-come. In a white paper, the company says its temporal analytics engine “goes beyond search” by “looking at the ‘invisible links’ between documents that talk about the same, or related, entities and events.”

The idea is to figure out for each incident who was involved, where it happened and when it might go down. Recorded Future then plots that chatter, showing online “momentum” for any given event.

“The cool thing is, you can actually predict the curve, in many cases,” says company CEO Christopher Ahlberg, a former Swedish Army Ranger with a PhD in computer science.

Which naturally makes the 16-person Cambridge, Massachusetts, firm attractive to Google Ventures, the search giant’s investment division, and to In-Q-Tel, which handles similar duties for the CIA and the wider intelligence community.

It’s not the very first time Google has done business with America’s spy agencies. Long before it reportedly enlisted the help of the National Security Agency to secure its networks, Google sold equipment to the secret signals-intelligence group. In-Q-Tel backed the mapping firm Keyhole, which was bought by Google in 2004 — and then became the backbone for Google Earth.

This appears to be the first time, however, that the intelligence community and Google have funded the same startup, at the same time. No one is accusing Google of directly collaborating with the CIA. But the investments are bound to be fodder for critics of Google, who already see the search giant as overly cozy with the U.S. government, and worry that the company is starting to forget its “don’t be evil” mantra.

America’s spy services have become increasingly interested in mining “open source intelligence” — information that’s publicly available, but often hidden in the daily avalanche of TV shows, newspaper articles, blog posts, online videos and radio reports.

“Secret information isn’t always the brass ring in our profession,” then CIA-director General Michael Hayden told a conference in 2008. “In fact, there’s a real satisfaction in solving a problem or answering a tough question with information that someone was dumb enough to leave out in the open.”

U.S. spy agencies, through In-Q-Tel, have invested in a number of firms to help them better find that information. Visible Technologies crawls over half a million web 2.0 sites a day, scraping more than a million posts and conversations taking place on blogs, YouTube, Twitter and Amazon. Attensity applies the rules of grammar to the so-called “unstructured text” of the web to make it more easily digestible by government databases. Keyhole (now Google Earth) is a staple of the targeting cells in military-intelligence units.

Recorded Future strips from web pages the people, places and activities they mention. The company examines when and where these events happened (“spatial and temporal analysis”) and the tone of the document (“sentiment analysis”). Then it applies some artificial-intelligence algorithms to tease out connections between the players. Recorded Future maintains an index with more than 100 million events, hosted on Amazon.com servers. The analysis, however, is on the living web.

“We’re right there as it happens,” Ahlberg told Danger Room as he clicked through a demonstration. “We can assemble actual real-time dossiers on people.”

Recorded Future certainly has the potential to spot events and trends early. Take the case of Hezbollah’s long-range missiles. On March 21, Israeli President Shimon Peres leveled the allegation that the terror group had Scud-like weapons. Scouring Hezbollah leader Hassan Nasrallah’s past statements, Recorded Future found corroborating evidence from a month prior that appeared to back up Peres’ accusations.

That’s one of several hypothetical cases Recorded Future runs in its blog devoted to intelligence analysis. But it’s safe to assume that the company already has at least one spy agency’s attention. In-Q-Tel doesn’t make investments in firms without an “end customer” ready to test out that company’s products.

Both Google Ventures and In-Q-Tel made their investments in 2009, shortly after the company was founded. The exact amounts weren’t disclosed, but were under $10 million each. Google’s investment came to light earlier this year online. In-Q-Tel, which often announces its new holdings in press releases, quietly uploaded a brief mention of its investment a few weeks ago.

Both In-Q-Tel and Google Ventures have seats on Recorded Future’s board. Ahlberg says those board members have been “very helpful,” providing business and technology advice, as well as introducing him to potential customers. Both organizations, it’s safe to say, will profit handsomely if Recorded Future is ever sold or taken public. Ahlberg’s last company, the corporate intelligence firm Spotfire, was acquired in 2007 for $195 million in cash.

Google Ventures did not return requests to comment for this article. In-Q-Tel Chief of Staff Lisbeth Poulos e-mailed a one-line statement: “We are pleased that Recorded Future is now part of IQT’s portfolio of innovative startup companies who support the mission of the U.S. Intelligence Community.”

Just because Google and In-Q-Tel have both invested in Recorded Future doesn’t mean Google is suddenly in bed with the government. Of course, to Google’s critics — including conservative legal groups, and Republican congressmen — the Obama Administration and the Mountain View, California, company slipped between the sheets a long time ago.

Google CEO Eric Schmidt hosted a town hall at company headquarters in the early days of Obama’s presidential campaign. Senior White House officials like economic chief Larry Summers give speeches at the New America Foundation, the left-of-center think tank chaired by Schmidt. Former Google public policy chief Andrew McLaughlin is now the White House’s deputy CTO, and was publicly (if mildly) reprimanded by the administration for continuing to hash out issues with his former colleagues.

In some corners, the scrutiny of the company’s political ties have dovetailed with concerns about how Google collects and uses its enormous storehouse of search data, e-mail, maps and online documents. Google, as we all know, keeps a titanic amount of information about every aspect of our online lives. Customers largely have trusted the company so far, because of the quality of their products, and because of Google’s pledges not to misuse the information still ring true to many.

But unease has been growing. Thirty seven state Attorneys General are demanding answers from the company after Google hoovered up 600 gigabytes of data from open Wi-Fi networks as it snapped pictures for its Street View project. (The company swears the incident was an accident.)

“Assurances from the likes of Google that the company can be trusted to respect consumers’ privacy because its corporate motto is ‘don’t be evil’ have been shown by recent events such as the ‘Wi-Spy’ debacle to be unwarranted,” long-time corporate gadfly John M. Simpson told a Congressional hearing in a prepared statement. Any business dealings with the CIA’s investment arm are unlikely to make critics like him more comfortable.

But Steven Aftergood, a critical observer of the intelligence community from his perch at the Federation of American Scientists, isn’t worried about the Recorded Future deal. Yet.

“To me, whether this is troublesome or not depends on the degree of transparency involved. If everything is aboveboard — from contracts to deliverables — I don’t see a problem with it,” he told Danger Room by e-mail. “But if there are blank spots in the record, then they will be filled with public skepticism or worse, both here and abroad, and not without reason.”
http://www.wired.com/dangerroom/2010...ve-google-cia/





White House Proposal Would Ease FBI Access to Records of Internet Activity
Ellen Nakashima

The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual's Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation.

The administration wants to add just four words -- "electronic communication transactional records" -- to a list of items that the law says the FBI may demand without a judge's approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user's browser history. It does not include, the lawyers hasten to point out, the "content" of e-mail or other Internet communication.

But what officials portray as a technical clarification designed to remedy a legal ambiguity strikes industry lawyers and privacy advocates as an expansion of the power the government wields through so-called national security letters. These missives, which can be issued by an FBI field office on its own authority, require the recipient to provide the requested information and to keep the request secret. They are the mechanism the government would use to obtain the electronic records.

Stewart A. Baker, a former senior Bush administration Homeland Security official, said the proposed change would broaden the bureau's authority. "It'll be faster and easier to get the data," said Baker, who practices national security and surveillance law. "And for some Internet providers, it'll mean giving a lot more information to the FBI in response to an NSL."

Many Internet service providers have resisted the government's demands to turn over electronic records, arguing that surveillance law as written does not allow them to do so, industry lawyers say. One senior administration government official, who would discuss the proposed change only on condition of anonymity, countered that "most" Internet or e-mail providers do turn over such data.

To critics, the move is another example of an administration retreating from campaign pledges to enhance civil liberties in relation to national security. The proposal is "incredibly bold, given the amount of electronic data the government is already getting," said Michelle Richardson, American Civil Liberties Union legislative counsel.

The critics say its effect would be to greatly expand the amount and type of personal data the government can obtain without a court order. "You're bringing a big category of data -- records reflecting who someone is communicating with in the digital world, Web browsing history and potentially location information -- outside of judicial review," said Michael Sussmann, a Justice Department lawyer under President Bill Clinton who now represents Internet and other firms.

Privacy concerns

The use of the national security letters to obtain personal data on Americans has prompted concern. The Justice Department issued 192,500 national security letters from 2003 to 2006, according to a 2008 inspector general report, which did not indicate how many were demands for Internet records. A 2007 IG report found numerous possible violations of FBI regulations, including the issuance of NSLs without having an approved investigation to justify the request. In two cases, the report found, agents used NSLs to request content information "not permitted by the [surveillance] statute."

One issue with both the proposal and the current law is that the phrase "electronic communication transactional records" is not defined anywhere in statute. "Our biggest concern is that an expanded NSL power might be used to obtain Internet search queries and Web histories detailing every Web site visited and every file downloaded," said Kevin Bankston, a senior staff attorney with the Electronic Frontier Foundation, which has sued AT&T for assisting the Bush administration's warrantless surveillance program.

He said he does not object to the government obtaining access to electronic records, provided it has a judge's approval.

Senior administration officials said the proposal was prompted by a desire to overcome concerns and resistance from Internet and other companies that the existing statute did not allow them to provide such data without a court-approved order. "The statute as written causes confusion and the potential for unnecessary litigation," Justice Department spokesman Dean Boyd said. "This clarification will not allow the government to obtain or collect new categories of information, but it seeks to clarify what Congress intended when the statute was amended in 1993."

The administration has asked Congress to amend the statute, the Electronic Communications Privacy Act, in the fiscal year that begins in October.

Administration officials noted that the act specifies in one clause that Internet and other companies have a duty to provide electronic communication transactional records to the FBI in response to a national security letter.

But the next clause specifies only four categories of basic subscriber data that the FBI may seek: name, address, length of service and toll billing records. There is no reference to electronic communication transactional records.

Same as phone records?

The officials said the transactional information at issue, which does not include Internet search queries, is the functional equivalent of telephone toll billing records, which the FBI can obtain without court authorization. Learning the e-mail addresses to which an Internet user sends messages, they said, is no different than obtaining a list of numbers called by a telephone user.

Obtaining such records with an NSL, as opposed to a court order, "allows us to intercede in plots earlier than we would if our hands were tied and we were unable to get this data in a way that was quick and efficient," the senior administration official said.

But the value of such data is the reason a court should approve its disclosure, said Greg Nojeim, senior counsel at the Center for Democracy and Technology. "It's much more sensitive than the other information, like name, address and telephone number, that the FBI gets with national security letters," he said. "It shows associational information protected by the First Amendment and is much less public than things like where you live."

A Nov. 5, 2008, opinion from the Justice Department's Office of Legal Counsel, whose opinions are binding on the executive branch, made clear that the four categories of basic subscriber information the FBI may obtain with an NSL were "exhaustive."

This opinion, said Sussmann, the former Clinton administration lawyer, caused many companies to reevaluate the scope of what could be provided in response to an NSL. "The OLC opinion removed the ambiguity," he said. "Providers now are limited to the four corners of what the opinion says they can give out. Those who give more do so at their own risk."

Marc Zwillinger, an attorney for Internet companies, said some providers are not giving the FBI more than the four categories specified. He added that with the rise of social networking, the government's move could open a significant amount of Internet activity to government surveillance without judicial authorization. "A Facebook friend request -- is that like a phone call or an e-mail? Is that something they would sweep in under an NSL? They certainly aren't getting that now."
http://www.washingtonpost.com/wp-dyn...806141_pf.html





Sixteen Years in Prison for Videotaping the Police?

The ACLU of Maryland is defending Anthony Graber, who potentially faces sixteen years in prison if found guilty of violating state wiretap laws because he recorded video of an officer drawing a gun during a traffic stop. In a trend that we've seen across the country, police have become increasingly hostile to bystanders recording their actions. You can read some examples here, here and here.

However, the scale of the Maryland State Police reaction to Anthony Graber's video is unprecedented. Once they learned of the video on YouTube, Graber's parents house was raided, searched, and four of his computers were confiscated. Graber was arrested, booked and jailed. Their actions are a calculated method of intimidation. Another person has since been similarly charged under the same statute.

The wiretap law being used to charge Anthony Graber is intended to protect private communication between two parties. According to David Rocah, the ACLU attorney handling Mr. Graber's case, "To charge Graber with violating the law, you would have to conclude that a police officer on a public road, wearing a badge and a uniform, performing his official duty
http://www.mclu.org/node/653





Al Franken to Liberals: Don't Check Out Now
Stephanie Condon

The liberal base is dissatisfied with the Democratic establishment, but Sen. Al Franken told them at the closing of the Netroots Nation conference: "No matter how frustrated you are, you can't check out now."

"It only took a few years for progressives to establish a foothold in Congress, but it's going to take a little further" to enact a progressive agenda, he said.

Throughout the Netroots conference, the year's largest gathering of progressive activists and bloggers, attendees lamented the lack of a public option in health care reform, the prospect of watching Democrats scale back Social Security and other liberal let downs.

But what's worse, Franken said, is that "Republicans have been making plans to take back the things we did get. They'll implement a truly dangerous agenda."

One of the most important fights progressives should take up, Franken said, is Net Neutrality, the principle that Internet Service Providers should be prohibited from favoring certain content on the Internet.

"Net neutrality is the First Amendment issue of our time," he said.

Speculating on what the Internet could morph into under the Republicans' preferred lack of regulation, Franken asked the audience of bloggers how long it would take before the Fox News website loads significantly more quickly than the Daily Kos website.

"If you want to protect the free flow of information in this country, you have to help me fight this," he said.
http://www.cbsnews.com/8301-503544_1...87-503544.html





Condé Nast Is Changing Its Blueprint
Jeremy W. Peters

Is the era of the $12 magazine subscription coming to an end?

Condé Nast, publisher of titles like Vogue and Vanity Fair that are wildly expensive to produce yet cost subscribers as little as a dollar, is betting its future that the answer is yes.

The company said Friday that its consumer marketing chief, Robert A. Sauerberg, would become president, assuming a newly created second-in-command role to the chief executive, Charles H. Townsend.

The senior-level management shuffle signaled what executives said would be a fundamental overhaul of the advertising-based business model that has sustained the publishing giant since S. I. Newhouse Sr. bought it in 1959.

“We have been so overtly dependent on advertising as the turbine that runs this place, and that is a very, very risky model as we emerge from the recession,” Mr. Townsend said on Friday. “In a company like ours where 70 percent of our margins are generated on the advertising side, we must develop a much, much more effective financial relationship with the consumer.”The goal of the overhaul, is to transform Condé Nast into a business that relies less on advertising revenue and more on the income it makes from charging consumers to read its products on both digital and print platforms.

Mr. Sauerberg’s promotion was part of a broader reorganization of senior management. The dual title of chief executive and president, which Mr. Townsend has had since 2004 and that Steven T. Florio had before him, was split in two.

The position of chief financial officer, which was vacant, will be occupied by John Bellando, who will also retain his duties as chief operating officer. Louis Cona, head of the Condé Nast Media Group, the division that handles the company’s largest advertisers, will assume the additional duties of chief marketing officer.

The announcement on Friday was unusual for Condé Nast, a company that relishes its status as a private enterprise, typically seeing little need to air its business to the outside world. It was equally unusual for what it revealed about succession within the company, a topic of much fascination in the gossipy magazine world.

Mr. Sauerberg’s ascent indicates that he is the chief-executive-in-waiting, said people with knowledge of Condé Nast’s corporate hierarchy who were not authorized to speak on the record.

Mr. Townsend, who said it was his decision to elevate Mr. Sauerberg, would not comment on whether the promotion indicated that Mr. Sauerberg was being groomed for the chief executive position.

“Let me just simply say, clearly I am identifying him as my deputy,” he said. The two men have known each other for 20 years, since their days working together on the business side of The New York Times. Mr. Townsend also insisted he was not planning to retire anytime soon.

“There are people here in their 80s,” he joked. (Condé Nast’s chairman, S. I. Newhouse Jr., is 82.)

The question of succession has been the catalyst for much of the upheaval at Condé Nast in the last seven months. Three senior executives — Richard Beckman, former president of the Condé Nast Media Group; Thomas A. Florio, a senior vice president who oversaw the business operations at the Vogue group; and David Carey, a group president — left the company this year as it became clear they could climb no higher in the corporate structure.

Beyond succession, other questions remain about the company’s future, namely whether it can wean itself from advertising dollars as much as it would like. Its transition to a more consumer-focused business model will be difficult for a company that now earns about 70 percent of its net profit from advertising.

Condé Nast has been slower than other magazine publishers to embrace the Internet, and some industry analysts have questioned whether its lateness in developing a digital strategy would harm the company in the long run.

“No one’s really perfected this; there are lots of moving parts for everyone,” said George Janson, a managing partner at GroupM. “We’re in uncharted territory. It’s just that their boat was so far behind everyone else.”

The transition could be made all the more difficult because consumers have grown accustomed to paying so little for Condé Nast’s magazines. A yearlong subscription to The New Yorker, a Condé Nast weekly, can cost as little as $39.95. Glamour’s Web site advertises a two-year subscription for $15 (including a free handbag).

“They’ve been one of the biggest offenders for undercharging for their products,” Mr. Janson added. “But having said that, I think there is a certain type of content that people will be willing to pay for.”

Mr. Townsend expressed confidence that the consumer would come around, noting, “They pay $180 a month for a cable bill.” The company’s goal is eventually to reach parity in profits from advertising and consumers, he said.

He said he envisioned eventually selling packages of content that included, for example, a print product, a mobile product and a digital product, all for one price.

“We’re entering a period where the handcuffs are off in terms of our ability to monetize the content we deliver to our consumers. We’ve had handcuffs on us for years. We could not break the stigma of a $12 subscription,” Mr. Townsend said. “I’ve got to morph out of that business.”
https://www.nytimes.com/2010/07/24/b...dia/24mag.html





Stieg Larsson Passes 1 Million Kindle Milestone

Stieg Larsson, author of "The Girl with the Dragon Tattoo", has become the first writer to sell more than one million Kindle e-books thanks to his popular mystery Millennium Trilogy novels, online retailer Amazon.com said on Tuesday.

Larsson, who died in 2004 before his novels hit the best-seller list worldwide, was named the first member of the "Kindle Million Club", Amazon.com said.

All three books in the trilogy, whose third installment "The Girl Who Kicked the Hornet's Nest" was first published in Sweden in 2007, are among the top 10 best-selling books Kindle books of all time.

Their print editions have sold more than 27 million copies worldwide and have been translated from their original Swedish into more than 40 languages.

"Larsson's books have captivated millions of readers around the world and ignited a voracious interest in the lives of its main characters Lisbeth Salander and Michael Blomqvist," Russ Grandinetti, vice president of Kindle content, said in a statement.

Amazon.com, the world's largest online bookseller, launched its Kindle e-reader in 2007. It competes for the growing e-book market with Apple's iPad, Sony's Reader and Barnes & Noble's Nook devices.

(Reporting by Jill Serjeant; Editing by Bob Tourtellotte)
http://www.reuters.com/article/idUSTRE66Q5MC20100727





Daily Paper for Children Defies the Craze for Digital
John Tagliabue

When Elisa Cammarota gets home from school, she tosses off her knapsack and reads her newspaper from front to back.

Anthony Azoulay does, too, though he focuses on articles about soccer and large photo spreads.

Both Elisa and Anthony are 10 years old and entering the fifth grade in the fall. And both are regular subscribers to one of the most popular daily newspapers in France.

On a recent morning, the two children sat at a large rectangular table with several of the newspaper’s editors. The paper, Mon Quotidien, or My Daily, invites several of its readers twice weekly to help edit the paper, except for the front page, choosing stories that will be featured in its seven other pages.

The national editor, Caroline Hallé, was proposing an article about a school in Britain that had bought hawks and falcons to drive off a plague of seagulls that were dirtying the premises.

Alternatively, she proposed news of how divers had recently found bottles of French Champagne that King Louis XVI had sent to the czar of Russia, but had gone down when the ship transporting them sank in the Baltic Sea.

“How did Louis XVI end?” asked Olivier Gasselin, 40, the paper’s deputy editor.

“Guillotine,” Elisa shot back, without raising her eyes from the notes she was making.

François Dufour, 49, the paper’s editor and founder, proposed an article that he thought would elicit a chuckle and the children’s approval: British newspapers were reporting that scientists had discovered which came first, the chicken or the egg. He was greeted by stony faces. The chicken, he said, hoping to stir some reaction from the children. The youngsters scribbled some notes, and the group went on to other business.

“We propose, they choose,” said Ms. Hallé, 34, who joined the paper nine years ago after working at an Internet news site.

In an age when many children are addicted to computers, iPods and iPads — and when newspapers are feeling the pressure — Mon Quotidien appears to be an anomaly, all the more so in the journalistic climate of France.

Despite great journalistic names like Le Monde and Le Figaro, the French read ever fewer newspapers. On a per capita basis, only about half as many papers are sold here as in Germany or Britain, and readership is especially low among the young. Only 10 percent of 15- to 24-year-olds read a paid-for newspaper in 2007, the last time the government took a survey, down from 20 percent a decade earlier.

In fact, so concerned was the French government with the decline in newspaper readership that it detailed plans last year for a program called Mon Journal Offert, or My Complimentary Paper, to offer 18- to 24-year-olds a free yearlong subscription to a newspaper of their choice. Though the program quickly reached the 200,000-reader limit the government had foreseen, there was little sign that readers continued their subscriptions once they had to pay.

None of this deterred Mr. Dufour. In the early 1990s, he and two partners made a considerable profit from a line of quiz cards, called Les Incollables in France and Brain Quest in the United States. With that money, they decided to start a daily newspaper for 10- to 14-year-olds, and in 1995 Mon Quotidien appeared. Such was its success — by the third year circulation reached 50,000 copies — that they founded two more dailies: Petit Quotidien, or Little Daily, for 7- to 10-year-olds, and L’Actu, or, roughly, The Headlines, for 14- to 17-year-olds.

“What I made in the States I invested in France,” said Mr. Dufour, youthful with a shock of blond hair and a passion for golf.

He added: “We’re like a local newspaper, with three regions. They’re completely different in what you read.”

The papers, which appear every day but Sunday, are lively and colorful mixes of news, photos, cartoons and quizzes. A recent issue of Mon Quotidien featured a front-page photo of Paul the Octopus, which successfully picked the winners of 2010 World Cup soccer games. Another featured a tiny new car at the Berlin auto show that folds up for easy storage in tight spaces.

Particularly popular are the cartoons by Berth, who lives in Besançon, near the Swiss border, and communicates with the editors through Skype. A drawing of his accompanying the folding-car article depicted the vehicle emitting strange noises when folded. A bystander remarks, “Not only does it fold, it talks, too!” To which another replies: “Nonsense! That’s the driver stuck inside.”

The combination of content and deft marketing has driven circulation of the three papers up to 165,000. “It’s rather well done,” said Françoise Dargent, a literary critic at Le Figaro whose two older daughters, 11 and 13, are avid readers. “It’s a way for kids to stay informed, and forms a good attitude toward reading.”

Still, there is no sign that Mon Quotidien and its sister papers breed long-term newspaper readers. With each successive age group, the number of subscribers diminishes. Petit Quotidien has 75,000; Mon Quotidien, 60,000; and L’Actu, the paper for 14- to 17-year olds, only 30,000.

While Elisa devours her Mon Quotidien every day, her mother, Carine Abes, 46, who works in social services, said she did not subscribe to a newspaper. “I listen to the radio, I read books,” Ms. Abes said.

In fact, Mr. Dufour concedes that he “buys” most of his circulation.

“Every September,” he said, “we ship 15 million free copies to every teacher in France, 30 copies each. That’s 90 percent of the 5 million euros” — or $6.5 million — “that we spend for direct marketing.” Youngsters get to know the papers in school, then pressure their parents for a subscription.

At that level, the papers remain profitable, but driving circulation up further would produce a loss, he said. The papers are sold by subscription only, not at kiosks, because that would raise distribution costs, Mr. Dufour said.

Moreover, he is sticking with the newspaper format, resisting the tug of the Web. “We do nothing on the Internet,” he said, though Mon Quotidien does have a free five-minute news show online. “The parents wouldn’t pay for it.”

Mr. Dufour says he cannot predict Mon Quotiden’s future. “That may change with the iPad,” he said. “Parents never pay for more time on the Internet; the question is, will parents think the iPad another nonpaper paper, or another Internet driver?”
http://www.nytimes.com/2010/07/27/wo...e/27paris.html





Why Some Media Outfits Still Refuse to go Online

WHAT do the Beatles, Harry Potter, Bella magazine and the grizzled crew of the Northwestern, an Alaskan crab-fishing boat, have in common? They are scarcely available digitally. Whereas most media firms scramble to create iPad applications or fret about whether to chase online advertisers or build paywalls, a few digital resisters refuse to distribute over the internet at all.

They have some good reasons. Online advertising is worth much less than television or print advertising. It is hard to persuade people to pay much (if anything) for digital content. Technology firms such as Amazon and Apple can often set retail prices. Digital products can be less beautiful than physical ones.

But such gripes are widespread in the media industry. They must be set against the fact that digital distribution is a low-cost way of reaching huge audiences. What is more, refusing to go online is a sure way to alienate many potential customers. So why do the analogue holdouts hold out?

Simple technophobia is not usually the reason. Discovery Communications, whose “Deadliest Catch” television show follows those crab fishermen, has been a keen early adopter of high-definition television and 3-D. Yet Discovery is conservative when it comes to putting shows online. “Take a Break”, Britain’s fourth-biggest magazine according to the Audit Bureau of Circulations, puts none of its stories (mostly real-life family dramas) online. It nonetheless runs internet discussion groups and expects readers to apply online to enter competitions.

One thing many of the analogue holdouts have in common is that they sell few subsidiary products. Discovery is a rare American example of a pure television firm that derives little income from merchandising or other spin-offs. The Beatles, who no longer tour, do not regard music sales as loss leaders for more profitable concerts, as many bands do. Women’s weekly magazines tend to rely utterly on news-stand sales. One of the chief advantages of a website, selling subscriptions, holds no appeal to them.

The great thing about the internet is that it makes content universally available. But many of the holdouts are already ubiquitous. The Beatles’“1” is America’s best-selling album so far this century, according to Nielsen SoundScan. The Harry Potter books have sold more than 400m copies worldwide. At their peak they were sold in chemists and petrol stations.

The band of analogue holdouts is gradually dwindling. Because they are so few and so large, the holdouts are valuable: any technology firm that can persuade the Beatles to go digital will reap fat rewards. Theft provides another stimulus. All the analogue holdouts are widely available online—just not legally. That seems to be persuading even Harry Potter to look more closely at digital distribution. As Neil Blair of the Christopher Little agency, which represents J.K. Rowling, admits, holding the books back from e-readers “is not the best strategy for combating piracy”.
http://www.economist.com/node/16646290





FCC Majority Supports Previous Cross-Ownership Rule Changes
FMQB

In a new filing with the U.S. Third Circuit Court of Appeals, the FCC says it still supports former Chairman Kevin Martin's decision to relax Newspaper-Broadcast cross-ownership rules, while keeping the TV and radio ownership rules in tact. Only Commissioner Michael Copps dissented in the brief.

In a statement, current Chairman Julius Genachowski said, "Today our General Counsel filed a brief in the U.S Court of Appeals for the Third Circuit defending the Commission's authority to make the changes to our media ownership rules that the Commission adopted in 2008. While the rules being challenged were adopted before I became Chairman, I support our General Counsel in arguing that the order was within the discretion of the Commission and the brief’s general defense of the Commission's authority to make decisions based on the information before it at the time."

He added. "Congress required the Commission to review media ownership rules on a quadrennial basis and the agency is in the middle of the 2010 ownership review. The review requires us to look at any changed facts in the marketplace based on a record which the Commission is now assembling, while ensuring that our rules promote the lasting public interest goals of competition, localism, and diversity. Our 2010 quadrennial review will focus on these values, in the interest of an informed citizenry and vibrant media marketplace."

Commissioner Copps also released a statement following the brief, saying, "It is difficult for me to believe that our new FCC, with its new majority, is in court today basically accepting the validity of the pro-consolidation decision of a previous Commission. We have had 18 months to reconsider the awful vote that loosened our newspaper-broadcast cross ownership rules, but the best we can do, judging from today’s brief, is to kick the media ownership can farther down the road. Months ago we asked the court to be patient with us while the agency deliberates where it wants to go on media policy. The court understandably ran out of patience. Eighteen months is time enough to stop implementation of a rule that can only wreak more harm on our already threatened and diminished media."

He concludes that "Rather than bemoan what has happened today, however, I intend to redouble my efforts to move this issue to the Commission’s front burner where it deserves to be. We should have changed our media policy by now. We must change it in the months just ahead."
http://www.fmqb.com/article.asp?id=1884802





Hey Old Spice Haters, Sales are Up 107%
David Griner

The applause for Old Spice's incredible YouTube blitz this month hadn't even died down when critics started panning the effort as ineffective. Rushing to judgment, some bloggers cited 52-week sales figures from before the video responses launched as a sign that Wieden + Kennedy's efforts were underwhelming. Contrarians jumped on these early reports as a chance to bash clever social media stunts in general.

But now the numbers are in, and it's hard to argue that this campaign doesn't just smell like a man; it smells like victory. In her new analysis of the Old Spice video push, Adweek's Eleftheria Parpis has this summary: "According to Nielsen data provided by Old Spice, overall sales for Old Spice body-wash products are up 11 percent in the last 12 months; up 27 percent in the last six months; up 55 percent in the last three months; and in the last month, with two new TV spots and the online response videos, up a whopping 107 percent." So isn't that enough to satisfy the critics? Perhaps, but only grudgingly.

In his Adweek column today, a curmudgeonly Joseph Jaffe gives the campaign a mild share of praise amid a thicket of caveats: "It's hard to determine how much of (the sales increase) was due to an aggressive couponing campaign which was in market simultaneously, but directionally, there does appear to be a correlation between creative resonance, social momentum and sales." Not quite a resounding endorsement, but it'll have to do.
http://adweek.blogs.com/adfreak/2010...re-up-107.html





Comeback Heralded for Japanese Electronics Giants
Hiroko Tabuchi

Buoyed by a long-awaited turnaround in its television and video game businesses, Sony said Thursday it swung to a net profit of ¥25.7 billion, or $293.9 million, in the April-June quarter and raised its outlook for the full year. The company’s chief financial officer said it was time for Sony to “go on the offensive” amid signs that a global economic recovery was finally pulling Japan’s electronics giants out of a long slump.

Panasonic, meanwhile, said it would make a renewed push into its renewable-energy business by spending up to ¥818 billion to buy out two subsidiaries. Panasonic said its net profit for the latest quarter recovered to ¥43.7 billion.

Japanese electronics companies, which in recent years have been falling behind rivals from South Korea and Taiwan in key businesses like TVs and laptop computers, were hit hard in the global economic crisis as sales evaporated and a strong yen ate into profits.

But a rebound in the global economy and solid growth in emerging markets, coupled with aggressive cost-cutting and restructuring drives, have started to raise their bottom lines. Another electronics maker, Sharp, said Thursday that it had booked net profit of ¥10.7 billion in the latest quarter, reversing big losses in the same period the previous year.

Since taking over as chief executive of Sony in 2005, Howard Stringer has trimmed costs at the struggling electronics and entertainment company while overhauling its sprawling businesses to better link its rich content to its gadgets. But profit has been elusive in Sony’s flagship TV and video game units.

Those businesses are now back on track and should remain strong amid rising consumer interest in 3-D TVs and brisker sales of game consoles, said Masaru Kato, Sony’s chief financial officer.

Sony launched 3-D models of its Bravia liquid crystal display TVs last month. That could further lift sales of its LCD televisions, which rose 59 percent last quarter from the previous year to 5.1 million units.

Meanwhile, a new, slimmer version of its PlayStation 3 video game console and recent price cuts are expected to bolster sales in its game division. In the latest quarter, sales of the PlayStation 3 more than doubled from the previous year to 2.4 million units, while the PlayStation Portable handheld console held steady at 1.2 million units.

Sony’s recovery in games compared with the fading fortunes at its rival Nintendo, which said Thursday it suffered a net loss of ¥25.2 billion, hurt by fewer releases of new software titles. Nintendo sold 3.15 million of its DS handheld consoles during the quarter, compared with 5.97 million a year earlier, the company said.

Sales of the Nintendo Wii home console remained strong, however, rising to 3.04 million units from 2.23 million the previous year. Software sales fell for both the DS and Wii consoles.

At Sony, overall revenue in the quarter grew 3.8 percent to ¥1.66 trillion. The strong sales helped raise its net profit outlook for the financial year that ends in March to ¥60 billion from a previous forecast of ¥50 billion.

The ¥25.7 billion net profit in the April-June period was a sharp turnaround from a loss of ¥37.1 billion a year earlier.

“We want to keep up the momentum, and go on the offensive,” Mr. Kato said. “Our results for the quarter show that our mainstay electronics business is once again becoming our engine of growth.”

Building on a similar revival in earnings, Panasonic said Thursday it had offered to take 100 percent ownership of two subsidiaries, Sanyo Electric and Panasonic Electric Works.

Panasonic, which agreed to buy a 50 percent stake in Sanyo in 2008, is offering ¥138 for each remaining Sanyo share, Panasonic said in a statement. The offer represents a premium of 17 percent from Wednesday’s closing price. Panasonic will also pay ¥1,110 each for the 49 percent of the Panasonic Electric Works shares it does not own.

The purchases, for which Panasonic expected to sell new stock, could be good news for a company that analysts have said must focus on new areas like green technology to combat mounting competition from rivals like Samsung Electronics of South Korea and Sony in TVs and other gadgets.

Sanyo was the world’s largest manufacturer of rechargeable batteries in the financial year that ended last March, leading Sony and Samsung SDI, according to the Japan Economic Center.

“Panasonic may have a vast product portfolio but has realized that the most promising technologies are owned by subsidiaries,” said Takahito Osada, a research fellow at Kobe University. “It is now seeking to bring those technologies into the core company.”

But recovery is far from stable for the big Japanese electronics makers, Mr. Osada said.

“They are rebounding thanks to a general economic recovery, more than their own efforts,” he said. “That’s something they can build on, but their outlook is still unclear.”
http://www.nytimes.com/2010/07/30/bu...0iht-sony.html





Porn Sites Still up in China
Anita Chang

Word leaked out slowly, spread by Web-savvy folks on Twitter: Internet porn that once was blocked by Chinese government censors was now openly available.

"Are they no longer cracking down on pornographic websites? A lot of porn sites and forums are accessible," technology blogger William Long wrote on his feed.

Messages like that startled Chinese Web surfers, long accustomed to the authorities' Internet blockades. The country had been in the midst of highly publicized anti-pornography sweeps, and there had been no announcement of any change in government policy.
Yet eight weeks later, the porn sites are still accessible. Still unanswered are questions about whether it's an official change in policy, a technical glitch or some sort of test by the usually disapproving Chinese Internet police.

"This has never been done with the (Chinese) Internet before," said Beijing-based Internet analyst Zhao Jing, who goes by the English name Michael Anti.

Whatever the reason, the change has thrown into sharper relief what many people see as the main mission of China's aggressive Internet censors: blocking sites and content that might challenge the political authority of the communist government. Websites about human rights and dissidents are also routinely banned.

"Maybe they are thinking that if Internet users have some porn to look at, then they won't pay so much attention to political matters," Anti said.

The government has not said why the porn sites were unblocked. Repeated calls to the Ministry of Industry and Information Technology went unanswered, and the Ministry of Public Security and State Council Information Office — all involved in Web monitoring — did not respond to faxed requests for comment.

China has the world's largest online population of 420 million — more than the entire U.S. population. While the Internet is the most freewheeling of tightly cosseted media in China, the government has the most extensive Internet policing system, from technical filters that block sites based on certain words to human monitors who scan bulletin boards and micro-blogging posts.

Censorship issues led Google Inc. to clash publicly with China earlier this year and eventually close its China search engine and redirect users to Hong Kong.

Tired of the controls, many Chinese have learned to get around "the Great Firewall," or GFW, as the system is known.

Few Chinese will admit to surfing for porn because it is illegal. Many sites are still inaccessible, and of those, sites that somehow evade control are usually blocked within hours. But the demand is there.

"The more they restrict something, the more people pay attention," said a 29-year-old employee at a state-owned logistics company who did not want to be identified because he surfs for porn on business trips.

Sites that suddenly became available around late May include the English-language YouPorn and PornHub, along with numerous Chinese sites offering downloads, though Anti and others say well-known Chinese-language sites remain blocked.

Wen Yunchao, a popular blogger who writes about social issues and the Internet under the name Beifeng, said even more porn sites have become available in recent days, including a well-known Chinese site called "Xingba," or "Sex Bar."

"In the past, the GFW would use pornography as an excuse" for censorship, Wen said. "Now they're not even trying to cover it up."

Chinese society's conservative attitudes about sex are rapidly changing, especially among the young, who make up the majority of Internet users. The trial and conviction this year in southern China of a college professor who used the Internet to organize orgies touched off a debate about privacy and sexual freedom.

A poll of 900 female graduates at 17 Shanghai universities showed that 70 percent think one-night stands aren't immoral, and more than half said they could understand if a girl became a rich man's lover, according to state media.

Liao Shengqing, a journalism professor who led the study, was cited by the People's Daily newspaper as saying that "students' attitudes come from their respect for individual privacy. They regard sex as a private matter and respect other people's choices."

Some speculate the proliferation of social networking sites and Twitter-like services was taxing the Great Firewall, requiring the government to unblock some porn sites to free up capacity for other snooping.

"I think when the GFW realized they were not able to block all domain names, they reallocated resources to block more urgent or political sites," said Long, the tech blogger who is based in Shenzhen and would not give his real name in Chinese.

As part of the change, employees in the office that cracks down on pornography and unauthorized publications no longer have to report overseas-based porn sites to police because of the difficulties in tracking down Chinese involved, the state-run magazine Oriental Outlook reported in May. Censors only need to note the sites, the report said.

Because a dozen or so agencies regulate the Internet in China, the porn availability may have resulted from a shifting of responsibilities, said Xiao Qiang, director of the Berkeley China Internet Project at the University of California-Berkeley.

"The Great Firewall is not that serious toward blocking porn sites. It never was," he said. The true targets, he said, include political information, current affairs, negative reports about leaders, and anything that may trigger a protest.

"That kind of information is where the censorship focus is really," Xiao said. "Porn, they're just halfheartedly doing it."

___

Associated Press researcher Xi Yue contributed to this report.
http://skunkpost.com/news.sp?newsId=2855





Translator Fined Over Child Porn Cartoons
Paul O'Mahony

A Swedish translator of Japanese manga comics has been fined by Uppsala district court for possession of drawings depicting children engaged in sexual acts.

The ruling is the first of its kind in Sweden and has sparked a heated debate over children’s rights and censorship.

The translator at the centre of the case was found guilty of possessing child pornography after downloading the offending manga images from the internet. He told the court that he had retrieved the 51 pictures in order to stay up to date with the latest developments in the Japanese comic genre.

Judge Nils Pålbrant conceded that the decision to fine the translator, though unanimous, had raised a number of thorny issues.

“There’s a clear conflict between freedom of speech on the one hand and general regulations regarding children’s rights on the other,” he told local newspaper Upsala Nya Tidning.

“It was however our view that the protective aspect weighed more heavily when taking into account the intentions of the legislator. The aim of the law, as described in the preliminary work that led to its creation, is not just to protect individual children but children in general.”

But the case has polarized opinion in Sweden. In an editorial published on Thursday, tabloid Expressen gave its backing to the translator.

“However unpleasant and nasty a work of fiction might be, and whatever one thinks about Japanese porn involving cartoon children, there is actually no victim here. The children in the Uppland man’s manga comics were not molested since they were characters in a comic.”

The translator’s lawyer, Leif Silbersky, expressed surprise at the June 30th ruling and has lodged a formal appeal on behalf of his client.

“It goes against all common sense. These are just drawings; no children have been harmed,” he told Upsala Nya Tidning.

Judge Pålbrant said he too would welcome a second opinion from the Court of Appeal due to the precedential nature of the case.
http://www.thelocal.se/27984/2010072...tm_content=172





US Government Legalizes iPhone 'Jailbreaking,' Unlocking
Neil Hughes

The U.S. government on Monday announced new rules that make it officially legal for iPhone owners to "jailbreak" their device and run unauthorized third-party applications. In addition, it is now acceptable to unlock any cell phone for use on multiple carriers.

According to The Associated Press, the government approved a handful of new exemptions to a federal law that prevents the circumvention of technical measure that prevent users from accessing and modifying copyrighted works. The report noted that every three years, the Library of Congress' Copyright Office authorizes exemptions to ensure existing law does not prevent non-infringing use of copyrighted material.

In addition, another exemption was approved that would allow all cell phone users to unlock their device for use on an unapproved carrier. Currently, Apple's iPhone is available exclusively through AT&T, but unlocking it can allow for voice calls and EDGE data speeds on rival carrier T-Mobile.

Other exemptions announced Monday allow people to break protections on video games to investigate or correct security flaws; allow college professors, film students and documentary filmmakers to break copy protection measures on DVDs to embed clips for educational purposes, criticism, commentary and noncommercial videos; and allow computer owners to bypass the need for external security devices (dongles) if the hardware no longer works and cannot be replaced.

The warranty-voiding jailbreak process allows users to run software not approved by Apple, which has no plans to allow users to install third-party applications downloaded from outside its sanctioned App Store. Hackers have created their own custom applications -- many free, and some for purchase from an alternative storefront known as Cydia.

Apple has been criticized for its strict control over the iPhone App Store, requiring that all applications be approved before they are made available for download. The company has defended this practice, stating that it keeps faulty and potentially dangerous software from being made available, as well as banning unsavory content such as pornography.

In April, Jobs cited an unsanctioned pornography store available for the Google Android platform as a reason to not support unsigned applications. "That's a place we don't want to go," Jobs said, "so we're not going to."

In addition to allowing access to legitimate third-party software, both free and paid, through services like Cydia, jailbreaking can also be used to pirate App Store software, one major reason why Apple has fought the practice.

Hackers have been hard at work on jailbreaking iOS 4 since it was released in June. Though the iPhone 3GS and iPhone 3G have been exploited, the iPhone Dev Team has continued their efforts toward both jailbreaking and unlocking the iPhone 4. With Monday's decision by the U.S. government, their efforts are now considered legal.
http://www.appleinsider.com/articles...ed _apps.html





iPad Owners Are ‘Selfish Elites.’ Critics Are ‘Independent Geeks.’ Discuss.
Eliot Van Buskirk

It’s not exactly official, but should also surprise no one: According to a new study the psychological profile of iPad owners can be summed up as “selfish elites” while have-not critics are “independent geeks.”

Of course the “haves” would probably call the “have nots” “cheap wannabes” to which the “have nots” would retort: “FANBOI!!”

Which is why we should stick to the science.

Consumer research firm MyType conducted the study, in which opinions of 20,000 people were analyzed between March and May. The firm’s conclusion was that iPad owners tend to be wealthy, sophisticated, highly educated and disproportionately interested in business and finance, while they scored terribly in the areas of altruism and kindness. In other words, “selfish elites.”

They are six times more likely to be “wealthy, well-educated, power-hungry, over-achieving, sophisticated, unkind and non-altruistic 30-50 year olds,” MyType’s Tim Koelkebeck told Wired.com.

96 percent those most likely to criticize the iPad, on the other hand, don’t even own one (updated). This group tends tend to be “self-directed young people who look down on conformity and are interested in videogames, computers, electronics, science and the internet,” Koelkebeck said.

One might expect people with an interest in videogames, computers, electronics, science and the internet to be interested in a device that lets you play videogames, functions like a computer, is made of electronics, relies on science and connects to the internet, which suggests there would be a high convert rate if the “have nots” just went to an Apple Store for the afternoon.

Why does the iPad apparently appeal to self-centered workaholics who value “power and achievement” and tend not to be kind or to help others (iPad owners in the Wired.com ranks nothwitstanding)? MyType speculates that one factor could be the device’s high price tag, and that the urge to include an additional screen in one’s life correlates strongly to seeing value in connecting to information in a new way, which is basically a nice way of saying what a lot of people were saying when the iPad was released: What do you need one for, really?

As to the critics-who-are-a-test-drive-away-from-being-fans, the study found that “bashing the iPad is, in a way, an identity statement for independent geeks,” wrote Koelbeck.

“As a mainstream, closed-platform device whose major claim to fame is ease of use and sex appeal, the iPad is everything that they are not.”

Ouch. For the record: Koelbeck said it, not we.
http://www.wired.com/epicenter/2010/...ks-says-study/





Why Solid State Drives Won't Replace Spinning Disk
Henry Newman

It wasn't that long ago that solid state drives (SSDs) were DRAM-based and cost a fortune. Then the proliferation of mobile devices requiring shock and vibration profiles that exceeded hard drives created a huge market for flash. Prices dropped, and with more money available for R&D, the density increased dramatically.

It's been a period of tremendous evolution for flash, but I believe dark clouds are forming on the horizon. Let's start with a little history to help me make my point. I first heard more than 20 years ago that tape was dead, but it took data deduplication to make disk cheap enough to hurt tape sales. So it wasn't disk drives alone that were able to impact tape sales; it was disk drives combined with new technology.

Now we're hearing from some that flash drives are going to replace hard disk drives, and that the cost difference, though great now, will continue to decline. Vendors are putting out charts showing the cost of flash drives and hard disk drives converging, which looks to me like some of the charts I saw for tape and disk more than 20 years ago. I don't think it's going to happen any time soon, and the reasons have to do with lithography limits and disk drive density.

The Limits of Flash Lithography

The main driver of density for flash technology is the size of the lithography used to make chips. I found some good data on Wikipedia, which I confirmed. Here is the change in lithography since 1971, and projected to 2022:

1971 1975 1982 1985 1989 1994
10000nm 3000nm 1500nm 1000nm 800nm 600nm

1995 1999 2000 2002 2006 2008 2010 2011 2018 2022
250nm 180nm 130nm 90nm 65nm 45nm 32nm 22nm 16nm 11nm

Much of the increase in flash density is related to the reduction in lithography. You can see that from 2002 to 2010, we had almost a two-thirds reduction in lithography size, allowing more things to be fit into the same volumetric space. But it will take another 12 years before we get the same volumetric improvement again, or a 50 percent increase in time. This is why if you chart flash density growth over the last five years, the pace of improvement has slowed.

There are significant challenges to making things ever smaller, which I am not going to address here, but here are a couple of links for further reading: Producing Integrated Circuits With X-ray Lithography and Wikipedia on Electron Beam Lithography. The bottom line is that there are limits to how small things can get with current technology. Flash densities are going to have data density growth problems, just as other storage technologies have had over the last 30 years. This should surprise no one.

Will Disk Drives Grow in Density?

I have been amazed at the number of charts I see that show flash densities growing and disk drive densities stagnating. We all know that drive density growth rates have slowed, but we have still gone from 1TB drives to 2TB drives to reports of 3TB and 4TB drives as soon as this year. We have seen enterprise 2.5-inch drives go from 300GB to 600GB. Yes, flash densities will continue to grow too, but so will disk densities.

Growth rates in storage tend to have periods of fast growth followed by slow growth, then the introduction of new technologies spurs fast growth again. I believe that this cycle, which happens for many technologies, is already happening to flash. The fast growth period from 2007 to 2009 was a trend line that was used to predict an amazing future. Take two or three data points, plot the slope and you have predicted a truly amazing future. It may work for pundits and vendors, but more often than not it does not work in the real world, at least for very long.

Disk drives are going to get denser. Just as perpendicular recording was developed in the early part of the last decade and a growth spurt followed, some new technology such as heat-assisted recording will come along and do the same thing again. The need for more and more data storage at a low cost is not going away, and the demand has not been lost on anyone. Low-cost storage is important for many applications that need to store lots and lots of data, and that's a point that's firmly in favor of spinning disk. If the need for cheap storage were not a perennial demand, then tape would have been dead as predicted more than 20 years ago. Tape is still far cheaper over the long term than disk, and disk is still far cheaper than flash. That won't change anytime soon.

Flash Performance Not Always Worth the Price

Flash performance for small block I/O (less than 32 KB reads) is orders of magnitude faster than disk, but we all know that flash drives are not created equal for writes. Some are orders of magnitude faster than disk and some are maybe 10 to 20 times faster, and for that speed you pay a significant cost. The question is whether the cost justifies the expense.

Let's take a typical home PC application such as Photoshop. We all know that file sizes are growing, as cameras have ever larger sensors. A few years ago the file might have been 2 MB, but today it might be 8 MB or larger. Reading an 8 MB file on a typical SATA hard drive might take — with a seek, latency and read — 0.15 seconds, but on a flash drive maybe 0.1 seconds, depending on the drive. Does that minute difference really matter? What about editing a large video file? The disk drive might be 80 MB/sec, while the low-end flash drive might be 100 MB/sec. Again, not a huge difference. What does matter is that the metadata used for the editing application is going to go way faster on a flash drive. I know many people with more than 500 GB of data at home between music, videos and pictures. The space requirements add up very quickly. People are not going to spend even 50 percent more for small performance increases at home.

Back in the early 1990s, I had a tape backup system for my home PC. Tape for home PCs is a thing of the past, never to return, but I don't see flash hurting disk to the extent that disk has hurt tape sales. Flash technology won't achieve the densities of hard drives at anywhere near the same cost, at least anytime soon. There are just far too many challenges. Flash and hard drives will have to coexist, and if flash vendors don't see that, they will risk missing their target market, as cheap bulk storage is needed for most data just as much as small block random I/O is essential for a few use cases.

My next PC at home, for Photoshop editing, personal finances and long-term storage, will be a Windows PC with a small flash drive with a home NAS box with four 2TB hard drives connected over 10 Gb Ethernet (at least that's my hope). I will use the flash drive for booting and for temporary files for Photoshop editing, and the bulk NAS storage for pictures, videos, music and everything else.

Hybrid storage requirements are here to stay. Flash addresses the problem for small files, small application I/O requests and swapping far better than hard drives ever will. Flash will never have the price/density advantage of hard drives, however. Solid state technology will have a significant impact on hard drive companies, but flash alone will never be able to meet storage density requirements. Welcome to the new tape vs. disk argument, and expect the same results. Disk isn't going away, no matter how hard some vendors wish.
http://www.enterprisestorageforum.co...le.php/3894671





Sometimes It's OK To Steal My Games
Jeff Vogel

This blog post is about the bright side of software piracy. It's about the times when not only is it OK to steal my games, but, in fact, I get something out of it. Perhaps an unusual topic for a blog post from a game developer.

I admit to being a little bit nervous about writing this. The sad truth is that, these days, it is so easy to pirate single-player PC games that most gamers only have to pay for them if they want to pay for them. And there is strong evidence (links below) to indicate that they usually don't want to pay for them. So giving people ammunition they can use to convince themselves that they shouldn't pay for my games seems perilous, especially since they are, after all, how I support my family. But I got into the blogging game to write about the reality of the game biz from the viewpoint of my shadowy little corner, and piracy is a huge part of it, so here we go.

Of Course, Piracy Is Almost Always Wrong

I think that the best way of evaluating the morality of an action is to ask, "What would happen if everyone who wanted to do it did it?" Littering and dumping toxic waste into rivers are wrong because, if everyone who wanted to do those things did them, our streets would be choked with refuse and our drinking water would be half benzene. And pirating PC games is wrong because, were it not for that minority of worthy souls who actually chip in, the industry that makes the games we love would descend into a shadow realm of tiny ad-supported Flash games and Farmville. Some people would be cool with that, but I'm looking forward to playing Starcraft 2, thanks.

And I've now set myself up for 50 comments of increasingly overwrought and implausible justifications for why pirating games is a good, noble thing to do. No. Sorry. You don't get everything you want in this world. You can get piles of cool stuff for free. Or you can be an honorable, ethical being. You don't get both.

Most of the time.

Because, when I'm being honest with myself, which happens sometimes, I have to admit that piracy is not an absolute evil. That I do get things out of it, even when I'm the one being ripped off.

Computers Exist In the Third World

Every so often, I get an e-mail in broken English from some kid in Russia or southeast Asia or India. He says how how he is playing my game in a cyber-cafe, for fun and perhaps to practice English. The disparity in the strength of the currency between our two countries makes it impossible it is for him to get the 25 or 28 hard US dollars to buy my game. (It's entirely possible in much of the world to not be dirt poor and yet to be entirely unable to scrape together a chunk of hard U.S. dollars.) The message ends with a sincere and heart-rending plea for a registration key.

Now, you're probably thinking, "Yeah, the kid is probably making it up." I doubt it. Remember, my games are easy to pirate. Anyone who wants to steal my games can grab them any time he or she wants. Maybe some of these pleas are fake, but I'm sure that most aren't.

When I get one of these message, what I want to respond is, "PIRATE MY STUPID GAME!!!" I mean, seriously, the time used drafting that e-mail would have been much more profitably spent figuring out how BitTorrent works.

But I don't say that. I delete the e-mail unanswered. Because, the truth is that these games are how I feed my family. Asking me for free keys is simply not a behavior I want to encourage.

But I really hope those kids pirated my game. And I am sure that, for every such e-mail I received, a horde of others in faraway lands pirated it on their own. Sometimes, thanks to the vagaries of the international monetary order, my games are just out of reach any other way. And, when people enjoy my work, it gives my life meaning, which bring me to ...

I Want My Life To Have Meaning

I consider myself a reasonably bright person, who works hard to make something people like. When I'm old and crumbling, I want to be able to feel that I had a successful life in which my work brought happiness to a lot of people.

I feel fully financially compensated for my time when one of my games (which usually takes a year or so to make) sells 5000 copies. However, from the game industry perspective, 5000 copies is nothing. Even the crappiest flop from a real publisher sells a ton more than that. So am I wasting my life? If I really care about the number of people I reach and the amount of happiness I bring, shouldn't I try to get a job somewhere where my work has a chance of reaching far more people?

But then I remember that for everyone who buys my game, dozens more just tried the demo. And a lot of those people will play the whole demo, have fun, decide they had enough, and move on. That counts as providing fun for people, sort of.

But, more importantly, the percentage of people who pirate PC games seems to be very high. It's possible that 90% of the copies of my games out there are pirated. There is definitely solid evidence that the piracy rate for PC games is that high, and believe me, there are a thousand ways to get my games for free. It happens a lot. And, if that figure holds, that brings the player base for each of my games to 50000. That is a number that can keep me from lying awake at night.

Of course, a lot of those people could have bought it but decided to pirate it instead. In other words, jerks. Which brings up a good question. Am I satisfied that my life's work went to make a jerk happy? Does that give me Life Value points? Is it a worthwhile thing to bring a jerk pleasure? This is generally the point where I force myself to think about something else.

But not everyone who steals a game has money. Some of them are legitimately poor. Which brings me to one final point.

The Recession Is a Thing That is Happening

These days, some people are legitimately poor. Many people, through a mix of poor fiscal choices and ill fortune, are in bad shape. Foreclosed on, or facing foreclosure. Trying to pay down a mountain of credit card debt. Unemployed for a long time. Lacking health insurance. Some people brush this growing population off, saying, "Oh, they brought it on themselves." And sometimes that is true. They made mistakes. Everyone makes mistakes. I make mistakes. It's just that some people are unlucky enough to be savagely punished for their mistakes.

Someone who is facing long-term unemployment and bankruptcy probably should not pay for my game. And, in that case, if stealing my game gives them a temporary reprieve from their misery (and there's a lot of misery out there right now), I'm cool with that. I'm happy to help. These are my fellow citizens, and I want to help out how I can.

Now here is what I am NOT saying. If some kid has to actually save his allowance for a few weeks to buy the game, stealing it is instead of paying is not cool. I'm not OK with that. If you can pay, you should pay. But I understand that some people can't. It's reality. As for whether someone can truly pay or not, I have to trust them to be able to tell the difference. It's probably unwise to trust so many strangers so much with my livelihood on the line. But it's not like I have a choice.

How I Will Now Single-Handedly Solve the Problem of Piracy

I just have to add one thing, and then I can hopefully go without writing about this ugly topic for a good, long time. The way the economics of the business work right now, if you want good PC games, someone has to pay for them. You can't support a project like Starcraft 2 with ads. The money just isn't there.

If you like PC games but you usually pirate them, I want you to start actually paying for one game a year. Just one. Please. You should do it because you need to do it to help something you like to continue to exist. Sure, you might find that doing the virtuous thing feels surprisingly good. But, in the end, you should do it for the reason anyone ever really does anything: Because it is in your best interests to do so.

But what game should you pay for? It's tempting to say you should support some small Indie, like me, who is just working hard to support his family. But I don't believe that. The people who made Starcraft 2 have families to. No, buy the game that you feel most deserves to be rewarded. Who gave you the most fun, or carried the industry forward, or that you felt treated you fairly.

Maybe that game is Starcraft 2. Maybe it's Avernum 6 or Aveyond or Eschalon 2 or World of Goo or one of a million tiny games. It might even be Assassin's Creed 2. Could happen.

And, before you post flaming me because Piracy-Is-Always-Good or Always-Bad, remember that all I'm trying to do is pay a little visit to reality-land. And while I do get something out of piracy, all things being equal, it's better to pay for the thing you use. Again, with PC games, you can get cool free stuff, or you can be honorable. You don't get both. Once in a while, be part of the solution.
http://jeff-vogel.blogspot.com/2010/...-my-games.html





U.S. Copyright Group ‘Steal’ Competitor’s Website
Ernesto

The U.S. Copyright Group (USCG) has been all over the news in recent months. The lawyer group sued thousands of BitTorrent users who allegedly file-shared motion pictures belonging to their clients, including the Oscar-winning Hurt Locker. However, it turns out that USCG are not copyright purists either, as they have blatantly copied the website of a competitor without permission.

During May this year the makers of The Hurt Locker filed a complaint against the first 5,000 ‘John Does’. Helped by the U.S. Copyright Group (USCG), the film makers are requesting the personal details of individuals behind the IP-addresses that allegedly shared the film on BitTorrent.

With these personal details in hand, USCG is planning to send out a batch of settlement requests asking the alleged file-sharers to pay amounts up to $2,500, or risk a full trial and a heftier fine instead. In recent months USCG has already sent out similar ‘speculative invoices’ to downloaders of other films, including the indie movie Far Cry.

It’s needless to say that the administrative process to handle thousands of settlements will involve quite a bit of work. To make this easier for themselves and the alleged downloaders, USCG recently put up a settlement website where visitors to their main website Copyrightsettlements.info are redirected to.

By itself the mere existence of this settlement portal wouldn’t really be newsworthy, but this changed when we realized that they had copied it from a competitor.

Six weeks ago a TorrentFreak reader alerted us that USCG was setting up a new website to deal with the settlements. Instead of coding the site themselves, they had simply copied the code (including the copyright statement) and images from a company in the same line of work. The images below show how both sites looked at the time.

Because the USCG site was hosted on a force.com subdomain, we weren’t able to verify the legitimacy of this site to find out if there was indeed a direct connection to USCG. To be honest, we simply couldn’t believe that USCG would be stupid enough to blatantly rip-off a website like this, so we assumed that someone had tried to pull off a prank.

A month after the email, however, the same site popped up again when we tried to access the website of USCG. Although the original layout was stripped down significantly over the past weeks, the website still uses code and images from the Copyright Enforcement Group.

Initially, USCG even listed their competitor’s phone number on their site, but they were wise enough to remove this and other texts that refer to the Copyright Enforcement Group. That said, there is no doubt that USCG’s website is ‘stolen’.

Both the source code and the copied image names clearly reveal that the code was blatantly copied from their competitors. Armed with this knowledge we decided to contact the victims of this apparent violation to ask if they had perhaps authorized this use. The answer we got was clear.

“Thank you for bringing this to our attention. We are not associated with the US Copyright Group and they are not authorized to use Copyright Enforcement Group materials,” a representative of the Copyright Enforcement Group told TorrentFreak in a response.

Another representative told the reader who tipped us off that the US Copyright Group and Dunlap, Grubb & Weaver will be receiving a cease and desist from Copyright Enforcement Group.

Of course, we’ve seen this type of behavior before. The UK’s ACS:Law, also writing to thousands of file-sharers demanding cash payments for alleged infringements, aren’t whiter than whiter either. They took sections of several news articles and tried, unsuccessfully, to pass them off as their own content on their company website.

So there we have it once again. An outfit that targets copyright infringers is actively infringing copyright themselves. They are so incompetent and probably blinded by the dollar signs in their eyes, that they can’t even put a website together without breaking the law themselves – copyright law.
http://torrentfreak.com/u-s-copyrigh...ebsite-100730/


















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 24th, July 17th, July 10th, July 3rd

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black