P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 30-01-13, 07:59 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - February 2nd, '13

Since 2002


































"The DVR gives you access to all their video, current and archived. You could look at videos, pause and play, or just turn off the cameras and rob the store." – H.D. Moore


"The only time I download anything on iTunes is in the rare case that I can’t find it on Spotify." – Sam Broe


"Mega doesn’t want folks to use its cloud storage services for infringing purposes." – Ira P. Rothken



































February 2nd, 2013




Caribbean Nation Gets an International Go-Ahead to Break U.S. Copyright Laws
Annie Lowrey

A long-simmering trade conflict between the United States and Antigua and Barbuda appears to be boiling over.

Antigua and Barbuda, which has a $1 billion economy, is planning on getting legal retribution from the United States’ $15 trillion economy over its refusal to let Americans gamble at online sites based in the Caribbean nation — perhaps by offering downloads of American intellectual property, like Hollywood films, network television shows or hit pop songs. On Monday, the World Trade Organization gave its go-ahead for Antigua and Barbuda’s tentative plan.

“The economy of Antigua and Barbuda has been devastated by the United States government’s long campaign to prevent American consumers from gambling,” Harold Lovell, Antigua’s finance minister, said in a statement. “These aggressive efforts to shut down the remote gaming industry in Antigua have resulted in the loss of thousands of good-paying jobs and seizure by the Americans of billions of dollars belonging to gaming operators and their customers.”

The conflict’s roots are a decade old. The World Trade Organization said that the United States had violated its trade agreements by preventing Americans from betting at sites based in Antigua and Barbuda. Because Washington is unwilling to make the betting legal, the countries have been locked in a dispute over what constitutes fair trade practices and fair compensation.

The online gambling industry was at one point the second-largest employer in the Caribbean country, its government has said, and economists estimated its worth at $3.4 billion. Gambling employment has dropped to fewer than 500 people from more than 4,000 as a result of the United States’ trade policy, it said.

On Monday, a dispute settlement body in Geneva gave Antigua and Barbuda the nod to, in essence, violate American intellectual property rights to make up its losses, calculated at $21 million a year.

It remains murky just how the Antigua and Barbuda government might go about it. But trade watchers suggested it might set up a site where viewers could pay a pittance to watch a film or television show with an American copyright. The United States might not be able to shut the site down under international law.

“We are disappointed with Antigua and Barbuda’s decision to abandon constructive settlement discussions,” Nkenge Harmon, a spokeswoman for the United States trade representative, said in an e-mail. “As recently as Friday, our two countries held high-level discussions on possible settlement options that would have brought real benefits to Antigua’s businesses and people.”

The Obama administration said that the proposed plan might further hurt trade relations between the two countries.

“If Antigua does proceed with the unprecedented plan for its government to authorize the theft of intellectual property, it would only serve to hurt Antigua’s own interests,” Ms. Harmon said. “Government-authorized piracy would undermine chances for a settlement. It also would serve as a major impediment to foreign investment in the Antiguan economy, particularly in high-tech industries.”

Trade experts said that Antigua and Barbuda’s plan for retribution seemed designed to provoke American filmmakers and recording artists into pushing for Congress to allow foreign Internet gambling sites to serve American customers.

They also noted that it was the United States that had pushed for the unusual “cross-retaliation” mechanism at the W.T.O., where trade violations that hurt one industry could be countered with trade actions against a completely different industry.

“The irony is rich, rich, rich,” said Lori Wallach, the director of Global Trade Watch at Public Citizen, a Washington-based consumer advocacy group.

“The practical question is, Is there a majority in the House and Senate to vote to revoke the ban, and would Congress do it because the W.T.O. told them?” she said, saying it was unclear how the two countries would proceed.
https://www.nytimes.com/2013/01/29/b...opyrights.html





Dotcom Urges U.S. Judge to Dismiss Copyright Charges
Joe Schneider

Megaupload.com, the file-sharing website that was shut down last year on copyright infringement charges, urged a U.S. judge to throw out the indictment to make up for what it called a lack of “due process” in the case.

The U.S. Justice Department failed to give the company legal notice that it was charged, froze its assets and left servers containing content owned by customers “gathering dust and in danger of deteriorating,” Megaupload’s lawyer Ira Rothken wrote in a filing in federal court in Alexandria, Virginia, yesterday.

“More than a year has now passed since Megaupload was branded a criminal, with no opportunity to date to clear its name or challenge the charges against it,” Rothken wrote. The government’s conduct in the case raises “grave questions about whether the government is intent on being judge, jury, executioner and asset collector,” he wrote.

Kim Dotcom, the founder of Megaupload, was indicted in what was dubbed a “mega conspiracy” by U.S. prosecutors, who accused his website of generating more than $175 million in criminal proceeds from the exchange of pirated film, music, book and software files. On Jan. 20, Dotcom began running a successor website called Mega from his home in New Zealand.

The U.S. is seeking Dotcom’s extradition, with a hearing scheduled for August in Auckland.

Peter Carr, a spokesman for U.S. Attorney Neil H. MacBride, referred questions about the seizures of the websites and Dotcom’s assets to the government’s court filings.

Preventing Redirection

In a Jan. 13 affidavit, referred to by Carr, an investigator whose name is blacked out in the document cited a U.S. law that allows seizure of property when an injuction wouldn’t guarantee the property would be available for seizure upon conviction.

The domain names had to be seized to prevent Megaupload’s supporters, or others, from redirecting content to servers elsewhere in the world, the investigator said. Injunctions wouldn’t prevent that, according to the investigator.

The U.S. won the court order and shut down Megaupload.com without notice after the charges against seven individuals, including Dotcom, were unsealed in federal court in Alexandria on Jan. 19, 2012.

The U.S. Justice Department seized Dotcom’s bank accounts. At the same time, New Zealand police, following a helicopter-led raid on Dotcom’s mansion, seized 18 cars, computers and files. Dotcom spent a month in jail before winning his release on bail.

New Website

Mega, like its predecessor, lets users upload, download and share files, competing with sites such as Dropbox.com and Google Inc.’s Youtube.com, Dotcom said when introducing the new website this month. Unlike the rival sites, Mega allows file encryption through an Internet browser with the user having the only key to unlock the file, preventing governments and storage providers from viewing the contents, he said at the time.

Rothken, in the latest filing, urged the judge to dismiss the indictment until Megaupload is properly served with legal papers outlining the charges, “thereby freeing the corporate defendant from the criminal limbo that is presently subjecting it to daily, irreparable harm.”

The New Zealand case is Between Kim Dotcom and Attorney General. CIV2012-404-001928. High Court of New Zealand (Auckland). The U.S. case is: USA v. Dotcom. 12-cr-00003. U.S. District Court for the Eastern District of Virginia (Alexandria).
http://www.bloomberg.com/news/2013-0...t-charges.html





Kim Dotcom’s Mega Gets Third-Party Search Engine
David Kravets

The file-sharing site Mega, introduced two weeks ago by infamous file-sharing kingpin Kim Dotcom, just became a lot more useful to content pirates, thanks to a community-fed search engine of links to content hosted on Mega’s servers.

The search engine doesn’t crawl Mega content — which is not possible because of Mega’s architecture. Instead, it relies on Mega users voluntarily providing links to files hosted on Mega’s service. Then downloaders can click and pull the content into their own Mega stash, or download it to their hard drives.

And the downloads are fast — way faster than a typical BitTorrent download.

Combined with Mega, the mega-search.me search engine — which is hosted from an anonymous domain — makes for a full blown piracy site, closer to what Megaupload was before it was brought down. Dotcom’s lawyer, Ira Rothken, said “no” when asked if his client had anything to do with the search engine.

The number of users for the Mega service is unclear, but Dotcom said it surpassed one million members one day following its initial launch two weeks ago from New Zealand.

Mega was launched one year after police shuttered Dotcom’s Megaupload, and arrested founder Dotcom and top lieutenants who were running the service. They were charged with criminal copyright infringement, money laundering and other crimes and are awaiting a possible extradition to the United States from New Zealand to face trial while free on bail.

Megaupload, which had some 150 million registered members, was on the recording and movie industries’ most-hated lists, often being accused of facilitating wanton infringement of their members’ copyrights. The year-old indictment claims Megaupload paid users to upload copyrighted works for others to download, and that it often failed to comply with removal notices from rights holders under the Digital Millennium Copyright Act.
http://www.wired.com/threatlevel/201...ng-megaupload/





File-Sharing Site Mega Fields 150 Copyright Infringement Warnings
Jeremy Kirk

The file-sharing service Mega has fielded 150 copyright warnings since its recent launch as founder Kim Dotcom grows a risky new business while under indictment by U.S. prosecutors for running Megaupload.

And a French website appears to already be faltering after collecting links to content stored by Mega, including files purported to be the film Django Unchained, Microsoft’s Office software and Elton John’s tune, “Bennie and the Jets.”

Mega, which launched on Jan. 20, allows people to store 50GB of encrypted content for free. The content, which can be shared between users by sharing a link to it, can be decrypted if a user also shares the encryption key.

Mega was developed with an eye to avoid the copyright infringement allegations that plagued Megaupload, which was shuttered in January 2012. Since uploaded content is encrypted, Mega cannot determine the content of files stored. But it will remove content upon receiving a valid notification of copyright infringement.

Ira P. Rothken, one of Mega and Megaupload’s many attorneys, said on Wednesday the service has reacted promptly to notices of copyright violations “including assisting some in fixing incomplete or defective notices.”

“Mega doesn’t want folks to use its cloud storage services for infringing purposes,” Rothken said via email.

In the U.S., service providers may receive notifications of copyright infringement under the Digital Millennium Copyright Act (DMCA). If valid and presented in the right form, the service provider is required to quickly remove or block the content.

Rothken said the 150 requests, which concern 250 files, came from the U.S. as well as other countries. Many countries including the U.S. have so-called “safe harbor” provisions in their copyright laws, which exempts providers from liability as long as infringing content is removed.

An official from the Motion Picture Association of America (MPAA), which has campaigned for years to halt illegal file sharing, did not have an immediate comment on Mega. The Recording Industry Association of America (RIAA) could not immediately be reached.

A French website appears to already be facing difficulties for collecting links to content stored by Kim Dotcom's Mega file-sharing service, including files purported to be the film Django Unchained, Microsoft's Office software and Elton John's Bennie and the Jets.

Unlike Megaupload, Mega does not have a search function to find files stored by other users files. But it appears at least one website is attempting to collect links to content stored on Mega to make it easier for people to connect to other users and their files.

Mega-search.me features a search engine. A search for Quentin Tarrantino’s latest film, Django Unchained, resulted in a host of links that purportedly lead to the movie. The site has one banner ad.

In the indictment against Megaupload, prosecutors alleged that its operators generated more than $150 million from subscriptions and at least $25 million from advertising revenue on the back of a brisk trade in content under copyright protection.

Mega-search.me was functioning normally on Wednesday morning but then faltered. Just four days after Mega launched, Mega-search.me boasted that it hosted more than 2,000 links to Mega content.

Several of the site’s tweets are in French, with some in English. The domain name registration, found through a whois search, is private, and its hosting provider appears to be OVH in France.

It could not be immediately established why the site was having difficulties. Efforts to reach Mega-search.me were unsuccessful.

An analysis of Mega-search.me’s network structure on Wednesday morning showed at one time it was using the services of CloudFlare, a San Francisco-based company that provides a worldwide network of data centers intended to speed the delivery of web pages and reduce bandwidth. But it then appeared to have stopped using CloudFlare’s infrastructure.

CloudFlare CEO Matthew Prince said in an email if Mega-search.me was using his service before, “we weren’t aware.”

“If they aren’t using CloudFlare now, it wasn’t because of an action on our part,” he said. CloudFlare has a free service that users can sign up for. In its terms of service, however, CloudFlare warns it will terminate service if a website is violating the law.

Concerning copyright infringement, Rothken contends Mega is a cloud-storage provider similar to Google’s YouTube video service. File storage services are dual-use technologies that can be used both legitimately and illegally, he said.

“Copyright extremists will usually heckle such dual-use technologies focusing on the bad uses while ignoring the socially beneficial uses,” he said.
https://www.pcworld.com/article/2026...-warnings.html





In less than 24 Hours, Kim Dotcom’s Mega Blocks Third-Party Search Engine that Indexed Some of its Files
Emil Protalinski

That was quick. On Wednesday, the first third-party search engine for Kim Dotcom’s Mega showed up on the scene, quickly climbing to the top of Hacker News. On Thursday, the site called Mega-Search.me has been rendered useless after Mega’s team stepped in to stop the indexing via a script.

A quick WHOIS search showed the domain was made at 11PM UTC on January 20, the same day Mega launched. Yet it’s demise only came now because the site caught hit the media’s radar just yesterday, which presumably brought it to Mega’s attention.

It’s not clear where the developers are from, but ads on the site and its Facebook page suggest they speak French. Furthermore, the error message now displayed when you try to navigate to Mega-Search.me is also en français:

Dotcom is very focused on privacy, emphasizing for example, that Google and other search engines cannot index the files Mega’s users store on the service. Since Mega-Search.me couldn’t simply index the files hosted on Mega, it relied on users adding links to their own files on Mega.

Users were asked to post links to their files with the decryption key in the URL. Clicking on the link took you to Mega, where you could download the file to your computers or to your own Mega account. The site even offered the option to anonymously vote links up or down.

Most, if not all, the links on the search engine were to pirated games, music, movies, and software. There’s an “infringement” button, but all it does is take you to Mega’s own copyright warning.

In short, Mega-Search.me was essentially a crowdsourced search engine for Mega. While it didn’t have that many features, it was still the first. If Mega’s popularity holds, and we don’t see why not, Mega-search.me will likely be the first of many.
http://thenextweb.com/insider/2013/0...-of-its-files/





Judgment: NZ Copyright Tribunal's First 'Skynet' Decision
Wednesday, 30 January 2013, 4:53 pm
Article: The Scoop Team

Judgment: Copyright Tribunal's First 'Skynet' File Sharing Decision

The Copyright Tribunal has ruled on its first case under the 'Skynet' files sharing law. In a case taken by the Recording Industry Association of New Zealand, the defendant was found to have illegally downloaded and shared three songs. The penalty was $616.57: $6.57 relating to the cost of buying the songs; $50.00 towards RIANZ costs under the 'three strikes' notice scheme; reimbursement of the $200 tribunal application fee; and $360 of deterrence ($120 per track).

See:
Copyright law claims first victim - Business - NZ Herald News
First music pirate nailed under new copyright law | The National Business Review

The following is an automatic text-recognition version of the Copyright Tribunal judgment. I lacks significant text formatting and may contain errors. Please refer to the original PDF.

***

[2013] NzcoP 1
COP 03/12
UNDER The Copyright Act 1994
BETWEEN RECORDING INDUSTRY
ASSOCIATION OF NEW
ZEALAND INC
Applicant
AND ENFORCEMENT NUMBER:
TELECOM NZ 2592
Respondent
BEFORE THE COPYRIGHT TRIBUNAL
Ms J Glover
HEARING ON THE PAPERS
DECISION
Introduction

[1] This is one of the first cases to come before the Copyright Tribunal in respect of alleged file sharing infringement under s.122 of the Copyright Act 1994. This section provides a process for copyright owners to use when they consider that an internet user has infringed their copyright via a file sharing network. An application may be made to the Tribunal for relief once three infringement notices (referred to as Detection, Warning and Enforcement Notices respectively) have been issued to an internet account holder on behalf of the rights owner.


[2] Because this is one of the first times the Tribunal has considered this legislation, this decision is slightly more detailed than perhaps will be necessary in future. (For the same reason, the Applicant filed comprehensive submissions in support of its application, which have been of assistance.) That said, however, the file sharing legislation is intended to provide a relatively quick, simple and inexpensive method of dealing with alleged infringement. The Tribunal has attempted, therefore, to strike an appropriate balance between addressing all of the issues comprehensively, and keeping its decision short and simple.

Parties

[3] The Applicant is the Recording lndustry Association of New Zealand (RIANZ).

RIANZ filed its application to the Tribunal in its capacity as agent for the relevant copyright owners, Island Def Jam Music Group (Universal Music New Zealand Limited), and RCA Records (Sony Music Entertainment New Zealand Limited). The

Act clearly contemplates that applications to the Copyright Tribunal may be made by representatives of the copyright owners, and ‘Hghts owner” is defined as including a person acting as agent for one or more copyright ownersf

[4] The Respondent is an individual internet account holder.

Factual background and procedural history

[5] The initial Detection Notice was sent to the Respondent by Telecom’s copyright infringement team on 24 November 2011. The Notice alleged that the Respondent had infringed copyright in the song Man Down by communicating the work to the public. Copyright in that work is owned by Island Def Jam Music Group (Universal Music New Zealand Limited).


[6] The Warning Notice was sent to the Respondent on 19 June 2012 in respect of a further alleged infringement ofthe same work. Again, the Respondent was alleged to have infringed copyright by communicating the work to the public.

[7] The Enforcement Notice was sent to the Respondent on 30 July 2012 in respect of an alleged infringement of copyright in the song Tonight Tonight. Copyright in that work is owned by RCA Records (Sony Music Entertainment New Zealand Limited).

Again, the Respondent was alleged to have infringed copyright by communicating the work to the public; `

[8] The Application was filed with the Tribunal on 31 August 2012. The Applicant filed its submissions together with the Application, and the Tribunal therefore sent both the submissions and the Application to the Respondent.


[9] On 26 September 2012 the Respondent wrote to the Tribunal, giving her explanations for the alleged infringement. lt is convenient to reproduce certain material excerpts at this point: “The letter outlines three separate infringements recorded on an internet connection in my name. The Hrst song downloaded was a song cal/ed man down by rihanna. I accept responsibility for this. I downloaded this song unaware that in doing so from this site was illegal. When this song was downloaded to my computen a whole utorrent program downloaded onto my computer [l/l/]hen I turned my computer on it said that the song was stil/ downloading and maybe that caused the song to register twice as it being downloaded? I’m unsure if this is possible or not but I don’t know why it shows that I would try to download the same song twice.

I kept receiving a pop up notice saying it seems like utorrent is already running but not responding, please close all utorrent processes and try again I Hgured out how to delete the song that was still trying to download but still couldnt zigure out how to delete the whole program until just recently when I got someone to look at it as after I received the letten I assumed having this program on my computer was causing the warning regarding downloading?

1 Section 122A(1).

When I received the letter warning me of the download and consequences and that it was illegal, I didn’t challenge the letter as I took responsibility for my actions and realised I was in the wrong and took it as a warning and didnt do it again.

I would never intentionally do anything illegal and you can see this from my criminal record as it is clean. I didn’t realise that it was illegal and I apologise sincerely for this mistake and have removed it from my computer In regards to the song ‘tonight tonight’ by Hot Chelle Rae being downloaded, I can’t claim responsibility for this as it wasn’t done by myself or anyone in this household but if I #nd the person responsible for downloading this through my internet then I will dehnitely enforce the consequences behind doing so."


[10] The Applicant responded by way of a further letter of submissions dated 15 October 2012. ln particular, the Applicant noted that the evidence showed that the songs in question had been uploaded from the Respondents account, whereas the Respondent’s correspondence referred only to downloading. ln addition, three separate notices had been sent to the Respondent, and therefore she had in fact “done it again” after receiving the first two notices.

Infringement

[11] File sharing networks involve material being uploaded via, or downloaded from, the internet using an application or network that enables the simultaneous sharing of material between multiple users? Such networks are not illegal in themselves, although much ofthe content on file sharing networks is music, film, television, books or software that is protected by the Copyright Act 1994. In this case, the Applicant alleged that copyright in the works was infringed by way of the account holder uploading the works, i.e. communicating the works to the public in contravention of s.16(1)(f) ofthe Copyright Act 1994. A

[12] The Act creates a presumption that each incidence of file sharing identified in an infringement notice constitutes an infringement of the right owner’s copyright in the work identified? An account holder may submit evidence that this presumption does not apply, or give reasons why it should not apply.4 ln this case, the Respondent has not provided any evidence that the presumption should not apply.

ln fact, she acknowledges that at least some manner of infringement has taken place and has apologised for this.


[13] Although the Respondent’s correspondence does not refer to any uploading of the works, the Tribunal accepts the Applicant’s evidence that uploading did in fact take place, whether or not this was with the Respondent’s knowledge. Uploading and downloading may, but need not, occur at the same time, and it is possible that the Respondent intended only to download the works. ln her letter dated 26 September 2012 the Respondent also implied that a third party may have had access to her internet account, saying in respect of the song Tonight Tonight that “it 2 See definition of file sharing in section 122A(1).

3 Section 122N(1)(a).

A Section 122N(2).

wasn’t done by myself or anyone else in this household but if l Hnd the person responsible for downloading this through my internet then I will dehnitely enforce the consequences behind doing so”.


[14] There is insufficient evidence before the Tribunal for it to make detailed findings on these factual issues. That is the nature of a decision being made on the papers.

On the basis of the information available to it, however, together with the statutory presumption that each incidence of file sharing identified in an infringement notice constitutes an infringement of the right owner’s copyright in the work, the Tribunal is satisfied that file sharing took place via the Respondent’s internet account as alleged.

Penalties

[15] The Tribunal has jurisdiction to require the Respondent to pay various sums to the Applicant under different heads of relief. Very broadly speaking, those heads of relief may be divided into compensatory damages for infringement;5 a contribution towards the fees paid by the rights owner to the relevant internet protocol address provider (lPAP);6 reimbursement of the application fee paid by the rights owner to the Tribunal;7 and an additional sum awarded as a deterrent against further infringing?


[16] The total amount to be paid by the account holder must not exceed $15,000.9 The Tribunal also has a discretion to decline to make orders if to do so would be manifestly unjust to the account holder.1° The Tribunal may only award costs against a party if that party has engaged in conduct intended to impede the prompt determination of the proceedings. 1 Damages for infnngement

[17] Unless it would be manifestly unjust to do so," the Tribunal must order an account holder to pay a rights owner a sum if the Tribunal is satisfied that:

[a] Each of the three alleged infringements that triggered the infringement notices amounted to an infringement of the right owner’s copyright;

[b] The infringements occurred at the IP address ofthe account holder; and

[c] The three notices were issued in accordance with the Act.13

[18] As discussed above, and bearing in mind the effect of subs.122N(1)(b) and (c), which create statutory presumptions that the information recorded in an infringement notice is correct and that the notice was issued in accordance with the Act, the Tribunal is satisfied that each of the three requirements has been met.

5 Sections 122O(1) and (2) and Regulation 12(2)(a).

5 Section 1z2o(1)(3)(a) and Regulation 12(2)(b).

7 Section 122O(3)(b) and Regulation 12(2)(c).

8 Regulation 12(2)(d) and Regulation 12(3).

9 Section 122o(4).

‘° Section 122o(5).

11 Section 122O(7).

11 Sections 122O(2) and (5).

13 Section 122O(1).

[19] According to the Regulations, the next step the Tribunal must take is to determine the reasonable cost of purchasing the works in electronic form (if they were legally available for purchase at that time).14 According to the Applicant, the works were available for purchase from iTunes at a cost of $2.39 for Man Down and $1.79 for Tonight Tonight.


[20] What is not made explicit in the Regulations, however, is whether the sum payable by the Respondent under this head must be only the cost to the Respondent of purchasing the works legally, or whether this is just the starting point for the Tribunal’s calculations. The Applicant argues strongly that the legislation should not be interpreted as requiring the Tribunal to award only the cost of purchasing the works, especially where the copyright works have been uploaded by the rights owner rather than downloaded. The Applicant submitted: "However such a sum is not appropnate to compensate the rights owner for the act of making a copyright work available to a potentially very large audience via a P2P network. The sum referred to in Regulation 12(2)(a)(D appears to be more appropnate as compensation in a case where a sound recording has been downloaded once by the account holder. This is because the reasonable cost of purchasing the work is what the account holder would have paid if he or she had purchased the work legally.

The act of uploading, on the other hand is more harmful as it enables multiple potential unauthorised downloads by third parties, each of which could have been paid for by those third parties at a cost of $ 7 . 79/$2.39 each. "

[21] The Applicant submits that the proper approach is for the Tribunal to read r.12(2)(a)(i) as giving it a mandate to "determine a sum" with reference to the reasonable cost of purchasing a copy ofthe work. After careful consideration of this issue, the Tribunal is unable to accept the Applicant’s submission. The Tribunal considers that the number of downloads flowing from a work being uploaded is not relevant to the Tribunal’s determination under r.12(2)(a)(i). lt may be relevant, however, to the provisions relating to deterrence” and, in particular, to the potential effect on the market for the work.1 ,

[22] In any event, as the Applicant rightly acknowledges, a difficulty in this case is that it is not known how many downloads, if any, were made from the sound recordings uploaded by the account holder. Using current internet detection services the rights owners were not able to obtain details of the number of persons who downloaded the tracks in issue.

[23] Accordingly, under this particular head of relief the Tribunal orders the Respondent to pay to the rights owner 2 x $2.39 in respect of the work Man Down and 1 x $1.79 in respect ofthe work Tonight Tonight, totalling $6.57.

1” Regulation 1z(z)(a)(r).

15 Regulation 12(2)(d).

15 Regulation 12(3)(b).

Contribution towards /PAP fees

[24] Section 120(3)(a) of the Act provides that the Tribunal may order the account holder to pay to the rights owner a contribution towards the fees paid to the relevant IPAP," which in this case was Telecom. The Applicant submits that, notwithstanding the use of the word “contribution” in the legislation, the Tribunal can and should order the account holder to pay all of the fees paid by the rights owner to Telecom. lt submits that the fact that the legislation is framed in permissive terms, i.e. that the Tribunal ‘rnay order”'a sum representing a contribution towards this fee indicates that the Tribunal can in fact require a Respondent to pay the entire fee. However, the use of the term ’?nay” in this context appears to refer to the fact that the Tribunal may or may not require the Respondent to pay a contribution towards the relevant fees.

That contribution may or may not be 100 per cent of the fee.


[25] Regulation 12(2)(b) is also relevant. This regulation requires the Tribunal to determine “the cost of any fee or fees paid by the rights owner to the IPAP in respect of the infringements to which the application relate". Reading r.12(2)(b) in light of s.12O(3)(a) of the Act, it seems clear that the Applicant is entitled to a sum representing “a contribution” to the fee(s) paid to the IPAP.


[26] For the purposes of this application, the Tribunal calculates that contribution as follows. The fees paid to the IPAP were $75 ($25 per notice). The Tribunal notes the importance of the educative role of the first two notices, especially the Detection Notice. When an account holder receives a Detection Notice, he or she has an opportunity to cease any infringing activity and thereby avoid further escalation. The Enforcement Notice is, however, less educative. lt is the final step before an application is made to this Tribunal, by which time the Respondent has ignored two opportunities to modify the infringing behaviour. Given this ‘is/iding scale” of culpability, the Tribunal finds that the entire cost of the fee for the, Enforcement Notice is payable to the Applicant ($25); two-thirds of the Warning Notice ($16.67) and one- third of the fee for the Detection Notice is payable ($8.33) The total contribution to be paid, therefore, is $50.

Cost of application fee

[27] The Tribunal accepts the Applicant’s submission that the Respondent should reimburse the Applicant for the cost of application fee paid to the Tribunal, i.e. the sum of $200.

Deterrent sum

[28] Regulation 12(2) requires the Tribunal to determine “an amount that the Tribunal considers appropriate as a deterrent against further infnnging”. ln considering whether to award a deterrent sum and, if so, what that sum should be, the Tribunal may consider "any circumstances it considers reIevant”, but also: 17 section 122o(3)(a).

[a] The flagrancy of the infringement;

[b] The possible effect of the infringing activity on the market for the work; and

[c] Whether the other sums awarded by the Tribunal would already constitute a sufficient deterrent against further infringing.


[29] Each of these three factors is considered in turn below.

(a) Flagrancy of the infringement

[30] The Applicant submits that the following factors demonstrate flagrancy on the part of the Respondent: ~ The fact that the account holder had BitTorrent protocol (uTorrent version 2.2.0) software installed on her computer. lt notes that the locating downloading, installing and configuring of such software is a deliberate act and does not occur without direct action on behalf of a computer user.

o The account holder engaged in file sharing on at least three occasions over an eight-month period. The Applicant submits that it “d9I7GS common sense” to accept that the only occasions during that period when she was online and making tracks available via P2P software happened to be the three occasions detected.

o The account holder took no action to alter her behaviour following the first two notices, despite widespread publicity regarding the file sharing legislation and its operation.


[31] The Tribunal observes that these factors may be common to most of the cases that come before it, and that it is difficult, therefore, to view them as establishing particularly Wagrant” behaviour. The Tribunal does accept, however, that the infringing acts took place over a lengthy period.


[32] For her part, Respondent submits that she "would never intentionally do anything illegal and you can see this from my criminal record as it is clean”. She has accepted some measure of responsibility, and also apologises for her actions, saying “I didn’t realise that it was illegal and I apologise sincerely for this mistake and have removed it from my computer” She has also engaged with the Tribunal process rather than simply ignoring it.

(b) Possible effect of the infringing activity on the market for the work

[33] The Applicant submits that the act of uploading works has a potentially damaging effect on the market for those works, as it enables multiple potential unauthorised downloads by third parties, each of which could have been paid for by those third parties at a cost of $1.79/$2.39 each. On a larger scale, it submits that the cumulative effect of illegal downloading is “devastating”. It refers to data indicating that each month there are around 700,000 people in New Zealand accessing unlicensed P2P sen/ices.

[34] As mentioned above, it is not known how many downloads, if any, were made from the sound recordings uploaded by the account holder. In the absence of any concrete evidence, the Applicant invited the Tribunal to estimate the number of downloads that may have taken place based on a 2008 UK report commissioned by the International Federation of the Phonographic lndustry. The Tribunal has felt unable to accord much weight to this UK report, however, it related to a different BitTorrent client (Azureus as opposed to uTorrent); related to different works (albeit a range of different types of works intended to be representative); related to entire albums rather than to individual tracks (and also included the statement that ‘Tor each full download of an album, there is usually one ful/ download of each track on that album because users do not often pick and choose tracks from an album on the BitTorrent network and download the entire album”); and is nearly five years out of date.


[35] Nonetheless, the Tribunal accepts the general principle that the uploading of works and the subsequent downloading of those works by third parties is a matter which has a detrimental effect on the relevant market. Generally speaking, it is likely that at least some potential third party downloaders would othen/vise have purchased the works legally.

(c) Whether the other sums awarded by the Tnbunal would already constitute a sufficient deterrent against further infringing

[36] As discussed above, the Respondent is required to pay $6.57 under regulation 12(2)(a)(i) for the infringing acts, reflecting the cost to the Respondent of purchasing the works legally. On top of this, the Tribunal requires the Respondent to pay a contribution of $50 towards the lPAP fees paid by the Applicant, and the sum of $200 as reimbursement for the cost of the application fee paid by the Applicant.


[37] lt is notable that the sums to be paid in respect of the Applicant‘s direct out-of- pocket administrative disbursements in filing this application represent a large proportion of the total relief awarded, and that the 'reasonable cost of purchasing the work” element of the relief in this case is far outweighed by the “disbursements” element. Whilst this is unusual in most other types of proceedings, it is likely to be a feature of many file sharing cases which come before the Tribunal.


[38] ln light of all of the factors the Tribunal is required to consider in relation to deterrence, and in particular the fact that the sums awarded by the Tribunal under the other heads of relief are modest, it considers that in this case a deterrent sum of $120 per infringement (i.e. a total of 35360) is appropriate.

Orders

[39] ln summary, therefore, the Tribunal orders the Respondent to pay to the

Applicant the sum of $616.57, comprised as follows:

[a] Under regulation12(2)(a)(i) - $6.57;

[b] Under regulation12(2)(b) - A $50.00 contribution towards the IPAP fees paid by the Applicant;

[c] Under regu|ation12(2)(c) - Reimbursement of the application fee of $200

and

{d] Under regu|ation12(2)(d) - A deterrent sum of $360.00

TOTAL $ 616.57

Decision ofthe Copyright Tribunal delivered by Jane Glover

DATED at WELLINGTON this 29th day of January 2013
Jane Glover
Member

http://www.scoop.co.nz/stories/HL130...t-decision.htm





As Music Streaming Grows, Royalties Slow to a Trickle
Ben Sisario

Like plenty of music fans, Sam Broe jumped at the chance to join Spotify two summers ago, and he hasn’t looked back.

Spotify, which began streaming music in Sweden in 2008, lets users choose from millions of songs over the Internet free or by subscription, and is increasingly seen as representing the future of music consumption. Mr. Broe, a 26-year-old from Brooklyn, said that having all that music at his fingertips helped him trim his monthly music budget from $30 to the $10 fee he pays for Spotify’s premium service.

“The only time I download anything on iTunes is in the rare case that I can’t find it on Spotify,” he said.

A decade after Apple revolutionized the music world with its iTunes store, the music industry is undergoing another, even more radical, digital transformation as listeners begin to move from CDs and downloads to streaming services like Spotify, Pandora and YouTube.

As purveyors of legally licensed music, they have been largely welcomed by an industry still buffeted by piracy. But as the companies behind these digital services swell into multibillion-dollar enterprises, the relative trickle of money that has made its way to artists is causing anxiety at every level of the business.

Late last year, Zoe Keating, an independent musician from Northern California, provided an unusually detailed case in point. In voluminous spreadsheets posted to her Tumblr blog, she revealed the royalties she gets from various services, down to the ten-thousandth of a cent.

Even for an under-the-radar artist like Ms. Keating, who describes her style as “avant cello,” the numbers painted a stark picture of what it is like to be a working musician these days. After her songs had been played more than 1.5 million times on Pandora over six months, she earned $1,652.74. On Spotify, 131,000 plays last year netted just $547.71, or an average of 0.42 cent a play.

“In certain types of music, like classical or jazz, we are condemning them to poverty if this is going to be the only way people consume music,” Ms. Keating said.

The way streaming services pay royalties represents a major shift in the economic gears that have been underlying the industry for decades.

From 78 r.p.m. records to the age of iTunes, artists’ record royalties have been counted as a percentage of a sale price. On a 99-cent download, a typical artist may earn 7 to 10 cents after deductions for the retailer, the record company and the songwriter, music executives say. One industry joke calls the flow of these royalties a “river of nickels.”

In the new economics of streaming music, however, the river of nickels looks more like a torrent of micropennies.

Spotify, Pandora and others like them pay fractions of a cent to record companies and publishers each time a song is played, some portion of which goes to performers and songwriters as royalties. Unlike the royalties from a sale, these payments accrue every time a listener clicks on a song, year after year.

The question dogging the music industry is whether these micropayments can add up to anything substantial.

“No artist will be able to survive to be professionals except those who have a significant live business, and that’s very few,” said Hartwig Masuch, chief executive of BMG Rights Management.

Spotify has 20 million users in 17 countries, with five million of them paying $5 to $10 a month to eliminate the ads seen by freeloaders.

In a recent interview, Sean Parker, a board member, said he believed Spotify would eventually attract enough subscribers to help return the music industry to its former glory — that is, to the days before Mr. Parker’s first major enterprise, Napster, came along.

“I believe that Spotify is the company that will make it succeed,” said Mr. Parker, who is also a former president of Facebook. “It’s the right model if you want to build the pot of money back up to where it was in the late ’90s, when the industry was at its peak. This is the only model that’s going to get you there.”

As the largest music market, the United States has been a critical proving ground for streaming companies, but competition is also quickly spreading globally. Deezer, a French on-demand service, has announced plans to be in more than 100 countries. And localized streaming services have also sprouted up: Anghami, for example, serves listeners in the Middle East, and the Indian music market has Dhingana and Saavn.

For the biggest pop stars, hit streams can provide substantial revenue. Last week, a Google executive said in a company earnings call that Psy’s viral video sensation “Gangnam Style” had generated $8 million from YouTube, where it had been watched 1.2 billion times, yielding a royalty of about 0.6 cent a viewing.

Many musicians whose work does not reach the top of the charts, however, are not as sanguine.

Complicating the issue, each type of service pays different rates. Pandora’s are set by law. Spotify declined to comment on its rates, but according to a number of music executives who have negotiated with the company, it generally pays 0.5 to 0.7 cent a stream (or $5,000 to $8,000 per million plays) for its paid tier, and as much as 90 percent less for its free tier.

The companies behind streaming are ballooning quickly. Pandora, with 67 million regular users, is publicly traded, with a market capitalization of nearly $2 billion, and Spotify’s investors have reportedly valued the company at $3 billion. Yet so far they have contributed relatively little to the American recording industry’s $7 billion bottom line.

In its last four reported quarters, Pandora paid $202 million in “content acquisition costs,” including licensing fees, and Spotify recently announced that it has paid $500 million in royalties since its inception. Downloads, by comparison, had $2.6 billion in sales in 2011, according to the Recording Industry Association of America.

For those whose income depends on royalties, the biggest concern has been whether streaming cannibalizes CD and download sales by offering a cheap or free alternative.

Cliff Burnstein, whose company, Q Prime, manages Metallica and other major acts, said that even if streaming hurts sales, all is not lost as long as the number of paying subscribers continues to climb rapidly.

“There is a point at which there could be 100 percent cannibalization, and we would make more money through subscriptions services,” Mr. Burnstein said. “We calculate that point at approximately 20 million worldwide subscribers.”

Metallica recently announced an exclusive deal with Spotify.

If those subscriber ranks grow, royalty rates will also climb, recapitulating a process seen whenever new technologies have been introduced, said Donald S. Passman, a top music lawyer and the author of the book “All You Need to Know About the Music Business.”

“Artists didn’t make big money from CDs when they were introduced, either,” Mr. Passman said. “They were a specialty thing, and had a lower royalty rate. Then, as it became mainstream, the royalties went up. And that’s what will happen here.”
https://www.nytimes.com/2013/01/29/b...royalties.html





Rdio Launches Free Music Streaming Internationally, Unlimited Listening for 6 Months in 15 Countries

Music subscription service Rdio has launched its free music streaming service internationally, giving listeners in 15 of the 17 countries it services access to over 18 million songs in its library. Listeners in the UK, Australia, Belgium, Canada, Denmark, Estonia, Finland, France, the Netherlands, New Zealand, Norway, Portugal, Spain, and Sweden will be able to stream music whenever they want.

In the United States, Rdio’s music streaming service is currently available, having launched in 2011 with listening limits that refresh monthly. Today Rdio is giving all its users free listening for up to six months to test out the new service. In doing so, it hopes to rope users in and get them hooked so that they will convert into paying customers.

With this release, Rdio is entering a world where it will be competing against Pandora, Slacker, and other services. It believes that free is a powerful way to help get people in the door. The company says that it’s designed to “appeal to people with ears and hearts” and that its users can listen to music through the Web or any of its desktop apps for Mac and Windows.

Once the six month period has expired, users who wish to continue listening to music through the Web can sign up for one of Rdio’s subscription plans. In the US, there are two options: the first one, Rdio Web, comes with unlimited web streaming and is $4.99 per month. The second, Rdio Unlimited, is priced at $9.99 per month and offers unlimited Web and mobile streaming, along with wireless syncing to listen when offline. Rdio cautions that these prices may vary by country.

Although the service is available internationally, two countries are not participating: Brazil and Germany. The company says: “Rdio’s focus is to continuously advance their product and features across all of their active territories. However, availability and timeliness of features and offers is sometimes determined by their partners. Rdio will continue rolling out new features and offers across Rdio territories as they become available.”

The launch of a music streaming service comes as Spotify is in the midst of rolling out its browser-based music app and Rhapsody debuts its music streaming app for the iPad.

Rdio was founded by Janus Friis, one of the creators of Skype, and is available on the Web, along with iOS, Android, BlackBerry, Windows Phone, Mac, and Windows devices. It has raised $17.5 million in funding.
http://thenextweb.com/insider/2013/0...to-six-months/





Do All Musicians Hate File Sharing?

We've discussed in the past that the Future of Music Coalition was putting together a fantastic artists revenue streams project, in which they sought to look at the myriad ways in which musicians make money today. FMC has been releasing bits of data from the project here and there, but now TorrentFreak has alerted us to a big analysis of the data done by Northwestern Law professor Peter DiCola, entitled Money from Music: Survey Evidence on Musicians' Revenue and Lessons About Copyright Incentives. It's worth reading in its entirety.

TorrentFreak highlights one key point: which is that of the surveyed musicians a mere 6% of revenue comes from the sale of licensed music. We've long argued that music sales make up a minority of the revenue artists make, so it's good to see some support for that.

Of course, the report notes that different types of musicians make money in different ways, so this does not mean that the 6% number applies across the board to all musicians. There certainly are some musicians who make a large percentage of their income from sales. But the key point is that those artists are in the minority, and focusing solely on music sales and changes to that market gives you a very distorted picture of how artists are making money, and the impact of things like a decrease in revenue from music sales.

There is plenty of interesting data in the report, but one thing that struck me concerned the artists' general attitudes towards technology. It's mixed, to be sure, but some of the often-repeated claims by some maximalists don't appear to be true. For example, we hear stories that part of what's so unfair with the system today is that the artists are "losing control" over their works, but many artists don't agree with that at all, recognizing that technology means they have a lot more control over their works. The difference, of course, is that the complaints about "loss of control" were really more driven by the old gatekeepers -- mainly the major record labels. For them, it's true that they really have been losing control, but much of that control has actually moved back to the artists (and, yes, much of it has also gone to fans). But for artists who were outside of the major label system, it's often meant much more control over their own careers.

The end result is that artist attitudes towards technology and its impact on their careers is really mixed. In many cases, on key questions -- it seems like artists are almost equally divided. You can see that in the chart below:

From this chart, you can actually see that just as many artists think that file sharing has helped them as think that it has hurt them. Remember that the next time someone claims to be speaking for all artists' attitudes on these kinds of things. If I had to guess, it seems likely that trends are moving more towards artists recognizing the benefits of such things -- but I could be wrong about that assumption. I guess we'll see the next time they do this survey.

The report also looks closely at how much copyright really impacts an artist's income. To hear some talk about this stuff, without copyright, there would be no way for artists to make money at all. However, as we've argued over and over again, many revenue streams have nothing to do with copyright, and the report bears this out. As noted above, direct sales only account for 6% of income on average, but the report digs in even more and looks artists across different income levels and genres, showing both differences across those different slices, but also confirming that there are many different revenue streams:

Those charts show some differences, including that higher earning musicians do tend to rely on copyright more, but it's still a relatively smaller part of their income than other sources.

Putting it all together, DiCola created this wonderful chart that looks at copyright- vs. non-copyright income across different income levels and genres:

Really interesting stuff. Not surprisingly, composers rely on copyright quite a bit, as they tend to get a significant chunk of revenue from licensing efforts. But even they still tend to rely heavily on income that is at best, indirectly related to copyright. All in all a very interesting read, as you begin to realize that the primary story usually told -- that artists all rely on copyright and that infringement is clearly a bad thing -- isn't necessarily true across the board.
http://www.opposingviews.com/i/techn...o-say-it-hurts





How Proxied Torrents Could End ISP Subpoenas
Bennett Haselton

With the announcement of Verizon's "six strikes plan" for movie pirates (which includes reporting users to the RIAA and MPAA), and content companies continuing to sue users en masse for peer-to-peer downloads, I think it's inevitable that we'll see the rise of p2p software that proxifies your downloads through other users. In this model, you would not only download content from other users, but you also use other users' machines as anonymizing proxies for the downloads, which would make it impossible for third parties to identify the source or destination of the file transfer. This would hopefully put an end to the era of movie studios subpoenaing ISPs for the identities of end users and taking those users to court.

Now, I'm not advocating the creation of software that enables piracy. And I don't mean that in a nudge-wink kind of a way, I'm serious: I think people should reward movie studios for making content that they like, if only because that means studios will make more of that type of content. For my last cross-country flight I paid an honest-to-God four dollars to download a movie from Amazon Unbox to watch on the plane, even though I fondly like to think of myself as smart enough that I could have figured out how to find and download the movie for free. (Well, not all that smart; the movie was Lockout.)

However, the idea of users anonymizing each others' downloads is so elementary, that I literally mean it's inevitable that we will see the rise of such software. Whether I'm in favor of it or not, it's going to happen. In fact, under certain assumptions, there's really only one logical direction that it can evolve in.

First, some background. Under the current BitTorrent protocol -- with no built-in support for anonymization -- some server S makes a large file available for download. When the first downloader, say user D1, requests a copy of the file, they have to begin the process of downloading it from S. But when the next downloader, say user D2, requests a copy of the same file while user D1 is still downloading, the BitTorrent server S tells D2 to start downloading the file from D1 instead of from S directly. (D1 is required at this point to share out the file for download, in order to earn enough "credits" to continue downloading from S.) Subsequent downloaders are similarly told to download from other downloaders instead of from the original server S. In this way, the server S avoids incurring massive bandwidth charges (since S only actually served the file one time), and each user on average only has to share out the file once in return for downloading it themselves.

Note that this still means that in order to initiate the download, the server S has to serve out the whole file at least once, to the first downloader -- and if the file is being distributed without the copyright owner's permission, then the operators of server S can be taken to court. This legal pressure was the reason that the Pirate Bay switched from serving BitTorrent files to serving magnet links, which enable users to download content purely from each other, without the Pirate Bay ever actually serving the content themselves. But with both BitTorrent and magnet links, users who are downloading content from other users, can see those other users' IP addresses -- and they know that those other users are serving the content from files stored on their own hard drives. This means that if you're the copyright owner of that content, you can subpoena the identities of the users behind those IP addresses, and taken them to court for unauthorized possession and distribution of copyrighted material.

So what would a protocol look like with built-in support for anonymization? In my first draft of an idea, I thought that each download could take place using one intermediate user as a proxy, so that instead of server S telling D2 to download from D1, the server would tell D2 to use download D3 as a proxy, and tell D3 to proxy the connection from D1. (As with BitTorrent, the downloader D3 would be required to allow their machine to be used as a proxy, in order to earn credits to continue with their own download.) So D1 would not be able to see the IP address of user D2 downloading from them, and D2 would not be able to see the IP address of user D1 that they were downloading from. Both of them would be able to see the IP address of user D3 which is acting as the proxy between them, but as long as it's not against the law to simply proxy a connection for someone else, that would not be grounds to subpoena the user D3's identity. And D3 would be able to see the IP address of D1 and D2, but if the D1 and D2 are communicating using a shared encryption key, then D3 would have no idea what content is flowing between D1 and D2, even as it proxies the connection between them. So even if one of D1, D2 or D3 were an "adversary" (i.e. a copyright holder intent on suing illegal file sharers), none of the three would be able to see the IP address of another user that they knew was either downloading particular content, or serving it out.

Of course you could also argue that if D3 is among the users that server S is making available to others as an anonymizing proxy, then that constitutes proof that D3 must be downloading something else from S (otherwise, D3 wouldn't need to earn credits by acting as an anonymizing proxy), and if either D1 or D2 is an adversary, they can see D3's IP address and reason that D3 must be guilty of some copyright violation. Similarly, if D3 is the adversary, they can see D1 and D2's IP addresses and reason that both of them are probably guilty of some copyright infraction, even if D3 can't actually see what they're trading. Basically, anybody could be considered "guilty by association" simply by virtue of being in the community of users being coordinated by server S. But (1) that accusation could be deflected if some of the files being served by S were in fact legal and being distributed with the copyright holder's permission; and (2) in any case, the Digital Millennium Copyright Act requires you to claim that your specific copyrighted content is being distributed by a user, before you can unmask that user's identity; it's not enough to claim that the user is part of a network that distributes "some" copyrighted content illegally. D3 may be proxying a connection between D1 and D2 in order to earn credits so that D3 can download some content for themselves, but even though D1 and D2 can both see D3's IP address, there's no way for them to know what D3 could be downloading.

Unfortunately, this three-user-chain idea is not secure, because an adversary could still create a large number of users co-ordinated through server S, and sooner or later, a chain would arise where both the proxy and the downloader controlled by the adversary, and at that point, they would know the IP address of the user serving out the copyrighted content. In other words, eventually you'll get a situation where D2 is downloading content from D1 by going through proxy D3 -- but where D2 and D3 are both controlled by the adversary. So D2 knows the content that's being downloaded via D3, and D3 knows the IP address of D1 that's actually serving out the content -- at which point they can subpoena the identity of user D1, and sue them.

So consider this idea instead: When user D1 sends a request to server S to download a file, server S gives them the IP address of another user, D2, from which they can download the file. Now, 40% of the time, user D2 actually does have the file on their hard drive and is serving it to user D1, with no proxying. The other 60% of the time, user D2 is told by S to proxy the connection from D1 and connect to a third user, D3. Now in 40% of these cases, D3 actually does have the file and is serving it out directly; the other 60% of the time, D3 is proxying the connection for yet another user, D4...

So you end up with chains of varying length, with longer chains having a progressively smaller probability of forming:

40% of chains will be of length 1 (one user downloads directly from another)
60% x 40% of chains (24%) will be of length 2
60% x 60% x 40% of chains (14.4%) will be of length 3
60% x 60% x 60% x 40% of chains (8.64%) will be of length 4 etc.

These proportions of course sum to 1, and a little math shows that the length of the average chain is 3.5 nodes. The number of downloads in a chain -- the connections between users -- is one less than the number of nodes in the chain, so this means that to complete one download, the content will have to be transferred an average of 2.5 times -- compared to being transferred only once, when one user downloads from another directly. In order to ensure that users contribute enough to the system as they take from it, that means that in order to download a file, users would be required to provide enough "proxying" to support the equivalent of 2.5 full downloads of that same file.

These chains have a useful property: any time you're downloading content "from" another user, there's only a 40% chance that user is serving content off of their own hard drive, and a 60% chance that they're proxying the connection from somewhere else (another node that may in turn be proxying the connection from yet another node, etc.). So even if the adversary controls three nodes D1, D2, and D3, and D1 is downloading from D2 who is downloading from D3 who is downloading from D4 (and D4 is not controlled by the adversary), from the adversary's point of view there's only a 40% chance that D4 is actually originating the content. This is always true no matter how many nodes in the chain the adversary controls -- in the end, if they want to nail someone for serving out copyrighted content, they have to download the content from some node that they don't control, and there will only be a 40% that user is actually serving the content from their hard drive.

And the 40% number was deliberately chosen in order to weaken the adversary's legal grounds for subpoenaing the identity of the user they're downloading from -- even if they can show that they downloaded content from another user's IP address, it's more likely than not that the other user was not actually hosting the content. (Of course, there might be other details in context that render that probability calculation useless. For example, if the server S only links to one downloadable file, then all users coordinated by that server S are presumably downloading that same file, and anybody that server S connects you to, can be presumed guilty of downloading and sharing that file, 40% figure be damned.)

At this point you might also wonder: Why not just connect over a protocol like Tor, which provides secure anonymity for all transactions, and then use BitTorrent or some other file-sharing system on top of that? The answer is that Tor's connection is likely to be much slower, for at least two reasons. First, Tor servers are a limited resource, and the more people use them (especially for large file trading), the slower they are likely to become. (By contrast, in the peer-to-peer proxying model outlined above, every new downloader can also be made to act as a proxy for other users, so additional users don't slow down the system because they contribute as much as they take out of it.) Second, Tor always routes your connection through multiple servers to guarantee secure anonymity, which means it would be slower on average than the variable-length chains described above, where only about 20% of chains are of length 4 or more.

The key difference is that Tor provides true anonymity whereas the protocol above only provides plausible deniability. In high-risk settings where Tor is often used, it would not be acceptable if there were a 40% chance of your IP address being revealed to your adversary. But for file sharing, the 40% figure might be acceptable if it's just low enough to stave off a subpoena. This trade-off makes it possible to use shorter chains, resulting in faster downloads and less total bandwidth consumption.

You also already have the option today of using a VPN service to download files through an anonymous third-party connection, which renders the rest of these issues moot. But users have to jump through several hoops (and pay some money) to set this up as an option, which means that most users will not be using VPNs any time soon, leaving plenty of naive users for the RIAA and MPAA to go after. The use of peer-proxying links would mean that all users downloading through the system would be protected.

At the moment, the major impediment to a peer-proxying system like this would be that the chained downloads would still consume an average of 2.5 as much bandwidth as direct peer-to-peer downloads. Even with today's high-speed connections, this increase in inconvenience is great enough that some users might just prefer to use plain old BitTorrent to download files directly from peers, and run the (admittedly small) risk of getting in trouble. But as bandwidth speeds continue to grow literally exponentially, eventually the difference in inconvenience will be so small, that users would be foolish not to use proxified downloads if it provided free legal protection.

Note that the viability of this system does depend on the ISP's attitude towards it. In particular, if your ISP only goes after pirates because of legal pressure from content holders, then if the ISP's users are using this peer-proxying protocol instead of a direct download protocol like BitTorrent, then the ISP can quite truthfully claim that they don't have any hard evidence to disconnect any particular users or turn over their identities (because the ISP doesn't know which users are actually storing pirated files and which users are just acting as proxies). On the other hand, if your ISP sincerely wants to stop piracy because your ISP is also a content company (Comcast, for example), then they might also try to squelch the use of any protocol that enables piracy, even if they can't prove that any particular users are using it for anything illegal. Thus Comcast might try to slow the use of the peer-proxy protocol. But in that case they could be forced by Net Neutrality regulations to stop throttling it, in the same way that the FCC ordered Comcast to stop throttling BitTorrent.

As long as those conditions hold true -- content owners continue cracking down on file sharers, but proxying remains legal and bandwidth keeps getting cheaper, and ISPs are restrained from blocking the protocols themselves -- I think that p2p will have to evolve into something like the chained-download system described above, to provide plausible deniability to users, without resorting to the long chains (and subsequently slower downloads) provided by full-anonymity systems like Tor.

But again, I'm just saying it's inevitable, not that it's right. I actually do wish that people would pay the studios' prices for the movies that they watch; part of it is that I think most blockbusters are actually pretty good and deserve to make money. When you refuse to pay for movies, you're casting a vote against fun, big-budget movies that are made for the purpose of getting lots of people to come see them and enjoy them, and instead voting in favor of excruciatingly boring low-budget films that are made primarily so that the director could whine that the cheese-puff-snarfing American public wouldn't know great art if it bit them on their big bloated behind and subsequently didn't even buy enough tickets for the director to pay off the lien he took out on his Honda Civic to get the movie produced. Forget prosecution and civil suits; just make movie pirates sit through The Brown Bunny.
http://yro.slashdot.org/story/13/01/...-isp-subpoenas





At CNET, ‘Morale is Plummeting and People are Pissed Off’
Jim Romenesko

On Wednesday, CNET staffers in San Francisco went into an all-hands meeting hoping to hear that parent company CBS had reversed its policy banning CNET reviews of products that are part of active litigation — a policy that Columbia Journalism Review said “seriously damaged the tech review and news site.”

There had been hints around CNET that the edict might be overturned. During a meeting last Friday, Reviews editor-in-chief Lindsey Turrentine sounded optimistic. “The sense of her presentation,” says one staffer, “was that while there were still a few sticking points, overall the CBSi [CBS Interactive] team had made good progress making a strong business case to CBS corporate for overturning the policy. …Every indication was that the discussions were going well.”

But two days ago, CBS Interactive president Jim Lanzone and CBS Interactive general manager Eric Johnson announced the bad news at their meeting: There would not be a policy reversal.

“They proceeded to tell us it was no big deal,” says a CNET employee. “But people kept bringing up different hypotheticals” and it became clear that it was a big deal.

Someone asked if a writer doing a round-up of DVRs could write positively about Dish’s Hopper. No, the journalists were told by the two “visibly uncomfortable” execs.

“At first it sounded like it was a policy that just applied to reviews,” a staffer says of CBS corporate’s edict. “But it seems pretty clear that there’s going to be spillover into news.”

I was told that “there was a great deal of expressed unhappiness” at the meeting, and it’s only continued on CNET forums.

“There’s a lot of chatter about how [CBS Interactive] management isn’t standing up for us. Morale is plummeting. People are pissed off.” (I invited CBS Interactive to comment on Wednesday’s meeting. “Thank you for your interest,” wrote spokeswoman Jenifer Boscacci. “At this time, we have no comment.”)

On Thursday, there was another town-hall meeting – but not devoted solely to the CBS policy controversy. Just before that meeting, CBSi boss Lanzone posted the message below to a CNET listserv:

Quote:
Hey guys. Getting ready for this meeting but will chime in later.
Jim Lanzone

Jim Lanzone

One thing to keep in mind is this all-hands is about the entirety of CBSi, which as you know is a big group with many different brands, so while I will address the question of what happened and what the policy is, this is not the forum for going in depth about this.

Briefly, to Josh’s point, want to remind that I did not say this thing did not affect the CNET brand. I said that CBS was the brand that took the blame for what happened. Not disputing there was an effect on the CNET brand as a result of what happened. Nor are we saying we will just blink our eyes and act like this never happened. Just said we can get through it. The policy is very limited in what it covers. I understand why it is not perfect, but we have accomplished so much and we can continue to do so.
——-

Declan McCullagh is one of the CNET employees I contacted while working on this post. He declined to comment on Wednesday’s meeting (“I don’t feel it’s appropriate to discuss any internal deliberations”), but noted that “I’m not aware of other media companies that have similar policies.” McCullagh wrote in an email:

Quote:
Take the lawsuits against Barry Diller’s Aereo video-streaming service. My CNET reviews colleague John Falcone published a news article yesterday about Aereo saying: “Disclosure: CBS, the parent corporation of CNET, is currently in active litigation with Aereo as to the legality of its service. As a result of that conflict of interest, CNET cannot review that service going forward.”

CBS, the Walt Disney Company, News Corp., Comcast, the Tribune Company, and other media companies filed copyright infringement lawsuits against Aereo in March 2012. The copyright claims are very similar to the ones at issue in the lawsuit against Dish; one of the complaints filed in the southern district of New York accuses Aereo of “willful copyright infringement” and says it “just helps itself” unlawfully to copyrighted content.

The Wall Street Journal’s Katie Boehret (who reviews products along with Walt Mossberg, as I’m sure you know) reviewed Aereo three months after the litigation began. Boehret concluded: “It has a thoughtful, clean user interface that works well on the iPad, where I tested it most.. If you’re a fan of TV and want a better way to watch it on the go, Aereo is a pleasure.” The WSJ is owned by News Corp., which is in active litigation with Aereo.

ABCNews.com published a review of Aereo this month. It said: “I’ve been trying out Aereo since September to record and watch all sorts of programs on Aereo — both highbrow shows such as ‘Downton Abbey’ and guilty-pleasure ones such as ‘Revenge…’ It makes cutting cable service tempting.” ABC News is owned by Walt Disney, which is in active litigation with Aereo.

The Chicago Tribune published a syndicated review of streaming services including Aereo, which said “the most exciting development might be a scrappy start-up called Aereo that lets you watch TV on any Web-connected device with a screen via a network of miniaturized antennas.” The newspaper is owned by the Tribune Company, which is in active litigation with Aereo.

It’s true that CBS has the right to set the editorial policies that CNET journalists must abide by. And it’s also true that this policy is prominently disclosed to our readers. But I’m not aware of other media companies that have enacted a similar policy.
http://jimromenesko.com/2013/01/25/a...re-pissed-off/





Dickens, Austen and Twain, Through a Digital Lens
Steve Lohr

ANY list of the leading novelists of the 19th century, writing in English, would almost surely include Charles Dickens, Thomas Hardy, Herman Melville, Nathaniel Hawthorne and Mark Twain.

But they do not appear at the top of a list of the most influential writers of their time. Instead, a recent study has found, Jane Austen, author of “Pride and Prejudice, “ and Sir Walter Scott, the creator of “Ivanhoe,” had the greatest effect on other authors, in terms of writing style and themes.

These two were “the literary equivalent of Homo erectus, or, if you prefer, Adam and Eve,” Matthew L. Jockers wrote in research published last year. He based his conclusion on an analysis of 3,592 works published from 1780 to 1900. It was a lot of digging, and a computer did it.

The study, which involved statistical parsing and aggregation of thousands of novels, made other striking observations. For example, Austen’s works cluster tightly together in style and theme, while those of George Eliot (a k a Mary Ann Evans) range more broadly, and more closely resemble the patterns of male writers. Using similar criteria, Harriet Beecher Stowe was 20 years ahead of her time, said Mr. Jockers, whose research will soon be published in a book, “Macroanalysis: Digital Methods and Literary History” (University of Illinois Press).

These findings are hardly the last word. At this stage, this kind of digital analysis is mostly an intriguing sign that Big Data technology is steadily pushing beyond the Internet industry and scientific research into seemingly foreign fields like the social sciences and the humanities. The new tools of discovery provide a fresh look at culture, much as the microscope gave us a closer look at the subtleties of life and the telescope opened the way to faraway galaxies.

“Traditionally, literary history was done by studying a relative handful of texts,” says Mr. Jockers, an assistant professor of English and a researcher at the Center for Digital Research in the Humanities at the University of Nebraska. “What this technology does is let you see the big picture — the context in which a writer worked — on a scale we’ve never seen before.”

Mr. Jockers, 48, personifies the digital advance in the humanities. He received a Ph.D. in English literature from Southern Illinois University, but was also fascinated by computing and became a self-taught programmer. Before he moved to the University of Nebraska last year, he spent more than a decade at Stanford, where he was a founder of the Stanford Literary Lab, which is dedicated to the digital exploration of books.

Today, Mr. Jockers describes the tools of his trade in terms familiar to an Internet software engineer — algorithms that use machine learning and network analysis techniques. His mathematical models are tailored to identify word patterns and thematic elements in written text. The number and strength of links among novels determine influence, much the way Google ranks Web sites.

It is this ability to collect, measure and analyze data for meaningful insights that is the promise of Big Data technology. In the humanities and social sciences, the flood of new data comes from many sources including books scanned into digital form, Web sites, blog posts and social network communications.

Data-centric specialties are growing fast, giving rise to a new vocabulary. In political science, this quantitative analysis is called political methodology. In history, there is cliometrics, which applies econometrics to history. In literature, stylometry is the study of an author’s writing style, and these days it leans heavily on computing and statistical analysis. Culturomics is the umbrella term used to describe rigorous quantitative inquiries in the social sciences and humanities.

“Some call it computer science and some call it statistics, but the essence is that these algorithmic methods are increasingly part of every discipline now,” says Gary King, director of the Institute for Quantitative Social Science at Harvard.

Cultural data analysts often adapt biological analogies to describe their work. Mr. Jockers, for example, called his research presentation “Computing and Visualizing the 19th-Century Literary Genome.”

Such biological metaphors seem apt, because much of the research is a quantitative examination of words. Just as genes are the fundamental building blocks of biology, words are the raw material of ideas.

“What is critical and distinctive to human evolution is ideas, and how they evolve,” says Jean-Baptiste Michel, a postdoctoral fellow at Harvard.

Mr. Michel and another researcher, Erez Lieberman Aiden, led a project to mine the virtual book depository known as Google Books and to track the use of words over time, compare related words and even graph them.

Google cooperated and built the software for making graphs open to the public. The initial version of Google’s cultural exploration site began at the end of 2010, based on more than five million books, dating from 1500. By now, Google has scanned 20 million books, and the site is used 50 times a minute. For example, type in “women” in comparison to “men,” and you see that for centuries the number of references to men dwarfed those for women. The crossover came in 1985, with women ahead ever since.

In work published in Science magazine in 2011, Mr. Michel and the research team tapped the Google Books data to find how quickly the past fades from books. For instance, references to “1880,” which peaked in that year, fell to half by 1912, a lag of 32 years. By contrast, “1973” declined to half its peak by 1983, only 10 years later. “We are forgetting our past faster with each passing year,” the authors wrote.

JON KLEINBERG, a computer scientist at Cornell, and a group of researchers approached collective memory from a very different perspective.

Their work, published last year, focused on what makes spoken lines in movies memorable. Sentences that endure in the public mind are evolutionary success stories, Mr. Kleinberg says, comparing “the fitness of language and the fitness of organisms.”

As a yardstick, the researchers used the “memorable quotes” selected from the popular Internet Movie Database, or IMDb, and the number of times that a particular movie line appears on the Web. Then they compared the memorable lines to the complete scripts of the movies in which they appeared — about 1,000 movies.

To train their statistical algorithms on common sentence structure, word order and most widely used words, they fed their computers a huge archive of articles from news wires. The memorable lines consisted of surprising words embedded in sentences of ordinary structure. “We can think of memorable quotes as consisting of unusual word choices built on a scaffolding of common part-of-speech patterns,” their study said.

Consider the line “You had me at hello,” from the movie “Jerry McGuire.” It is, Mr. Kleinberg notes, basically the same sequence of parts of speech as the quotidian “I met him in Boston.” Or consider this line from “Apocalypse Now”: “I love the smell of napalm in the morning.” Only one word separates that utterance from this: “I love the smell of coffee in the morning.”

This kind of analysis can be used for all kinds of communications, including advertising. Indeed, Mr. Kleinberg’s group also looked at ad slogans. Statistically, the ones most similar to memorable movie quotes included “Quality never goes out of style,” for Levi’s jeans, and “Come to Marlboro Country,” for Marlboro cigarettes.

But the algorithmic methods aren’t a foolproof guide to real-world success. One ad slogan that didn’t fit well within the statistical parameters for memorable lines was the Energizer batteries catchphrase, “It keeps going and going and going.”

Quantitative tools in the humanities and the social sciences, as in other fields, are most powerful when they are controlled by an intelligent human. Experts with deep knowledge of a subject are needed to ask the right questions and to recognize the shortcomings of statistical models.

“You’ll always need both,” says Mr. Jockers, the literary quant. “But we’re at a moment now when there is much greater acceptance of these methods than in the past. There will come a time when this kind of analysis is just part of the tool kit in the humanities, as in every other discipline.”
https://www.nytimes.com/2013/01/27/t...atas-lens.html





Mixing, Matching and Charging Less for a Phone Plan
Randall Stross

AN Android smartphone with unlimited calls, unlimited texting, unlimited data and no contract, all for $19 a month? Really?

When I first saw this offer from Republic Wireless, I rubbed my eyes and looked for an asterisk leading to fine print that detailed a huge catch. But Republic, a division of a telecom company called Bandwidth.com, delivers exactly what it advertises. It can do so because the handset technology is a curious hybrid: it uses Wi-Fi when the customer is in a Wi-Fi area and Sprint Nextel’s 3G network when it is not.

The concept brings together the best of two worlds: the low cost of voice calls carried over the Internet and the convenience of making calls to any phone number using a major carrier’s cellular network when Wi-Fi isn’t available.

In my own case, on a typical day, I use my mobile phone mostly when I’m not actually mobile: I’m either at home or at work, perfectly positioned to use Wi-Fi at both locations. And I don’t even use the phone as a phone all that much. I use it mainly for e-mail and texts, neither of which requires enough bandwidth to benefit from the power of the fastest data networks.

If you walk into a Verizon Wireless store and buy an iPhone 5, you’ll pay $60 or more a month for an unlimited talk and texting plan, depending on the data allocation for Internet use that you select to go with it. Some of that monthly charge goes toward repaying the carrier for the discounted price that makes a $649 iPhone seem as if it costs only $200. But most of the charge is for gaining access to the carrier’s wireless network.

“We were looking at a mobile industry that had begun to charge extraordinary amounts of money, and we saw an industry opportunity that everybody else was missing: Wi-Fi is the new mobile,” says David Morken, co-founder and chief executive of Bandwidth, based in Raleigh, N.C.

Smartphone apps that offer voice calls using data plans, not minutes allocated for calls, are plentiful. Just last month, Facebook quietly added an option that lets users of the iPhone version of Facebook Messenger place free voice calls to other Messenger users. But using those apps to make a call means the recipient has to run the same app, an irksome requirement that never comes up when using phones alone.

Republic buys access to Sprint’s network on a wholesale basis for calls made outside of Wi-Fi areas. Its business model assumes, however, that Wi-Fi carries the load a majority of the time its phones are used. The company says that its service, even at $19 a month, is a profitable operation on a per-customer basis.

“We don’t have to force people, or even ask people, how to behave,” Mr. Morken says. “Over 60 percent of the time that the phone is being used, on average, our users are using Wi-Fi and that number is only going up.”

Last month, I tested a Republic handset, a Motorola Defy XT. It’s a light smartphone with a small screen, acceptable sound quality and great battery life.

Republic’s Web site gently warns against acting like a “data hog” and encourages its customers to “play nice and try to use Wi-Fi as much as you can.” But scolding isn’t needed: Wi-Fi is faster than 3G, so users have an incentive to opt for Wi-Fi wherever it is available.

The Motorola handset is the only one now offered by Republic, and it costs $259. The phone runs an older version of Android, and it has some first-generation glitches, like losing a connection when a caller starts out on a Wi-Fi network and then leaves the coverage area. (With a click, the call is resumed using Sprint’s cellular network.)

Today most Wi-Fi access requires a logon. But that shouldn’t prove a great inconvenience: you can simply set up the phone once with Wi-Fi at home, then once more at the office. At other locations, users can ignore Wi-Fi availability and use 3G instead.

Mr. Morken says a solution to the Wi-Fi-to-cellular handoff problem has been worked out in the company’s lab, and should be available midyear. Later this year, he also expects to offer more handset models, including one at the high end; he says they will run the latest version of Android.

Matt Carter, president of the Global Wholesale and Emerging Solutions division at Sprint, asserted that the company was happy to serve as Republic’s supplier. When I asked whether Republic’s Wi-Fi-centric model, with its drastically lower price to the consumer, would pose a serious threat to the incumbent carriers, including Sprint, he said, “If the world operated based on just economic decisions, people wouldn’t go buy the most expensive cars on the planet, right?”

Mr. Carter listed reasons that most consumers would prefer the wireless service obtained directly from a major carrier: a wider range of devices and the convenience of placing a call without having to tinker with Wi-Fi setup.

Republic “will resonate with a sliver of the marketplace,” Mr. Carter said. He compared wireless carriers to the major airline carriers, which still control a majority of the market despite low-priced upstarts like JetBlue or Southwest, which he described as appealing only to “a certain segment of the population.”

Philip Cusick, a J.P. Morgan analyst who covers telecommunications, says he doesn’t expect a major shift of customers to Republic Wireless. The price difference isn’t as great as it first appears, he says, when one considers that 80 percent of customers of AT&T and Verizon are on family or employer-related discount plans.

MR. MORKEN of Bandwidth.com says he knows that his company must lower the price of its handset — the industry rule-of-thumb for no-contract wireless services is that a simple handset cannot cost more than $99 and a smartphone, $149. But if Republic can offer me an Android phone with a generously sized screen for a reasonable price, I don’t see why, with Wi-Fi available at work and home, I should continue to pay an expensive-sports-car price for my wireless service.

“There’s a reason why the carriers around the world don’t want you using Wi-Fi for voice and text,” Mr. Morken says. “You will soon realize you shouldn’t have to pay what you’re paying today.”
https://www.nytimes.com/2013/01/27/b...k-calling.html





Google’s Private Cell Phone Network

A small cell network over the company’s HQ could herald new competition for established carriers.

Filings made with the U.S. Federal Communications Commission reveal that Google wants to start operating its own, very small cell phone network on its Mountain View campus. It’s the latest in a series of hints in recent years that Google is unsatisfied with the way that mobile networks control the mobile Internet.

Google tells the FCC it wants to install up to 50 mobile base stations in buildings on the Western edge of Google’s Mountain View campus, just a block or so away from its main Android building. Up to 200 mobile devices will be used on that “experimental” network and the area covered will be small, with indoor base stations reaching only up to 200 meters, and any outdoors ones reaching no further than a kilometer. The WSJ reports that the frequencies used belong to ClearWire, and aren’t compatible with any U.S. mobile device. They are in use in China, Brazil, and India, though.

Google might just be experimenting with devices for those parts of the world. Or it might be trying something more radical. The search and ad giant has been rumored to be exploring the idea of working with TV provider Dish to launch a wireless Internet service, has already got into the business of providing broadband (see “Google’s Internet Service Might Bring the U.S. Up to Speed”), and has a history of showing interest in ideas that would loosen the grip of cellular providers on mobile devices and what people can do with them.

Google lobbied U.S. regulators to encourage them to open up unused TV spectrum into so-called “white spaces,” as they did in 2009, allowing that portion of the airwaves to be used by any company or device rather than being licensed exclusively to one company (see “Super Wi-Fi”). In 2008, the company filed a patent for an idea that would appall mobile networks—having mobile devices automatically hop to the cheapest cell network in an area rather than being locked to just one provider at all times.

Google’s biggest strike against the way wireless networks work today came in 2010 and was something of a flop. The company tried to break the U.S. convention of new mobile phones being tied to carrier contracts, only offering the flagship Nexus One smartphone online and unlocked. That experiment lasted only about six months, after Google struggled to cope with customer service requests and learned that U.S. consumers are apparently happier paying a significant markup for a device over two years than a smaller sum upfront.

Google has since played more nicely with cellular networks. Yet the relationships are still fraught, with fallings out over Google’s contactless payments system (blocked on Verizon handsets) and Android’s tethering function (also blocked by some carriers). It’s too early to know whether Google’s private cell phone network in Mountain View will add to that drama, but mobile networks are surely watching closely.
http://www.technologyreview.com/view...phone-network/





US Free to Grab EU Data on American Clouds
Nikolaj Nielsen

An obscure section in a US law is said to entitle authorities to access, without a warrant, data stored by any EU citizen on clouds run by American companies.

Although highly controversial for its indirect effects on Americans, the impact of the law appears to have been overlooked by its intended target - everyone else.

Rather than case-by-case snooping, the law authorises mass-surveillance of non-Americans, for purely political purposes, said Caspar Bowden who is the former chief privacy adviser to Microsoft, at a panel on cyber security organised by the CPDP conference in Brussels on Friday (25 January).

“It intentionally targets only non-US persons located outside the US and provides for a blanket authorisation to this for one year at a time. There is no individual warrantry,” said Bowden, who is now an independent advocate for information rights.

The section in the so-called Foreign Intelligence Amendments Act (FISAAA) grants the US government sweeping powers to collect foreign intelligence information stored in US Cloud computing providers like Amazon or Google.

The article specifically states the US Attorney General and the Director of National Intelligence may authorise jointly, for a period of up to one year from the effective date of the authorisation, the targeting of persons reasonably believed to be located outside the United States to acquire foreign intelligence information.

The amendment cites a number of limitations but Bowden, who also co-authored the ‘Fighting cyber crime and protecting privacy in the cloud’ report for the European Parliament, said FISAAA essentially makes it lawful for the US to conduct purely political surveillance on foreigners' data accessible in US Cloud providers.

“It doesn’t have to be a political party, it can be an activist group or anybody engaged in political activity or even just data from a foreign territory that relates to the conduct of foreign affairs in the United States,” he said.

The EU’s current data reform package is apparently unable to respond to the wording outlined in the US act.

Bowden says "binding corporate rules for data processors" was inserted into the European Commission’s data protection regulation proposal with loopholes built-in which allow for FISAAA surveillance.

The binding corporate rules require cloud providers to hire a private-sector audit company to certify the generic cloud system for security.

But private audit companies, says Bowden, are unable to discover secret wire-tappings ordered by the national security law of another country.

The act may have wide implications on the right to respect for private and family life, reinforced by EU law in the charter for fundamental rights inscribed in the Lisbon Treaty.

'Anger and disbelief'

“When my attention were first drawn to the previsions of FISAAA, I went through a strange sequence of emotional reactions. From sort of laughter, through disbelief, to anger to denial,” said another panellist, Gordon Nardell, a London-based barrister specialising in data protection and data retention in the telecoms sector.

The European Commission, for its part, was unable to provide a comment on FISAAA.

“This [FISAAA] is not something we have any comment about,” said the spokeswoman for the European Commissioner of Justice Viviane Reding in an email.

But the issue is not unknown within the EU institutions.

“If it is a US company it’s the FBI’s jurisdiction and if you are not a US citizen then they come and look at whatever you have if it is stored on a US company server,” stated Estonian president Toomas Hendrik Ilves, who also chairs a commission advisory group on cloud computing, at a separate panel discussion on cyber security held on Wednesday.

A high-ranking EU source told this website that the commission is actively looking into the amendment. The source drew some caution on the wide-spread snooping powers put forward by FISAAA but noted that “it is not outside the realm of possibility.”

The Brussels-based European Data Protection Supervisor also refrained from any official comment though an inside contact said they are too investigating.

Meanwhile, a spokesperson for the United States Department of Justice told this website that the US is committed to privacy rights. "The FISA Amendments Act is not used indiscriminately or for political purposes," said the spokesperson, noting that a special court is used for judicial oversight on the requests.

But the section in FISAAA that is generating controversy is filed under 1881a.

The section expanded in 2008 on a 27-year old definition on “remote computing services” to include any providers of public cloud computing.

The amendment specifically targets data of non-Americans located outside the US and removes previous constraints which hindered continuous data collection and mass-surveillance.

FISAAA also notes that investigations should be conducted in a manner consistent with the US Fourth Amendment which guards against unreasonable searches and seizures.

But a US judiciary subcommittee on FISAAA in 2008 stated that the Fourth Amendment has no relevance to non-US persons.

FISAAA also forces US Internet giants and other tech companies operating clouds in the EU to hand over the data or face sanctions, says Bowden.

“The providers have to give all assistance, facilities, information to accompany this in total secrecy. If that secrecy is breached, it’s a contempt of court and probably a breach of the US espionage act as well,” noted Bowden.
http://euobserver.com/justice/118857





Twitter’s New Transparency Report: Governments Still Want Your Data

Twitter’s latest transparency report indicates government requests for user data are on the rise.
Nick Kolakowski

Twitter’s second transparency report reinforces what many already know: governments want online user data, and to yank select content from the Internet.

“It is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet,” Jeremy Kessel, Twitter’s manager of Legal Policy, wrote in a January 28 posting on the official Twitter Blog. “These growing inquiries can have a serious chilling effect on free expression—and real privacy implications.”

Twitter’s first two transparency reports cover the entirety of 2012, so there’s not a deep historical record to mine for insight. Nonetheless, that year’s worth of data shows all types of government inquiry—information requests, removal requests, and copyright notices—either on the increase or holding relatively steady.

Governments requested user information from Twitter some 1,009 times in the second half of 2012, up slightly from 849 requests in the first half of that year. Content-removal requests spiked from 6 in the first half of 2012 to 42 in the second. Meanwhile, copyright notices declined a bit, from 3378 in the first half of 2012 to 3268 in the second.

The United States was responsible for 815 of those 1,009 requests in the second half of the year. Japan came in second with 62 requests, followed by Brazil with 34.

Nearly 70 percent of those requests by the United States government resulted in “some or all information produced.” Those requests specified 1,145 user accounts. Some 60 percent of the requests were delivered via subpoena, while 19 percent came from search warrants, 11 percent by court order, and 10 percent “other.”

“Requests from law enforcement that do not fall in any of the above categories,” noted the Twitter report. “Examples include exigent emergency disclosure requests and other requests received for user information without valid legal process.” Around 20 percent of the requests were issued under seal, meaning that a court forbids Twitter from notifying the targeted user of the request. Another 24 percent of the requests resulted in “notice to affected users.”

But the United States didn’t top the list of countries making information-removal requests: that particular honor belonged to Brazil, which made 16 requests in the second half of 2012. The United Kingdom came in second with 4, followed by the United States and Canada tied with two requests each.

Twitter also saw hundreds of copyright notices filed every month in 2012. The service spent considerable effort removing Tweets “identified and subsequently removed in response to valid [Digital Millennium Copyright Act] takedown notices,” as well as profile photos, header photos, background images, and any sort of “Twitter-hosted media” that some party felt violated DMCA. However, Twitter was quick to note in the report that it doesn’t obey every takedown request—especially those either misfiled or else featuring incomplete information.

Twitter’s data-dump comes on the heels of Google’s latest transparency report, which indicated that governments had filed an increasing number of requests for user data with the search-engine giant in the second half of 2012. Since 2009, requests for Google user data “of all kinds” have risen 70 percent.

Google complies a significant amount of the time with those removal requests (a full country-by-country breakdown is available inside the Transparency Report), but it also refuses to take down content if the request isn’t specific enough, or if the government body in question has submitted an informal letter in place of an actual court order.
https://slashdot.org/topic/bi/twitte...ant-your-data/





#Twitterhack: Hackers Grab Account Data Of 250,000 Twitter Users

Social network follows NYT and WSJ as latest hacking victim
Madeline Bennett

HACKERS HAVE INFILTRATED the Twitter social network, gaining access to the sensitive data of around a quarter of a million of its users.

“This week, we detected unusual access patterns that led to us identifying unauthorised access attempts to Twitter user data,” explained Bob Lord, director of Information Security at Twitter.

“Our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users."

Twitter has reset the log-in details for anyone whose account was compromised, and has been sending out emails notifying these users that they will need to change their passwords to access their accounts. If you're one of these users, please let us know in the comments section below.

Lord used the situation to remind users of the need for good security practice in general.

“Make sure you use a strong password – at least 10 (but more is better) characters and a mixture of upper- and lowercase letters, numbers, and symbols – that you are not using for any other accounts or sites,” he suggested.

“Using the same password for multiple online accounts significantly increases your odds of being compromised.”

He also encouraged users to disable Java on their browsers, though whether this was the cause of the breach is unclear. Lord noted that both Apple and Mozilla have turned off Java by default in their browsers.

Lord added that the attack was carried out by an “extremely sophisticated” hacker or hackers, and implied that it was part of the same team who has recently attacked large US media outlets.

The New York Times on Wednesday revealed it had been under attack from Chinese hackers, while on Thursday the Wall Street Journal said its systems had also been breached by Chinese hackers, allegedly to monitor coverage.

One point to note is that Twitter started its ‘Keeping our users secure’ post with an overview of other recent high-profile attacks, rather than delving straight into the details of the attack on its systems, as if to downplay the breach on its own site.
http://www.theinquirer.net/inquirer/...-twitter-users





Reddit Review Puts Some Teeth into “Aaron's Law”

Bill would change computer fraud law to prevent a Swartz-like prosecution.
Joe Mullin

Shortly after the suicide of Internet entrepreneur and activist Aaron Swartz, Silicon Valley lawmaker Zoe Lofgren proposed "Aaron's Law." The bill aims to reform the Computer Fraud and Abuse Act (CFAA), the law under which Swartz was prosecuted for mass-downloading academic documents from MIT's network. Swartz's family has blamed the government prosecution for contributing to his death.

Lofgren submitted a draft of the bill to be reviewed on reddit. After its online critique, a revised version of the bill was published today, with more far-reaching reforms.

The CFAA forbids "unauthorized access" to computer networks, and the older version of Lofgren's reform bill would have simply changed the wording of the law so that nobody could be prosecuted under CFAA if all they had done is violate terms of service.

But CFAA prosecutions, including the one against Aaron Swartz, often involve something more serious than mere TOS violations.

The new version defines unauthorized access as "the circumvention of technological access barriers," which leaves a much narrower scope for prosecution. It also specifies that changing one's MAC or IP address does not violate CFAA or the wire fraud statute. It's pretty clear Swartz, who was authorized to be on the MIT network, wouldn't be prosecutable under the new law.

Other recent CFAA prosecutions, like the one against Internet troll "weev," might not have been possible under the revised law, either. Weev arguably didn't "circumvent one or more technological measures that exclude or prevent unauthorized individuals from obtaining or altering that information," which is what is required under the language of the revised bill [[url=http://www.lofgren.house.gov/images/stories/pdf/aarons%20law%20revised%20draft%20013013.pdfPDF[/url]].

The bill could be introduced as early as next week, when the House is back in session. As Lofgren explained in a reddit discussion, though, it's a long process. First she'll have to urge her colleagues to become "original cosponsors" of the bill, and then encourage the Judiciary Committee Chairperson (Rep. Bob Goodlatte of Virginia) to bring the bill up for a hearing or a vote. "Sustain[ing] public support throughout that process is important for the bill to continue advancing," wrote Lofgren.
http://arstechnica.com/tech-policy/2...to-aarons-law/





‘Rise of the Drones’ Is Mostly a PBS Infomercial for the Military Defense Industry
Kevin Gosztola

The widely-acclaimed PBS program, NOVA, premiered a documentary on unmanned aerial vehicles or drones. The documentary, “Rise of the Drones,” was produced to explore how the technology is revolutionizing warfare and creating the next generation of cutting-edge surveillance. It was created to provide a glimpse at how the technology has advanced and how innovations might progress in the future.

Before the documentary began, PBS noted the program had received funding from the David H. Koch Foundation for Science. It also received “additional funding” from Lockheed Martin, which on its face looks like a violation of PBS’ underwriting guidelines.

Lockheed Martin is one of the nation’s biggest military defense contractors and is developing drones (in secret). The test PBS is supposed to apply to programs is three-fold and as follows:

• Editorial Control Test: Has the underwriter exercised editorial control? Could it?
• Perception Test: Might the public perceive that the underwriter has exercised editorial control?
• Commercialism Test: Might the public conclude the program is on PBS principally because it promotes the underwriter’s products, services or other business interests?

Having Lockheed Martin provide any amount of money to a program that touts the amazing potential of innovations in drone technology appears to be a violation of both the “perception” and “commercialism” tests. Is it a violation?

In 2008, Lockheed Martin teamed up with Karem Aircraft Incorporated to develop “Karem Aircraft’s Optimum Speed Tilt-Rotor (OSTR) design. It was “one of three approaches selected by the Department of Defense (DoD) Joint Heavy Lift program office to receive a Concept Design and Analysis extension contract.” Karem Aircraft Incorporated was founded by Abe Karem. He appears in the documentary and, as The Economist has described him, he is the man who “created the robotic plane that transformed the way modern warfare is waged—and continues to pioneer other airborne innovations.” Karem talks about the advancement and benefits of drone technology. This is a clear conflict of interest.

*

The documentary opens with a narrator mentioning there are more than 2,300 manned fighter planes. Viewers are told, “Pilots have long been our heroes,” especially pilots who can make quick decisions when things happen very quickly. It then asks whether the world is approaching a time when movies like The Terminator become reality or a “time when machines can fly, think and even kill on their own”?

Much of the first half is like a military defense contracting infomercial. Multiple statistics are presented so viewers can marvel at the capabilities of the technology. Mary “Missy” Cummings, who works with the MIT Humans and Automation Lab (and appeared on “The Daily Show” with Jon Stewart the same night of the premiere), says drones are more precise when they bomb if a human is not in the cockpit. Scenes unfold where a drone pilot at Holloman Air Force Base in New Mexico who is being trained demonstrates how a pilot learns to use the technology. Contractors from a company called Rally Point dress up as “insurgents” and enter a mock village where the pilot flies the drone and attempts to get a lock on them so he can execute them. Chad, an RPA pilot, notes the “error distance” is “less than nine feet.” He adds he can put a weapon through a “window-sized opening with ease.”

Up to this point, one could argue that for the most producers are merely presenting how the technology is actually being used by the military and how people are being trained. But, Lt. General David Deptula, who is a retired member of the United States Air Force, describes how during World War II it took months to “assemble intelligence from a variety of sources” and “assimilate that information and then determine what targets” to attack. “Hundreds of aircraft and thousands of bombs” would go out and attack a target with that information developed over months. Drones can “accomplish that in a matter of single digit minutes.”

This misleadingly presents drones as a technology that has solved intelligence gathering problems that have been routine for military or intelligence agencies. A report released by the Columbia Law School last year showed the “reliability and vetting of local informants and foreign cooperating government personnel” is questionable. Informants are reportedly paid “$300-$1000 or more” and there are multiple stories suggesting, “Families and rival groups use locator chips to have their enemies targeted and to settle personal vendettas.” Local informants may offer “sketchy” information, leading to drone operators firing on people without confirming their identity. And intelligence may be obtained from foreign governments or military officials, who may seek to have the US target their “enemies” instead of the individuals or groups the US wants to target.

With drones, the process may be able to happen more quickly, but the intelligence being used to kill people believed to be terrorists or militants is the product of similar intelligence procedures, which helped the administration of President George W. Bush imprison hundreds of innocent people at Guantanamo Bay.

After this part, viewers are exposed to the real truth of why drone use is increasing. Manned aircraft brings the “risk of pilot loss.” The story of Francis Gary Powers, who was shot down while flying a CIA U-2 spy plane over the Soviet Union is presented. His crash is described as a “propaganda field day for the Soviets.” The plane had “miles of film” and so it was easy to see what he was doing. He was imprisoned in Russia for more than two years. This clearly demonstrated “the need for unmanned spy planes.”

Chad tells the audience that “despite being half a world away from the action, it all feels very real.” It is not like a video game at all. “There’s no reset button. There’s no turning it off.” There is the potential to have eyes where a potential attack is going to occur for “hours ahead of time.” After a target is struck, pilots “stick around for another few hours to watch what happens afterwards.” He says pilots “stay focused on the destruction” they’ve just caused with their aircraft.

The viewer is led to believe that, even though the pilots are initially trained on an XBox controller, there is no feeling of desensitization. Pilots being hired off the street are not enlisting and finding this is like playing Call of Duty video games at home.

Nearly halfway through the program, the audience begins to hear some critical views on the development of this technology. Afghanistan is the “only publicly authorized war.” Operations in Pakistan, Somalia and Yemen are part of covert operations. Peter Singer of the Brookings Institution says America has “conducted a lot of strikes that would have been problematic if we had used manned systems.” Shuja Nawaz of The Atlantic Council says who the targets were, whether they were actually terminated or if others were killed can often be unknown. The narrator notes there are no “verifiable counts of civilian deaths” but that thirty percent of those killed could be civilians and strikes may be turning people against the US and violate international law.

A clip of CODEPINK co-founder Medea Benjamin interrupting John Brennan when he officially acknowledged the program on April 30, 2012. The program continues to explain that anyone anywhere can be eliminated regardless of national boundaries. Nawaz finds this is still a violation of sovereignty even if there is no person flying the aircraft. Singer acknowledges historically we would have called the “equivalent of an air war campaign” war and treated it like war. Viewers are given a glimpse at the problems drones have with air sensors and how it is sometimes difficult for pilots to see what is going on because viewing targets can be “like looking through a soda straw.” An incident in Afghanistan where civilians were killed because they could not be seen in the vicinity is recounted.

The program shifts to the potential of drones to be used for domestic surveillance. Yiannis Antoniades of BAE Systems (which has done business with Lockheed Martin before) shows how a drone can spy on a small city all at one time. He demonstrates the basic capabilities of ARGUS—technology that has been known to exist for over a year. The camera has a resolution of 1.8 billion pixels, the world’s highest resolution. A screen shows color boxes over moving objects that can be used to track persons of interest. People waving their arms, walking around and the kind of clothes people are wearing can be visibly seen. Something as small as six inches on the ground can be seen.

It is possible to shoot one million terabytes of video a day or five thousand hours of footage. One can go back to see what happened four days, two hours and four minutes ago if necessary. As Cummings says, society is becoming “increasingly electronic” where “our movements are going to be tracked” because every video can be archived.

A portion of the program then highlights how Iran was able to hijack a drone or capture a drone after it malfunctioned. Lt. Gen. Deptula says there was a problem with the aircraft and “it landed in an area it shouldn’t have landed in and that’s about all I’m going to say.” Why it went down, the narrator notes, is classified. But, Bill Sweetman of Aviation Week adds control can be lost for basic reasons; for example, the picture can freeze. There’s a degree of vulnerability with remotely piloted aircraft that typically can be overcome by having a human in the cockpit. And then, the documentary concludes with a presentation of how engineers are developing autonomous drones.

*

The secrecy in the documentary does not help demystify fears of how the technology might be used. The BAE systems engineer informs viewers he has been granted “permission from the government to show the basic capabilities” of drone surveillance technology being developed. The sensors that are being used are covered in what appears to be blue tarps. The engineer states he is not allowed to expose the pieces that make up the sensors. They are “classified.” Whether ARGUS has been deployed in the field is “classified” as well.

This is technology that will be used domestically and Americans deserve to know all of the technology’s capabilities. Government should not be able to conceal what it can do and force the public to trust them that they are not engaging in operations that violate the privacy of Americans.

More significantly, it hints at but fails to fully get into the ethical responsibility scientists or engineers have to be concerned with how the technology could be used for authoritarian purposes. Karem says he never intended for his drones to kill people. Vijay Kumar of GRASP Lab suggests he is only for drones being used for “humanitarian purposes,” like to enable communications between firefighters when responding to an emergency. Kumar adds there will always be people who are going to use it in ways the designer never intended the technology to be used.

One of the most obvious examples is Albert Einstein’s theory of relativity equation, which helped facilitate the development of the atomic bomb. According to Peter Kuznick and Oliver Stone’s Untold History of the United States, he wrote a letter to President Franklin Delano Roosevelt urging him to authorize a US atomic research program. He later regretted this action and told chemist Linus Pauling, “I made one great mistake in my life—when I signed the letter to President Roosevelt recommending that the atom bombs be made.” When President Harry S. Truman was about to proceed with development of the hydrogen bomb, Einstein went on Eleanor Roosevelt’s television show and warned, “If these efforts should prove successful, radioactive poisoning of the atmosphere and, hence, annihilation of all life on earth will have been brought within the range of what is technically possible.”

Drones are not capable of the kind of destruction of atomic bombs, but that is not the point. Unmanned aircrafts make it possible for the US to engage in permanent war. The technology’s fabled precision leads one to believe the only targets being hit are all enemies of the United States. Civilians being killed are collateral damage and they do not matter because they should not have been associated with or in the vicinity of “militants” affiliated with al Qaeda. But the “militants” are rarely firing at US forces or equipment when they are targeted. It does not occur in battle. The targeted killing operation locates the target like police might locate a target for arrest and detention. The targets are subjected to lethal force and assassinated because they are supposedly too dangerous to capture, detain and put on trial.

In terms of surveillance, it is clear the systems developed can engage in wholesale surveillance of entire populations. It is not highlighted in the documentary, but biometrics and facial recognition technology could be attached to drones to gather information on multiple people at a distance in public without giving them or asking them for their consent. This could happen on a continual basis. Though people have typically entered public knowing when they were under surveillance because they could spot the camera being used to monitor them, they would not be able to tell because the drone spying on them could be tens of thousands of feet high in the sky. How the law protects against warrantless droning unknown or believed to not afford Americans any protection yet that is mostly ignored (though Sen. Rand Paul does make an appearance and talk about legislation he supports to protect Americans’ right to privacy).

The radical redefinition of due process, privacy in public space and what is permissible outside of declared war is not fully addressed by scientists or engineers. It would have been valuable to hear how they are morally grappling with the possibility of the technology being used for wars of aggression or to transform societies into totalitarian states. It would have been valuable to hear what safeguards or laws they might like to see so that it would be harder for powerful individuals to use these for purposes that were inhumane or repressive. However, the producers do not explore the dystopian possibilities.

Awesome innovations in technology in the recent decade are presented for viewers as marvelous. The question of whether scientists and engineers should keep advancing technology and allow a one-hundred-car freight train hurtling down the tracks at eighty miles an hour to keep on chugging is never considered. The human cost of the technology is pushed to the margins. The effect is the documentary functions more like propaganda than a documentary that rightfully provokes exploration of critical issues posed by drones.
http://dissenter.firedoglake.com/201...ense-industry/





Microsoft Blasts PC Makers: It's YOUR Fault Windows 8 Crash Landed

Slab builders ignored Redmond, claims Reg source
Gavin Clarke

Exclusive Microsoft blames PC makers for underwhelming Windows 8 sales over Christmas, The Register has learned. The software giant accused manufacturers of not building enough attractive Win 8-powered touchscreen tablets.

But the computer makers are fighting back: they claimed that if they’d followed Microsoft’s hardware requirements and ramped up production, they'd have ended up building a lot of high-end expensive slabs that consumers didn’t understand nor want.

The Reg has learned Microsoft provided clear and specific guidance on the hardware it wanted inside any machine running Windows 8 so as to show off and utilise the operating system's new capabilities, such as the touch-driven interface. Microsoft also gave its advice on the mix of high and low-end form-factors manufacturers should build, namely Ultrabooks, hybrids and simple laptops.

The Redmond giant had held a competition between competing computer makers, and the PCs it deemed the best were to be promoted under two labels: Hero PCs and Featured PCs. Microsoft wanted 10 Hero PCs to advertise globally and promised to pay retailers to display and promote 20 PCs on the Featured list.

However, the wheels came off that plan: Gartner said last week that during Q4 2012 Windows 8 didn’t make a “significant impact” on PC shipments and other analysts said sales of Windows 8 are lagging Windows 7.

Now Microsoft is planning to reboot its launch of Windows 8 next month. On Tuesday the company gave 9 February as the date for the US and Canada unveiling of the Intel-powered Surface Pro tablets. But sources tell us Microsoft is actually preparing for a February “relaunch” of Windows 8.

The Windows Pro Surface was planned to emerge in January, 90 days after Windows 8 and ARM-powered Windows RT Surface devices went on sale. That has clearly slipped.

Our well-placed source said that bad sales combined with PC makers “ignoring” Microsoft's advice has left Redmond executives fuming.

“Microsoft is very frustrated with major OEMs who didn't build nearly enough touch systems and are now struggling to find parts and ramp up. Microsoft says they provided very specific guidance on what to build,” our insider said.

Badge of honour: Vista revisited

When new versions of Windows are released, Microsoft usually gives minimum hardware specs for the operating system to PC makers as part of its logo programmes: machines that meet the requirements get an official Redmond badge to reassure buyers. It should be stressed that these specifications are always pitched as the minimum needed to get the OS running.

One recent example is the notorious "Windows Vista Premium Ready" and "Windows Vista Premium Capable" badges. That programme landed Microsoft with a lawsuit as litigants claimed Microsoft misled them on what “capable” meant. It emerged Microsoft had played fast and loose with its own rules to help Intel, classifying PCs as capable when they weren’t.

Windows 8, though, was a radical departure that Microsoft had to flaunt. It introduced touchscreen input; called for apps capable of running on ARM chipsets from Qualcomm, Texas Instruments and NVIDIA; and required PC makers install firmware capable of cryptographically authorising the boot up of the operating system.

A separate source at a major Windows 8 PC maker confirmed frustration is simmering inside Microsoft, and the blame is settling on PC makers. He said [Microsoft] “is pinning the blame on the manufacturers for not having enough touch-based product”.

'We couldn’t afford to make lots of product, lots of high-priced touch'

PC makers, though, are hitting back after Redmond's finger-pointing - countering that if they’d followed Microsoft’s advice they’d have ended up building very expensive tablets and would have been saddled with the costs of a huge piles of unsold units. Those who did buy Windows 8 PCs ultimately bought the cheap laptops not high-end Ultrabooks or hybrids.

One Reg source told us Microsoft isn’t blaming OEMs publicly, but doing so in private in meetings assisted with PowerPoint presentations. “There was a big debate, and we said: 'It’s not like that.' We couldn’t afford to make lots of product, lots of high-priced touch. We found people would look at nice high-end products and buy £299 devices instead,” the contact said.

The source also criticised the Hero PC and Featured PC programmes, calling the process "opaque".

The PC makers also blame Microsoft for sowing confusion with its Surface tablet. Among the manufacturers, it is perceived that the Microsoft-branded slab failed to educate users about the new touch user interface and distracted the software giant - leading to its failure to put adequate marketing muscle behind the launch of ordinary Windows 8 PCs.

The European launch of Windows 8 lacked the punch and focus expected by PC makers, as Microsoft focussed much of its efforts on the US and Surface.

“Microsoft is not blaming itself for not selling enough Surface, it’s blaming OEMs for not having enough touch-based product,” our supply chain source said.

The Reg asked Microsoft to comment on its sales in the final quarter of 2012. We also asked what the company believes is responsible for the fact Windows 8 didn't have a "significant" impact - as per Gartner's statement. El Reg also quizzed the firm on whether it believes more touch would help sales of PCs in Q1 and Q2 of 2013, and which steps Microsoft taking now.

Finally, we asked what guidance Microsoft had provided manufacturers.

In a statement attributed to Windows business planning general manager Bernardo Caldas, Microsoft said it works closely with hardware partners on a list of selected devices which it believes “people will love and that showcase the best of the Windows 8 user experience. This is not a new process for Windows”.

On those Q4 sales, Microsoft claimed 60 million Windows 8 licences had been sold to date - pointing to comments made by Windows division chief financial officer and chief marketing officer Tami Reller at a JP Morgan conference.

Microsoft did say that the figure of 60 million could be attributed to upgrades and sales to manufacturers – so not sales of actual PCs to the end user. Reller had claimed the 60 million was “roughly in line with where we would have been with Windows 7".

On the plans to help Q1 and Q2 sales and of a marketing reboot, Microsoft reckoned it was pleased with uptake of Windows 8 and said: “We work closely with our OEM partners to put a great hardware assortment that brings Windows 8 experiences to life at the center of our marketing campaigns – three key hardware refresh and selling timeframes for OEMs and Microsoft campaigns continue to be: spring, back to school and holiday.

"As market conditions evolve, we will continue to work in tandem with PC makers on creating successful and compelling campaigns.”
http://www.theregister.co.uk/2013/01..._8_blame_game/





Thieves Break Into Microsoft Offices, Take Only Apple iPads

Microsoft's Silicon Valley research centre has been raided by thieves but only Apple products were taken, according to reports.

Five Apple iPads, worth more than $3,000 (£1,865), were stolen some time between December 19 and 26, say police.

Two iPad 2s, two third generation iPads and one fourth generation iPad were taken from three offices at Microsoft's Mountain View research and development complex.

Microsoft employees reported the theft when they returned to work after the Christmas break.

Police said no Microsoft products were reported stolen. However, the building targeted is reported to be the base for the Microsoft team that builds software for Apple hardware so the presence of iPads is unsurprising.

News of the theft broke last week as a clipping from the Palo Alto Daily Post circulated online. The clipping was dismissed by some tech writers as a mock-up, given the irony of a story in which Microsoft it targeted by thieves but only for a competitor's product.

Angela Ruggiero, the reporter who wrote the Daily Post article, later confirmed the authenticity of the story on Twitter, while The Register received confirmation from police that the incident had indeed taken place.
http://www.telegraph.co.uk/technolog...ple-iPads.html





Exclusive: Researchers Warn of Widespread Networking Gear Bugs
Jim Finkle

Bugs in widely used networking technology expose tens of millions of personal computers, printers and storage drives to attack by hackers over the regular Internet, researchers with a security software maker said.

The problem lies in computer routers and other networking equipment that use a commonly employed standard known as Universal Plug and Play or UPnP. UPnP makes it easy for networks to identify and communicate with equipment, reducing the amount of work it takes to set up networks.

Security software maker Rapid7 said in a white paper to be released Tuesday that it discovered between 40 million and 50 million devices that were vulnerable to attack due to three separate sets of problems that the firm's researchers have identified with the UPnP standard.

The long list of devices includes products from manufacturers including Belkin, D-Link, Cisco Systems Inc's Linksys division and Netgear.

Representatives for Belkin, D-Link, Linksys and Netgear could not be reached for comment on Monday evening.

Chris Wysopal, chief technology officer of security software firm Veracode, said he believed that publication of Rapid7's findings would draw widespread attention to the still emerging area of UPnP security, prompting other security researchers to search for more bugs in UPnP.

"This definitely falls into the scary category," said Wysopal, who reviewed Rapid7's findings ahead of their publication. "There is going to be a lot more research on this. And the follow-on research could be a lot scarier."

Rapid7 has privately alerted electronics makers about the problem through the CERT Coordination Center, a group at the Carnegie Mellon Software Engineering Institute that helps researchers report vulnerabilities to affected companies.

"This is the most pervasive bug I've ever seen," said HD Moore, chief technology officer for Rapid7. He discussed the research with Reuters late on Monday.

Moore, who created a widely used platform known as Metasploit that allows security experts to simulate network attacks, said that he expected CERT to release a public warning about the flaw on Tuesday. A spokesman for the CERT Coordination Center declined to comment.

A source with a networking equipment maker confirmed they had been alerted that CERT would issue an advisory on Tuesday and that companies were preparing to respond.

TAKING CONTROL

The flaws could allow hackers to access confidential files, steal passwords, take full control over PCs as well as remotely access devices such as webcams, printers and security systems, according to Rapid7.

Moore said that there were bugs in most of the devices he tested and that device manufacturers will need to release software updates to remedy the problems.

He said that is unlikely to happen quickly.

In the meantime, he advised computer users to quickly use a free tool released by Rapid7 to identify vulnerable gear, then disable the UPnP functionality in that equipment.

Moore said hackers have not widely exploited the UPnP vulnerabilities to launch attacks, but both Moore and Wysopal expected they may start to do so after the findings are publicized.

Still, Moore said he decided to disclose the flaws in a bid to pressure equipment makers to fix the bugs and generally pay more attention to security.

People who own devices with UPnP enabled may not be aware of it because new routers, printers, media servers, Web cameras, storage drives and "smart" or Web-connected TVs are often shipped with that functionality turned on by default.

"You can't stay silent about something like this," he said. "These devices seem to have had the same level of core security for decades. Nobody seems to really care about them."

Veracode's Wysopal said that some hackers have likely already exploited the flaws to launch attacks, but in relatively small numbers, choosing victims one at a time.

"If they are going after executives and government officials, then they will probably look for their home networks and exploit this vulnerability," he said.

Rapid7 is advising businesses and consumers alike to disable UPnP in devices that they suspect may be vulnerable to attack. The firm has released a tool to help identify those devices on its website www.rapid7.com.

(Editing by Edmund Klamann and Robert Birsel)
http://www.reuters.com/article/2013/...90S06320130129





More Than A Dozen Brands Of Security Camera Systems Vulnerable To Hacker Hijacking
Andy Greenberg

Digital video recorders have revolutionized home and business security, making it possible to easily store and play back hundreds of hours of surveillance camera footage. But a few design flaws in their software, it seems, can quickly turn the watchers into the watched.

Eighteen brands of security camera digital video recorders (DVRs) are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company’s firewall, according to tests by two security researchers. And one of the researchers, security firm Rapid7′s chief security officer H.D. Moore, has discovered that 58,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet.

“The DVR gives you access to all their video, current and archived,” says Moore. “You could look at videos, pause and play, or just turn off the cameras and rob the store.”

Early last week a security researcher who goes by the name someLuser published a blog post detailing his dissection of a DVR built by the security firm Swann, disassembling the device and running tests on it via its serial port. He found that commands sent to the device via a certain connection, port 9000, were accepted without any authentication. And worse, he was able to use that unprotected connection to retrieve the login credentials for the DVR’s web-based control panel. “Anyone who can connect to port 9000 on the device can send this request and retrieve that information,” said someLuser, who declined to reveal his real name when I reached him by instant message.

To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPNP) which maps the devices’ location to any local router that has UPNP enabled–a common default setting. That feature, designed to allow users to remotely access their video files via remote PC or phone, effectively cuts a hole in any firewall that would expose the device to attackers, too.

Rapid7′s Moore confirmed someLuser’s findings and traced the problem in the Swann machine to the device’s firmware sold by Ray Sharp. He then used the scanning tool NMAP to dig up thousands of vulnerable machines visible on the Internet. “It’s just a boneheaded decision on the part of [Ray Sharp],” says Moore. “Fifty-eight thousand homes and businesses are exposed because of the way these things cut holes in the firewall.”

By checking the web interfaces of the vulnerable devices and analyzing the Ray Sharp firmware he downloaded from Swann’s website, Moore was able to identify 18 companies that seem to use the faulty code: Swann, Lorex, URMET, KGuard, Defender, DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos, and J2000.

Update: A spokesperson for Zmodo writes in a statement that the company has developed its own firmware in models that it’s sold since 2011, and claims that its in-house firmware “features a substantially higher level of security and has never been susceptible to the same intrusions as firmware developed by Ray Sharp.”

In addition to gaining access to the DVR through its web interface, someLuser also found that an attacker could gain complete control of the device’s Linux operating system and run arbitrary commands, making it a potential point of attack for compromising other PCs and servers on the victim’s network.

Moore warns that he hasn’t actually tested the exploit on every brands of device that he listed to me. But his scans indicate that all of them would be subject to the same port 9000 trick based on their use of the hackable Ray Sharp firmware. I reached out to Ray Sharp and each of those companies that had a public website, but haven’t yet heard back from any except Lorex, whose spokesperson said the company would look into the issue but declined to comment for now.

No simple fix exists for the DVR vulnerability until Ray Sharp or the vendors that use its firmware issue an update, say the researchers. But someLuser suggests owners of the affected DVRs temporarily disable UPNP on their Internet routers to prevent the device from making itself accessible from external connections.
http://www.forbes.com/sites/andygree...ker-hijacking/





Hackers in China Attacked The Times for Last 4 Months
Nicole Perlroth

For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.

Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.

“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times.

The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

The attackers first installed malware — malicious software — that enabled them to gain entry to any computer on The Times’s network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China. More evidence of the source, experts said, is that the attacks started from the same university computers used by the Chinese military to attack United States military contractors in the past.

Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.

No customer data was stolen from The Times, security experts said.

Asked about evidence that indicated the hacking originated in China, and possibly with the military, China’s Ministry of National Defense said, “Chinese laws prohibit any action including hacking that damages Internet security.” It added that “to accuse the Chinese military of launching cyberattacks without solid proof is unprofessional and baseless.”

The attacks appear to be part of a broader computer espionage campaign against American news media companies that have reported on Chinese leaders and corporations.

Last year, Bloomberg News was targeted by Chinese hackers, and some employees’ computers were infected, according to a person with knowledge of the company’s internal investigation, after Bloomberg published an article on June 29 about the wealth accumulated by relatives of Xi Jinping, China’s vice president at the time. Mr. Xi became general secretary of the Communist Party in November and is expected to become president in March. Ty Trippet, a spokesman for Bloomberg, confirmed that hackers had made attempts but said that “no computer systems or computers were compromised.”

Signs of a Campaign

The mounting number of attacks that have been traced back to China suggest that hackers there are behind a far-reaching spying campaign aimed at an expanding set of targets including corporations, government agencies, activist groups and media organizations inside the United States. The intelligence-gathering campaign, foreign policy experts and computer security researchers say, is as much about trying to control China’s public image, domestically and abroad, as it is about stealing trade secrets.

Security experts said that beginning in 2008, Chinese hackers began targeting Western journalists as part of an effort to identify and intimidate their sources and contacts, and to anticipate stories that might damage the reputations of Chinese leaders.

In a December intelligence report for clients, Mandiant said that over the course of several investigations it found evidence that Chinese hackers had stolen e-mails, contacts and files from more than 30 journalists and executives at Western news organizations, and had maintained a “short list” of journalists whose accounts they repeatedly attack.

While computer security experts say China is most active and persistent, it is not alone in using computer attacks for a variety of national purposes, including corporate espionage. The United States, Israel, Russia and Iran, among others, are suspected of developing and deploying cyberweapons.

The United States and Israel have never publicly acknowledged it, but evidence indicates they released a sophisticated computer worm starting around 2008 that attacked and later caused damage at Iran’s main nuclear enrichment plant. Iran is believed to have responded with computer attacks on targets in the United States, including American banks and foreign oil companies.

Russia is suspected of having used computer attacks during its war with Georgia in 2008.

The following account of the attack on The Times — which is based on interviews with Times executives, reporters and security experts — provides a glimpse into one such spy campaign.

After The Times learned of warnings from Chinese government officials that its investigation of the wealth of Mr. Wen’s relatives would “have consequences,” executives on Oct. 24 asked AT&T, which monitors The Times’s computer network, to watch for unusual activity.

On Oct. 25, the day the article was published online, AT&T informed The Times that it had noticed behavior that was consistent with other attacks believed to have been perpetrated by the Chinese military.

The Times notified and voluntarily briefed the Federal Bureau of Investigation on the attacks and then — not initially recognizing the extent of the infiltration of its computers — worked with AT&T to track the attackers even as it tried to eliminate them from its systems.

But on Nov. 7, when it became clear that attackers were still inside its systems despite efforts to expel them, The Times hired Mandiant, which specializes in responding to security breaches. Since learning of the attacks, The Times — first with AT&T and then with Mandiant — has monitored attackers as they have moved around its systems.

Hacker teams regularly began work, for the most part, at 8 a.m. Beijing time. Usually they continued for a standard work day, but sometimes the hacking persisted until midnight. Occasionally, the attacks stopped for two-week periods, Mandiant said, though the reason was not clear.

Investigators still do not know how hackers initially broke into The Times’s systems. They suspect the hackers used a so-called spear-phishing attack, in which they send e-mails to employees that contain malicious links or attachments. All it takes is one click on the e-mail by an employee for hackers to install “remote access tools” — or RATs. Those tools can siphon off oceans of data — passwords, keystrokes, screen images, documents and, in some cases, recordings from computers’ microphones and Web cameras — and send the information back to the attackers’ Web servers.

Michael Higgins, chief security officer at The Times, said: “Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

Lying in Wait

Once hackers get in, it can be hard to get them out. In the case of a 2011 breach at the United States Chamber of Commerce, for instance, the trade group worked closely with the F.B.I. to seal its systems, according to chamber employees. But months later, the chamber discovered that Internet-connected devices — a thermostat in one of its corporate apartments and a printer in its offices — were still communicating with computers in China.

In part to prevent that from happening, The Times allowed hackers to spin a digital web for four months to identify every digital back door the hackers used. It then replaced every compromised computer and set up new defenses in hopes of keeping hackers out.

“Attackers target companies for a reason — even if you kick them out, they will try to get back in,” said Nick Bennett, the security consultant who has managed Mandiant’s investigation. “We wanted to make sure we had full grasp of the extent of their access so that the next time they try to come in, we can respond quickly.”

Based on a forensic analysis going back months, it appears the hackers broke into The Times computers on Sept. 13, when the reporting for the Wen articles was nearing completion. They set up at least three back doors into users’ machines that they used as a digital base camp. From there they snooped around The Times’s systems for at least two weeks before they identified the domain controller that contains user names and hashed, or scrambled, passwords for every Times employee.

While hashes make hackers’ break-ins more difficult, hashed passwords can easily be cracked using so-called rainbow tables — readily available databases of hash values for nearly every alphanumeric character combination, up to a certain length. Some hacker Web sites publish as many as 50 billion hash values.

Investigators found evidence that the attackers cracked the passwords and used them to gain access to a number of computers. They created custom software that allowed them to search for and grab Mr. Barboza’s and Mr. Yardley’s e-mails and documents from a Times e-mail server.

Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec identified an attacker’s software as malicious and quarantined it, according to Mandiant.

A Symantec spokesman said that, as a matter of policy, the company does not comment on its customers.

The attackers were particularly active in the period after the Oct. 25 publication of The Times article about Mr. Wen’s relatives, especially on the evening of the Nov. 6 presidential election. That raised concerns among Times senior editors who had been informed of the attacks that the hackers might try to shut down the newspaper’s electronic or print publishing system. But the attackers’ movements suggested that the primary target remained Mr. Barboza’s e-mail correspondence.

“They could have wreaked havoc on our systems,” said Marc Frons, the Times’s chief information officer. “But that was not what they were after.”

What they appeared to be looking for were the names of people who might have provided information to Mr. Barboza.

Mr. Barboza’s research on the stories, as reported previously in The Times, was based on public records, including thousands of corporate documents through China’s State Administration for Industry and Commerce. Those documents — which are available to lawyers and consulting firms for a nominal fee — were used to trace the business interests of relatives of Mr. Wen.

A Tricky Search

Tracking the source of an attack to one group or country can be difficult because hackers usually try to cloak their identities and whereabouts.

To run their Times spying campaign, the attackers used a number of compromised computer systems registered to universities in North Carolina, Arizona, Wisconsin and New Mexico, as well as smaller companies and Internet service providers across the United States, according to Mandiant’s investigators.

The hackers also continually switched from one I.P. address to another; an I.P. address, for Internet protocol, is a unique number identifying each Internet-connected device from the billions around the globe, so that messages and other information sent by one device are correctly routed to the ones meant to get them.

Using university computers as proxies and switching I.P. addresses were simply efforts to hide the source of the attacks, which investigators say is China. The pattern that Mandiant’s experts detected closely matched the pattern of earlier attacks traced to China. After Google was attacked in 2010 and the Gmail accounts of Chinese human rights activists were opened, for example, investigators were able to trace the source to two educational institutions in China, including one with ties to the Chinese military.

Security experts say that by routing attacks through servers in other countries and outsourcing attacks to skilled hackers, the Chinese military maintains plausible deniability.

“If you look at each attack in isolation, you can’t say, ‘This is the Chinese military,’ ” said Richard Bejtlich, Mandiant’s chief security officer.

But when the techniques and patterns of the hackers are similar, it is a sign that the hackers are the same or affiliated.

“When you see the same group steal data on Chinese dissidents and Tibetan activists, then attack an aerospace company, it starts to push you in the right direction,” he said.

Mandiant has been tracking about 20 groups that are spying on organizations inside the United States and around the globe. Its investigators said that based on the evidence — the malware used, the command and control centers compromised and the hackers’ techniques — The Times was attacked by a group of Chinese hackers that Mandiant refers to internally as “A.P.T. Number 12.”

A.P.T. stands for Advanced Persistent Threat, a term that computer security experts and government officials use to describe a targeted attack and that many say has become synonymous with attacks done by China. AT&T and the F.B.I. have been tracking the same group, which they have also traced to China, but they use their own internal designations.

Mandiant said the group had been “very active” and had broken into hundreds of other Western organizations, including several American military contractors.

To get rid of the hackers, The Times blocked the compromised outside computers, removed every back door into its network, changed every employee password and wrapped additional security around its systems.

For now, that appears to have worked, but investigators and Times executives say they anticipate more efforts by hackers.

“This is not the end of the story,” said Mr. Bejtlich of Mandiant. “Once they take a liking to a victim, they tend to come back. It’s not like a digital crime case where the intruders steal stuff and then they’re gone. This requires an internal vigilance model.”
https://www.nytimes.com/2013/01/31/t...computers.html





Easier to Get Infected With Malware on 'Good Sites' Than on Shady Sites, Cisco Says
Fahmida Y. Rashid

It can be more dangerous to click on an online advertisement than an adult content site these days, Cisco said in its latest version of the yearly security threat report.

Popular belief states that security risks increase as the user engages in riskier and shadier behavior online, but that apparently isn't the case, Cisco found in its 2013 Annual Security report, released Jan. 30. For example, users clicking on online advertisements were 182 times more likely to wind up getting infected with malware than if they'd surfed over to an adult content site, Cisco said.

Cisco LogoThe highest concentration of online security targets do not target pornography, pharmaceutical, or gambling sites as much as they affect legitimate sites such as search engines, online retailers, and social media. Users are more 21 times more likely to get hit with malware from online shopping sites and 27 more times likely with a search engine than if they'd gone to a counterfeit software site, according to Cisco.

The results of the report confirmed that "users aren't stupid," Mary Landesman, senior security researcher at Cisco, told SecurityWeek.

There is an overwhelming perception that people get compromised for "going to dumb sites," Landesman said. "The Web is extremely complex and people are making mistakes, she said.

"Many security professionals—and certainly a large community of online users—hold preconceived ideas about where people are most likely to stumble across dangerous web malware," Cisco's report (PDF) noted.

Malicious advertisements (malvertising) increased in 2012 from 2011, Landesman said. The most malware-stricken computers in recent memory were in the United States, followed by Russian Federation, Denmark, and Sweden.

Along with the Annual Security Report, Cisco also released the second chapter of its 2012 Cisco Connected World Technology Report, a study that examines people's attitude towards security and privacy of data.

"Many employees adopt 'my way' work lifestyles in which their devices, work and online behavior mix with their personal lives virtually anywhere – in the office, at home and everywhere in between," Cisco said in the report. Approximately 80 percent of Gen Y workers who are aware of IT policies regarding mobile devices do not obey the rules, Cisco found.

There was a spike in malware encounters in Sweden and Denmark.

Despite all the attention-grabbing headlines, mobile malware accounted for barely half a percent of malware in 2012, Cisco said, and that's even with a 2,577 percent growth in Android-based malware over the past year.

The company also expanded its security portfolio by adding mobile management support to its Identity Services Engine platform.

In a separate announcement, Cisco announced the acquisition of real-time security intelligence firm Cognitive Security. The Czech company offers a machine learning service that analyzes security threats in real-time. Cognitive Security's technology will eventually be integrated into Cisco's cloud-based security offering by the end of 2013, the company said.
https://www.securityweek.com/easier-...tes-cisco-says





The Web-Deprived Study at McDonald's
Anton Troianovski

In many communities, after the library and the computer lab close for the night, there is often only one place to turn for students without internet access at home: the local McDonald's. WSJ's Anton Troianovski reports from Citronelle, Alabama.

Joshua Edwards's eighth-grade paper about the Black Plague came with a McDouble and fries.

Joshua sometimes does his homework at a McDonald's restaurant—not because he is drawn by the burgers, but because the fast-food chain is one of the few places in this southern Alabama city of 4,000 where he can get online access free once the public library closes.

Cheap smartphones and tablets have put Web-ready technology into more hands than ever. But the price of Internet connectivity hasn't come down nearly as quickly. And in many rural areas, high-speed Internet through traditional phone lines simply isn't available at any price. The result is a divide between families that have broadband constantly available on their home computers and phones, and those that have to plan their days around visits to free sources of Internet access.

That divide is becoming a bigger problem now that a fast Internet connection has evolved into an essential tool for completing many assignments at public schools. Federal regulators identified the gap in home Internet access as a key challenge for education in a report in 2010. Access to the Web has expanded since then, but roughly a third of households with income of less than $30,000 a year and teens living at home still don't have broadband access there, according to the Pew Research Center.

"It is increasingly hard to argue that out-of-school access doesn't matter," said Doug Levin, executive director of a national group of state education technology directors. "There's a degree of frustration about the speed with which we're moving."

Moving faster would be expensive. The Federal Communications Commission assesses a fee averaging $2.50 per household a month on phone bills to pay $4.5 billion a year for building broadband in rural areas and more than $2 billion a year to pay for better connectivity in schools and libraries. The commission says it can make broadband available to all Americans by spending $45 billion over 10 years.

Some are wary of deeper government intervention, arguing that many telecommunications companies are already fast expanding broadband access on their own. "Subsidies should really be targeted narrowly to those that need them," said Randolph May, president of the Free State Foundation, a think tank that advocates for lighter telecom regulation. "That's historically not the way we've done it in communications."

School districts are finding it tough to tackle the digital divide on their own. The Pinconning, Mich., school district worked with Sprint Nextel Corp. to buy smartphones for 100 fifth-graders in 2010 and 2011. Pinconning paid more than $30 per month per device for the phones' data plans, which Sprint says were "very competitive rates." After a year, the cost proved too high for the impoverished rural district, which is a two-hour drive north of Detroit and was hit hard by the auto industry's decline. Now many of the phones are in storage.

As a result, "we have to shy away a little bit from the Internet" in homework assignments, Superintendent Michael Vieau said.

In Alabama's Mobile County, which includes Citronelle, educators say they are aware that lack of Internet access at home can put students at a disadvantage. But they also fear leaving kids unprepared for the real world if they don't emphasize online learning in the curriculum.

David Akridge, the Mobile County Public School System's technology director, says he plans to map the area's free Wi-Fi hot spots and will try to convince local businesses to set up more of them. "That's how we need to do it now," Mr. Akridge says. "But I don't think it's a permanent solution to have everyone go to businesses to do that."

The children and teenagers huddled over their devices at McDonald's Corp. restaurants and Starbucks Corp. coffee shops across the country underscore the persistence of the Internet gap in education. McDonald's has 12,000 Wi-Fi-equipped locations in the U.S., and Starbucks has another 7,000. Together, that is more than the roughly 15,000 Wi-Fi-enabled public libraries in the country.

In Harrison, Mich., the local library is a lifeline for people without home Internet. But it is usually closed by 6 p.m. Once a week, librarian Mary LaValle meets a friend at the nearby McDonald's after work. She says she often sees the same teenagers sharing laptops at the restaurant that use the computers at her library. Usually, the kids will only buy a drink, and the free refills keep them going all night, she says.

To be sure, much of what students get on the Internet still comes in books available free at school or the public library. But many school administrators are purposely pushing kids on the Web. At Burns Middle School in Mobile, Principal John Adams has his teachers assign at least one digital project that requires Internet use per quarter.

The goal, Mr. Adams says, is to teach students "21st-century skills." Teachers typically allot class time for computer use when they require kids to get online, but Mr. Adams acknowledges that those students who have home Internet have the advantage of "unlimited time to pull in more information and fine-tune their digital projects."

McDonald's began rolling out Wi-Fi in its U.S. restaurants years ago. In 2010, McDonald's made it free even for those not buying food, a move soon followed by Starbucks.

Jonah Sigel, who oversees Starbucks's Wi-Fi program, says there is no need to require that Internet users purchase anything.

"Before I started working here I always felt guilty not at least buying a bottle of water" when using the Starbucks Wi-Fi, Mr. Sigel said. "I hope people act similarly."

Many McDonald's franchisees have a similar view. "It's hard to sit there and watch people eat McDonald's french fries and not go buy your own," says Ted Lezotte, a McDonald's franchisee in northern Michigan who owns four restaurants.

In Citronelle, located about 30 miles north of the city of Mobile, 10th-grader Dustin Williams works on social-studies reports and Facebook posts at a McDonald's across the street from the high school. "For research and stuff, a book ain't enough," he said.

Joshua Edwards made multiple visits to the same McDonald's to work on papers this school year. His mother, Linda Edwards, says she already pays a large portion of her monthly budget for telecommunications: more than $150 for cellphones for herself and an older son, and $55 for satellite television, out of a $1,200 Social Security check. She said she couldn't afford the $250 deposit she would need to get satellite Internet for her trailer home off a dirt road about 15 minutes outside Citronelle.

In recent weeks, Ms. Edwards came up with a stopgap measure: for an extra $10 per month, she was able to use an AT&T feature that lets her use her smartphone as a Wi-Fi hot spot. The feature gets her some connectivity, though users doing bandwidth-heavy tasks like watching video over the cellular network can end up with hefty data charges. Ms. Edwards plans to move closer to town later this year and to try to get a landline Internet connection when she does.

For now, she has been taking her children to McDonald's. "If I had a little money I would go buy something [there], but most of the time I didn't," she said.

She has little choice. The local public school system has encouraged teachers to put assignments online and students to use their own devices for school work. Teachers post extra-credit problems and links to educational videos and other resources.

In a Citronelle High School history class recently, five juniors were huddled around laptops and browsing the Web. They were working on a research project their teacher Megan Wiggins had assigned: Create a simulated Facebook profile for a U.S. president.

Some students were racing to get their work done before class ended. If they didn't, they said, they would have to find time to use the Internet later at school or finish up at the library or McDonald's. Other students were sitting at their desks reading or doing pencil-and-paper homework. They were the kids who had Internet access at home.

The U.S. government has been concerned about the digital divide since the Internet came into wide use two decades ago. In 1996, Congress as part of landmark telecom legislation created a program called E-Rate that provided about $2 billion a year to connect schools and libraries to the Internet. But E-Rate didn't cover Internet access at home. In recent years regulators debated whether or not to change that—but settled only on a $10 million pilot program that education leaders don't expect to be expanded without more E-Rate funding being made available.

More recently, regulators under President Barack Obama have made expanding broadband access a priority. But the advanced wireless networks and high-speed Internet connections built by companies like AT&T Inc., Verizon Communications Inc. and Sprint aren't subject to rules such as the ones that required carriers to make traditional telephone service available to everyone.

Carriers argue that requiring service to all doesn't make sense in a world in which many more options for getting connected—from cable connections to cellphones to satellite dishes—exist than ever before. Regulators agree that old rules need to change but say some regulation is still necessary. The process of updating old rules is just beginning, and fights over how closely the government should regulate new networks are likely later this year.

Industry groups say that companies are doing their part to ensure that more Americans can get online. Several cable companies have started offering Internet service for $9.95 a month to some poor families with children in school.

Larry Irving, a former telecommunications policy official in the Clinton administration who is now a consultant to nonprofits and telecom companies, says that the industry has expanded access across the U.S. in a way that was hard to imagine in the 1990s.

"No one disagrees with the concept of 100% connectivity," he says. "The rub is how do you get there in a way that doesn't distort the market."

Karen Cator, director of the office of educational technology at the U.S. Department of Education, said the department is trying to encourage school districts to band together in their negotiations with phone and cable companies in order to get the best price for Internet connections—including purchasing wireless broadband for students who don't have Internet at home. She is also looking for Washington to invest more in building out broadband infrastructure, as it did as part of the federal stimulus of 2009.

Without more action from the federal government, Ms. Cator said, the effort of broadening Internet access for poor and rural students "would be like building the highways but expecting every community to build their own piece."

That is what some school districts are effectively doing. Baldwin County, Ala., is spending $2.5 million a year to lease Apple laptops for each of its 10,000 high-school students. To make the investment pay off, Superintendent Alan Lee said he is looking into building a wireless network to be run by the school district, a project that has included mapping his county's geography and cell-tower locations.

Mr. Lee applied for a $3.7 million grant from a foundation to install Wi-Fi networks on school buses and in three cities in the district, but the grant funding has been whittled down to $500,000—only enough to try the program in one city.

In Pinconning, population 1,300, Mr. Lezotte, who owns the McDonald's there, said he can tell when exams are coming up by how many kids are gathered at his restaurant using their laptops.

Other Internet users stay in the parking lot, where they can take advantage of the McDonald's Wi-Fi guilt-free and purchase-free.

Jennifer LaBrenz, a single mom who has take-home income of roughly $2,000 a month, a year ago was paying close to $300 a month for home phone and Internet, satellite television and smartphones for herself and her oldest daughter.

To cut costs, she canceled home phone and Internet service. That is why she parked her Suzuki outside Mr. Lezotte's restaurant one evening this fall. While her daughter Olivia was balancing her computer on her lap in the passenger seat, Ms. LaBrenz tapped out a Facebook post on her phone: "Sitting McDonald's parking lot so Olivia can use Wi-Fi to do homework and email her teacher. I love the poor life."
http://online.wsj.com/article_email/...DEyNDgyWj.html





Software Enables Investigators to Delve Deeper Into Child-Porn File-Sharing
Bill Vidonic

State investigators searching for people who trade child porn online are conducting broader, deeper sweeps of file-sharing networks. They're using software that better spots videos and pictures moving between computers, law enforcement officials say.

“We are now able to delve into areas we never previously were able to search,” said Deputy Attorney General Anthony Marmo, who is based Downtown.

The state Attorney General's Office made its first arrest last week using software and training provided by the Internet Crimes Against Children Task Force, operated by the Department of Justice.

The software scans peer-to-peer, file-sharing networks that users enter with a password. Once in, they can search and download material from other users.

That's how an investigator spotted child pornography in the file of an Armstrong Cable user, according to court documents.

The cable company, under subpoena, identified the user as Todd Carbonara, 29, of Connellsville, who authorities charged with possessing and distributing child pornography, both felonies.

“It does illustrate the misconception that people have that this is all very confidential, because they open up their collection to other people,” said David Finkelhor, director of the Crimes Against Children Research Center at the University of New Hampshire.

Carbonara is in the Fayette County Jail awaiting a Feb. 14 hearing.

“Technology is ever-changing,” said Dave Peifer, commander of the Pennsylvania Internet Crimes Against Children Task Force and an investigator in the child abuse unit for the Delaware County district attorney. He joins the Attorney General's Office on Monday. “We're learning new software and learning how we can better protect children.”

A state police investigation that started in a peer-to-peer network led to the home of Seven Fields Mayor Edward Bayne. Troopers served a search warrant on the Bayne residence last month but filed no charges. Bayne declined to comment.

Court documents show that a trooper scanning a file-sharing network spotted someone in the Bayne home sharing child pornography files.

State police Cpl. John O'Neill said his agency is adding five forensic analysts to a computer crimes unit that investigates child pornography and other electronic crimes, bringing that unit up to 35 members.

“We now use Facebook, where we didn't before,” O'Neill said. “There's a lot of information out there. Technology is changing, and we're educating ourselves.”

In 2011, O'Neill said, the computer crimes unit and affiliated law enforcement conducted more than 2,900 forensic examinations and filed child pornography charges in 242 cases. O'Neill would not talk about software programs state police use, saying it could compromise investigations.

Finkelhor said one program, Roundup, allows investigators to search for phrases commonly used in child pornography files. In the Carbonara case, an investigator searched in the Gnutella network, which uses software including Limewire and Frostwire to share digital media files.

The state task force received $466,000 in federal funding to cover training and salaries of four staffers from July 1, 2012, through June 30, Peifer said.

“We need more personnel,” he said. “The more we have, the quicker we can get to cases in a timely manner.”

In 2011, investigations led to more than 5,700 arrests nationwide, more than 40 percent of which resulted in plea deals, according to the Justice Department.
http://triblive.com/state/pennsylvan...oftware-crimes





Bang With Friends Sex App Says it Registers Five Users Per Minute
Anita Li

The Bang With Friends sex app, which claims to anonymously hook users up with their Facebook friends, revealed plans to expand following its successful launch last week.

"Support for same-sex selections is already under development here at BWF along with an iPhone application for banging on the go," the app's creators told Mashable in an email. While the creators provided no specific launch date, they said these new features will launch "soon."

Bang With Friends' controversial debut attracted plenty of media attention, as well as user interest. The app's "mostly 20-something" user base has topped 30,000, according to the California-based creators — three men who keep their identities hidden. What's more, they claim the app is registering five new users, or "bangers," every minute.

Bang With Friends' goal is simple, and its approach has a decidedly frat-boy-esque quality that may appeal to a young user base (the creators' contact email is "pimpin@bangwithfriends.com," after all). To join, users sign in with Facebook, and are taken to a page that features names and photos of their friends. After settling on an object (or objects) of lust, users must click a "Down to Bang" button that then changes to "Awaiting Bang."

The app says it "will only show your friends that you're interested if they are too," and notifies both parties via email about their mutual interest.
https://mashable.com/2013/01/29/bang-with-friends/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

January 26th, January 19th, January 12th, January 5th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Old 30-01-13, 09:04 PM   #2
theknife
my name is Ranking Fullstop
 
theknife's Avatar
 
Join Date: Dec 2001
Location: Promontorium Tremendum
Posts: 4,391
Default

Quote:
Mega-search.me features a search engine. A search for Quentin Tarrantino’s latest film, Django Unchained, resulted in a host of links that purportedly lead to the movie. The site has one banner ad.
well, that didn't take long.
theknife is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 02:15 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)