P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
Reload this Page Peer-To-Peer News - The Week In Review - September 1st, ’18
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 29-08-18, 07:43 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,016
Default Peer-To-Peer News - The Week In Review - September 1st, ’18
Since 2002


































"We consider whether a bare allegation that a defendant is the registered subscriber of an Internet Protocol (‘IP’) address associated with infringing activity is sufficient to state a claim for direct or contributory infringement. We conclude that it is not." – United States Court Of Appeals For The Ninth Circuit


"We can’t afford to lose an important media outlet. It does leave a hole, but on the bright side, this sort of idiosyncratic rebellious spirit of The Voice has been subsumed, in a way, by the mainstream. It’s sort of everywhere." – Michael Musto


"For example, in your budget, you might say you are paying a Hollywood star $10m but you're really only paying them $2m. The other $8m you can transfer offshore without questions. And most importantly without the need to collect official Chinese receipts." – Raymond Zhou






































September 1st, 2018




US Court of Appeals: An IP Address Isn't Enough to Identify a Pirate

Copyright owners will need more if they want a successful legal case
William Gayde

Why it matters: Judge rules that copyright trolls need more than just an IP address if they want to go after copyright infringement. An IP is not enough proof to tie a person to a crime.

In a win for privacy advocates and pirates, the Ninth Circuit Court of Appeals ruled that an IP address alone is not enough to go after someone for alleged copyright infringement. They ruled that being the registered subscriber of an infringing IP address does not create a reasonable inference that the subscriber is also the infringer.

The case began back to 2016 and has been playing out in the legal system ever since. The creators of the film 'The Cobbler' alleged that Thomas Gonzales had illegally downloaded their movie and sued him for it.

Gonzales was a Comcast subscriber and had set up his network with an open Wi-Fi access point. At some point, someone had used his network to download the movie and the film creators captured Gonzales's IP address.

The judge stated that in order for a proper case, the copyright owners would need more than just an IP address. This is often difficult to provide since it is challenging to prove who was connected to what and when. This case is made even more challenging since Gonzales's network was open and anyone could have downloaded the movie.

The new ruling upholds a previous ruling by a lower district court on the same case. The Appeals Court issued the following statements:

“In this copyright action, we consider whether a bare allegation that a defendant is the registered subscriber of an Internet Protocol (‘IP’) address associated with infringing activity is sufficient to state a claim for direct or contributory infringement. We conclude that it is not.

The direct infringement claim fails because Gonzales’s status as the registered subscriber of an infringing IP address, standing alone, does not create a reasonable inference that he is also the infringer. Because multiple devices and individuals may be able to connect via an IP address, simply identifying the IP subscriber solves only part of the puzzle. A plaintiff must allege something more to create a reasonable inference that a subscriber is also an infringer.”

In addition to direct infringement, the copyright owner also attempted an indirect infringement claim. They alleged that Gonzales had encouraged users of his network to download the movie but this failed as well since they were unable to provide any proof. Finally, the judge ordered Cobbler Nevada LLC, the copyright holder, to pay more than $17,000 in legal fees for Gonzales.
https://www.techspot.com/news/76190-...-identify.html





BitTorrent Courts File-Sharers With Token System

For better or worse, Tron's attempt to offer a customized virtual token through BitTorrent will potentially encourage more file sharing. 'Users who participate will exchange tokens with each other on the basis of resources provided, not mining,' BitTorrent said.
Michael Kan

The upcoming feature is part of a project to integrate BitTorrent's network with blockchain technology from Tron, a cryptocurrency developer that acquired BitTorrent for a reported $140 million last month.

The goal is to create a custom token that can be traded as a way to encourage users to host files over fast networks and to do so over longer periods of time. Ideally, this would produce speedier and more stable downloads.

"Users who participate will exchange tokens with each other on the basis of resources provided, not mining," BitTorrent said on the website for its project, dubbed Project Atlas.

When the feature will arrive isn't clear. But to promote its adoption, the company is developing software extensions that will let other BitTorrent clients quickly integrate the token system.

Tron CEO Justin Sun has said he wants content creators to share their work over BitTorrent and also get paid. "The creators of this content could reach hundreds of millions of global users through this decentralized network without any intermediaries," he wrote in a blog post last month.

Currently, producers of movies and TV shows offer them through streaming services such as Netflix and Hulu. But Tron's concept promises to remove the middleman so content creators can earn more profit.

Whether any of this is realistic is another matter. BitTorrent, which also develops the uTorrent client, has 100 million monthly active users. However, the file-sharing technology has often been blamed for promoting digital piracy. Through the technology, shady websites like The Pirate Bay have been able to share torrents that can let someone download selected bootleg movies, music, and computer games.
https://www.pcmag.com/news/363505/bi...h-token-system





Verizon Throttling Could Trigger FTC Investigation of Deceptive Practices

Since FCC abandoned net neutrality, Democrats say FTC must probe Verizon.
Jon Brodkin

Thirteen Democratic members of Congress on Friday asked the Federal Trade Commission to investigate Verizon's recent throttling of the Santa Clara County Fire Department while it was fighting California's largest-ever wildfire.

"Throttling directly violates core net neutrality principles," the letter, led by US Rep. Anna Eshoo (D-Calif.), said. "In light of the repeal of net neutrality, we urge you to investigate whether Verizon's practices were 'unfair or deceptive' pursuant to Section 5 of the Federal Trade Commission Act." The letter was sent to FTC Chairman Joseph Simons.

NEW: I sent a letter today with @NancyPelosi and 11 Northern California Members to the Federal Trade Commission (FTC), urging them to investigate Verizon's throttling of Santa Clara County Fire Department's data. pic.twitter.com/joCNBcBoey

— Rep. Anna G. Eshoo (@RepAnnaEshoo) August 24, 2018

The House members wrote to the FTC instead of the Federal Communications Commission because the latter agency ceded regulatory power to the FTC when it deregulated broadband and eliminated net neutrality rules.

Eshoo and fellow Democrats wrote:

“We believe the Federal Communications Commission, as the expert regulatory agency, should be responsible for the oversight of public safety networks and communications networks as a whole. Unfortunately, with its repeal of the 2015 Open Internet Order, the FCC has abdicated its jurisdiction over broadband communications and walked away from protecting consumers, including public safety agencies. We, therefore, call on the FTC to protect consumers from unfair or deceptive acts or practices stemming from this incident.”

The FTC doesn't enforce any rule against throttling, but it can sue companies when they deceive consumers about the terms of their service.

"It is unacceptable for communications providers to deceive their customers," the Democrats wrote. "But when the consumer in question is a government entity tasked with fire and emergency services, we can't afford to wait a moment longer. The FTC must investigate whether Verizon and other communications companies are being unfair or deceptive in the services they're offering to public safety entities, and if so, to determine what remedies are appropriate to ensure our first responders have adequate service when lives are on the line."

When contacted by Ars, an FTC spokesperson confirmed that the agency received the Democrats' letter but said the FTC had no further comment.

Besides Eshoo, the letter was signed by Democratic Leader Nancy Pelosi (D-Calif.), and Reps. Mike Thompson (D-Calif.), John Garamendi (D-Calif.), Jared Huffman (D-Calif.), Ro Khanna (D-Calif.), Barbara Lee (D-Calif.), Jerry McNerney (D-Calif.), Jimmy Panetta (D-Calif.), Jackie Speier (D-Calif.), Zoe Lofgren (D-Calif.), Mark DeSaulnier (D-Calif.), and Doris Matsui (D-Calif.).

FTC authority is limited

FCC Chairman Ajit Pai has claimed that the FTC will protect consumers from unfair practices now that the FCC has given up its ability to regulate ISPs as common carriers.

But the FTC has faced a long, difficult process in trying to punish AT&T for throttling Internet service on unlimited data plans. The FTC sued AT&T over the practice in 2014, but AT&T avoided a trial by claiming that the FTC has no authority over AT&T's business.

AT&T finally gave up its attempt to cripple the FTC's authority in May when it said it would not appeal to the US Supreme Court, and the company signaled that it wanted to settle with the FTC. It isn't clear whether the case will be settled or go to trial. But after nearly four years, no consumers have received the refunds sought by the FTC.

Throttling of fire department

As we reported last week, a crucial device used by the Santa Clara fire department had an "unlimited" plan that was throttled to unusable speeds after 25GB of usage each month. The throttling came to light in a filing made by Santa Clara in the lawsuit that seeks to restore net neutrality rules.

The device was throttled at disaster responses in December 2017 and June of this year, leading to some frantic conversations between Verizon and the department. Emails submitted in court show that fire department officials thought they had worked out a solution with Verizon to remove throttling after similar incidents in December and June. They were caught by surprise when the device was throttled again in July while fighting the Mendocino Complex Fire.

Eshoo and fellow Democrats described the events as follows:

“According to the [court] Declaration, County Fire contracted with Verizon for an "unlimited" data plan but experienced heavy throttling when they had reached their "cap." These reduced speeds severely undermined department personnel's ability to function in the midst of the largest wildfire in California history. When County Fire contacted Verizon directly about the reduced speeds and asked it to restore speeds to essential transfer speed, County Fire was told it would have to switch to a new data plan at more than twice the cost.”

Verizon acknowledged that it "made a mistake in how we communicated with our customer about the terms of its plan." Verizon also said it failed to follow its own policy of "remov[ing] data speed restrictions when contacted in emergency situations."

Verizon also apologized at a hearing held by the California state legislature on Friday. On the same day, the company said it has temporarily stopped throttling the data of firefighters and other first responders on the West Coast and in Hawaii and will soon introduce a new unlimited plan "with no caps" and with priority access for first responders.
https://arstechnica.com/tech-policy/...ive-practices/





It's a Net Neutrality Whodunnit: Boffins Devise Way to Detect Who's Throttling Transit

Simple, really – follow the congested links
Richard Chirgwin

Back when net neutrality was a thing, engineers at the Center for Applied Internet Data Analysis (CAIDA) tested US interdomain links, and found them mostly flowing freely.

News of Verizon throttling a California fire department's data suggest things have already changed in America, but if CAIDA's work gets legs, the world will at least have a new way to detect that kind of behaviour.

Published this month after winning the ACM's SIGCOMM 2018 "best paper" accolade, "Inferring Persistent Interdomain Congestion" offers an architecture for what its 10 authors called "large-scale third-party monitoring of the Internet interconnection ecosystem".

When the group did its data gathering between March 2016 and December 2017, its focus was on how disputes between different players – ISPs, content providers, clouds, and transit providers – would end up in throttled links and degraded end user performance.

As the paper stated: "There is a dearth of publicly available data that can shed light on interconnection issues." Hence even though an interconnection dispute, throttled links, or even misconfiguration can affect people far beyond the scope of an affected link, the researchers noted that "limited data is available to regulators and researchers to increase transparency and empirical grounding of debate".

Instead, it becomes a matter of accusation and counter-accusation in the tech press (such as when Netflix went public against AT&T in 2014, before the two inked a peering agreement).

CAIDA - throughput in times of congestion

Rising ping times, hinting at latency, correlated well against falling throughput in CAIDA's research

With probes at 86 vantage points in 47 ISPs, CAIDA's boffins created "a system that conducts ongoing congestion measurements of thousands of interdomain links", the paper said. The vantage points were fitted with "Time Series Latency Probes" (TLSP), which the paper said was "consistent with those obtained from more invasive active measurements (loss rate, throughput, and video streaming performance)".

That data was validated by the operators themselves, CAIDA's team said.

The TLSP approach is simplicity itself: as congestion rises, packets get buffered, latency rises – and CAIDA's deep knowledge of the underlying network topology (built into another tool to identify which links to probe) made it possible to infer where the latency, and therefore congestion, occurred.

"If the latency to the far end of the link is elevated but that to the near end is not, then a possible cause of the increased latency is congestion at the interdomain link," the paper said.

The probes also measured packet loss on similar reasoning: an excessively congested link will see packets dropped when their time-to-live (TTL) expires.

There's a presentation slide deck for the paper here (PDF), and CAIDA's analysis scripts, data sets (via a visualisation interface), and query API are available by request to manic-info@caida.org, and the organisation is hoping ISPs will volunteer to help gather data.
https://www.theregister.co.uk/2018/0..._measurements/





That Time Telco Lobbyists Sent Me All Their Talking Points About Trying To Shift The Blame To Internet Companies
Mike Masnick

It's not every day that big telco lobbyists email me their internal documents about how they're going to try to shift all the negative press about themselves and try to flip it onto internet companies. But it did happen yesterday. In what was clearly a mistake a top exec at the telco's largest lobbying organization, USTelecom, emailed a 12 page document of talking points yesterday, asking the recipients to "review the document for accuracy and other thoughts" in order to help USTelecom President Jonathan Spalter for when he goes on C-SPAN next week. I found it a bit odd that I would be on the distribution list for such an email -- especially when 13 of the 15 recipients of the email were US Telecom employees. And me. The one other non-US Telecom person works at a firm that provides "subject matter experts" and "in-depth legal analysis."

The talking points are not all that surprising, if you're at all familiar with the telco industry, so there aren't really any huge smoking guns here, but they do cover a huge range of issues, from net neutrality, competition, privacy, cybersecurity, and more. Amusingly, on the net neutrality front, there's a section on "Verizon Throttling Fire Responders." Tragically, that appears to be one of the few sections in the document that they hadn't yet filled in yet -- perhaps because the industry still doesn't have a good response to Verizon throttling fire fighters in California as they were battling wildfires.

One thing that's clear, however, is that the big telcos really want to play up the recent attacks on social media companies ("edge providers," as they like to say), and throughout the document there are statements about taking advantage of the current political attacks on those companies. For example, in the "Privacy" section, the talking points for Salter appear to be for him to try to pivot to making it about Facebook and Google as quickly as possible, saying they are the bigger risks:

Privacy

MESSAGE: Here is the modern reality of consumer protection: the greatest risks are posed by companies on the internet’s edge. Privacy is a shared responsibility -- and the burdens and obligations can not rest solely with ISPs and must be applied equally across the internet ecosystem.

• The increased scrutiny of Facebook and other edge provides offer a significant opportunity for Congress to implement clear and consistent rules that apply equally to all companies in the internet ecosystem. And when they begin the process of establishing best practices for privacy, they will need to look no further than broadband providers.
• For years, our members have embraced strong consumer privacy policies, because they understand the success of any digital business depends on earning their customers’ trust.
• Consumers and companies alike deserve one set of protections and rules of the road. This is the best way to ensure consumer protection while also providing the necessary flexibility for a competitive and innovative marketplace.

Let's just say that's laughable. Google and Facebook may be no great shakes on privacy, but the telcos are far, far worse. First of all, they have much greater visibility into everything that you do, because it all goes through their pipes. You can avoid Google and Facebook if you want. Not so much your ISP. Second, these companies have terrible, terrible histories when it comes to privacy issues, much worse than Google and Facebook.

Telcos have historically sucked up all your clickstream data and sold it to databrokers, while pretending it was no big deal. The telcos have regularly used incredibly sneaky and intrusive spying practices (way beyond anything Google and Facebook have done) including deep packet inspection and undeletable supercookies. And who can forget when the telcos wanted to sell you back your privacy, and raise your subscriber fees $30/month if you didn't want them to snoop on all your internet activity? And who can forget that it was just weeks ago that Verizon launched a VPN without any privacy policy at all?

And let's not forget their super cozy relationship with the NSA. After the Snowden leaks five years ago, the internet companies all were quick to highlight what they were doing to prevent the NSA from snooping on you. They revealed long-hidden lawsuits fighting back against the NSA. They pushed for greater transparency and legal reform, they published transparency reports... all while the telcos went silent (and when they finally -- years later -- were pressured into releasing transparency reports, those reports left out key details on surveillance support). That's because it was shown that they were extra cozy with the NSA, even giving them full access to their equipment. Section 702 "upstream" collection involves the NSA directly tapping into telco backbone connections and sniffing through everything. We only found about all of this because an AT&T technician literally walked into EFF's offices one day and spilled the details (later confirmed with Snowden documents). And rather than admit to helping the government violate the 4th Amendment, the telcos ran to Congress to get guaranteed retroactive immunity for supplying warrantless wiretaps.

So, sure, the privacy failings of Google and Facebook are worth pointing out and discussing. But they're child's play compared to the telcos. For the telcos to pretend that they are the ones who "embraced strong consumer privacy policies" is laughable. This isn't a talking point. It's pure propaganda.

There's a brief section later in the document, suggesting that they play up Trump now fighting with Google, and suggest that's a good point to drop in the "same rules for edge" providers meaningless argument:

• Trump/Google Drama

• People have spent years clamoring for ISP net neutrality. We need same rules of the road for edge.

I'm sure that sounds good to whoever came up with it way back when, but as people have explained for the better part of a decade, it makes no sense at all. Access providers and edge providers provide very different types of services, and "the same rules" don't make any sense at all. The telcos and the folks at US Telecom know this. They only bring this up because they think the viewing audience is stupid and will nod along with "same rules for everyone." But, in reality, they know that what they are advocating for is basically handicapping internet companies.

On net neutrality there's the usual nonsense, falsely claiming that they "strongly support net neutrality" even as they immediately cheer on the FCC order that literally wiped out net neutrality:

MESSAGE: Our nation’s broadband providers strongly support net neutrality—without 1930’s-era regulations—and with consumer protections that are consistently applied across the entire internet ecosystem.

This is blatantly untrue. The telcos fought multiple earlier attempts to enforce net neutrality that did not use "1930's era regulations." What happened was that Verizon's lawsuit over earlier rules (which did not rely on those regulations) resulted in the court effectively saying "to have net neutrality, you have to use those rules." So, we would have had net neutrality without those 1930s-era regulations if US Telecom and its members hadn't sued over the older rules.

Not surprisingly, they also want to push the silly argument that just because they didn't immediately make the internet turn to shit the day after the FCC repealed the rules, it proves that we didn't need the rules (I will again remind you right here -- for no particular reason -- that the section on how to respond to Verizon violating those old net neutrality rules in throttling the fire department's wireless connection... is left blank in the document).

Since the FCC’s Restoring Internet Freedom Order, the internet as we know it is still thriving, growing, open and continues to spin on its axis. The predictions that ISPs would engage in anti-competitive throttling, blocking, and prioritization, have not happened.

Again, the telcos aren't going to rush out bad practices all at once -- especially not while the repeal of the rules is still in court. But, again, it should be noted that during a previous fight over these rules, in court, Verizon's lawyer flat out admitted that without these rules, the company had every intention of throttling traffic.

And, of course, the telcos strategy when the questioning gets tough on net neutrality is to try to do this judo move and attack the big internet companies instead:

It’s ironic—but not unexpected—that the companies which have become the internet’s most powerful gatekeepers are fighting for an open internet that exempts them from the very rules for which they are advocating.

First off, this is not ironic. Second, it's not accurate. Google and Facebook are hardly the most powerful "gatekeepers." Nor are they the ones pushing for open internet rules. That's been left mainly to smaller internet companies who can't get into bed with the telcos like Google and Facebook are able to do. Third, the whole idea that the rules are somehow different for them makes no sense. These rules are about providing access to the internet. There is no "net neutrality" for edge providers that makes any sense.

Not surprisingly, the telcos are freaked the fuck out about state regulators stepping in to reimpose net neutrality rules. And, on this, I don't blame them. Well, no, that's not correct, I totally blame them. I blame them for pushing the FCC to drop the federal rules opening up this vacuum into which the states are now stepping. I agree that having the states take this on is a bad idea that will lead to a mess of different rules across the country, but, hey maybe the telco lobbyists should have thought of that before asking the FCC to kill off these wildly popular rules that had a very light touch. But, still, they've got their new talking points and they're sticking to 'em:

• Broadband is and will continue to be regulated at the federal level
• Precedent at the FCC, and in the courts, have recognized the dangers of individual state mandates and have embraced state preemption to avoid piecemeal approaches to internet regulation.
• [Pending passage] The regulations signed into law by Governor Jerry Brown put short-term political gain ahead of long-term economic development and growth of California’s internet economy.

Well, no. Broadband has long been regulated at the state and local level thanks to public utility commissions, local franchise laws and more. And, hey, you had broadband regulated at the federal level under the 2015 open internet order, which included state pre-emption but you gave that up when Ajit Pai repealed it and gave up the state pre-emption bit when he took the FCC out of the broadband regulation game.

Ooops. Maybe you jokers should have thought of that before.

As for the California bill -- what?!? Long term economic development in California especially depends on a free and open internet -- the kind where Verizion, AT&T and your other members are unable to kill new startups with excessive tolls and fees, not to mention limited services.

There are then some talking points about just how painfully expensive it is for the telcos to serve rural residents -- which no one denies. But, it's pretty funny to watch these massive telcos, with billions in profits and a long history of squandering government subsidies use these talking points to talk about why they just need more cash from the government:

Delivering broadband to sparsely populated rural areas is a costly and challenging endeavor that requires significant upfront investment.
• That is why federal support is essential for network providers to meet deployment challenges in high cost areas.

Oh, but not only do they want cash from the government, they most certainly DO NOT want that cash to go to programs that would create competition in the marketplace. Oh no.

Federal investment must be used to fill the gaps in truly unserved areas, not create false market competition by allowing electric utilities with established monopolies to extend their market power over this already fragile market. Together, we should be laser-focused on serving the unserved and maximizing the federal support to do it, while avoiding duplication and overbuilding, and ensuring efficiencies wherever possible.

Sounds like somebody is still quite a bit ticked off about massive success stories like Chattanooga, where the local electric utility built an amazing competitive network that not only provided better, cheaper service in that city to under-served residents, but also forced the incumbents to up their own game as well.

It's doubly hilarious that a key talking point in this document is literally "we don't want competition" when much of the other document keeps trying to push the lie that there's robust broadband competition.

They also talk up having states give them money, such as this:

In New York, officials just completed a $500 million broadband auction to deploy high-speed service to 99 percent of its residential structures.

One would hope that the C-SPAN interviewer would follow up this point with a question about why NY would trust any of these companies when US Telecom member Verizon promised to bring fiber to 100% of New York City in 2008 and then didn't. Seems like we should be fairly skeptical of the 99% claim now.

It also is unlikely to surprise anyone that US Telecom is really, really, really against the requirements for very limited local loop unbundling, which has helped enable a smidgen of competition in certain areas (I only have the broadband I have today thanks to local loop unbundling). These are the rules that made the big telcos have to allow third party service providers to use their networks at wholesale rates to offer competing services. It's a great way to create competition at the service level, rather than doing it more wastefully at the infrastructure level. The telcos have done a good job making it more and more impossible for competitive carriers to make use of it, but they really want the rules gone entirely. And they say they're no longer needed due to a completely fictional "tremendous competition in the communications market." Don't laugh. They think they're serious:

• Today, more than 20 years later, there is tremendous competition in the communications market, but these rules are still on the books.
• We have asked the FCC to review whether these rules are still necessary. If the FCC agrees they are, we hope the commission will forbear from these outdated rules like they have with many other no longer relevant regulations.
• Ending these rules will allow broadband providers to invest in the future of their networks father than being tied to the past.

So, let's be clear. There is barely any real competition in the broadband market, let alone "tremendous" competition. Ending those rules won't magically allow providers to invest in future networks. They will limit competition, meaning there's less reason to invest.

There's some nonsense about how the FTC will be a great protector of consumers from the telcos now that the FCC has taken itself out of the game. Of course, as we've discussed over and over again, the FTC's mandate is much more limited and does not cover most of the aspects of net neutrality that are important. Furthermore, the FTC has neither the resources nor the expertise to really play in the telco market.

There's some more stuff in there, but those are the highlights. Congrats, US Telecom, you get your draft in-progress talking points out there. If you want critiques of your future talking points, feel free to cc: me again.
https://www.techdirt.com/articles/20...ompanies.shtml





Big Telecom Is Using Robocalls to Fight a Net Neutrality Bill in California

A group with financial ties to AT&T is sending automated messages claiming the law would raise cell phone bills.
Kaleigh Rogers

Big Telecom is once again trying to disrupt a net neutrality bill in California, this time by robocalling seniors to spread misinformation about the bill.

“Your Assembly member will be voting on a proposal by San Francisco politicians that could increase your cellphone bill by $30 a month and slow down your data,” says a voice on an automated call paid for by legal reform group the Civil Justice Association of California (CJAC). “We can't afford higher cell phone bills. We can't afford slower data. We can't afford Senate Bill 822.”

The call urges constituents to contact their state representative and ask them to vote no on the bill, which passed a senate committee last week and will be heard in the Assembly this week. It even provides an option to automatically connect to the recipients’ Assembly member. At the top of the call, it cites the non-profit Congress of California Seniors, leading many—including state senator Scott Wiener, the net neutrality bill’s author—to believe the calls are targeting senior citizens specifically.

“The industry has engaged in a massive misinformation campaign around this bill for months,” Wiener told me over the phone.

But the claim that cell phone bills will go up is not based on anything in the actual bill, which would simply restore the federal rules that telecom companies operated under from 2015 until the 2017 repeal, which only went into effect a few months ago. The bill enshrines the fundamentals of net neutrality, such as prohibiting ISPs from throttling or blocking sites, but also prohibits other telecom trickery, such as zero rating—a practice where companies provide access to certain parts of the internet for “free” and charge for others.

CJAC typically lobbies for legislation that will reduce the number of lawsuits filed against companies in the state, but it has recently been directing funds to oppose the net neutrality proposal. Its political arm—called FairPAC—has financial ties to AT&T, according to the Federal Election Commission. CJAC did not immediately respond to a request for comment.

CJAC’s robocalls ares not the only campaign spreading scary claims about soaring cell phone bills: ads on Facebook and Twitter, as well as physical flyers opposing the net neutrality bill and paid for by AT&T-backed advocacy group CALInnovates have been reported across California.

“The reality is that they’ve already lived under these rules under the 2015 Obama order and they did really well: they made huge profits, they weren’t laying off workers, they weren’t jacking up people’s bills,” Wiener said. “This is just all played-up misinformation.”
https://motherboard.vice.com/en_us/a...-in-california





California Passes Strongest Net Neutrality Law in the Country

It heads for the Governor’s desk next
Jacob Kastrenakes

California’s legislature has approved a bill being called the strongest net neutrality law in the US. The bill would ban internet providers from blocking and throttling legal content and prioritizing some sites and services over others. It would apply these restrictions to both home and mobile connections.

That would essentially restore the net neutrality rules enacted federally under former President Barack Obama, which were later repealed by the Federal Communications Commission under the watch and guidance of current chairman Ajit Pai. But this bill actually goes further than those rules with an outright ban on zero-rating — the practice of offering free data, potentially to the advantage of some companies over others — of specific apps. Zero-rating would, however, still be allowed as long as the free data applies to an entire category of apps. So an ISP could offer free data for all video streaming apps, but not just for Netflix.

And a BOOM on a Friday. #SB822, California's strong #netneutrality bill, passes the Senate 23-11 and is on to the governor for his signature. pic.twitter.com/Ga3GcQG6eg
— Ryan Singel (@rsingel) August 31, 2018

The bill was cleared with a final vote in the state Senate today, being approved 23-11. It passed in the State Assembly yesterday, after initially being approved in the Senate back in May. But the bill had changed in the ensuing months, so it needed to return to its chamber of origin today for final approval. The Electronic Frontier Foundation called the final legislation “a gold standard net neutrality bill.”

Now, the bill heads to the governor’s desk. California Gov. Jerry Brown hasn’t said whether he’ll sign the legislation, but it’s garnered the support of top state Democrats, including House Minority Leader Nancy Pelosi and Sen. Kamala Harris.

If it becomes law, internet providers are certain to sue. There’s already one clear obstacle: the FCC made a rule prohibiting states from creating net neutrality laws. That rule hasn’t been held up in court, and the last time the FCC tried to preempt state laws around broadband, it failed. But that’ll at least be one of the issues at play.

Several other states have taken action on net neutrality, but most have done so through executive orders or laws that skirt the FCC’s prohibition. California, on the other hand, is one of a small number of states tackling the issue head-on, which will certainly mean going to court.
https://www.theverge.com/2018/8/31/1...ality-law-vote





Internet Groups Urge U.S. Court to Reinstate 'Net Neutrality' Rules
David Shepardson

A coalition of trade groups representing companies including Alphabet Inc, Facebook Inc and Amazon.com Inc, urged a U.S. appeals court to reinstate landmark “net neutrality” rules adopted in 2015 to guarantee an open internet.
Commuters use their mobile phones as they ride a subway train in New York, U.S., August 1, 2018. REUTERS/Lucas Jackson

In a legal filing Monday, the Internet Association, Entertainment Software Association, Computer & Communications Industry Association, and Writers Guild of America West urged the reversal of the Trump administration decision to overturn the rules in December.

“Rules regulating the conduct of (internet providers) continue to be needed to protect and promote an open internet,” the groups wrote in a brief filed with the U.S. Court of Appeals for the District of Columbia.

Last week, 22 states and the District of Columbia, asked the same appeals court to reinstate the prior rules after the Federal Communications Commission voted 3-2 in December along party lines to reverse rules that barred internet service providers (ISPs) from blocking or throttling traffic or offering paid fast lanes, also known as paid prioritization.

The FCC handed sweeping new powers to internet providers to recast how Americans use the internet — as long as they disclose any changes. The new rules took effect in early June but major providers have made no changes in internet access.

The internet groups, which also represent Netflix Inc, Microsoft Corp, Twitter Inc, Uber Technologies Inc [UBER.UL] and many other tech firms, harshly criticized the FCC repeal and questioned its legal basis.

The brief calls the FCC’s decision “unreasoned and unreasonable” and says its “flawed analysis runs counter to the record and departs from the (FCC’s) previous factual findings without explanation.”

The groups also reject the FCC’s argument that enhanced transparency will allow market forces to ensure consumer access to an open internet.

“It is irrational to think that transparency regarding ISP practices alone can protect net neutrality for the millions of consumers who cannot switch providers; they must either accept their ISPs’ disclosed traffic management practices or go without internet access,” the internet groups wrote.

The internet groups also question the legal basis the FCC cites for imposing the new transparency requirements on providers after the commission said it had no legal basis to maintain net neutrality rules.

The states’ lawsuit also asked the appeals court to reverse the FCC’s effort to preempt states from imposing their own rules guaranteeing an open internet.

Several internet companies filed a separate challenge last week to overturn the FCC decision, including Mozilla Corp, Vimeo Inc, Etsy Inc, and numerous media and technology advocacy groups.

Others have told the court they plan to back the effort to reverse the net neutrality repeal, including New York City, eBay Inc and some members of Congress.

FCC Chairman Ajit Pai has repeatedly said he believes the rules will be upheld and will encourage additional investment by providers. The internet groups brief rejected the argument that the net neutrality rules had led to diminished investment.

The FCC did not immediately comment on the internet groups’ legal brief.

The net neutrality repeal was a win for internet service providers, like Comcast Corp, AT&T Inc and Verizon Communications Inc, whose practices faced significant government oversight and FCC investigations under the 2015 order.

The U.S. Senate voted in May to keep the Obama-era internet rules, but the measure is unlikely to be approved by the House of Representatives or the White House.

Reporting by David Shepardson; Editing by Michael Perry
https://www.reuters.com/article/us-u...-idUSKCN1LC1A8





FCC Funds Rural Broadband for More than 700,000 Homes and Businesses

The Connect America Fund is backing the project with almost $1.5 billion.
Kris Holt

As part of its efforts to make broadband more available in rural areas, the Federal Communications Commission announced that the Connect America Fund Phase II "reverse auction" will bring broadband service to more than 700,000 homes and businesses for the first time. More than half of those will have download speeds of 100Mbps or more, with 19 percent gaining access to gigabit downloads. All but a couple thousand locations will have access to download speeds of at least 25Mbps.

More than 100 winning bidders will build out infrastructure in 45 states over the next decade to connect the 713,176 homes and businesses, with the FCC providing a hair under $1.5 billion in funding following the auction (there was an initial reserve price of $5 billion). The bidding process gave weighted preference to providers that offered faster speeds, lower latency and higher data allowances, and the providers can use whichever technology they like to build out the required infrastructure as long as it meets the FCC's standards. Meanwhile, the FCC is set to launch a $4.5 billion Mobility Fund Phase II auction with the aim of expanding 4G LTE coverage in rural areas.
https://www.engadget.com/2018/08/28/...-america-fund/





Small-Town Ingenuity Is Making Gigabit Broadband a Reality
Matt Dunne

With all the headlines about the lack of broadband in rural America, you’d be forgiven for thinking that all small towns are stuck in the dark age of dial-up internet.

The untold story of rural broadband is that over the past seven years, independent broadband networks have proliferated. Today, some of the fastest, most affordable internet in the country can be found in communities like Oskaloosa, Iowa (population:11,500); Powell, Wyoming (6,400); Red Wing, Minnesota (16,500); and Springfield, Vermont (9,000). According to a 2016 Federal Communications Commission data release, more than 1,100 rural fiber broadband providers operate networks of various sizes in some of the most remote parts of America, and more than 230 of those providers offer symmetrical (both download and upload) gigabit speeds.

Rural broadband deployment isn’t easy, but the biggest barriers to better connectivity are not simply geographical. Twenty-one states currently have laws—largely manufactured by telecom industry lobbyists—that impede independent ISPs trying to deploy fiber. Wilson, North Carolina, for example, was one of the first municipalities to build out a network and show that fiber to the home was possible in a rural town. But in response, lobbyists forced through legislation to restrict municipal networks in North Carolina. The absurd result of this was that the Wilson fiber network has actually had to shutter service for some of its customers.

But despite small customer bases and razor-thin (or non-existent) margins, tenacious ISPs across the country are proving that especially when unencumbered by competition-stifling legislation, they can bring world-class internet to their communities.

Just how far and fast is rural gigabit-speed broadband being deployed? My organization, the Center on Rural Innovation, mapped it to learn more. Using the 2016 FCC data again, we found that more than 2,500 rural towns have access to fiber internet, representing more than 8.5 million rural Americans—a million more people than live in the Bay Area, including Silicon Valley. Of those, nearly 3 million have access to full symmetrical gigabit speeds. And though the gap between rural and non-rural fiber internet coverage is significant, it isn’t as overwhelming as many people think. More than 15 percent of rural Americans have access to fiber, compared with approximately 30 percent of people in suburban and urban areas.

Small-town broadband deployment requires collaboration and the blend of ingenuity, creativity, and force of will that's characteristic of rural entrepreneurs who have spent years innovating and problem-solving within the constraints of smaller economies. As a result, models for deployment are as varied as the communities themselves.

Some states, localities, universities, and companies have tapped Broadband Technology Opportunity Program grants, federal infrastructure funds designed to bring backbone connectivity to underserved areas. Many independent telephone companies have used federal universal service funds to build fiber to the most remote parts of their communities. Municipal electric companies, many of which were formed in the early 1900s to bring electricity to rural areas, make for ideal fiber-network operators because they do not have to fight phone companies to string fiber along their poles, aren’t beholden to shareholders, and can take a 50-year outlook on fiber investments. Small towns and rural counties have leveraged their ability to issue inexpensive bonds to build world-class infrastructure. And in some instances, successful businesses in small communities simply built their own ISPs so they could better grow and compete globally for talent.

Does much of rural America still have a broadband problem? You bet it does. And unfortunately, while many of the wireless solutions currently being deployed are better than nothing, they will not provide adequate speeds for long; all rural industries—even agriculture, forestry, and manufacturing—require faster and faster speeds to compete.

The $600 million allocation for rural broadband expansion in the recent omnibus spending bill helps, but our policymakers should accelerate high-speed internet deployment in every way possible. Congress should fund “dig once” processes that enable efficient construction of underground fiber during road construction projects, provide incentives for “climb once” processes that enable efficient fiber construction on private utility poles, and more generously fund construction of this kind of infrastructure just like it does for water and sewer capacity.

And if the 21 states with laws that restrict competition from independent ISPs want to pursue modern economic development strategies to bring greater prosperity to their small towns, it is imperative they overturn those laws and allow their communities to innovate with the full power of broadband.

World-class broadband will not magically create robust digital economy ecosystems in rural America overnight. But fiber internet is the foundation that allows towns to grow their technology sector through entrepreneurship programs, remote workforce cultivation, co-working centers, and STEM curricula in public schools.

With that foundation in place, small towns can finally realize the full promise of the internet by participating in rapidly advancing, data-intensive industries, from virtual reality to blockchain to gene sequencing. Film professionals can collaborate on uncompressed video files with zero latency, architects can ship massive digital files in an instant, and musicians can jam together across hundreds of miles as if in the same room. And without having to endure sky-high real estate prices and soul-crushing traffic jams, digital workers can live in inexpensive, beautiful downtowns with ready access to breathtaking recreation, tight-knit communities, and—thanks to local ISPs and municipalities—access to gigabit-speed broadband.
https://www.wired.com/story/opinion-...dband-success/





TorrentFreak is Blocked as a Pirate Site and Hacking Resource
Ernesto

Court-ordered pirate site blockades are pretty common nowadays. While not everyone sees these as the ideal solution for the problem at hand, they follow the letter of the law. More problematic are the private blocking efforts by various Wifi providers, which we are frequently the target of. Apparently, TorrentFreak is a pirate site too.

From Australia to Sweden, all around the world courts have ordered ISPs to block access to pirate sites.

This usually happens after a careful review by a judge, who weighs the arguments from copyright holders and Internet providers before a final decision is made. That’s a fair process.

However, these court-ordered blockades are only the tip of the iceberg. Much more common are private blocking efforts where local WiFi providers use broad blocklists to shield people from visiting dangerous sites, including the one you’re on now.

This problem is not new but the lack of improvement has become increasingly frustrating.

Earlier this month a reader informed us that he was unable to read our news while staying at a Premier Inn in Croydon. Apparently, the hotel’s Virgin WiFi network banned us for our “Criminal Skills/Hacking, News.”

Hackers

This is no temporary or local mistake. In recent months we’ve received several reports of similar Virgin WiFi blockades, including from our colleagues at ISPreview. They ran into the same TorrentFreak blockade while conducting a study of WiFi performance in UK hotels.

And it’s not just Virgin that’s doing the blocking here.

This week another reader alerted us that he was unable to access TorrentFreak on a GovWifi connection. This network is used by many government institutions and managed by the Government Digital Service.

Apparently, they, or their blocklist provider, has classified our news site in the “Piracy and Copyright infringement” category, and accessing it would be a violation of the acceptable use policy.

No access

These two recent examples are related to the UK, but these broad blocklists are used elsewhere too. We’ve seen our site blocked in US libraries and airports, Norwegian trains, and even in a Canadian McDonalds.

We have reached out to both Virgin and the Government Digital Service for a comment on the most recent examples. At the time of publication, we have yet to hear back. Perhaps our email is blocked too?

We hope they can eventually shed some light on their motivations. In the meantime, let’s hope our readers have learned enough from our “hacking skills” to know how to bypass these blocks….
https://torrentfreak.com/torrentfrea...source-180825/





Twitch Bans Djarii for Showing Pirated Logan Paul-KSI Stream—There’s Just One Problem

Djarii was in a fight of her own.
Josh Katzowitz

While about 800,000 people paid $10 to watch Logan Paul’s dissatisfying draw vs. KSI on YouTube, hundreds of thousands more viewed Saturday’s boxing match for free on Twitch.

With Twitch saying it was looking to crack down on those pirated streams, popular user Djarii got caught up in the maelstrom. On Saturday, Djarii said she was handed a 24-hour ban from Twitch because she had livestreamed KSI vs. Paul to her 300,000 subscribers.

The only problem: She wasn’t even watching the fight.

Not sure why I've suddenly been banned for copyright infringing???? @Twitch @twitchsupport never even rebroadcasted this match, I've been playing WoW all day? pic.twitter.com/O7XR89b4Kf

— djarii (@Djari328) August 26, 2018

As she later noted, Djarii had played Fortnite and World of Warcraft all day Saturday and she hadn’t “looked at anything from the KSI Logan Paul crap.” She also wrote, “So, in a nutshell, my account has a 24 hour suspension for allegedly infringing on the copyrights of @OP_Talent KSI vs Logan Paul. I didn’t re-stream ANYTHING even slightly relating to this but the monkeys working for them DMCA’d my account anyway.”

Dexerto pointed out that without access to her account, she also potentially faced the burden of not having the ability to “fulfill [her] sponsorship requirements” because she was physically incapable of livestreaming her gaming play.

Soon after, though, Djarii’s account was restored after she filed a counterclaim against OP Talent Management, which was helping run the KSI-Paul fight at the Manchester Arena in England. OP Talent Management then apologized in a tweet.

Apologies for the error on behalf of the content ID company working to protect our YouTube event. We aren’t personally issuing the take down notices from OP and had no insight into the error. I’m glad it is now resolved. Thanks.

— OP Talent Management (@OP_Talent) August 26, 2018

Luckily for Djarii—who recently revealed a trove of skeevy messages from a fan who asked to be unblocked from her Twitch account—the issue is now resolved, and she can continue forward with her gaming career.

“What a day of feelings huh?” she wrote on Twitter. “Had heaps of fun playing FORTNITE and WORLD OF WARCRAFT all day, reached 300k followers and 25k concurrent viewers from Twitch front page and then some clowns manage to get your in good standing @Twitch account banned for something I didn’t do.”

Unlike the KSI-Paul bout, Djarii was the clear winner of her own fight.
https://www.dailydot.com/upstream/tw...l-ksi-youtube/





How ‘Grand Theft Auto’ Is Changing the Way the World Experiences Music

In the five years since launch, GTA V and GTA Online gamers have listened to more than 75 billion minutes of music, according to Rockstar Games
Brian Crecente

For four days earlier this year the Black Madonna vanished, slipping away between sets at Coachella and an appearance at Guadalajara club Bar Americas. In the turmoil and chaos of a life packed with travel, Facebook posts and Instagram photos, one of the most influential and respected DJs currently on the scene managed a disappearing act amid a 150-show-a-year calendar.

Typically, the Black Madonna (born Marea Stamper) spends her nights performing at different clubs, bars, record shops, venues weaving provocative music as thick as shag carpeting from threads of acid house and disco to massive crowds of dancing club kids and aging ravers.

But for one show in April, she found herself sequestered in a Long Island studio surrounded by friends, family and superfans — playing what was arguably one of her most exclusive and most revealing live sets to date. Now that performance — which was recorded inside a Rockstar Games motion capture studio — is part of Grand Theft Auto Online as the latest addition to both its monstrous catalog of in-game songs and as a way for players to host their own nightclubs, complete with real DJs and their iconic music.

GTA V and its multiplayer GTA Online mode has already proven itself a thriving game and money maker for both developer Rockstar and publisher Take-Two — with sales approaching 100 million copies and bringing in more than $6 billion, now one of the most successful video games in history is also becoming something else, perhaps not too unexpectedly: A powerful tool for music discovery.

Rockstar as Tastemaker

Use of music has always been something video game makers Rockstar prides itself on. From the Billy Holiday, Ella Fitzgerald and Dinah Washington songs found in L.A. Noire, a detective action-adventure game, to the mix of 1970s rock in The Warriors game, music is one of the more important elements of pop culture that the developers use to help create memorable times and places for its titles. Nowhere is that more evident than in the long-running Grand Theft Auto series. While the franchise has always featured some sort of working, in-game radio stations, each new iteration expanded on the concept. By 2013 and the release of GTA V, the game’s 15 unique radio stations, packed with 240 fully licensed songs and pre-recorded on-air talent, had become nearly as important as the game itself.

While the game was record-breaking at release — earning $800 million in its first day and $1 billion in the first three — it is the game’s online mode that has allowed it to thrive beyond earlier expectations. And GTA Online continues to introduce new music in new ways as the game itself continues to push the sale of the half-decade old game.

In the five years since launch, GTA V and GTA Online gamers have listened to more than an estimated 75 billion minutes of music from the game’s 18 radio stations, according to Rockstar’s own analysis provided to Rolling Stone. Taking place inside the game’s bars and now in player-run clubs, the music is produced by its four well-known DJs, including the Black Madonna. And dance music, in particular, plays an important part of Rockstar Games’ own culture.

“Everyone in the company has a passion for music,” says Ivan Pavlovich, director of music at Rockstar Games. “We live this music. We go out all of the time. We’re constantly following people, watching, listing to sounds at clubs and places like Boiler Room.”

Pavlovich, who founded Chicago-based house music record label Guidance Recordings, was drawn to work in games specifically because of the obvious care Rockstar takes in crafting its soundtracks. He worked on two soundtracks for the developer before coming to work at Rockstar Games but notes that the work on GTA Online’s music is like nothing he’s done before.

The biggest effort to date, however, came with the release of a massive update to GTA Online called “After Hours.” The expansion adds to the already absurdly large, multi-faceted farcical recreation of life in Los Angeles, the ability to purchase your own nightclub, run it legitimately or as a front for organized crime and hire DJs to keep the place packed.

The free game addition came with renowned deep house DJ Solomun as a signed act. Over the course of four weeks, the game also added Tale of Us, Dixon and the Black Madonna. Instead of licensing a few songs from each, Rockstar decided to do something much deeper: They wanted to recreate the DJs themselves in the game, injecting not just their music, but their personalities into it the virtual world.

Getting a DJ to play your club usually kicks off with some sort of in-game mission. With Solomun, for instance, you have to follow his suddenly pilot-less jet as he tried to make an emergency landing in L.A.

“I think we always had this sense of collaboration with the DJs,” Pavlovich says. “We’re not just going to ask them to create a song. To take it up a notch in this pack, we invited all four of the DJs to motion capture. We invited all of their tech riders, invited friends, family, managers, fans from around the city. We literally threw a party in the mo-cap studio and captured it all.”

Pavlovich explains they went to great pains to not only provide the gear and fans for the private mo-cap sets, but also worked to replicate every little detail. So they brought in whatever a DJ drank, their entourage, their manager. And they motion-captured everyone and everything.

“We were trying to get their motion, their energy as a DJ,” he says. “We called them signature moves, the way they throw their hands up or dance a little bit — like Black Madonna does certain moves with the cross fader that are maybe different than Solomun. It was a way for us to capture their natural environment.”

Each of the DJs in the update made a pilgrimage to Rockstar in New York City and then out to Long Island and that motion capture studio where they performed music to an extremely select set of people. Pavlovich says the scheduling was incredibly tight, both because of the packed schedules of the musicians and the need for secrecy. Rockstar also did motion capture with each DJ for the missions that would occur around their appearance in the game. For instance, Black Madonna, suited up in a motion capture suit, got to punch a fake cop for her bit — a request she made of Rockstar before accepting the gig.

“I was obviously excited,” the Black Madonna says. “It was sort of an odd thing to think about.”

The capture sessions often went over the scheduled time as well, simply because the DJs and the people there to hear them perform didn’t want to stop after they got going.

“This full experience is the biggest we have ever done musically,” Pavlovich says. “Capturing this truly authentic experience of being in the club and feeling like you are in it. All of that attention to detail.”

Capturing the Black Madonna

“The offer came through my management, but of course I was very familiar with the game,” Marea “The Black Madonna” Stamper explains to Rolling Stone. “A copy of it for PS4 is sitting in front of me right now. My husband loves the game and I have played it over the years.”

Rockstar reached out to her management company about being put into the game, and Stamper decided she’d do it, but only if she could really be in the game. “I didn’t want to come in and have it be an image of me being random DJ number three.” Fortunately, Rockstar was looking to capture everything about Stamper.

On April 23rd of this year, Stamper flew from Coachella to New York City, quietly slipping into town without any notice or fanfare. She left on April 26th, heading to a gig in Guadalajara, Mexico.

“I spent two days in New York under extreme secrecy,” she reveals. “You kind of don’t want anyone to know you are there. Everything was super under lock and key.”

She spent one day at the facility doing motion capture and another in their SoHo offices capturing audio for her in-game lines. Once everything was completed, Rockstar sent her a build to playthrough, allowing Black Madonna to hire Black Madonna for her in-game club.

“I thought it was incredible,” she says of her 14-hour day of capture. The DJ set turned the facility into a nightclub, complete with low-lights and her favorite bourbon to drink on stage. “The motion capture experience is so different then when they actually skin the universe onto it. When you do motion capture it is skeletonized. So when you get into the cop car, the car is made out of this wireframe stuff. The cameras have to be able to see through it, to see you and everything has the motion capture dots on it. We even had little motion capture handcuffs that went around my hands.”

The Future Is Now

Giving GTA Online players another way to have fun in the game, this time by creating a sort of nightclub simulator, was an important part of the “After Hours” add-on. But it wasn’t the most important reason Rockstar went to so much effort.

“One of the things we always want to do is expose people to music,” Pavlovich explains. “Exposing people to dance music, jazz, dance hall, even when we’re doing soul stations [in GTA], we’re trying to expose people to songs they may not have heard already. We’ve always seen our job as curators of music for the experience of GTA.”

That music is important because it helps players connect more powerfully and emotionally to moments in the game, be they a scripted scene that plays out like a movie, or some bit of bone-headed goofiness a player gets up to on their own.

“Whether it’s Table Tennis or Red Dead Redemption, the experience is something that connects the gamer to those songs,” Pavlovich says. “It’s the same way you hear a song for the first at a high school dance or make out with some girl with music playing in the background. It forms a long-lasting connection with that music.”

That exposure in the game can also have a significant impact on the musicians.

“There is no question about it, this changed my fanbase within a month,” Stamper says. “People who love GTA and love the music — but don’t have clubs in their hometown. There are people who tell me, ‘You’re my favorite DJ, but I’ve never seen you DJ in person and now you’re a permanent resident in my club in GTA.’” Now those fans can go into a game and watch the Black Madonna perform “live” right in front of them.

“It’s a real democratization of clubland in a way I had not considered,” she says. “I just thought it would be fun to do this, to get in a motion-capture suit and punch someone without consequence. I wanted to be in it to make that music and be a part of that legacy of people who contributed to the soundtrack. But I was not prepared for or expecting that in a very, very real way people would be connecting in a completely real, heartfelt way with this experience of this. Honestly, it’s been very touching.”

These new connections have not come without some surreal moments for Stamper, however.

“I kept getting tagged on Instagram with flyers for events and I was like, ‘Wait, I’m not performing there.’ But it was people inviting their friends to clubs in GTA,” she explains. “The 17-year-old cyberpunk kid that still lives inside of me from the Nineties can’t wrap her head around that. That’s the word I imagined when I was a tiny raver drinking smart drinks and thinking about what the future was like.” And now it’s a reality — even if it only exists in a digital platform.
https://www.rollingstone.com/music/m...adonna-715665/





Movie Madness: Why Chinese Cinemas Are Empty But Full
Stephen McDonell

For a country which will soon assume the mantle of the world's largest cinema audience, China comes out with a surprising number of big budget B-grade flops.

Some blame this on censorship, others on a lack of creativity but there are also those who see a more sinister force at work, which has nothing to do with film-making.

It also has nothing to do with selling tickets: at least not real ones.

Some investors are apparently financially backing movies with the sole goal of boosting their stock price that can shift on the perception of a movie's performance, irrespective of its true popularity.

Chinese film critic and industry observer Raymond Zhou has been digging into the darker side of film financing in his country.

"When you have a hit film, your stock price will go up several times in terms of market valuation compared with the grosses from the box office so some 'financial genius', came up with this idea: Why don't I have fake box office numbers so that I can make much more money from the stock market?" he said.

I asked if it could really be true that producers were seeking to make money in ways that had nothing to do with putting bums on seats in theatres; nothing to do with making beautiful films?

"The natural way is to make a good movie and then your stock price will go up right?" he responded.

"But some people have reversed this equation. They have seen the rise of the stock price as the ultimate goal and have just used the making of the movie as an excuse."

Phantom tickets

So what is actually happening?

According to Chinese government investigators, certain production and investment companies have developed ways of faking box office results.

Then, if these publicly available figures appear to show that a film is doing well, people will buy shares in the companies which paid for the movie.

So a film might be on in the cinema and one of the companies which paid for it might buy out entire late night screenings. These will register as full houses when they are, in reality, entirely empty theatres.

Regulators have been catching onto this so producers have allegedly started just buying all the bad seats across many hours of screenings.

Yet the authorities have now worked out that if a showing is somewhat empty in the middle and for some reason all the seats around the walls have been purchased something must be amiss.

You might wonder, if box office manipulation has been a broad problem within the Chinese film industry, if it's still worthwhile financially.

How many hundreds of thousands of seats would a company need to buy to boost the figures enough to make a difference to its own stock price?

Well what if the cinema chain is also an investor? It can just sell itself the phantom tickets for free.

Cinema journalist John Papish is an expert in the Chinese box office and says considerable conflicts of interests in this country would be illegal in, say, the United States.

"An owner of an exhibitor can also distribute their own movies and use their cinemas as a launching pad," he said.

"They can manipulate the number of screenings in their own cinemas. Often times the third party ticketing apps also have their hands in the promotion of the films so they can push a film that they have an interest in; that they have invested in themselves."

So, in effect, a company - or connected companies - can distribute the film, have ownership of the theatres and then maybe also involve those selling the tickets. Even those apps rating the film could potentially have a financial stake.

'Cook the books'

Some films are also suspected of being used as a method of getting around China's laws designed to restrict capital flight.

This country has an annual international transfer limit per person of $50,000 (£38,921) without official clearance.

But you can "cook the books", according to Mr Zhou, if your movie is hiring international actors or even set and costume designers.

For example, in your budget, you might say you are paying a Hollywood star $10m but you're really only paying them $2m.

The other $8m you can transfer offshore without questions. And most importantly without the need to collect official Chinese receipts.

"Inside China we have this very strict invoice system," says Mr Zhou.

"Receipts can be checked and double checked using the super computers of the tax bureau. But once a lot of overseas talent or overseas service providers are involved then the system doesn't work and money can legally be moved off shore."

He thinks the authorities must be onto this and are likely to be looking at ways of closing the loophole.

This is not to say that China no longer has honest, committed filmmakers producing quality work.

The low budget drama "Dying to Survive", about a group of hapless criminals trying to smuggle cheap cancer drugs, has been described as showing what's best about this country's cinema, as well as being hugely popular.

Yet the Chinese government knows there is something rotten going on which needs to be cleaned up.

The National People's Congress has introduced fines for misreported box office figures ranging from $7000 to $74,000 and the authorities are allowing the Motion Picture Association of America to use an accounting firm to audit box office data here.

Communist Party anti-corruption investigators say they are now chasing a high-profile producer, who they've accused of fraud, claiming that he is currently on the run in the United States.

However there still seems to be no move to break up the vested interests in Chinese movie making, which many analysts believe will continue to pump out poor quality fare as long as there is money to be made - irrespective of how many actually people go to see the film.
https://www.bbc.com/news/blogs-china-blog-45318316





How Hollywood Is Racing to Catch Up With Netflix
Cynthia Littleton

The Netflix effect across the entertainment business has taken root in deep and meaningful ways this year. The turmoil caused by Netflix’s meteoric rise is all that media moguls could talk about last month during their annual conclave at the Allen & Co. conference in Sun Valley, Idaho.

“Just look at the state of our business,” one prominent CEO observed, with equal parts fear and wonder in his voice.

The direct-to-consumer streaming video business model refined by Netflix is the reason Disney and Comcast chased 21st Century Fox with such fervor. It was a big part of AT&T’s motivation for scooping up Time Warner. It marks the biggest shift in entertainment industry economics in decades, and it is an evolution largely driven by a company that has been in the original content business for barely six years.

Trying to play catch-up to Netflix, the largest U.S. media conglomerates are bent on reinventing part of their operations as a direct-to-consumer business model. The industry’s biggest content producers aim to tap into the efficiency of streaming video via the internet to build proprietary pipelines into America’s living rooms, laptops, tablets and smartphones.

“The modern media company must develop extensive direct-to-consumer relationships,” AT&T chairman-CEO Randall Stephenson told investors last month. “We think pure wholesale business models for media companies will be really tough to sustain over time.”

Traditional media conglomerates feel the urgency to act now out of fear that Amazon, Facebook, Apple and Google are also busy crafting global content platforms that will dwarf their operations. It’s no surprise that Disney — the world’s biggest media company — is leading the race among Hollywood’s old guard to catch up with Netflix, et al. Disney chairman-CEO Bob Iger calls the planned launch of a suite of DTC services “the biggest priority of the company during calendar [year] 2019.”

In a world awash in streaming video, Disney no longer needs to rely on Comcast and DirecTV and a host of international distributors to deliver its TV shows and (post-theatrical) movies. Netflix eliminated middleman distributors, slashed the monthly price (compared with cable) for a robust content package and made all of its content available 24/7 in a commercial-free, on-demand format.

But as with any historic shift, change won’t come easily — or cheaply. To build their own platforms, Disney, AT&T and others will have to invest billions of dollars in high-end content while at the same time forgoing much if not all of the traditional licensing revenue that they would have commanded by selling rights to third-party networks and distributors.

Moreover, the emphasis on launching attractive DTC alternatives will likely hasten the pace of cord cutting. That will only put more pressure on the billions of dollars the congloms take in annually in carriage fees from cable operators for channels that may no longer be first in line for the hottest properties coming from their parent studios.

In short, the evolution of the DTC marketplace for content will be costly, messy and risky. For starters, Disney will say goodbye to about $300 million in annual revenue it currently gets from Netflix for pay-TV rights to its theatrical releases, starting with its 2019 movie slate. Those movies — including “Captain Marvel,” “Dumbo,” “Toy Story 4,” “The Lion King,” “Frozen 2” and a new “Star Wars” installment — will now be key selling points for the new service Iger has referred to as “Disney Play.”

“All of the media companies will have to become more consumer-oriented,” says Jessica Reif Cohen, media analyst for Bank of America Merrill Lynch. “Five years ago, none of us thought people would watch as much as they do on their phones. Content consumption is going mobile, nonlinear and on-demand.

The media universe has never evolved this quickly — we haven’t seen this kind of change in the last 40 to 50 years. This has been the big concern in the market about media for the past three years.”

The industry’s traditional media companies have been experimenting with DTC options for the past few years. CBS surprised skeptics by making a go of its CBS All Access streaming service, which blends live feeds of CBS programming with original series including a new “Star Trek” entry, the “Good Wife” spinoff “The Good Fight” and a growing roster of other originals. CBS All Access won’t rival Netflix’s growth, but there’s enough demand to generate more than 2.5 million subscribers to date.

“From a business-model perspective it’s really the Holy Grail for us,” says Joe Ianniello, chief operating officer of CBS Corp. “The highest-margin consumers we have are CBS All Access subscribers. Consumers are demanding content on the go at the click of the button, and they’re willing to pay a fee for it.”

Hulu has evolved over the past decade from a catch-up service on the previous night’s TV shows to a consumer platform now coveted by Disney, which is poised to take majority control of Hulu through its $71.3 billion purchase of Fox assets.

Ted Sarandos, Netflix’s chief content officer, is neither surprised nor daunted that more major players are looking to elbow in on Netflix’s turf. “We knew that direct-to-consumer was a great model and that people would hold us to a high standard,” Sarandos says. “The pay-TV business has always been more of a B-to-B model. For us, our customers have always been our users. We have to keep them happy all of the time. The one-click cancel [option] makes us keep the value very high.”

Netflix’s leap into the top echelon of the entertainment industry in just a few years has left Hollywood in a state of near bedlam. While the major studios were fighting with cable operators over carriage fees and retransmission consent deals, a company with roots well outside the Hollywood mainstream was unleashing the biggest innovations in the television-viewing experience.

In the process, Netflix has also rewritten the rules of TV and movie dealmaking, talent paydays, TV scheduling, film release windows and marketing campaigns. It’s an extraordinary level of influence exerted on a mature industry dominated by long-established stalwarts.

Consumers have voted with their wallets, taking Netflix from 27 million U.S. subscribers in 2012 to 56 million as of June. Around the world, the number has grown to 130 million as of June. Netflix keeps every penny of the $8 to $14 monthly fee that “members” pay for access to the service. Disney and its ilk, on the other hand, receive a small slice of the much larger check written every month by traditional MVPD subscribers.

Banking on the power of the Disney brand halo, the media giant comes to battle armed with Marvel, Pixar, “Star Wars” and other gold-plated brands. But Disney also has a big problem that Netflix (so far) hasn’t faced: profit expectations from Wall Street.

Netflix has set sky-high industry records for content spending — a projected $12 billion-$13 billion in 2018 — at a time when it is still in building mode. Investors are more concerned about seeing gains in market share than in earnings per share. Disney doesn’t have that luxury. And yet it is embarking on the launch of Disney Play after it takes on considerable debt to acquire 21st Century Fox assets — companies and brands that it sees as more building blocks for other DTC businesses.

The stakes couldn’t be higher for Iger and his team. Disney has promised to find $2 billion in synergies within two years of the Fox acquisition closing, and it has vowed to chop down its debt load at the same time. Some question how Disney can pull off both of those things at the same time.

“The single worst thing Disney could do is launch a DTC product that consumers find underwhelming,” analyst Todd Juenger of Bernstein Research wrote this month. “We struggle to see how Disney can simultaneously make this [sustained] investment while also de-leveraging, even in a stable macro environment. We fear they will either underinvest in the DTC product, or fail to delever.”

The unchartered territory of Disney’s DTC ambition was underscored when analysts pressed the company on its most recent earnings call for details about how it would account for its spending on content for the new service (the answer: as a capital expense). Disney chief financial officer Christine McCar#thy was also asked how the company’s profit projections for theatrical films would change in the absence of the kind of traditional pay-TV output deal it had with Netflix for the past three years. (The answer: Disney plans to hold an investor conference specifically on the DTC business to address such questions.)

Wall Street speculation about Disney’s spending plan for DTC and lost revenue opportunities forced Iger to temper expectations about the studio’s blueprint for Disney Play. Disney has no intention of trying to match the tsunami of original TV shows and movies that Netflix is serving up. Nor will it try to pull other Disney- and Fox-owned movies and TV shows from existing SVOD and international licensing deals to funnel everything through the DTC platform. That would be logistically difficult and extremely costly. To wit, in September 2016, Disney struck a massive long-term TV rights deal for 10 “Star Wars” movies with Turner that runs through at least 2022. The timing of that deal indicates that Disney’s planning for a DTC service with “Star Wars” as a cornerstone brand has only recently come into focus for the company.

“We’re going to walk before we run as it relates to volume of content” for the DTC service, Iger told analysts on Aug. 7.

Disney is counting on the exclusivity factor of selected Marvel, “Star Wars,” Pixar and Disney-branded properties to drive interest in the service. Iger has acknowledged that the Disney Play price tag will be less than Netflix’s $8-$14 monthly fee — a reflection of the lighter content load. “We have the luxury of programming this product with programs from those brands or derived from those brands, which obviously creates a demand and gives us the ability to not necessarily be in the volume game, but to be in the quality game,” Iger said.

Juenger has estimated it will take 40 million subscribers paying $6 a month for Disney to break even on its DTC service. As he notes, Disney will have to shell out big bucks not only for programming and marketing costs but for infrastructure such as customer service and payment processing. There will undoubtedly be unforeseen costs on the technology side: Disney spent $2.6 billion to acquire a majority interest in digital streaming firm BAMtech to support its streaming plans.

AT&T faces a similar scenario as Disney after absorbing Time Warner for $85.4 billion (not counting the tens of millions of dollars spent fighting to save the deal in Washington). AT&T also has to weigh the impact of DTC services on the core channel-bundling business of DirecTV, the MVPD it bought for $48.5 billion just three years ago. As DirecTV’s subscriber base slowly but surely shrinks through cord cutting, the hope is that the expanded AT&T will leverage all of its customer relationships — from DirecTV and its international telco network — to entice its subscribers to try new services.

HBO is key to this plan. The premium channel moved into the DTC arena in 2015 with the launch of HBO Now, which marked the first time HBO was available to consumers without a traditional MVPD subscription. HBO Now has more than 5 million subscribers, compared with about 49 million for the linear versions of HBO and Cinemax combined. AT&T sees the HBO brand as a good consumer-marketing platform for a range of high-end services, even those that would not be branded HBO per se.

John Stankey, the newly appointed head of HBO parent WarnerMedia, has made it clear that AT&T has big plans in the space. HBO siblings Warner Bros. and Turner have launched a few niche streaming DTC offerings — notably The WB’s DC Universe (which launches in the fall) and the Turner Classic Movies-curated FilmStruck — but Stankey has grander ambitions. “There’s a number of different initiatives under way within the WarnerMedia companies, and they’re all good within their own right, but they all generate what I would consider to be relatively small-scale audiences,” Stankey told investors last month. “A company our size, we want to be generating audiences in the tens of millions, not in the single digits of millions.”

Stankey has also signaled his intent to rev up growth at HBO. The new WarnerMedia chief has been blunt in his internal conversations with HBO executives that the channel needs to drive more engagement with its subscribers.

“We need hours a day. It’s not hours a week, and it’s not hours a month. We need hours a day,” Stankey told HBO employees at a town hall meeting in June, according to a transcript of the private event published by website Recode. “You are competing with devices that sit in people’s hands that capture their attention every 15 minutes.”

Some have interpreted this as a sign that Stankey wants HBO to go more mainstream in its programming. The WarnerMedia chief has denied that there is any intention to radically change the mix of high-end programming at HBO. But there’s no question that AT&T wants to see the volume go up, and it’s willing to invest fresh cash in more programming. As Stankey said in the town hall, the challenge for HBO to compete in the new on-demand world is “how to expand the aperture of it without losing the quality.”

Meanwhile, Comcast is also looking at changes on the content side of the company at NBCUniversal and at the erosion of the old-fashioned bundle on the cable side of the business. That one-two punch puts Comcast under pressure to make some bold moves in the coming years, which explains the company’s dogged pursuit of the 21st Century Fox assets. Comcast is also vying with Fox and Disney to buy out a controlling interest in the European satellite operator Sky — a move focused on using Sky’s infrastructure to help create a global DTC content platform. Media analysts have pointed to AT&T’s experience with DirecTV as a warning sign of how hard it is to reconfigure an MVPD. DirecTV Now launched in late 2016 as a low-cost skinny bundle of channels available via streaming, without the need of a set-top box or satellite dish. It’s had modest growth so far, with an estimated 1.5 million subs, and has already seen a price hike of $5 from its initial $35-$70 monthly cost.

NBCUniversal is known to be developing some internal DTC offerings. It experimented in 2016 and 2017 with a subscription offering, at $4 a month, dubbed Seeso that corralled “Saturday Night Live,” “The Tonight Show Starring Jimmy Fallon” and other NBCU comedy properties as well as acquired and original series. But uptake from subscribers was lackluster. Seeso was shuttered late last summer.

More recently, there have been rumblings about NBCU developing a streaming service that would offer viewers a kind of points system for watching episodes of NBCU TV shows with some advertising included.

“Our future is selling wherever consumers are,” NBCUniversal CEO Steve Burke said last month on Comcast’s earnings call. “We’re trying to position our company to make sure that all those avenues are open and that we intelligently look at those avenues and maximize the profitability of our video business.”

NBCUniversal’s experience with Seeso is a cautionary tale that programming an on-demand outlet is very different from selling linear channels on a wholesale basis to MVPDs. The importance of offering users the ability to custom-tailor their viewing experience is vital.

Hulu has been an important training ground for its parent companies: Disney, Comcast, 21st Century Fox and Time Warner.

The streaming service launched in early 2008 as an outlet for ad-supported streaming of programming from its parent companies, which at the outset were Fox and NBCUniversal (prior to NBCU’s acquisition by Comcast). Hulu has been a source of friction at times among its partners as they pursued different approaches to streaming. The company was put up for sale in 2013, but when offers from Yahoo and others were underwhelming, the owners opted to invest a collective $750 million to help it grow with original and acquired programming.

For now, Hulu has a unique position in the marketplace as a purveyor of original series — it hit big in 2017 with “The Handmaid’s Tale” — and as a fledgling provider of a skinny bundle of cable channels. The service has been growing fast, rising to 20 million subscribers as of May, up from 17 million at the end of last year. (It’s not clear how many of those subscribers pay for the $40 skinny bundle, which includes access to Hulu’s library and original series). Unlike Netflix and Amazon, Hulu also offers users the option of watching with commercials, for $8 a month, or without for $12 a month.

Disney will own a 60% stake in Hulu through its acquisition of Fox’s 30% interest. Hulu is expected to become another DTC avenue for Disney, providing an established foundation for a service focused on more adult-themed programming. This is where Fox’s FX Networks, Fox Searchlight and 20th Century Fox production operation will come into play for Disney.

The biggest lesson from Hulu’s decade of operations is the imperative to focus on the way it relates to customers. “Anything that truly connects the viewer to Hulu is a good experience,” says Hulu CEO Randy Freer. “If I’m commuting and I watch part of an episode on my phone and then I get home and finish it on my TV and [Hulu] knows where it should pick up — that’s a good experience. If the content recommendations are right for me, that’s a good experience. It always comes back to things that are driven by giving the customer more choice and more options.”

Netflix’s Sarandos counts himself among the many in the industry who are bowled over at times by the pace of change in the biz and Netflix’s role in moving it forward.

“The evolution of television has taken a very long time,” he says. “It’s a very exciting time in the business. All of these changes at all of these media companies are phenomenal to watch, as a competitor and as a fan of the product.”
https://variety.com/2018/digital/fea...tt-1202910463/





How Teens and Parents Navigate Screen Time and Device Distractions

54% of U.S. teens say they spend too much time on their cellphones, and two-thirds of parents express concern over their teen's screen time. But parents face their own challenges of device-related distraction
Jingjing Jiang

Parents and teens report varying levels of attachment, distraction due to their cellphonesAmid roiling debates about the impact of screen time on teenagers, roughly half of those ages 13 to 17 are themselves worried they spend too much time on their cellphones. Some 52% of U.S. teens report taking steps to cut back on their mobile phone use, and similar shares have tried to limit their use of social media (57%) or video games (58%), a new Pew Research Center survey finds.

Teens’ sometimes hyperconnected relationship with their devices is also evident in other findings from the Center. Fully 72% of teens say they often or sometimes check for messages or notifications as soon as they wake up, while roughly four-in-ten say they feel anxious when they do not have their cellphone with them. Overall, 56% of teens associate the absence of their cellphone with at least one of these three emotions: loneliness, being upset or feeling anxious. Additionally, girls are more likely than boys to feel anxious or lonely without their cellphone.

Parents, too, are anxious about the effects of screen time on their children, a separate survey shows. Roughly two-thirds of parents say they are concerned about their teen spending too much time in front of screens, and 57% report setting screen time restrictions for their teen in one way or another.

At the same time, some parents of teens admit they also struggle with the allure of screens: 36% say they themselves spend too much time on their cellphone. And 51% of teens say they often or sometimes find their parent or caregiver to be distracted by their own cellphone when they are trying to have a conversation with them.

Additionally, 15% of parents say they often lose focus at work because they are distracted by their phone. That is nearly double the share of teens (8%) who say they often lose focus in school due to their own cellphones.

These are some of the main findings from the Center’s survey of 743 U.S. teens and 1,058 U.S. parents of teens conducted March 7-April 10, 2018. Throughout the report, “teens” refers to those ages 13 to 17, and “parents” refers to parents of at least one child ages 13 to 17.

Teens express mixed views about whether they spend too much time in front of screens, but half or more have cut back on the time they spend using various technologies

Teen life is suffused with technology. The vast majority of teens in the United States have access to a smartphone, and 45% are online on a near constant basis. The ubiquity of social media and cellphones and other devices in teens’ lives has fueled heated discussions over the effects of excessive screen time and parents’ role in limiting teens’ screen exposure. In recent months, many major technology companies, including Google and Apple, have announced new products aimed at helping adults and teens monitor and manage their online usage.

As they look at their own lives and those of their peers, most teens see things that worry them. Roughly nine-in-ten teens view spending too much time online as a problem facing people their age, including 60% who say it is a major problem.

When it comes to evaluating their own online habits, teens express mixed views about whether or not they themselves spend too much time on various screens. Roughly half (54%) believe they spend too much time on their cellphone, while 41% say they spend too much time on social media. By contrast, only around one-quarter (26%) believe they spend too much time playing video games – comparable to the share (22%) who say they spend too little time gaming. Meanwhile, roughly four-in-ten teens say they spend about the right amount of time on social media or gaming.

Despite these varying views about screen time, roughly half or more teens say they have tried to limit the amount of time they spend on each technology. Some 52% have ever cut back on the time they spend on their cellphone, while 57% have limited their time spent on social media and 58% have cut back on their time playing video games.

Teens hold mixed opinions about whether they spend too much time in front of screens …Interestingly, there is little association between teens’ views of how much time they spend on various screens and whether or not they have tried to limit their time on those devices. For instance, 53% of teens who say they spend too much time on their cellphone have ever cut back the amount of time they spend on their phone. That is nearly identical to the 55% of teens who say they spend about the right amount or too little time on their phone who have tried to limit their mobile usage.

Boys and girls have differing perceptions of the amount of time they spend using various technologies. Girls are somewhat more likely than boys to say they spend too much time on social media (47% vs. 35%). By contrast, boys are roughly four times as likely to say they spend too much time playing video games (41% of boys and 11% of girls say this).1 There are no notable statistically significant differences by race and ethnicity or household income.

A majority of teens check their phones for messages or notifications as soon as they wake up, with 44% saying they often do this

44% of teens often check their phone as soon as they wake upCellphones are deeply embedded in the everyday experiences of most U.S. teens. Most notably, 72% of teens say they at least sometimes check for messages or notifications as soon as they wake up (with 44% saying they often do this). And 57% feel they often or sometimes have to respond to messages from other people immediately. Meanwhile, 31% of teens say they lose focus in class because they are checking their cellphone – though just 8% say this often happens to them, and 38% say it never does.

Teens across a range of demographic groups respond in similar ways to these questions about their cellphone use. However, teens ages 15 to 17 are particularly likely to say they check for messages as soon as they wake up – 49% say they often do this, compared with 37% of teens ages 13 to 14.

Teens encounter a range of emotions when they do not have their cellphones, but anxiety tops the list

Girls are more likely than boys to feel anxious or lonely without their phoneThe survey asked about five different emotions teens might feel when they do not have their cellphones, and “anxious” (mentioned by 42% of teens) is the one cited by the largest share. Around one-quarter say they feel lonely (25%) or upset (24%) in these instances. In total, 56% associate the absence of their cellphone with at least one of these negative emotions. Even so, 17% each say they feel relieved or happy when their cellphone is not around. And 28% say none of these words describe their feelings when they are without their phones.

Girls are more likely than boys to express feelings of anxiety (by a 49% to 35% margin) and loneliness (by a 32% to 20% margin) when they do not have their phone with them. Meanwhile, boys are somewhat more likely to say they feel none of these particular emotions when they are without their cellphone (33% vs. 23%).

Device distractions and concerns about screen time occur among parents and teens alike

A little over half of parents are happy with the time they spend on cellphone or social mediaAlong with asking teens about their views of screen time and distractions due to the technologies in their lives, the Center also fielded a separate survey in which parents of teenagers shared their views about a subset of these issues. At a broad level, this survey finds that parents are somewhat less concerned about their own technology use than teens are about theirs. Around one-third of parents (36%) say they spend too much time on their cellphone, and 23% say the same about their social media use. Slightly more than half of parents (55% in each case) believe they spend the right amount of time on their cellphone or on social media.2 For the most part, parents of different genders, races and ethnicities, and income levels report similar levels of concerns about their own technology use.

About seven-in-ten parents say their teen is distracted by their cellphone during conversations at least sometimes; half of teens say the same of their parents

When asked to reflect on their teen’s cellphone use, a majority of parents (72%) feel their teen is at least sometimes distracted by their cellphone when they are trying to have a conversation with them. Indeed, 30% of parents say their teen often does this. At the same time, this sense of distraction caused by cellphones is not an entirely teen-specific phenomenon. When asked this question about their parent’s behavior, half of teens say their parent is distracted by their own phone at least sometimes during conversations between them (51%), with 14% of teens reporting that their parent is often distracted in this way.

Compared with teens, parents are less likely to check their phones as soon as they wake up – but are more likely to report distractions away from home

Around six-in-ten parents regularly feel obligated to immediately respond to messages on their cellphoneWhen responding to questions related to their cellphone use, parents and teens diverge in some ways but not in others. Teens are much more likely than parents to say they often check their cellphone for messages or notifications as soon as they wake up (44% vs. 26%). But similar shares of parents and teens often feel as if they have to respond to others’ messages immediately (18% of teens and 20% of parents say this). And parents are actually more likely than teens to report out-of-home distractions due to their cellphone. Some 15% of parents say they often lose focus at work because they are checking their cellphone – double the share of teens (8%) who say they often lose focus in class for that reason.

Roughly two-thirds of parents are concerned their teen spends too much time in front of screens; a slightly smaller share limits how often their teen can be online or on their phone

What parents are saying about their teen's screen timeWhile teens’ opinions about whether they spend too much time on technologies vary, parents largely agree that too much screen time for their teen is an area of concern. Overall, around two-thirds of parents (65%) say they worry to some extent about their teen spending too much time in front of screens, with one-third saying this worries them a lot. Additionally, more than half of parents (57%) say they limit when or how long their teen can go online or use their cellphone, including about a quarter who say they often do this. Using a somewhat different question wording, a 2014-2015 Pew Research Center survey of parents found that a similar share of parents said they ever set screen time restrictions for their teen.

Parents across numerous demographic groups report similar levels of concern over their teen’s screen time, but certain subgroups are more likely than others to say they put screen time limits on their teen. Most notably, parents of teens ages 13 to 14 are significantly more likely to set screen time restrictions than parents of teens ages 15 to 17. Fully 71% of parents of younger teens regularly do this, compared with 47% of parents of older teens. This finding is also consistent with the Center’s previous survey of parents and teens. In addition, moms of teens are more likely than dads to say they often or sometimes limit how long or when their kids can go online or use their cellphone (62% vs. 51%).

On the other hand, parents of boys and girls are equally concerned about their teen spending too much time in front of a screen, and parents are also about equally likely to set screen time limit for boys and girls.

Interestingly, parents who express heightened worries about their teen’s screen exposure are more likely to say they set screen time restrictions than those who do not. Some 63% of parents who worry a lot or some about their teen’s screen time say they at least sometimes set limits on that behavior, but that share falls to 47% among parents who worry not too much or not at all.

Not only do the majority of parents take actions to limit their teen’s screen time, but most parents are at least somewhat confident that they know how much screen time is appropriate for their child (86%). This pattern holds true across multiple demographic groups such as gender, race and ethnicity, and educational attainment. In fact, four-in-ten parents are very confident about the right amount of screen time for their teen.
http://www.pewinternet.org/2018/08/2...-distractions/





What Do Happy Teens Do? Hint: It Doesn't Involve their Phones.

Teens are less happy and less satisfied with their lives than they were just 5 years ago. The question is: Why?
Jean M Twenge Ph.D.

In a recent paper and in my book, iGen, we tried to answer this question using two types of evidence. First, we examined the time sequence of cultural changes over that same time (primarily 2011-2015), finding that teens’ well-being dropped suddenly around the time smartphones became common (2011-2012). Second, we examined correlations between teens’ time use and happiness. We focused on activities that varied in popularity over time and could be easily categorized as screen vs. non-screen. For example, iGen teens (those born after 1995) spend less time with their friends in person and attending religious services, and more time online. Within this list of activities, we found every screen activity was correlated with less happiness, and every non-screen activity was correlated with more happiness.

But that left unanswered another interesting question: What are the correlations between happiness and activities that were fairly constant over the years, or that couldn’t be clearly categorized as screen activities or non-screen activities? It might be interesting to take a more comprehensive look at teen activities and happiness. [NOTE: The following is not meant to be a test of hypotheses; it speculates post-hoc about why some activities correlate with happiness and some do not].

Here are the results from the nationally representative Monitoring the Future survey 2013-2016 for 8th and 10th graders’ self-reported happiness and controlled for race, sex, mother’s education, and grade level. This list, more comprehensive than what we examined in the paper, is categorized into activities that teens usually do on their phones (red bars) and those they usually do without their phones (green bars). This is a little different from screen vs. non-screen activities, but there’s a good amount of overlap. (The categorizations also aren't precise by any means -- for example, "leisure time alone" doesn't necessarily involve phones or devices, but for iGen it often does, and "print media" such as magazines are sometimes read on phones).

The pattern is again clear: Nearly all phone activities are linked to less happiness, and nearly all non-phone activities are linked to more happiness. There are two exceptions, both correlations |.01| or under: TV (sometimes non-phone, sometimes phone) is linked to slightly less happiness, and working at a paid job (usually non-phone) does not correlate with happiness (r = .00). An activity not involving phones but that involves screens, video arcades, correlates .03 with happiness (though I’m not sure most teens even know what a video arcade is anymore, and going to an arcade is usually a social activity).

Take a look at the bottom of the chart: Listening to music shows the strongest correlation with unhappiness. That may seem strange at first, but consider how most teens listen to music these days: On their phones, with earbuds firmly in place. Although listening to music is not screen time per se, it is a phone activity for the vast majority of teens. Teens who spend hours listening to music are often shutting out the world, effectively isolating themselves in a cocoon of sound.

If you’re not iGen, you might still think of “listening to music” as playing the radio in the car, listening to CDs with friends, or showing off your stereo to your crush. But it’s not 1977 (or even 1997) anymore, and listening to music no longer means inviting your friends over to listen to the new Eagles LP or Nirvana CD. Instead, it often means a teen who has shut himself in his room or used her earbuds as an armor against social interaction. Earbuds are by far the most effective technique to nonverbally communicate the message “Do not try to talk to me.”

The strongest correlation with happiness is sleep – teens who say they get more than 7 hours of sleep more nights are happier. This makes sense, of course: Sleep deprivation is a major risk factor for both physical and mental health issues. Unfortunately, today's teens sleep less than teens once did, possibly due to spending more time on their phones and other devices.

There’s another way to look at this chart – with the exception of sleep, activities that usually involve being with other people are the most strongly correlated with happiness, and those that involve being alone are the most strongly correlated with unhappiness. That might be why listening to music, which most teens do alone, is linked to unhappiness, while going to music concerts, which is done with other people, is linked to happiness. It’s not the music that’s linked to unhappiness; it’s the way it’s enjoyed. There are a few gray areas here. Talking on a cell phone and using video chat are linked to less happiness – perhaps because talking on the phone, although social connection, is not as satisfying as actually being with others, or because they are a phone activities even though they are not, strictly speaking, screen time. Working, usually done with others, is a wash, perhaps because most of the jobs teens have are not particularly fulfilling.

Because this analysis is correlational, we can’t tell if these activities cause happiness, happiness causes teens to engage in these activities more, or if the same type of teens do both. The demographic controls partially address the third possibility. Other studies using longitudinal and experimental designs suggest that some, and perhaps most, of the causation goes from phone activities (social media time, online time) to unhappiness, rather than unhappiness leading to social media or online time. These studies look at the same people over time or randomly assign people to conditions, helping to rule out third variables.

This more comprehensive list of activities and their links to happiness provides more nuanced results than the shorter list, but the basic conclusion is still the same: Activities that involve being with others face-to-face (social interaction, religious services, volunteer work, and even going to movies) are linked to more happiness, and those that involve being alone or on your phone (social media, internet, listening to music, being alone) are linked to less happiness. In other words: If you’re looking for happiness, spend more time with people and less time with your phone.
https://www.psychologytoday.com/us/b...happy-teens-do





Logged Off: Meet the Teens Who Refuse to Use Social Media

Generation Z has grown up online – so why are a surprising number suddenly turning their backs on Instagram, Facebook and Snapchat?
Sirin Kale

For 17-year-old Mary Amanuel, from London, it happened in Tesco. “We were in year 7,” she remembers, “and my friend had made an Instagram account. As we were buying stuff, she was counting the amounts of likes she’d got on a post. ‘Oooh, 40 likes. 42 likes.’ I just thought: ‘This is ridiculous.’”

Isabelle, an 18-year-old student from Bedfordshire who doesn’t want to disclose her surname, turned against social media when her classmates became zombified. “Everyone switched off from conversation. It became: ‘Can I have your number to text you?’ Something got lost in terms of speaking face to face. And I thought: ‘I don’t really want to be swept up in that.’” For 15-year-old Emily Sharp, from Staines in Surrey, watching bullying online was the final straw. “It wasn’t nice. That deterred me from using it.”

It is widely believed that young people are hopelessly devoted to social media. Teenagers, according to this stereotype, tweet, gram, Snap and scroll. But for every young person hunched over a screen, there are others for whom social media no longer holds such an allure. These teens are turning their backs on the technology – and there are more of them than you might think.

While many of us have been engrossed in the Instagram lives of our co-workers and peers, a backlash among young people has been quietly boiling. One 2017 survey of British schoolchildren found that 63% would be happy if social media had never been invented. Another survey of 9,000 internet users from the research firm Ampere Analysis found that people aged 18-24 had significantly changed their attitudes towards social media in the past two years. Whereas 66% of this demographic agreed with the statement “social media is important to me” in 2016, only 57% make this claim in 2018. As young people increasingly reject social media, older generations increasingly embrace it: among the 45-plus age bracket, the proportion who value social media has increased from 23% to 28% in the past year, according to Ampere’s data.

This is part of a wider trend. According to a study by US marketing firm Hill Holliday of Generation Z – people born after 1995 – half of those surveyed stated they had quit or were considering quitting at least one social media platform. When it comes to Gen Z’s relationship to social media, “significant cracks are beginning to show”, says the firm’s Lesley Bielby.

She believes we will definitely see an increase in younger people quitting or substantially reducing their use. “And as younger Gen Zers notice this behaviour among their older siblings and friends, they too will start to dial down their use of social media.”

As the first generation to grow up online, Gen Z never had to learn social media, or at least not exactly. They glided through every iteration: Facebook (2004), Twitter (2006), Instagram (2010) Snapchat (2011) in real time, effortlessly adopting each one. But a life lived in pixels from your earliest age is no easy thing.

“You start doing things that are dishonest,” says Amanuel, who quit social media aged 16. “Like Instagram: I was presenting this dishonest version of myself, on a platform where most people were presenting dishonest versions of themselves.”

Like Amanuel, Jeremiah Johnson, 18, from Luton, grew weary of the pressures of sustaining an online persona. “It’s a competition for who can appear the happiest,” he says. “And if you’re not happy and want to vent about it on social media, you’re attention-seeking.”

After being “bugged” by his friends to get Instagram (he had stopped using Facebook aged 16), Johnson joined. He lasted six months. “If you’re having a bad day and scrolling through it, you’re constantly bombarded with pictures of people going to parties. Even if that’s not an accurate portrayal of their lives, that’s what you see. So I stopped using it. It became depressing. It was this competition of who’s the happiest.” He pauses. “Participating in that is not something I’m interested in.”

Hyper-connected teens have been faced with a surfeit of clicks, retweets and likes – and the dopamine rush of online validation – since the neural pathways in their brains were formed.

“They’re becoming overwhelmed with the responsibility of maintaining their social sites and with upholding the somewhat inflated persona many have created on these sites, where they are constantly seeking approval via the amount of likes they get for any given post,” Bielby says.

“The people who are the most honest about themselves do not play the game of Instagram,” Amanuel says. “The game of Instagram is who can maximise their likes by being the most risque, outrageous or conformist as possible. I didn’t want to play that game.”
At school, social media can be a brutal barometer of popularity. “If you meet someone new and they ask for your Instagram and you only have 80 followers,” says Sharp, “they’re going to think: ‘You’re not that popular’, but if you have 2,000 followers they’re going to be like: ‘You’re the most popular person in school.’” Sharp quit social media at 13. “I’d rather not know what other people think of me.”

A desire to build authentic, offline friendships motivated some to quit. “I’m so much better at real-life socialising now,” says Amanuel. “Not just those people you accept on a friend request who are friends of a friend.”

For Tyreke Morgan, 18, from Bristol, being a hard man to get hold of – he has no social media presence at all – has its advantages. “Everyone goes through other people to find me,” Morgan laughs, “and when I hear that they’re been trying to get hold of me I say: ‘Great!’ Why would I need 500 flakey friends?”

But when you are from a digitally native generation, quitting social media can feel like joining a monastery. Amanuel was recently asked by co-workers if she had Snapchat. “I said no,” Amanuel remembers, “and I instantly heard, like, gasps. It was like I’d revealed something disgusting.” She explained that she did have a Snapchat handle, but never used it. “Relief came out of their eyes! It was really weird.”

Teenagers not ready to quit entirely are stepping back for a while. Dr Amanda Lenhart, who researches young people’s online lives, conducted a survey of US teenagers, asking them about taking time off social media. “We found that 58% of teenagers said they had taken at least one break from at least one social media platform. The most common reason? It was getting in the way of schoolwork or jobs, with more than a third of respondents citing this as their primary reason for leaving social media. Other reasons included feeling tired of the conflict or drama they could see unfolding among their peer group online, and feeling oppressed too by the constant firehose of information.”

Bielby agrees that young people are becoming more aware of the amount of time they waste online. Of the young people Hill Holliday surveyed who had quit or considered quitting social media, 44% did so, she says, in order to “use time in more valuable ways”.

“I don’t know how people doing their A-levels or GCSEs have the time for it,” says Isabelle. “They’re constantly studying, but their only distraction is social media.” Rather than get sucked into a “mindless vortex of never-ending scrolling,” as she puts it, when Isabelle isn’t studying she prefers to be outdoors.

The fact that Gen Z have had their every move documented online since before they could walk, talk, or even control their bowels helps explain their antipathy to social media: it makes sense for them to strive for privacy, as soon as they reach the age when they have a choice over their online image.

“I’ve seen parents post pictures of their child’s first potty online,” says Amy Binns of the University of Central Lancashire. “You think: ‘Why are you doing this to your child? They wouldn’t want this to be public.”

Gen Z has an interest in privacy that subtly sets them apart. “Young people want to get away from the curtain-twitching village, where everyone knows everything about you,” Binns says. So while today’s teens spend a lot of time online, they don’t actually share that much personal information. And when they do share, it’s strategic. “You’re painting a picture of who you are and your image,” says Binns. “It’s your own shop window or brand.”

“Framing a picture and posting it on there is not a five-minute thing,” says Amanuel, explaining that any post will be well-thought-out in order to project a certain image and maximise likes. “It takes hours of deliberation.”

“When social media started, we didn’t really know what it was going to mean,” says Binns. “Young people are more aware of the value of privacy than we were 10 years ago.”

Amanuel says that the Cambridge Analytica story, with its exposure of widespread data harvesting, helped prompt her to get off social media, and many more young people seem to be turning against Facebook; on Tuesday, it was reported that the number of Facebook users aged 18 to 24 in Britain is expected to fall 1.8% this year.

Some of the teens I spoke to were concerned about how technologies such as Snap Map – a Snapchat feature that tracks your friends geographically, in real time – were spreading through their schools, and mistrustful of the privacy consequences of being surveilled by your followers wherever you go. “Snap Map is this big thing with a lot of my friends, but there is a sense of privacy that is being breached as well,” Isabelle says.

Teenagers are also educated about the ramifications of an offensive tweet, or explicit picture, as well as the health consequences of too much screen time. “Young people are being taught in schools about sharing nudes and how tweets can travel around. They’ve seen the horror stories,” says Binns.

Isabelle agrees. “Constant screen time damages your ability to see, and it also causes internal damage, such as anxiety.” Studies have shown that social media use can negatively affect mental wellbeing, and adolescents are particularly susceptible: one nationally representative survey of US 13- to 18-year-olds linked heavier social media use to depression and suicide, particularly in girls. And 41% of the Gen Z teens surveyed by Hill Holliday reported that social media made them feel anxious, sad or depressed.

But quitting social media can create new anxieties. “Our research shows that the biggest fear of quitting or pausing social media is missing out,” Bielby says. Some are more sanguine than others. “Do I miss out on stuff?” Morgan asks. “Yeah, of course. People find it hard to keep in contact with me. They say: ‘It would be easier if you had this or that.’ But I don’t think it’s that hard to type in my number and send a text. You’re just not willing to do it.”

Others struggle with the fear of missing out. “It’s like everyone in your friend group has gone to a party without telling you,” Johnson says. At times, he questions himself. “I second-guess myself a lot. There are some days I’m really convinced I want to reinstall it, not for myself, but because I want to appear normal.”

Still, refuseniks such as Johnson may not be outliers for ever. In a world in which everyone is online, renouncing social media is a renegade, countercultural move: as quietly punk as shaving your head or fastening your clothes with safety-pins. Morgan has become a svengali for classmates wanting to escape. “My friends come to me and say: ‘Tyreke, I don’t have social media any more,’ and I go: ‘Why? I thought that’s what you guys do.’ And they say: ‘Thanks to you, because of the things you said and the stuff you’re doing.’ It’s quite cool.”

Quitting social media is a determined move: apps including Facebook and Instagram are designed to be addictive. “Social media is so ingrained in teenage culture that it’s hard to take it out. But when you do, it’s such a relief,” Amanuel says. She has received a lot of “admiration” from her peers for quitting. “They wish they were able to log off. People feel like social media is a part of them and their identities as teenagers and something you need to do,” she says. “But I’m no less of a teenager because I don’t use it.”
https://www.theguardian.com/society/...t-social-media





Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands
Catalin Cimpanu

Millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands, a team of security researchers has discovered.

AT (ATtention) commands, or the Hayes command set, is a collection of short-string commands developed in the early 1980s that were designed to be transmitted via phone lines and control modems. Different AT command strings can be merged together to tell a modem to dial, hang up, or change connection parameters.

Unknown to the common user is that modern smartphones include a basic modem component inside them, which allows the smartphone to connect to the Internet via its telephony function, and more.

While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.

Researchers analyze thousands of Android firmware images

In massive and groundbreaking research, a team of eleven scientists from the University of Florida, Stony Brook University, and Samsung Research America, have looked into what types of AT commands are currently supported on modern Android devices.

The research team analyzed over 2,000 Android firmware images from eleven Android OEMs such as ASUS, Google, HTC, Huawei, Lenovo, LG, LineageOS, Motorola, Samsung, Sony, and ZTE.

They say they discovered that these devices support over 3,500 different types of AT commands, some of which grant access to very dangerous functions.

Some phones expose AT commands via their USB interface

These AT commands are all exposed via the phone's USB interface, meaning an attacker would have to either gain access to a user's device, or hide a malicious component inside USB docks, chargers, or charging stations.

Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.

In the happiest cases, these AT commands are only available only when the phone's USB debugging function has been enabled, but researchers said they found many devices where attackers had direct access to AT commands, even if the phone had entered a locked state.

"In many cases, these commands are completely undocumented," said Kevin Butler, an associate professor in the University of Florida Herbert Wertheim College of Engineering and a member of the research team, revealing that an OEM's documentation doesn't even mention their presence.

The two videos below provide a simple explanation for AT-based attacks, but also a demo attack against an LG smartphone found to expose many internal phone functions via AT commands.

The biggest danger, as shown in the videos above, is an attacker's ability to mimic touchscreen taps, allowing an intruder to take full control over a device and install malicious apps for further surveillance.

"It's essentially like having a ghost user on your phone," Butler said.

Phone vendors have been notified

The research team says it notified all vendors which they found to be exposing AT commands via their phones' USB interface. They also published a website containing a database of phone models and firmware versions that they found exposing the AT interface.

Researchers only tested access to the AT command set on Android devices via the USB interface. They also plan on testing Apple devices, but also if AT commands are available via remote access vectors such as a phone's WiFi or Bluetooth connections.

The team also published a Shell script that they used during their research to examine Android firmware and find strings containing AT commands. The script is available on GitHub.

This is not the first work of its kind. It's been known for many years that Android devices are vulnerable to attacks carried out via AT commands [1, 2, 3], but this research is the most comprehensive to date.

More details about this research are available in a research paper entitled "ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem." Researchers presented their white paper at the Usenix Security Symposium held in Baltimore, USA in mid-August.
https://www.bleepingcomputer.com/new...n-at-commands/





Sen. Wyden Confirms Cell-Site Simulators Disrupt Emergency Calls
Cooper Quintin

Sen. Ron Wyden has sent a letter to the U.S. Department of Justice concerning disruptions to 911 emergency services caused by law enforcement’s use of cell-site simulators (CSS, also known as IMSI catchers or Stingrays). In the letter, Sen. Wyden states that:

Senior officials from the Harris Corporation—the manufacturer of the cell-site simulators used most frequently by U.S. law enforcement agencies—have confirmed to my office that Harris’ cell-site simulators completely disrupt the communications of targeted phones for as long as the surveillance is ongoing. According to Harris, targeted phones cannot make or receive calls, send or receive text messages, or send or receive any data over the Internet. Moreover, while the company claims its cell-site simulators include a feature that detects and permits the delivery of emergency calls to 9-1-1, its officials admitted to my office that this feature has not been independently tested as part of the Federal Communication Commission’s certification process, nor were they able to confirm this feature is capable of detecting and passing-through 9-1-1 emergency communications made by people who are deaf, hard of hearing, or speech disabled using Real-Time Text technology.

The full text of the letter can be read here [PDF].

Researchers of CSS technology have long suspected that using such technologies, even professionally designed and marketed CSS’s, would have a detrimental effect on emergency services, and now—for the first time—we have confirmation.

It is striking, but unfortunately not surprising, that law enforcement has been allowed to use these technologies and has continued to use them despite the significant and undisclosed risk to public safety posed by disabling 911 service, not to mention the myriad privacy concerns related to CSS use. What’s more, a cell-site simulator wouldn’t just disrupt service for the specific person or persons being tracked but would likely disrupt service for every mobile device in the area as it tricks every phone in the area into connecting to the fake base station in search of the target phone. This could be especially dangerous during a natural disaster when IMSI catchers are being used to locate missing persons in damaged buildings or other infrastructure, cutting off 911 service at a time like that could be a grave danger to others trapped in dangerous situations.

Harris Corporation claims that they have the ability to detect and deliver calls to 911, but they admit that this feature hasn’t been tested. Put bluntly, there is no way for the public or policy makers to know if this technology works as intended. Thanks to the onerous non-disclosure agreements that customers of Harris Corp and other CSS vendors’ customers have regularly been required to enter into there is very little public information about how CSS work and what their capabilities are. Even if a security researcher did audit a CSS, the results would be unlikely to ever see the light of day.

Furthermore, even if Harris’ technology works the way they claim it does, they are far from the only manufacturer of CSS devices. There are several other companies that manufacture such technology and we know even less about the workings of their technologies or whether they have any protections against blocking 911 calls. Cell-site simulators are now easy to acquire or build, with homemade devices costing less than $1000 in parts. Criminals, spies, and anyone else with malicious intent could easily build a CSS specifically to disrupt phone service, or use it without caring whether it disrupts 911 service.

The only way to stop the public safety and public privacy threats that cell-site simulators pose is to increase the security of our mobile communications infrastructure at every layer. All companies involved in mobile communications from the network layer (AT&T, T-Mobile, Verizon, etc.) to the hardware layer (Qualcomm, Samsung, Intel), to the software layer (Apple, Google) need to work together to ensure that our cellular infrastructure is safe, secure, and private from attacks by spys, criminals, and rogue law enforcement. For their part, policymakers such as Sen. Wyden can help by continuing to provide transparency on how IMSI catchers work and are used, and funds to upgrade our aging cellular infrastructure.

For more information about cell-site simulators please consult our Street-Level Surveillance guides on law enforcement surveillance technology.
https://www.eff.org/files/2018/08/27...ter-to-doj.pdf
https://www.eff.org/deeplinks/2018/0...disruption-css





Tech Industry Pursues a Federal Privacy Law, on Its Own Terms
Cecilia Kang

Technology companies have taken plenty of hits on privacy this year. In May, Europe began enforcing a sweeping new law that lets people request their online data and restricts how businesses obtain and handle the information.

Then in June, California passed its own law that gives people the right to know what information companies are collecting about them, why the companies are collecting that data and with whom they are sharing it — setting a privacy benchmark for the United States.

Now top tech companies are going on the offensive.

In recent months, Facebook, Google, IBM, Microsoft and others have aggressively lobbied officials in the Trump administration and elsewhere to start outlining a federal privacy law, according to administration officials and the companies. The law would have a dual purpose, they said: It would overrule the California law and instead put into place a kinder set of rules that would give the companies wide leeway over how personal digital information was handled.

“We are committed to being part of the process and a constructive part of the process,” said Dean Garfield, president of a leading tech industry lobbying group, the Information Technology Industry Council, which is working on proposals for the federal law. “The best way is to work toward developing our own blueprint.”

The efforts could set up a big fight with consumer and privacy groups, especially as companies like Facebook face scrutiny for mishandling users’ personal data. Many of the internet companies depend on the collection and analysis of such data to help them target the online ads that generate the bulk of their revenue.

“It’s clear that the strategy here is to neuter California for something much weaker on the federal level,” said Ernesto Falcon, legislative counsel at the Electronic Frontier Foundation, a digital rights group. “The companies are afraid of California because it sets the bar for other states.”

In the United States, tech companies’ efforts to fight privacy regulations gained momentum in late spring, as it became clear that the California proposal might become law.

At a board meeting for the Information Technology Industry Council in May, Joel Kaplan, Facebook’s top lobbyist, warned that an early proposal for privacy in California posed a threat to the industry and that the trade group needed to make the issue of privacy a priority, according to two people briefed on the meeting, who were not authorized to speak publicly.

Mr. Kaplan said the California proposal could spread to other states, the people said. Top lobbyists for other tech companies agreed that it could be more problematic than the new European law, and that it would unleash a patchwork of state laws that would not only strap their businesses but become a regulatory headache, the people briefed on the meeting said.

Until that moment, there had been a split in the tech industry about privacy rules. Companies like IBM and Salesforce, which sell data storage and software to other businesses, were more willing to accept consumer privacy laws, IBM and other members of the Information Technology Industry Council said. Social media and other companies that relied primarily on advertising for revenue, like Facebook and Google, were adamant that the industry should fight all rules.

But at that meeting, it became clear that Facebook and Google had softened their resistance to a federal privacy law, as long as they were deeply involved in writing the rules.

“There has been a complete shift on privacy,” said Chris Padilla, vice president for government and regulatory affairs at IBM. “There is now broad recognition that companies that were resistant to privacy rules can no longer just say no.”

Facebook declined to comment. But in congressional testimony in April, its chief executive, Mark Zuckerberg, indicated that the social network would be open to privacy regulation.

Google said it seemed inevitable that privacy rules would come to the United States.

“There are renewed efforts to define the privacy legislative frameworks of the future, and we look forward to working with policymakers around the world to move the process forward,” Google said in a statement.

Many of the companies also recognized that it was a good time to press ahead with a federal privacy law since Trump administration officials have expressed openness to a business-friendly approach to such rules.

David Redl, the head of a division of the Commerce Department that is leading the agency’s privacy efforts, said in a July speech that the administration’s “commitment to prosperity will be our guide.”

“We also know that industry is looking to the administration to demonstrate leadership on this issue,” he said at the time. “They’re rightfully concerned about the potential for a fractured and stifling regulatory landscape.”

Lindsay Walters, White House deputy press secretary, said in a statement that the administration aimed to work with Congress on legislation “that is the appropriate balance between privacy and prosperity.”

The administration said it intended to have an outline of potential rules by the end of the year. But the timeline could easily be pushed back, as numerous agencies may be involved, including the Commerce Department, the Federal Trade Commission, and the National Institute for Standards and Technology.

In a sign of the latitude that a federal privacy law might give tech companies, at least three trade groups — the U.S. Chamber of Commerce, the Internet Association, and the Information Technology Industry Council — are planning to push for voluntary standards instead of legal mandates that carry steep penalties for violations.

In exchange for volunteering to follow certain guidelines on what kind of information they collect and share about users, the groups said, they would insist that the federal statute nullify California’s rules.

That position has outraged privacy advocates.

“The idea that the companies that violated our privacy for more than a decade will suddenly have a self-regulatory blueprint is ridiculous,” said Jim Steyer, president of Common Sense Media, a privacy and children’s advocacy group that supported the California law.

Privacy advocates said tech companies were pushing to undercut the California privacy law in other ways. Although passed in June, the law stipulates that lawmakers can pursue technical changes in its language until the end of this month. It is scheduled to take effect in January 2020.

Any changes are supposed to be minor, but tech lobbyists and privacy groups continue to swarm the offices of the legislators behind the law, their aides said. Consumer privacy groups, which have been pushing lawmakers to leave the law virtually untouched, fear the companies are trying to soften protections.

This month, the California Chamber of Commerce and other business and tech groups sent 19 pages of edits to the law to State Senator Bill Dodd, one of the bill’s authors. They criticized language, such as the law’s definition of personal information, that they said would apply to too many people or websites.

In the letter, the groups said California’s attorney general, Xavier Becerra, would need more time to figure out how to enforce the rules and asked to delay enactment for one year. The business groups argued that the law could hurt a typical consumer.

“Unless the law is clarified, he or she might also inadvertently be deprived of special discounts and promotions,” the letter said.

In a rebuttal letter to Mr. Dodd, several consumer privacy groups called for him and other California lawmakers to keep any changes to a minimum, saying the tech industry’s moves were “excessive in nature.”

“The sky is not falling, as industry suggests,” the groups said.
https://www.nytimes.com/2018/08/26/t...ivacy-law.html





India’s Biometric Database Is Creating A Perfect Surveillance State — And U.S. Tech Companies Are On Board

The Aadhaar program offers a glimpse of the tech world's latest quest to control our lives, where dystopias are created in the name of helping the impoverished.
Paul Blumenthal, Gopal Sathe

Big U.S. technology companies are involved in the construction of one of the most intrusive citizen surveillance programs in history.

For the past nine years, India has been building the world’s biggest biometric database by collecting the fingerprints, iris scans and photos of nearly 1.3 billion people. For U.S. tech companies like Microsoft, Amazon and Facebook, the project, called Aadhaar (which means “proof” or “basis” in Hindi), could be a gold mine.

The CEO of Microsoft has repeatedly praised the project, and local media have carried frequent reports on consultations between the Indian government and senior executives from companies like Apple and Google (in addition to South Korean-based Samsung) on how to make tech products Aadhaar-enabled. But when reporters of HuffPost and HuffPost India asked these companies in the past weeks to confirm they were integrating Aadhaar into their products, only one company ― Google ― gave a definitive response.

That’s because Aadhaar has become deeply controversial, and the subject of a major Supreme Court of India case that will decide the future of the program as early as this month. Launched nine years ago as a simple and revolutionary way to streamline access to welfare programs for India’s poor, the database has become Indians’ gateway to nearly any type of service ― from food stamps to a passport or a cell phone connection. Practical errors in the system have caused millions of poor Indians to lose out on aid. And the exponential growth of the project has sparked concerns among security researchers and academics that India is the first step toward setting up a surveillance society to rival China.

A Scheme Born In The U.S.

Tapping into Aadhaar would help big tech companies access the data and transactions of millions of users in the second most populous country on earth, explained Usha Ramanathan, a Delhi-based lawyer, legal researcher and one of Aadhaar’s most vocal critics.

The idea for India’s national biometric identification team wasn’t unprecedented, and in fact, it has strong parallels with a system proposed for the United States. Following the Sept. 11, 2001, attacks, the CEO of Oracle, Larry Ellison, offered to build the U.S. government software for a national identification system that would include a centralized computer database of all U.S. citizens. The program never got off the ground amid objections from privacy and civil liberties advocates, but India’s own Ellison figure, Nandan Nilekani, had a similar idea. The billionaire founder of IT consulting giant Infosys, Nilekani conceptualized Aadhaar as a way to eliminate waste and corruption in India’s social welfare programs. He lobbied the government to bring in Aadhaar, and went on to run the project under the administration of Manmohan Singh. Nilekani gained even more influence under current Prime Minister Narendra Modi, who moved to make Aadhaar necessary for almost any kind of business in India.

The first 12-digit Aadhaar ID was issued in 2010. Today, over a billion people (around 89 percent of India’s population) have been included in the system ― from India’s unimaginably wealthy billionaires to the homeless, from residents of the country’s sprawling cities to remote inaccessible villages. While initially a voluntary program, the database is now linked to just about all government programs. You need an Aadhaar ID to get a passport issued or renewed. Aadhaar was made mandatory for operating a bank account, using a cell phone or investing in mutual funds, only for the proposals to be rolled back pending the Supreme Court verdict on the constitutionality of the project.

As Aadhaar identification became integrated into other systems like banking, cell phones and government programs, tech companies can use the program to cross-reference their datasets against other databases and assemble a far more detailed and intrusive picture of Indians’ lives. That would allow them, for example, to better target products or advertising to the vast Indian population. “You can take a unique identifying number and use it to find data in different sectors,” explained Pam Dixon, executive director of the World Privacy Forum, an American public interest research group. “That number can be cross-walked across all the different parts of their life.”

Microsoft, which uses Aadhaar in a new version of Skype to verify users, declined to talk about its work integrating products with the Aadhaar database. But Bill Gates, Microsoft’s founder, has publicly endorsed Aadhaar and his foundation is funding a World Bank program to bring Aadhaar-like ID programs to other countries. Gates has also argued that ID verification schemes like Aadhaar in itself don’t pose privacy issues. Microsoft CEO Satya Nadella has repeatedly praised Aadhaar in both his recent book and a tour across India.

Amazon did not respond to a request for comment, but according to a BuzzFeed report, the company told Indian customers not uploading a copy of Aadhaar “might result in a delay in the resolution or no resolution” of cases where packages were missing.

Facebook, too, failed to respond to repeated requests for comment, though the platform’s prompts for users to log in with the same name as their Aadhaar card prompted suspicions from users that it wanted everyone to use their Aadhaar-verified names and spellings so they could later build in Aadhaar functionality with minimal problems.

A spokesman for Google, which has its own payments platform in India called Tez, told HuffPost that the company has not integrated any of its products with Aadhaar. But there was outrage earlier in August when the Aadhaar helpline was added to Android phones without informing users. Google claimed in a statement to the Economic Times this happened “inadvertently”

Privacy Jeopardized For Millions

But the same features that are set to make tech companies millions are are also the ones that threaten the privacy and security of millions of Indians.

“As long as [the data] is being shared with so many people and services and companies, without knowing who has what data, it will always be an issue,” said Srinivas Kodali, an independent security researcher. “They can’t protect it until they encrypt it and stop sharing data.”

One government website allowed users to search and geolocate homes on the basis of caste and religion ― sparking fears of ethnic and religious violence in a country where lynchings, beatings and mob violence are commonplace. Another website broadcast the names, phone numbers and medical purchases — like generic Viagra and HIV medication — of anyone who buys medicines from government stores. In another leak, a Google search for phone numbers of farmers in Andhra Pradesh would reveal their Aadhaar numbers, address, fathers’ names and bank account numbers.

The leaks are aggravated by “a Star Trek-type obsession” with data dashboards, said Sunil Abraham, executive director of the Center for Internet and Society. Many government departments each created an online data dashboard with detailed personal records on individuals, he explained. The massive centralization of personal data, he said, created a huge security risk as these dashboards were accessible to any government official and in many cases, were even left open to the public.

Authentication failures have led to deaths among the poorest sections of Indian society when people were denied government food rations.

And much like the tech companies, some local governments are using the system to connect data sets and build expansive surveillance. In the state of Andhra Pradesh in India, there’s a war room next to the state chief minister’s office, where a wall of screens shows details from databases that collect information from every department. There are security cameras and dashboards that track every mention of the chief minister on the news. There’s a separate team watching what’s being said about him on social media and there are also dashboards that collect information from IoT [Internet of Things] sensors across the state.

Court Ruling Could Halt Rollout

Those issues around privacy are why the dreams of government bureaucrats and large tech companies to build a perfect surveillance apparatus around Aadhaar may ultimately fall apart. The Supreme Court of India is set to decide on a case that could decide the future of the program.

The court is set to review 27 petitions, including whether requiring an Aadhaar for government subsidies and benefits makes access to these programs conditional, even though the state is constitutionally bound to deliver them. The petitioners include lawyers, academics and a 92-year-old retired judge whose petition also secured the right to privacy as a fundamental right in August 2017. Petitioners also argue that the ability for Aadhaar to be used to track and profile people is unconstitutional.

In its judgment, due any day now, the court will rule on all 27 petitions together. It will decide not only the fate of the Aadhaar Act of 2016, but likely the future involvement of some of tech’s biggest companies in one of the world’s most ambitious and divisive IT projects.
https://www.huffingtonpost.in/entry/...b0729515109fd0





Indiana Appeals Court Says Forcing Someone To Unlock Their Phone Violates The 5th Amendment
Tim Cushing

Passwords and PINs still beat fingerprints when it comes to the Fifth Amendment. But just barely. Nothing about the issue is settled, but far more cases have been handed down declaring fingerprints to be non-testimonial. Fingerprints are obtained during the booking process -- a physical, traceable representation of the suspect. If they can be obtained during booking, they can certainly be obtained again to unlock a device. A physical aspect of a human being can't be considered "testimonial" as far as courts have interpreted the Fifth Amendment.

Passwords are a different story, but not by much. In a handful of cases, courts have said the compelled production of passwords and PINs has no Fifth Amendment implications. Defendants, conversely, have argued compelled password production forces them to testify against themselves by facilitating the production of evidence to be used against them.

This argument hasn't had much success. Judges have frequently found password production to be just as non-testimonial as a person's fingerprint. The argument here is that all law enforcement wants is a password, not the production of evidence. Under the "foregone conclusion" theory, all the government has to prove is that the person being asked to unlock a device can unlock the device.

This decouples password production from its consequences: the production of evidence by defendants that the government will use against them in court. When this theory is applied, the Fifth Amendment is sidelined and replaced with the ultra-low bar of foregone conclusion.

But passwords aren't fingerprints and can be testimonial. Unlocking a device law enforcement is going to search for evidence states clearly that a person owns or controls the device and its contents. That makes it very easy for the government to link a device's illicit contents to the person who was ordered to unlock it.

A case from Indiana's Court of Appeals -- via FourthAmendment.com -- addresses these arguments with a bit more sympathy for compelled testimony arguments. The government argued there's nothing testimonial about a password. The court, in a lengthy decision [PDF], disagrees.

[W]e consider [Kaitlin] Seo’s act of unlocking, and therefore decrypting the contents of her phone, to be testimonial not simply because the passcode is akin to the combination to a wall safe as discussed in Doe. We also consider it testimonial because her act of unlocking, and thereby decrypting, her phone effectively recreates the files sought by the State. As discussed above, when the contents of a phone, or any other storage device, are encrypted, the cyphertext is unintelligible, indistinguishable from random noise. In a very real sense, the files do not exist on the phone in any meaningful way until the passcode is entered and the files sought are decrypted. Thus, compelling Seo to unlock her phone goes far beyond the mere production of paper documents at issue in Fisher, Doe, or Hubbell. Because compelling Seo to unlock her phone compels her to literally recreate the information the State is seeking, we consider this recreation of digital information to be more testimonial in nature than the mere production of paper documents.

The court also says there's nothing to the government's argument that unlocking a phone for police is somehow different -- and less of a Fifth Amendment issue -- than turning over a password to police.

[b]ecause we believe that electronic data and the devices that contain it are fundamentally different than paper documents and paper storage, we reject the State’s attempt to distinguish between compelling Seo to convey her passcode to the State and compelling Seo to simply unlock her phone by entering the passcode itself. It is a distinction without a difference because the end result is the same: the State is compelling Seo to divulge the contents of her mind to obtain incriminating evidence.

This decision shores up Fifth Amendment arguments against compelled decryption and password production. The state appeals court then goes further, instructing state judges and law enforcement agencies to seek less invasive -- and less constitutionally-problematic -- methods of obtaining evidence.

Going forward, we ask reviewing courts of last resort to consider the following structure for resolving decryption requests from law enforcement authorities:

1. Requiring a defendant to decrypt digital data should be legally recognized for what it is—coerced recreation of incriminating evidence— and compulsory process for that purpose should be strictly limited for precisely that reason.

2. In some instances, law enforcement officials will have legitimate need of digital information that is protected by encryption.

3. If the law enforcement request is a bona fide emergency, with verified concern about the possibility of further and immediate serious criminal acts, a warrant that describes the other imminent crime(s) suspected and the relevant information sought through a warrant, both with reasonable particularity, will likely satisfy Fourth and Fifth Amendment requirements.

4. In non-emergency situations, law enforcement should be required to first seek the digital data it wants from third parties, such as internet “cloud” sources, cellphone companies, or internet providers (ISPs), where a defendant has practically, if not explicitly, consented to production upon legal process from a court of competent jurisdiction.

5. Exceptions to the Fourth Amendment and its state analogues, such as the plain view doctrine and the good faith exception, should be inapplicable to, or strictly limited in, the search and seizure of digital data stored on devices owned or controlled by that defendant, or from “Cloud” subscriptions that defendant owns or uses.

It's a thoughtful decision that runs contrary to many rulings covering the same subject. But it is limited to the state of Indiana, so it's not going to undo any federal precedent. But it does give those representing clients facing demands for password production another citation in their favor. More importantly, it sets a new baseline for lawful demands for data production, wresting control away from law enforcement agencies unlikely to impose these constraints of their own.
https://www.techdirt.com/articles/20...mendment.shtml





Lucy McHugh Death: Man Jailed Over Facebook Password Refusal

A man arrested on suspicion of murdering a teenager in Southampton has been jailed for withholding his Facebook password from detectives.

Lucy McHugh, 13, was found stabbed to death in woodland last month, a day after she disappeared.

Stephen-Alan Nicholson, 24, pleaded guilty to failing to comply with an order under the Regulation of Investigatory Powers Act, requiring him to disclose the Facebook password.

He was sentenced to 14 months in jail.

Nicholson, of no fixed address, appeared by videolink at Southampton Crown Court.

He was first arrested on 27 July on suspicion of murder and sexual activity with a child and subsequently bailed. But he was also charged under the Regulation of Investigatory Powers Act.

The court heard the charge related to a court order that Nicholson disclose his Facebook password protecting any private communications with Lucy McHugh.

He was described as a family friend and care worker who had been staying in Lucy's home in Mansel Road until shortly before her death.

Passing sentence, Judge Christopher Parker did not accept Nicholson's "wholly inadequate" excuse that providing his password would expose information relating to cannabis.

"What you have done is obstructed the investigation, and a very serious investigation indeed. It has caused a very significant delay," the judge said.

"It means that the task of police investigating the murder of Lucy McHugh is that much more difficult."

Matthew Lawson, prosecuting, said police were following a "lengthy procedure" to get the information from Facebook itself.
https://www.bbc.co.uk/news/uk-englan...shire-45365464





WireGuard VPN Review: A New Type of VPN Offers Serious Advantages

Fewer lines of code, simpler setup, and better algorithms make a strong case.
Jim Salter

WireGuard is a new type of VPN which aims to be simpler to set up and maintain than current VPNs and to offer a higher degree of security. The software is free and open source—it's licensed GPLv2, the same license as the Linux kernel—which is always a big plus in my book. It's also designed to be easily portable between operating systems. All of that might lead you to ask: in a world that already has IPSEC, PPTP, L2TP, OpenVPN, and a bewildering array of proprietary SSL VPNs, do we need yet another type of VPN?

OK, but why?

I've seen a few new VPN designs pop up in the last few years—ZeroTier and Tinc come to mind—and each time, I've thought, "I should really look into that." And then I haven't. I use OpenVPN heavily; I'm thoroughly familiar with it, and it scratches most of my VPN-related itches pretty well.

So how did WireGuard rattle my cage hard enough to get me to actually play with it? It had something you almost never see: a positive comment about its code from none other than Linus Torvalds.

Can I just once again state my love for [WireGuard] and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art.
Linus Torvalds, on the Linux Kernel Mailing List

That was enough to get me to sit up and pay attention. If you think "maybe it isn't perfect, but" is damning with faint praise, you clearly aren't familiar with Torvalds' acerbic writing style.

Fewer lines of code

A little more research gave me some insight into why Torvalds might have been so uncharacteristically positive. WireGuard weighs in at around 4,000 lines of code; this compares to 600,000 total lines of code for OpenVPN + OpenSSL or 400,000 total lines of code for XFRM+StrongSwan for an IPSEC VPN. Two orders of magnitude fewer lines of code mean a lot less attack surface to find flaws in.

A much smaller codebase also means code that's more likely to work the way it's supposed to. One of my biggest operational beefs with OpenVPN is how its tunnels can either crash or hang.

This probably won't happen frequently enough for you to notice if you only have a few tens of clients, and most of those are manually operated by a human clicking something to connect and disconnect their tunnel as needed anyway. But if you want to manage a network with hundreds of clients, all of which should automatically manage their own always-on tunnels, it's a big problem.

OpenVPN features ping and ping-restart configuration arguments that should take care of this for you, but they don't. I've spent more of my time crafting and maintaining watchdog scripts that carefully check for, kill -9, and restart OpenVPN daemons than I like to think about. I'd love to be able to replace them with something that just works.

Simpler setup

I don't want to sugarcoat this: VPNs aren't simple, and WireGuard doesn't suddenly make them a kindergarten project. With that said, it took me a few days of careful, determined, and dedicated reading, implementation, and testing before I understood OpenVPN well enough to really have any idea what I was doing. A few years later, I needed another week or two of trawling the Internet for how-tos and piecing them together in order to build a large-scale OpenVPN-based network. I spent another half-day or so reading about the latest advancements in configuration and best practices before updating my configurations for last year's Ars Technica OpenVPN guide.

By rather sharp contrast, I created working, stable, documented configurations for a scalable, secure WireGuard network in about six hours on a Sunday afternoon. Much of this greater simplicity in setup and configuration is due to WireGuard's deliberate, principled rejection of cryptographic agility.

Stronger algorithms

WireGuard deliberately eschews "industry standard" algorithms which have long-standing weaknesses in favor of only the latest, toughest primitives.

From the WireGuard website:

• ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539's AEAD construction
• Curve25519 for ECDH
• BLAKE2s for hashing and keyed hashing, described in RFC7693
• SipHash24 for hashtable keys
• HKDF for key derivation, as described in RFC5869

This all looks impressive enough, but I'm no cryptographer. I was still a little concerned about WireGuard's future security, because there's nothing configurable about it, and its keys were considerably smaller than what I was used to. Luckily for me, publishing my first three WireGuard VPN configs on my own blog was enough to catch the attention of Jason Donenfeld, WireGuard's author and principal developer. That gave me the chance for a little desperately-needed Q & A. (Please consider any errors in the following content mine, not Jason's. Did I mention I'm not a cryptographer?)

As someone who doesn't really understand cryptography but who has been using it actively for 20 years, the combination of a short key and no configuration options made me a bit nervous. With OpenVPN, I like to err on the side of caution by using a honking big key. Why can't I do the same with WireGuard? Why am I limited to a 256-bit key with WireGuard, while OpenVPN offers me a whopping 4,096 bits? It turns out that a 4,096 bit key is kind of ridiculous.

If you have to brute-force a 256-bit key, you have 2256 total combinations to work through. If you assume that on average, you'll uncover the solution halfway through the problem set; that still leaves you with 2255 failures before success. Now assume that you have an extremely powerful system, capable of trying 38,000,000 keys per second, and local access to the public side of the keypair. If you're relying on brute force, it'll take you a little more than 1.52 × 1069 seconds on average to come up with the winning key. Given that the estimated age of the universe itself is 4.32 × 1017 seconds, that's probably sufficient.

The reason OpenVPN (and almost all VPN solutions) use such ridiculously long keys is that you don't have to brute-force them. An actual cryptographic attack on the algorithms commonly used for VPNs (or for HTTPS connections to websites) looks a lot more like a dictionary attack than a brute-force attack; you can discount great swathes of the problem space without having to actually try them.

The tremendous key length—and in some cases, repeated executions of the same algorithm (anybody else remember DES vs 3DES?)—is basically a naive "well, do it harder then!" mitigation that attempts to confound cryptographic attacks or expand the problem set to something so ludicrously huge that, even if you can just throw away all but 0.000000001% of it, it's still too much to bash through.

As long as the algorithms underlying WireGuard remain unbreached, a 256-bit key isn't just "strong enough until computers get faster." It's strong enough that simple physics prevent a brute-force approach—at least, until quantum computing comes into play. Quantum computers are odd beasts that have very different use cases than conventional computers, but one of the things they are extremely good at is attacking asymmetric (public/private key) cryptography. We're not capable of creating a quantum computer large enough to attack a 256 bit key yet, but it's expected to happen eventually. If you're sufficiently paranoid that you want future proofing against QC, you can optionally add a PSK (Pre-Shared Key) layer to WireGuard's encryption.

Simpler handshakes

Up until now, asymmetric encryption has more-or-less always implied a principle called cryptographic agility. In a nutshell, agile crypto is crypto in which you can change out the ciphers, digests, diffie-hellmans, and glayvin willy-nilly in order to address the changing state of the industry. The SSL encryption your browser uses is an agile protocol, as are IPSEC and OpenVPN.

At first blush, this sounds like a great idea—more options! Unfortunately, all those options mean a bunch of stuff that needs to be negotiated between client and server before the tunnel is secured—which means both more stuff that can be spied on by anyone in position for a MITM attack and more things that might break in interesting ways if they're hammered on just right.

Instead of cryptographic agility, WireGuard relies on crypto versioning. If a devastating cryptographic attack against one of WireGuard's underlying primitives is discovered, a new WireGuard protocol will be devised as a total package. After such an update, a WireGuard client and WireGuard server would simply need to say "let's use v2.0 instead of v1.0!" and be off to the races. (This is in contrast to a crypto agile negotiation, in which client and server must negotiate and agree on every single primitive and key length piece by piece.) Once an admin is certain all of their clients have been updated to support the new protocol, they could simply disable the 1.0 protocol at the server and be done with it.

If you show me a list of ciphers including Blowfish, AES, ChaCha, and Polybius, I don't know just from looking at them which is the most secure, even though one of them is more than 2,000 years old. But if you give me a list containing v1.0, v2.0, v3.0, and v4.0, you can generally rely on me to pick the right one.

Faster connections

When using VPNs, my consulting agents and I get frustrated with the lengthy, querulous handshake process. They take long enough that you feel obliged to provide some kind of dialog to the end user to reassure them that something's happening—and to convince them not to try to "use it before it's ready" and call their sysadmin complaining of a "broken" VPN that just wasn't done connecting yet. When you're accustomed to that behavior, WireGuard's connect times seem downright magical.

The proof's in the picture above: an OpenVPN connection from my Xeon E3 workstation to Linode's cheapest VM offering takes more than eight seconds. Connecting the two via WireGuard takes barely over 100 milliseconds. This not only means faster initial connections—it means much faster re-connections when something's gone wonky in your internet connection and your VPN has to re-establish the tunnel beneath you.

A better VPN?

These are still early days for WireGuard, but right now, it looks like it's probably the most secure and reliable option out there. WireGuard might also be the fastest—it operates entirely in kernel space, unlike OpenVPN, which has to context-switch in and out from kernel to userspace rapidly. But I haven't really been able to confirm that; I saw much better speedtests from WireGuard on a very starved LTE connection from my local public library, but I saw OpenVPN holding its own or even outrunning it on a much faster Wi-Fi connection at the house later.

To be fair, WireGuard's current Android implementation is in userspace unless you've rooted your phone, which I haven't. But I also didn't see any faster throughput using WireGuard vs. OpenVPN to connect across my gigabit LAN using real Linux x86 machines. I was hoping to do a speedtest from an Odroid XU4, which has an ARM processor much like those used in smartphones. But Odroid's stock version of the Linux desktop is mangled and doesn't include kernel headers, which broke the installation there until I can wipe it and install Armbian.

So, WireGuard is maybe faster, almost certainly more secure, and definitely a great deal simpler and quicker to connect than traditional VPNs. It's also very young; Donenfeld's git repository shows an initial commit just two years ago. Platform support is still a bit of an issue; there are official ports for Linux, Android, and BSD (including OS X). An iOS app is available in the WireGuard repository, but as it isn't in the App Store yet. It's probably not going to do you any good unless you're an iOS developer yourself.

And finally, the $64,000 question: what about Windows? Support for Windows isn't here yet. It's on the way, and it's going to use Microsoft's own VPN API from UWP (the Universal Windows Platform). That is exciting news. Aside from doing away with the bletcherous and buggy TAP-Win32 adapter OpenVPN uses, that means that WireGuard connections on Windows will be managed just like the hideously insecure PPTP VPNs legions of Windows users keep using for no better reason than "it looks built-in."

The Good

WireGuard's fast connection negotiations change your perception of a VPN's convenience. It's hard to go back to kludgy interfaces and 10- to 30-second negotiations after you're used to no-nonsense, instant-on performance.

The Bad

• Waiting for Windows support is going to put WireGuard out of reach for many users for another few months.

The Ugly

• In theory, WireGuard could greatly accelerate throughput from wimpy ARM-powered devices like phones and consumer routers, but it needs to be baked right into the kernel for that to happen.

https://arstechnica.com/gadgets/2018...eds-to-happen/





Does Google Actually Make Us Dumber? That Study — And Many Others — Were Just Called Into Question.

“Our study in hindsight was outright silly,” one scientist said.
Stephanie M. Lee

Another spate of high-profile and provocative psychology studies have failed to replicate, dealing blows to the theories that fiction makes readers empathetic, for example, or that the internet makes us dumber.

At a time when psychology researchers are increasingly concerned about the rigor of their field, five laboratories set out to repeat 21 influential studies. Experiments in just 13 of those papers — or 62% — held up, according to an analysis published Monday.

The eight papers that did not fully replicate — seven in the journal Science, one in Nature — have been cited hundreds of times in scientific literature and many were widely covered by the media.

Failing to replicate isn’t definitive proof that a finding is false, particularly in cases where other studies support the same general idea. And some scientists told BuzzFeed News they do not agree with how the replications were done.

Still, the new findings are part of an overwhelming, and troubling, trend. The so-called reproducibility crisis has hit research in many fields of science, from artificial intelligence to cancer. Shoddy psychology research has received the most attention, with a 2015 report replicating just 36% of 97 studies.

It makes sense that scientists want to publish data that is surprising or counterintuitive. “That’s not a bad thing in science, because that’s how science breaks boundaries,” said Brian Nosek, a University of Virginia psychologist and executive director of the Center for Open Science, which led the replication project.

But too few scientists, he said, recognize the inherent uncertainty of their splashy results. “It’s okay if some of those turn out to be wrong,” he said.

In science, however, the deck is stacked against humility. Scientists are judged by how much they publish, and most journals won’t publish papers that find negative results. And the most prestigious titles — including Science and Nature — screen for the most novel, most surprising findings that will stand out to scientists across disciplines.

“If you’re saying something has to be surprising and wow people, you’re almost by definition saying, ‘We’re picking things that are further away from what we already think is true and therefore less likely to be true,’” Sanjay Srivastava, a University of Oregon psychologist not involved with the replication project, told BuzzFeed News. “That’s not how a lot of everyday, incremental, good scientific work, for the most part, happens.”

The new analysis zeroed in on psychology papers published in Nature and Science between 2010 and 2015. Many papers described the results of multiple experiments, but due to budget constraints, Nosek and his team chose to replicate just the first experiment described in each. By recruiting participants through Amazon Mechanical Turk and college campuses, the researchers did the experiments on groups that were about five times larger than the original sample sizes.

Some scientists whose studies didn’t replicate are taking the bad news in stride.

For example, back in 2012, Will Gervais reported in Science that people were less likely to believe in God when they looked at pictures of “The Thinker” statue versus other statues.

“Our study in hindsight was outright silly,” said Gervais, a University of Kentucky psychologist.

In a 2013 study, David Kidd and a colleague reported in Science that readers were better at guessing people’s emotions after reading fiction versus nonfiction. The New York Times summed up the takeaway as: “For Better Social Skills, Scientists Recommend a Little Chekhov.”

One of the key experiments in that study was not replicated in the new project. Kidd, a postdoctoral fellow at the Harvard Graduate School of Education, told BuzzFeed News that the failed replication has taught him a lot.

“That’s not accurate — that’s not how statistics works.”

“A few years ago I would have thought that that study was bulletproof because I had a small sample, but a significant effect,” he said, referring to the experiment’s 86 people. “That’s not accurate — that’s not how statistics works.”

At the same time, Kidd noted that one of the paper’s other experiments has been replicated by another group. Other scientists, too, said that a single nonreplicated experiment doesn’t necessarily indict an entire theory.

Another Science paper, published in 2012 and covered by the New York Times and Slate, sought to explain a phenomenon of poverty: how scarcity, whether of money or time, changes how people focus their attention, which in turn can lead to behaviors like borrowing too much money.

In one of the experiments, “poor” participants given a small number of letters during an electronic "Wheel of Fortune" game performed worse on attention tests afterward, compared to the “rich” participants who were given more letters. The study authors suggested that the poor players’ minds were more fatigued, a condition that might lead to riskier, less thought-out decisions. But this finding failed to repeat when the Center for Open Science team did it.

One of the study’s authors, Anuj Shah of the University of Chicago, also failed to replicate the “Wheel of Fortune” experiment. But his lab was able to confirm the other four experiments in the paper, which were not attempted by Nosek’s team. Shah said he was “disappointed” that the first experiment didn’t replicate, but “that’s how science moves forward.”

His collaborators — sociologists Sendhil Mullainathan of Harvard University and Eldar Shafir of Princeton University — wrote a 2013 book, Scarcity: Why Having Too Little Means So Much, which was partly based on the research. But the pair told BuzzFeed News that the “Wheel of Fortune” experiment is not mentioned in the book.

Perhaps the most well-known paper tackled by the replication researchers was about how online access to information shapes people’s minds. The 2011 paper made headlines in Business Insider (“Google Is Destroying Our Memories”), the New York Times, Time, Wired, and the BBC, among others.

One of its experiments presented subjects with difficult trivia questions, followed by various words related to computers and search engines, as well as noncomputer terms, in different colors. Participants were slower to identify the colors of the computer-related terms, because, the authors theorized, they were distracted by the words themselves — perhaps because they were already thinking about looking up the questions online. “It seems that when we are faced with a gap in our knowledge,” they wrote, “we are primed to turn to the computer to rectify the situation.”

The original scientists did not participate in the replication because the Center for Open Science had trouble getting in touch with them: one of them has died and the two others have left academia. They include Betsy Sparrow, a former psychologist at Columbia University, who disagrees with the replication methods. The computer-related terms should have been updated to refer more to smartphones, she argues.

Still, based on the other experiments in the paper and other studies, she believes in the underlying idea that people don’t remember information as well when they know they can look it up online. “People definitely think about the internet when they want to know something,” Sparrow told BuzzFeed News.

Nosek, the replication project leader, said that scientists used to be defensive about his efforts. But now, more journals and researchers see the importance of making research more rigorous.

Since 2013, Nature has required scientists to complete a checklist with information about their experiments’ methods and conclusions. Scientists in some fields, including behavioral sciences, also have to provide certain experimental details that are published alongside the studies. (The Center for Open Science’s replication results are being published in a Nature journal called Nature Human Behavior.)

Science put out guidelines in 2015 for research quality and transparency, and requires scientists to make available all their data and materials. In addition, the journal now has a board of reviewers who find statistics experts to evaluate the statistical elements of papers.

In the last four years, 125 journals, mostly in the behavioral sciences, have adopted “registered reports,” in which journals approve a study’s methods before the results come in. The idea is to minimize the chances of retroactively changing the methods to make the data fit a tidy conclusion. Similarly, more than 20,000 studies have been preregistered on the Center for Open Science’s website.

“What’s positive in the change in culture over time is we’re not focused on skepticism about the process — whether we should replicate or not — but rather about the phenomena we’re investigating,” Nosek said. “That’s where scientific debates are rich and productive.”
https://www.buzzfeednews.com/article...crisis-studies





The Village Voice, a New York Icon, Closes

The storied independent publication, which made its debut in 1955, dropped its print edition in 2015 and has not had an editor since May.
Tyler Pager and Jaclyn Peiser

When Peter D. Barbey bought The Village Voice in 2015, he vowed to invest in the storied alternative weekly, saying it would “survive and prosper.” But last August he shuttered the print edition, and on Friday he closed the operation altogether.

The end of the left-leaning independent publication was an anticlimax, given the many empty red plastic Village Voice boxes that have been scattered like debris across the sidewalks of Manhattan in recent years.

“This is a sad day for The Village Voice and for millions of readers,” Mr. Barbey said. “The Voice has been a key element of New York City journalism and is read around the world. As the first modern alternative newspaper, it literally defined a new genre of publishing.”

Staff members said they were not surprised that the end had come. The paper’s last editor in chief, Stephen Mooallem — the third top editor to serve under Mr. Barbey during his three-year tenure as owner — left in May and was not replaced.

Some staff members will stay on to make the paper’s print archive digitally accessible; the rest will be out of a job at a time when the local news industry finds itself in crisis.

Tom Robbins, a former longtime investigative journalist at The Voice, said, “It’s astonishing that this is happening in New York, the biggest media town in America.”

Now on the faculty at the Craig Newmark Graduate School of Journalism at the City University of New York, Mr. Robbins added, “I think it really helped so many people sort of figure out everything they wanted to know, from where to find an apartment to what show to see to what scandal they wanted to dig into.”

The Voice was founded as a nickel weekly in 1955 by three New Yorkers, Dan Wolf, Edwin Fancher and Norman Mailer. They assembled a crew of writers who engaged readers with their wit and provoked them with their penchant for argument. Later owners included Rupert Murdoch and the pet-food magnate Leonard Stern.

The paper gave a start to the theater critic Hilton Als and the novelist Colson Whitehead, both recipients of the Pulitzer Prize. Its resident muckraker, Wayne Barrett, took aim at New York developers and politicians for nearly 40 years, and his obsessive work on Donald J. Trump has become a resource for reporters covering the president today.

It gave a home to the investigative reporters Jack Newfield and James Ridgeway, and the music critics Lester Bangs, Robert Christgau, Ellen Willis and Greg Tate. Nat Hentoff focused on jazz and First Amendment issues from 1958 to 2009, and the nightcrawling columnist Michael Musto wrote on celebrities, drag queens and club kids, with wisecracks thrown in, for more than 30 years.

Steven Wishnia, who has freelanced for The Voice on and off since 1994, said he stayed up until midnight on Thursday, putting the final touches on an article about the return of residents to their building on the Bowery after they were ordered to vacate it because of safety hazards. On Friday, Mr. Wishnia received a link to his article along with a note from his editor, Neil DeMause.

“So the good news is that you have the honor of having written the last news article ever for The Village Voice,” Mr. DeMause wrote. “The bad news is also the good news.”

Mr. Barbey is an heir to a Pennsylvania retail fortune. With a net worth estimated at more than $6 billion by Forbes, the Barbey family has a stake in brands like North Face, Wrangler and Timberland. For generations the family has also owned The Reading Eagle, a Pennsylvania daily newspaper. Mr. Barbey has been its chief executive since 2011.

He first read The Voice as a boarding school student in Massachusetts and was drawn to its coverage of the mid-1970s New York rock scene and the film criticism of Andrew Sarris. On Friday he became the media mogul who was shutting it down.

“I began my involvement with The Voice intending to ensure its future,” Mr. Barbey said in the statement. “While this is not the outcome I’d hoped for and worked towards, a fully digitized Voice archive will offer coming generations a chance to experience for themselves what is clearly one of this city’s and this country’s social and cultural treasures.”

The death of The Voice occurred in a bleak economic climate for local journalism. Print circulation has plummeted for two surviving New York tabloids, The New York Post and The Daily News. In July, Tronc, the owner of The News, laid off half the paper’s editorial staff, which had already been severely reduced.

Turning a profit in the digital realm is a code not many news organizations have cracked. DNAinfo and Gothamist, two news sites in New York, were shut down last year by their owner, Joe Ricketts, the billionaire founder of TD Ameritrade. Gothamist has since re-emerged under new ownership. On Friday, it broke the news of The Voice’s closing.

The film critic Bilge Ebiri said that Voice staff members were not anticipating Mr. Barbey’s announcement, but were “prepared for the worst” after his decision to eliminate the print publication.

Mr. DeMause, who wrote for the paper for 20 years before becoming one of its top editors two years ago, said, “I’m deeply saddened as a consumer of media and a little bit scared as a New Yorker and an American that we are losing all these journalism outlets at a time when we need them more than ever.”

Before Craigslist and other online services shoved printed classified ads into irrelevance, The Voice was thick with apartment listings that helped fund the work of its argumentative reporters and editors. For years, the weekly’s pages also included advertising for phone-sex and escort services, a practice that came to an end under Mr. Barbey.

Mr. Musto said The Voice was unique in the latitude it allowed its writers. “Each writer was given their beat and allowed to run with it and inject their personal style in every syllable,” he said.

Hired in 1984 and laid off in 2013, Mr. Musto returned when Mr. Barbey took over in 2015. He said he still felt the freedom he knew from the days when he was starting out.

“We can’t afford to lose an important media outlet,” Mr. Musto said. “It does leave a hole, but on the bright side, this sort of idiosyncratic rebellious spirit of The Voice has been subsumed, in a way, by the mainstream. It’s sort of everywhere.”
https://www.nytimes.com/2018/08/31/b...ce-closes.html





It Is a Challenging Time for the Internet: We Must Not Let It Be Undermined
Andrew Sullivan

On 1 September I start work as CEO of the Internet Society. I have a lot to do to live up to the example set by Kathy Brown with all that she achieved during her leadership. It is a great honour, and I appreciate the trust the Board of Trustees has placed in me. I will work daily to earn the same trust from the rest of the Internet community, in part by being transparent about what drives me to do this.

It is a challenging time for the Internet Society, because it is a challenging time for the Internet. For most of the Internet Society’s history, the expansion and development of the Internet could be regarded as an obvious good. There were always those who simply opposed technological development. There were always those who wanted their own interests protected from the Internet. But Internet users historically benefited so much, so obviously, that skepticism about the value of the Internet itself was rare.

Things have changed. Every technology can be used for negative ends. The Internet still, plainly, brings gains in efficiency, convenience, and communications. Yet in the recent past, some of the negative uses have become apparent, which leads some people to ask whether the Internet is just too dangerous. This environment has produced a golden opportunity for those who always preferred a sanitized, tightly-controlled utility to the generative, empowering Internet. These forces claim that only national governments, treaties, laws, regulations, and monopolies can protect us from the problems we face. They do not want the extraordinary collaboration of the Internet. They think there is some mere political choice to be made between the Internet we have known on the one hand, and a tidy, regulated network on the other. If these forces are successful, we will all lose.

The Internet connects people because of its basic design. Each network that joins the Internet does its own thing, but together they are all richer and more reliable. A network of networks cannot be centrally controlled because it has no centre. This is not some accidental design choice we could alter: without this essential feature, we do not have the Internet at all.

For that very reason, we – all humanity – must not let this technology be undermined. We must face, realistically, the challenges that the Internet produces for us all; but we must face them collaboratively and together. The Internet is for everyone, because only everyone can make the global network of networks.

I am inspired by the real Internet – the network of networks that is open, globally-connected, secure, and trustworthy. This is why I am so happy to become the CEO of the Internet Society at this challenging time. We are strong. Our chapters and members demonstrate the enormous value of the Internet. We wish, in every language and corner of the world, to welcome today those who were not connected yesterday and to reach out to those who will connect tomorrow. We collaborate with others throughout the world who embrace the value of the Internet.

Our potential lies not only in our diversity, but in the power of our community to act as one in service of our mission. Together, our stories of an Internet with people at its heart offer a unifying message for all the world. We can sing as a massed choir, all in harmony, to project the beauty and value of our shared, global heritage. We can take that harmony and common purpose to other communities, to governments, and to boardrooms, and enlist them all in our cause. Our history, linked to the early Internet, teaches us to work with a single mind toward that open, globally-connected, trusted, and secure future.

We will turn away from fear and narrow interests. We will not allow this tool of endless potential to be ruined, whether by vandal or greed. We will support and foster new technologies for all humans. We will promote the security and safety of all who connect.

The Internet Society is for the Internet, and the Internet is for everyone.
https://www.internetsociety.org/blog...be-undermined/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

August 25th, August 18th, August 11th, August 4th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - November 24th, '12 JackSpratts Peer to Peer 0 21-11-12 09:20 AM
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 02:50 AM.

Contact Us - www.p2p-zone.com - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)