P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 10-07-13, 07:46 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - July 13th, '13

Since 2002


































"The court rightly found that the traditional legal system can determine the legality of the mass, dragnet surveillance of innocent Americans and rejected the government's invocation of the state secrets privilege to have the case dismissed." – Cindy Cohn


"Comrades: cancel your Facebook accounts, you've been working for free as CIA informants!" – Venezuela Minister Iris Varela






































July 13th, 2013




France Drops Controversial 'Hadopi Law' After Spending Millions

The 'three strikes' anti-piracy measure, introduced under Nicolas Sarkozy, would have cut off users' access to the internet
Siraj Datoo

A French anti-piracy law that would disconnect those suspected of copyright infringement has been overturned and replaced with a system of automatic fines, it has been announced in a official government report.

Mired in controversy, the "Hadopi law" succumbed to the pressure of the entertainment industry and would disconnect those suspected of piracy from the internet. Users were first sent two written warnings, in what was called a "graduated response", and if they did not reply their internet connection would be cut off on the final warning.

The report says that instead of simply disconnecting users, those suspected of copyright could be fined if they did not reply to warnings, with a relatively low fine (€60) to begin, and the size of the fine would increase depending on the number of infractions.

French anti-piracy will now their focus – instead of handing heavy punishments to individual users, the government is looking towards penalising "commercial piracy" and "sites that profit from pirated material", according to an official spokesperson.

The Hadopi law was introduced in 2009 by the then president, Nicolas Sarkozy, but suffered great controversy when France's highest court, the Constitutional Council, declared access to the internet a basic human right.

The government has spent millions on the agency that patrols the system and during its implementation, it only ever fined one individual €150, disconnecting their internet access for 15 days.

In 2009, Sarkozy defended the Hadopi law, insisting that the government should protect "lawlessness" in all parts of its territory, including in the online world:

"How can there be areas of lawlessness in areas of our society? How can one simultaneously claim that the economy is regulated but the internet is not so? How can we accept that the rules that apply to society as a whole are not binding on the internet?…

By defending copyright I do not just defend artistic creation, I also defend my idea of a free society where everyone's freedom is based on respect for the rights of others. I am also defending the future of our culture. It is the future of creation."
http://www.guardian.co.uk/technology...aw-anti-piracy





Simple Mobile File Sharing Grows Up: Meet the New Wave of Phone-to-Phone Apps
Mark Sullivan

It’s 2013, and we carry little computers in our pockets everywhere we go. We live in a world that’s more connected and social than ever before. But, inexplicably, we still can’t use our smartphones to share our data, files, and memories with each other easily and seamlessly without using email or some type of formal cloud service like Google Drive or Microsoft’s SkyDrive.

Phone-to-phone file sharing hasn’t yet caught on—seriously, are you using it yet?—but the biggest name in mobile hardware is finally waking up to its utility. At WWDC a few weeks ago, Apple trotted out iOS 7, and one of the mobile operating system’s new features is AirDrop, which permits one iOS 7 device to directly share files with other iOS 7 devices. Google built mobile file sharing into Android 4.0 last year.

This idea of “simple mobile sharing” has been around since the early days of Bluetooth, but using it in the real world has always been a hassle, and as a result it has never really caught on. Honestly, when was the last time you bumped or tossed or beamed your contact information to someone at a party or conference?

But a new wave of simple mobile sharing apps—let’s call it mobile sharing 2.0—is ironing out some of the hassle, and adding cool features to the basic one-to-one sharing model that Bump introduced four years ago. New apps like Hoccer and Phrizbe make it fairly easy for you to walk into mixed company, and share content with pretty much any creed of smartphone in the room.

New simple mobile sharing apps

Neither Hoccer nor Phrizbe requires Bluetooth—each can send files to other devices via Wi-Fi or cellular network. Instead of sharing files directly, Hoccer uses an intermediary server to push files to the receiving device. Phrizbe can work through an intermediary server, too, but it can also share files via a direct peer-to-peer connection over Wi-Fi. Apple AirDrop, meanwhile, uses Wi-Fi or Bluetooth to support direct sharing with other iOS devices.

AirDrop, Hoccer, and Phrizbe don’t require physical contact between two smartphones. You can execute the share with just a few taps on your screen, and you can forget about email and drop boxes entirely.

Phrizbe is a relatively new player in the space—the service launched at TechCrunch Disrupt NYC at the end of April. Like Bump and Hoccer, Phrizbe has taken pains to move from being strictly a mobile platform to connecting with PCs. The company has only recently finished its Windows 8 app, which runs on desktop PCs and tablets.

“Our mantra is ‘click, pick and share,’ and we’re obsessed with making sharing from any mobile device just that simple,” says Phrizbe president and cofounder R.J. Holmberg. “People need to be able to share from their phone or tablet with no setup and no need to deal with platform or OS walls.”

Microsoft was interested enough in the Phrizbe file-sharing concept to work with the company on building a Windows 8 app. The result is a clean and simple-looking app that works especially well on tablets.

On Phrizbe, after you select the contacts, photos, or videos you want to share, and specify the people you want to share with, you make a swiping motion—and the file appears to fly off the screen toward its recipient or recipients. This user interface effect reinforces the idea of throwing content to people much as you might throw a Frisbee. You can see a video of everything in action here.

It started with a Bump

Bump, the category pioneer, defines the first wave of mobile sharing technology. When two phones running the Bump app physically bump together, a remote server identifies both devices, and sends down whatever files the users have asked to share—photos, videos, contact information, or whatever other files they have stored on their phones.

But Bump can’t auto-detect other Bump users in a room. And it doesn’t send files to more than one recipient at a time, as AirDrop, Hoccer, and Phrizbe do.

Bump cofounder Dave Lieb says that the company intentionally omitted these proximal and one-to-many sharing tricks from the app. “We could have built a one-to-many aspect into our app, but we really haven’t seen compelling use cases that people want to use that for,” Lieb says.

Lieb says Bump’s simplicity is crucial to its usefulness. “We wanted Bump to be something where you could be done in a half a second,” he says. “We wanted it to be so easy, your mother could do it. Most of those other solutions can’t promise that.”

After Bump, the next big milestone in mobile sharing came when Google decided to add the Android Beam sharing function to Android. Devices running Android 4.0 or later can use Android Beam. When two such smartphones are placed back-to-back, they rely on NFC (near-field communication) to share files with each other. Like Bump, Android Beam can share files with only one other device at a time—but because it does this sharing directly via NFC (and doesn’t depend on a network server), it’s potentially faster.

Samsung has embraced mobile sharing too. Known for augmenting basic Android functions with its own proprietary features and services, Samsung built its own file-sharing function, S-Beam, into the Galaxy S IIK and Galaxy Note II phones. You may have seen the expensive TV ads showing off S-Beam file sharing. Samsung’s tech works almost identically to Android Beam, but the file-sharing interface is slightly different, and Samsung has added the much-faster Wi-Fi Direct as an alternative to NFC for sending files.

Problems remain

Simple mobile sharing sounds, well, simple in theory, but walled garden ecosystems have prevented the technology from going mainstream. For example, an Android Beam user can’t share files with iPhone owners who use AirDrop. And a Bump devotee can’t share files with a Phrizbe user. But here’s the biggest barrier: Some peoples’ phones have mobile sharing apps and features, while others do not. It takes two to tango in the world of peer-to-peer file distribution.

Developers are getting creative in dealing with these problems. To accommodate Phrizbe have-nots, Phrizbe sends files to their email addresses—along with a link to the Phrizbe app (but of course). With the app duly installed on both devices, two data-loving friends can share files with just a few clicks, even if they’re on opposite sides of the country.

Still, a major pain point remains: If simple sharing services are to develop mass appeal, they have to enable us to share files and contact information in the wild, with people we’ve only just met. If a person that you want to swap data with happens to have the same service you do (environment-aware apps like Phrizbe will tell you if that’s the case), sharing information is easy. But this doesn’t happen very often.

Qualcomm and hopes for a future standard

Clearly, it would benefit everyone—consumers, phone manufacturers, mobile OS companies, the wireless networks, and app developers—if the mobile industry could agree on a simple set of standards. If mobile sharing is to go mainstream, we need a set of common protocols that all operating systems, phones, and carriers can adopt.

Such a standard would be built into phones just as Bluetooth is today. Simple mobile sharing would become mundane, commonplace, and blissfully unremarkable.
Bizzabo uses AllJoyn to detect nearby devices.

The technology right now that has perhaps the best chance of becoming such a standard is AllJoyn, which mobile chip giant Qualcomm is developing. AllJoyn (video) is a middleware platform that enables a mobile device to detect other nearby devices that it can share files with, and then lets it create a direct tunnel (via Wi-Fi) to those devices to move the files.

App developers like Phrizbe use an SDK from Qualcomm to build AllJoyn into their apps. The chipmaker says that about 40 apps in the Google Play store now include AllJoyn in their code. Qualcomm has released SDKs for Android, iOS, Linux, Windows 7, Windows 8, and Windows RT, but not yet for Windows Phone 8 or BlackBerry.

Qualcomm’s senior director of business development Lauren Thorpe points out that many of the apps that now use AllJoyn are not specifically about file-sharing, but instead use AllJoyn to add proximal and peer-to-peer sharing capabilities to their apps. Phrizbe, for example, depends on AllJoyn for its direct peer-to-peer capability (without it, users would have to share files from the cloud). Another app, Bizzabo, relies on AllJoyn for its ability to detect other nearby devices that it can share with.

If AllJoyn became a standard, disparate apps could use it as a common sharing language. An AllJoyn-enabled Bump app could swiftly share contact information with an AllJoyn-enabled Phrizbe phone, for example.

IDC analyst John Jackson believes that Qualcomm is already positioning AllJoyn to become a standard. “Qualcomm is hunting around for a standards body to carry the AllJoyn standard forward and make it an open standard instead of just an open-source project,” he says. “It’s clear that standardization by a recognized and globally accepted standards body would help and put the technology in a position to be universally distributed at some point.”

However, Jackson adds that the old walled-garden issue is likely to rear its ugly head again. “Adoption would likely be limited for as long as various incumbent parties pursue proprietary paths,” he says.

And there, in a nutshell, is the conundrum that almost all mobile devices, media, and services face. Innovations like the iPhone happen in fiercely competitive—and protective—markets like the one we have today. But that same environment prevents competing companies and ecosystems from adopting standards that would permit their products to work and play well with others in the wild.
http://www.techhive.com/article/2043...hone-apps.html





92% of E-Book Downloads in Russia Are Pirated
Lauren Indvik

E-reading is on the rise in Russia, but piracy remains a big problem for the burgeoning market.

According to figures published by Russia: Beyond the Headlines, 70% of Russians read e-books, nearly a quarter more than the number who did a year ago. Yet 92% of those readers download their books from the Internet for free, compared to around 12% [PDF] in the U.S. (Other estimates place the number even higher, around 95%.) That's all the more surprising given that the average price of an e-book in Russia is relatively cheap, around $3 to $4. That's about half the cost of a hard copy, and just a fraction of the cost of the average e-book in the U.S.

According to the same data, 36% of e-reading Russians borrow e-books from friends, and a mere 15% buy digital copies on "specialized web sites." Those digital copies generated 250 million rubles (about $7.5 million) in sales last year, nearly twice as much as 2011, according to the Russian Association of Online Publishers. E-books now account for around 1% of Russia's total book market.

Time, money and convenience are the three most-cited reasons for turning to e-books. Education is another problem. Vladimir Grigoryev, deputy head of the Russian's mass media agency Rospechat, told RBTH that many people don't know whether they are reading licensed or pirated books.

Distribution is also an issue. Three in 10 e-book readers say they turn to the format because they can't find the titles they want in stores. Only 60,000 e-books are offered through licensed retailers, while pirates offer around twice as many titles, according to one analyst's estimates.

Publishers and retailers are working to boost the number of licensed titles, and Ropeschat has launched an online campaign, dubbed "Read Legally," to educate digital readers about the need to purchase licensed works to support their favorite authors. The agency is also monitoring pirating websites, removing more than 25,000 links to unlicensed works over the last two years, according to Publishing Perspectives.
https://mashable.com/2013/07/09/russia-ebook-piracy/





U.S. Judge Rules Apple Colluded on E-Books

Decision threatens to limit tech company's options in future content negotiations
Chad Bray, Joe Palazzolo and Ian Sherr

Apple Inc. colluded with five major U.S. publishers to drive up the prices of e-books, a federal judge ruled Wednesday in a stern rebuke that threatens to limit the technology company's options when negotiating future content deals.

The ruling—which follows Apple's high-stakes gamble to go to trial even though the publishers settled similar charges—exposes the tech company to as-yet undetermined damages and opens the door for the Justice Department to take a closer look at its other business lines. In settling, the publishers denied wrongdoing.

At issue are the steps Apple took to gain a foothold in e-books for its iTunes online store. The iTunes store is a strategically vital area that accounts for about 10% of Apple's revenue and faces fierce competition from rivals—in particular Amazon.com Inc.

Justice Department prosecutors argued that Apple used publishers' dissatisfaction with Amazon's aggressive e-book discounting to shoehorn itself into the digital-book market when it launched the iPad in 2010. Apple's proposal: Let publishers set prices themselves. That led to Amazon losing the ability to price most e-book best sellers at $9.99, causing prices to rise.

In her ruling, U.S. District Judge Denise Cote in Manhattan said the evidence was clear that Apple, despite its claims that it negotiated fiercely and separately with each publisher, was at the center of the conspiracy.

"Understanding that no one publisher could risk acting alone in an attempt to take pricing power away from Amazon, Apple created a mechanism and environment that enabled them to act together in a matter of weeks to eliminate all retail price competition for their e-books," she wrote in a 160-page decision.

Apple said it did nothing wrong and said it plans to appeal. "Apple did not conspire to fix e-book pricing and we will continue to fight against these false accusations," an Apple spokesman said. "When we introduced the iBookstore in 2010, we gave customers more choice, injecting much needed innovation and competition into the market, breaking Amazon's monopolistic grip on the publishing industry."

Consumers won't see changes in e-book prices as a result of the ruling. Prices of many best-selling titles had already come down after the major publishers settled.

Apple's decision to fight the Justice Department underscores the stakes in the case. The company makes most of its money selling iPhones and iPads. But its iTunes service has become a central part of its offering with huge volumes of electronic content enticing people to buy and upgrade Apple products.

The company has been an aggressive bargainer, successfully opening up new markets for electronic content, most notably with music. But the ruling raises questions about the leverage Apple may have when negotiating future content deals.

The Justice Department itself isn't seeking monetary damages but has instead asked the court to adopt a variety of measures to ensure Apple doesn't engage in similar conduct in the future. This includes not entering "most-favored nation" clauses requiring publishers to match competitors' prices in Apple's digital bookstore, and possibly ending the company's practice of charging a 30% commission on books sold through third-party apps in its App Store.

The judge, who will hold a hearing on those requests, could choose to heavily regulate Apple, legal experts say, potentially slowing deal-making with content partners for new products, such as its long-awaited television. "Under antitrust law, you can not only prevent the unlawful conduct, but also prevent other conduct that can lead to a similar result," said David Balto, former policy director at the Federal Trade Commission.

Because Apple was found liable for violating U.S. antitrust laws, a separate trial on damages will take place in a lawsuit against the company brought by 33 state attorneys general, who are seeking to recover money on behalf of consumers who paid higher prices for e-books. Apple also faces a private class-action suit alleging price-fixing. The private plaintiffs could recover damages from Apple, provided their legal claims are distinct from the states'.

In the ruling, the judge pointed to comments by Steve Jobs, Apple's co-founder and CEO who died in 2011, as "compelling evidence of Apple's participation in the conspiracy."

In emails introduced as evidence, Mr. Jobs seemed to gloat after published reports in January 2010 that Macmillan and Amazon were separately clashing over pricing following the Apple deal. "Wow, we have really lit a fuse on a powder keg," Mr. Jobs wrote in an email from Jan. 30, 2010.

In a group email at Apple the next day, Mr. Jobs said: "We have definitely helped stir things up in the publishing world."

Judge Cote said she wasn't persuaded by testimony from Eddy Cue, an Apple senior vice president who led negotiations with publishers, who argued that his company's only motivation was to get the best deal from publishers.

The judge said she believed Mr. Cue was driven in his negotiations by a desire to please Mr. Jobs. "Cue knew that Jobs was seriously ill and that this would be one of his last opportunities to bring to life one of Jobs's visions and to demonstrate his devotion to the man who had given him the opportunity to help transform American culture," Judge Cote wrote.

Mr. Cue didn't respond to a request for comment Wednesday.

When it entered the e-book market in 2010, Apple agreed to shift to a so-called agency model in which publishers, rather than retailers, set the price of e-books. As part of its deals with the publishers, Apple received a 30% commission on each book sold and the publishers had to match the price of Amazon or other competitors if the competitor's price was lower.

Amazon declined to comment.

At the time, Amazon was the dominant player in the market, accounting for between 80% and 90% of all e-book sales. However, the major publishers were concerned that Amazon was selling books at a loss in order to gobble up market share and had threatened to begin withholding some of their most popular books from the online seller.

The odds of reversing the decision and avoiding damages are long, some legal experts said. The outcome may be similar to the Justice Department's lawsuit against Microsoft Corp. The U.S. Court of Appeals for the District of Columbia was constrained by the judge's heavily fact-based opinion and in 2001 upheld many of his inferences, said Keith Hylton, a professor at Boston University's School of Law.

The Apple case could resonate beyond e-books, with broader implications for providers of everything from music to movies. "If you're a tech company and you are looking to aggregate content, you have to be exceptionally conscious about how you talk to your suppliers," said Ankur Kapoor, an antitrust lawyer at Constantine Cannon LLP. "U.S. v. Apple has put these communications under a very fine microscope."

Apple has recently shown signs of more flexibility in its negotiations. Many of the terms of Apple's royalty agreements for its radio service, for example, were more generous to the music companies than what rivals, such as Pandora Media Inc., pay.

Apple's reputation appears unharmed, according to Mark Patterson, a professor at Fordham Law School who specializes in antitrust matters and agreed with Judge Cote's ruling. "The consumer response is a big yawn," he said.

Its shares were little changed on the news, dropping less than 1%, to $420.73 on Wednesday. The stock, however, has fallen about 30% in the past year amid concerns that its growth is slowing.

—Jeffrey A. Trachtenberg and Jacob Gershman contributed to this article.
http://online.wsj.com/article/SB1000...053469898.html





Swedish Fan-Made Subtitle Site Is Shut Down By Copyright Police
John Biggs

In a move that should give Twilight slash-fic writers pause, the Swedish copyright enforcement agency, called Intrångsundersökning, raided and seized the servers of Undertexter.se, a fansub site dedicated to collecting fan-made English and Swedish subtitles. The raid happened in Stockholm yesterday morning.

Fansub sites supply specially coded text files that viewers can use to sync the audio with translated subtitles. They are obviously very popular with consumers of pirated content, but even Netflix used some fansubs to add subtitles to their movies in Finland. What’s more, the subtitles aren’t copies of the text available on, say, DVDs or Blu-rays, but are mostly renditions of the on screen action (that are often actually hilariously bad). However they are still unpaid labors of love produced by fans of certain shows and movies, more akin to a remix than wholesale piracy, and they are very valuable in underserved markets.

In short, Hollywood picked exactly the wrong folks to bother. And, incidentally, the data is still online.

Undertexter.se is no longer live. They have placed a message on their Facebook account and domain, translated here by Falkvinge:
This morning the police raided Undertexter.se and seized both servers and desktops. We who work on the site don’t consider a interpretation of dialog to be something illegal, especially not when sharing it for free. Henrik Pontén [the copyright industry's primary henchman in Sweden], who is behind the raid, disagrees. Sorry Hollywood, this was the totally wrong card to play. We will never surrender. [...] We must do everything in our power to stop these anti-pirates. [...] More info soon. / UT Crew

The Swedish Pirate Party also issued a statement saying “Today’s monopoly scuttles and inhibits creativity in a way that is completely unreasonable. The raid against undertexter.se is yet another piece of evidence that the time has come to reform the copyright monopoly from the ground up.”

While there is a lot of highfalutin talk about freedom and means of control flying around about the shutdown, it’s clear that fansubs are the least of Hollywood’s concern. That they would see fit to have the Swedish government pull a set of text files of tangential importance to the film industry is like shutting down an artist who paints portraits of Wesley Crusher kissing Data – it’s obviously unpalatable and destroys far more good will than money it saves.

A similar case appeared in Poland in 2007 when a popular fansub site was shut down. Polish authorities recently closed the case. From DobreProgramy:
Elizabeth Łowicka, deputy head of the Prosecutor’s Office in Zabrze, today announced that the prosecution has decided to discontinue the case. The reason for this decision was justified by the ignorance of unlawfulness of the conduct exhibited by the translators.

In short, the translators didn’t think it was wrong – and, in the end, I hope more copyright enforcers agree it wasn’t.
http://techcrunch.com/2013/07/10/swe...yright-police/





'Lost' Beatles Gig Footage Sparks Lawsuit
Eriq Gardner

'Tis the season for allegations on how overstepping intellectual property rights can lead to trouble. Last week, a $500 million lawsuit against Lionsgate was filed for interfering with a Twilight parody film. Now, a new lawsuit claims that Sony/ATV Music Publishing and Apple Corps tortiously interfered with the release of the documentary "The Beatles: The Lost Concert."

According to Ace Arts, the company got ahold of a 35-minute tape of a Feb. 11, 1964 Beatles concert at the Coliseum in Washington, D.C.

The tape of the concert passed through several hands before eventually being acquired by Ace.

The company says it entered into a deal with Screenvision Exhibition to show the documentary in 500 theaters nationwide before Sony/ATV and Apple Corps interfered.

Ace says the tape is in the public domain.

The claim says that it was "sold without copyright protection." (Back in the 1960s and '70s, companies appear to have been more lax about copyright notices. This sort of thing has come up in recent disputes from Velvet Underground albums to iconic porn films.)

Even though Ace advertises the film as "lost," it also says the concert has been exploited multiple times before -- without objection.

To distribute the film, the filmmakers needed synchronization licenses to the songs featured in the film. These licenses are required whenever music is matched to visuals.

Negotiations commenced with Sony/ATV, which owns certain publishing rights to Beatles songs after Michael Jackson famously bought them in the 1980s to Paul McCartney's chagrin.

But Apple Corp, which was set up by the original Beatles members and is not to be confused with the iPhone company, was allegedly planning its own use of the footage.

"At the eleventh hour, in mid-April 2012, Sony/ATV, at the insistence of, and in conspiracy with, Apple Corps, wrongfully interfered with the distribution contract by making false statements to exhibitors, theater owners and potential distributors concerning Ace's legal right to exhibit the documentary, making unjustified threats of legal action and filing a baseless lawsuit in England," the lawsuit states.

Ace says that Sony/ATV made the "highly unusual" step of granting exclusive synchronization licenses to Apple Corps. As a result, the distribution deal for The Beatles: The Lost Concert fell through.

Represented by attorney Lee Squitieri, the plaintiff is suing on antitrust grounds, abuse of copyrights, tortious interference and unfair competition. The plaintiff also says that its work was transformative and that the documentary would have made hundreds of millions of dollars.

Sony and Apple Corps haven't commented yet.
http://www.billboard.com/articles/ne...sparks-lawsuit





Microsoft Settled 3,265 Software Piracy Cases in 43 Countries During its Last Fiscal Year
Matthew Panzarino

Microsoft settles a lot of lawsuits, that’s pretty much a given when your company is the size of the Redmond software (and hardware) maker. But now, thanks to a release, we know exactly how many of those settlements were software piracy cases.

According to the official stats, Microsoft settled 3,265 software piracy cases in 43 countries in the fiscal year ending June 30th. Only 35 of those were in the U.S. and only 19 states are named. The other 3,230 cases were international, and were spread across 42 countries.

“Software counterfeiting negatively impacts local and global economic growth, stifles innovation, and puts consumers and businesses at risk,” said David Finn, associate general counsel in the Microsoft Cybercrime Center in a statement.

Microsoft says that those messages which urge you to ‘report this software as stolen’ when you fire up an inauthentic copy of Windows are actually working, too. Since 2005, it has gotten over 450,000 counterfeit reports from customers.

One case that Microsoft calls out is an infringement by Ningbo Beyond Group, part of an ongoing suit brought by the Attorney General of California after it determined that the garment manufacturing company wasn’t paying for its software, and therefore gaining an unfair advantage over its stateside competitors.
http://thenextweb.com/microsoft/2013...t-fiscal-year/





RIAA Wants Infamous File-Sharer to Campaign Against Piracy
David Kravets

Jammie Thomas-Rasset testifies in her first civil trial in 2007, while U.S. District Judge Michael Davis watches from the bench. Illustration: Cate Whittemore/Wired

Did you hear the one about the world’s most infamous music file-sharer being asked to publicly extol the virtues of the Recording Industry Association of America’s anti-piracy platform?

The RIAA is suggesting Jammie Thomas-Rasset do just that. In exchange, the recording studios’ lobbying and litigation arm would reduce a $222,000 jury verdict the Supreme Court let stand in May — her punishment for sharing 24 songs on the now-defunct file-sharing service Kazaa.

However, the 36-year-old mother of four and the nation’s first file-sharer to challenge a Recording Industry Association of America lawsuit, said she would rather go bankrupt.

“I’m not doing it,” the Minnesota woman said in a telephone interview today. She said she earns a small salary working in the natural resources department of a local Native American tribe.

The RIAA’s overture, which did not specify how much it would relieve of the debt, comes four months after the Supreme Court declined (.pdf) to review Thomas-Rasset’s petition claiming the damages award was unconstitutionally excessive and was not rationally related to the harm she caused the music labels.

In a statement, RIAA spokesman Jonathan Lamy said:

We continue to try to resolve this case in a reasonable way. In the past, for example, we have reached out to Ms. Thomas to settle the case in exchange for a contribution to a local music charity. We have communicated to Ms. Thomas that we would consider a variety of non-monetary settlement options, which is up to her to offer. We think this is a gesture of a good will and we’re doing what we can to resolve this case in a manner that works for everyone.

Thomas-Rasset’s attorney, Michael Wilson, said in a telephone interview today that “the record industry was offering a kind of a public statement as a possible supplement so she wouldn’t have to pay the full amount.”

He said the RIAA offered “no specifics.”

“It was kind of a general idea, nothing concrete,” Wilson added. “I would assume it would be something along those lines: anti-piracy and culpability.”

Wilson said that, because “she is pretty opposed” to making a statement, he is exploring the possibility that Thomas-Rasset file for bankruptcy protection to keep the damages award at bay.

This wouldn’t be the first time the RIAA has sought a public-service announcement from a file-sharer.

In 2009, a Los Angeles man was sentenced to two months’ home confinement and a year of probation for uploading nine unreleased tracks of Guns N’ Roses’ Chinese Democracy to his music site. Federal prosecutors initially sought six months of prison, but Cogill got no time after agreeing to do an RIAA public service announcement that would scare future file sharers straight.

But the RIAA never made Kevin Cogill follow through.

Meantime, Thomas-Rasset’s legal odyssey dates to 2007. The RIAA’s litigation had a tortuous history involving a mistrial and three separate verdicts for the same offense — $222,000, $1.92 million and $1.5 million.

Out of the thousands who were sued, the only other file-sharer to challenge an RIAA lawsuit at trial was Joel Tenenbaum, then a Massachusetts college student, whose case followed Thomas-Rasset’s. A federal appeals court last month upheld a Boston federal jury’s award of $675,000 against him for sharing 30 songs.

Most of the thousands of RIAA file-sharing cases against individuals have settled out of court for a few thousand dollars. In 2008, the RIAA ceased a five-year campaign it had launched to sue individual file sharers and, with the Motion Picture Association of America, has since convinced internet service providers to begin taking punitive action against copyright scofflaws.
http://www.wired.com/threatlevel/201...s-file-sharer/





Aereo Sued by Hearst TV Station in Boston Over Copyright
Don Jeffrey

Aereo Inc., the online television service facing lawsuits by broadcast TV networks in New York for copyright infringement, was sued in Boston by a Hearst-owned television station over similar claims.

Hearst Stations Inc. said that Aereo has infringed the copyrights of its WCVB station by capturing its signals and retransmitting the programming to its subscribers without a license, according to federal court records.

“If Aereo is permitted to profit from the unauthorized retransmission of copyrighted television programming, WCVB will be deprived of existing and potential revenue streams from advertising and authorized retransmissions,” Hearst said in its complaint.

The broadcast TV networks, including CBS Corp. and Walt Disney Co.’s ABC, sued Aereo in New York in March 2012. U.S. District Judge Alison Nathan rejected the networks’ motion for an injunction that would have shut down the service, and a panel of New York appeals judges upheld that ruling in April. Immediately after that, Aereo announced plans to expand to Boston and other cities.

In May Aereo sued CBS Corp. (CBS) in New York after published reports said CBS might sue in Boston to try to shut down its service there.

Aereo has filed a motion in New York to dismiss the networks’ suits, while the networks have petitioned the full appeals court to re-hear the arguments for an injunction.

Virginia Lam, a spokeswoman for New York-based Aereo, said the company declines to comment on the Boston suit.

WCVB produces more than 43 hours of original local programming a week from studios in Needham, Massachusetts, according to the court filing. Its shows include “Chronicle” and “On the Record.”

Hearst Stations is part of New York-based Hearst Corp.

The new case is Hearst Stations v. Aereo, 13-cv-11649, U.S. District Court, District of Massachusetts (Boston).
http://www.bloomberg.com/news/2013-0...copyright.html





Winny File-Sharing Program Developer Kaneko Dies at 42

Isamu Kaneko, the developer of the widely used Winny file-sharing software, died of illness Saturday night at a Tokyo hospital, his relatives said Sunday. He was 42.

The native of Tochigi Prefecture published the free program online in 2002 that enables peer-to-peer online file exchanges, when he was a University of Tokyo researcher.

Kaneko was later charged with assisting Winny users to illegally copy movies, games and other content and was found guilty by the Kyoto District Court in 2006.

But the Osaka High Court overturned the district court decision and acquitted him in 2009, saying he had not intended to encourage copyright violations.

The Supreme Court upheld the high court ruling in 2011, saying it was up to users to decide how to employ the Winny file-sharing program, which it said could be used for legal or illegal purposes.

Kaneko's case was the first in Japan to address the question of whether the developer of a file-sharing software program can be held criminally responsible for copyright violations.
http://www.globalpost.com/dispatch/n...eko-dies-at-42





How DRM Won

DRM is still alive and well—it just lives in the cloud now.
Vijith Assar

In 2009, when Apple dropped the Digital Rights Management (DRM) restrictions from songs sold through the iTunes Store, it seemed like a huge victory for consumers, one that would usher in a more customer-friendly economy for digital media. But four years later, DRM is still alive and well—it just lives in the cloud now.

Streaming media services are the ultimate form of copy protection—you never actually control the media files, which are encrypted before delivery, and your ability to access the content can be revoked if you disagree with updated terms of service; you’re also subject to arbitrary changes in subscription prices. This should be a nightmare scenario to lovers of music, film, and television, but it’s somehow being hailed by many as a technical revolution. Unfortunately, what’s often being lost in the hype over the admittedly remarkable convenience of streaming media services is the simple fact that meaningfully relating to the creative arts as a fan or consumer depends on being able to access the material in the first place. In other words, where your media collection is stored is not something to be taken lightly.

Since streaming services host the multimedia content and send it to you upon each request for playback, they can always deny the request. Netflix streaming content sometimes features impending expiration dates. In April, Netflix decided to limit access to two concurrent streams per subscriber, putting an end to years of informal password sharing between roommates, acquaintances, and family members. Whether or not that’s legally justifiable, it’s certainly a greater degree of control over user behavior than content providers ever enjoyed with any file-based DRM systems.

In order to understand the problem, it’s important to distinguish between the streaming services modeled after libraries and those modeled after radio stations. In the library model, users are presented with an enormous selection of tracks from which to choose; Spotify and Grooveshark are key examples of this. In the radio model, track after track is pushed to the listener, who has usually indicated a preference for a particular style or genre; Pandora and Apple’s new iRadio service are among the bigger names in this space. Both kinds of streaming service can earn revenue from subscription fees, advertising, or affiliate referrals to a download store. That last one is the catch: so far, only services using the radio model actively promote download purchases. By and large, the radio model explicitly positions the service as a music discovery service, whereas the library model aspires to replace locally-stored music collections. This is why you will find integrated purchase links in Pandora, but not in Spotify — because when you want to hear a specific song at a specific moment, Pandora’s service can’t help you, but Spotify probably can.

Nonetheless, unlike its predecessors, Spotify can still integrate its streaming content with offline media, and would not have fared as well had it tried to ignore the huge local media libraries that listeners had compiled prior to its launch. But that’s where the cooperation ends. Spotify seems to have little interest in promoting further investment in a listening platform other than their own, even if both services are compatible. If you find a new album you love, you can add it to a playlist on Spotify, in which case you risk eventually losing access to it. You can also download a copy externally, legally or otherwise, and Spotify will happily integrate it with your streaming library and play it back. But Spotify will make no attempt to connect you with the other services—there are no handy purchase links—and of course their payment model makes no allowance for this behavior either. There’s no flow from exploration to fandom, no concession that you might first listen to something new and then like it enough to want to keep it around forever.

It’s not that there’s anything inherently superior about tangible file downloads, of course—the experience is largely the same once you hit the play button, and many fanatical music fans were operating personal streaming media servers using specialized solutions years before the Amazon Cloud Player, iTunes in the Cloud, and Google Play made cloud storage for music libraries mainstream. The problem is this “buffet approach” to media avoids permanence, both contractually and technically—previously, you’d always be able to hear that song because you bought it, stole it, downloaded it, saved it, backed it up—some combination of the above, at least. Lala.com sold a la carte web streams for specific songs, and was quickly gaining steam when it was purchased and unceremoniously executed by Apple in December 2009. The transaction for a Lala stream was “$0.10 for this song, forever.” The transaction for a Spotify stream is “$9.99 for access to whatever we choose to provide, for one month.” If you opt for the latter, then whose music library is it, really?

Here, then, is the question that the providers of streaming library services are sneakily dodging: are they providing a music discovery platform, or a permanent replacement for local media? If it’s the first, then they should have no problem integrating links to purchase songs in their library from another source such as iTunes or Amazon. If it is the latter, can there be any guarantee to users about the permanence of various tracks and albums? Current royalty rates for music streams are abysmal and upsetting to many artists and labels, as recent impassioned cases by Galaxie 500 and David Lowery continue to illustrate. Every major streaming service has gaps in the available catalog, and many have also experienced indignant defections from dissatisfied record labels. Your love for an album does not change simply because the streaming service and the copyright holders could not agree on the financial terms, but if the solution is simply to pass the new holes along to the users, carving away sections of their beloved online libraries after they’ve established their emotional investment in particular pieces of film or music, then the cultural permanence of the art ends up degraded.

The easiest answer here is a cop-out identity statement—perhaps Spotify is intended neither as a sampling service nor a permanent replacement, and is rather only a temporary window into a limited content set. But what changes about the process of digesting culture when your ability to understand, appreciate, and enjoy the material depends on a relationship that you no longer control? It’s difficult to explore using one format and then commit using another, so for the first time in history, we’re building personal media libraries that can be remotely disabled. Digital media usually needs a format shift every few years, and in the absence of strong import and export APIs, which every major streaming service thus far has predictably declined to provide, eventually migrating your fandom between platforms essentially becomes logistically impossible.

Think about it: when a film is removed from Netflix, do you typically seek out an offline copy, or do you forget it and move on to something else? Spotify was strong-armed into importing iTunes, but it would be bad for business to allow you export to anything else down the line. It’s absurd—these extreme locks are just for references, metadata, and your own consumption history, but not the actual content. If you want to jump ship someday to something else, you certainly can’t take the music you like along with you; you might not even be able to take the database records indicating that you ever liked it in the first place.

The need for a centralized music service became evident as soon as file sharing arose in the late 1990s, but it took far too long for the tech industry and the music industry to reach an agreement regarding how to go about it. Those terms are now being established, but they are still tenuous and contested, and a fan experience built atop the conflict makes for a rickety cultural future. Ultimately, regardless of the delivery mechanism, the question is not one of streaming versus downloads. It’s about whether you want to have your own media library or request access to somebody else’s. Be careful.
https://slashdot.org/topic/cloud/how-drm-won/





Internet Big Boys Take Aim at Singapore's 'Regressive' New Rules
Kevin Lim and Jeremy Wagstaff

Singapore's move to tighten regulation of news web sites, already under fire from bloggers and human rights groups, has attracted criticism from an unexpected quarter - large Internet firms with a big presence in the city-state which say the new rules will hurt the industry.

Web giants Facebook Inc, eBay Inc, Google Inc and Yahoo! Inc have said the revised rules "have negatively impacted Singapore's global image as an open and business-friendly country".

The comments, made in a letter to the Minister for Communications and Information, Yaacob Ibrahim, by the Asia Internet Coalition, an industry body, are the first sign that Singapore's success in wooing major players is not assured.

Google, eBay, Facebook and Yahoo all have a major presence in the city-state.

Google said separately it was concerned about the long-term implications of the regulation - especially for local Internet entrepreneurs who it said now faced greater uncertainty and legal risk.

Minister Yaacob, however, told parliament on Monday that his ministry intended to move ahead with the legislation, despite calls from lawmakers to delay its implementation, and dismissed some of the concerns raised.

"The overall law is not meant to force sites to close down by causing them financial difficulties. MDA have already indicated and replied earlier that they will be prepared to exercise flexibility where warranted should a site have genuine difficulties putting up a bond," he said.

In late May, the Media Development Authority (MDA) said websites that regularly report on Singapore would have to be licensed and listed 10 news sites that would be affected, based on criteria such as having 50,000 unique visitors from Singapore each month.

Websites affected by the new licensing regime would have to put up a S$50,000 ($39,300) performance bond as well as take down within 24 hours any story that authorities deemed objectionable.

"Singapore aims to be the future, but this regulation looks a lot like the past," Google's Ann Lavin, director of public policy and government affairs, Southeast Asia, told Reuters.

MDA had said the changes would make the rules governing news websites more consistent with those affecting newspapers and other traditional media platforms. It also said there was no change in its content standards, a point reiterated by Yaacob.

GROWING SECTOR

The Asia Internet Coalition (AIC) was set up in 2011 by Google, Facebook, Yahoo and eBay to lobby for free and open access to the Internet and promote e-commerce.

The Internet and related industries have become an important sector for Singapore, with revenues last year growing 23 percent to S$103 billion ($81 billion). The sector employs more than 144,000 people out of the city-state's 3.2 million workforce, according to government data.

"When you look at other countries in the region, it's hard to see anyone immediately breathing down the neck of Singapore and Hong Kong," said John Ure, executive director of AIC. "But things can change. Five to 10 years is not a long time."

Ure said the coalition's members had been unnerved by the announcement coming "out of the blue" at a time when it had been holding discussions with the Singapore government on several Internet-related issues.

The regulations, he said, "muddied the waters" and that "anything that is seen to be a hindrance to the free flow of content and data" was of concern to his members.

Singapore has attracted major Internet companies in part because of its commitment to what it has called a "light touch" when it comes to policing the Web.

Yahoo's popular Singapore news site was the only foreign website among the 10 listed by the MDA, but critics fear the rules could be extended to cover other websites, including those critical of the government.

A Yahoo spokesman said it had no official comment on the regulation but that the AIC's position was "broadly consistent with ours".

"MONSTERS UNDER THE BED"

Opposition lawmaker Lina Chiam told parliament there were still many unanswered questions about the new MDA regulations despite recent attempts at clarification.

"The definition of news sites under the regulations, as they stand, is so arbitrary, and can encompass any website posting at least one news-related article in a week," she said.

"That is why Singaporeans continue to believe that the regulations had been crafted to censor blogs, especially those that discuss politics."

Lobby group Reporters Without Borders, in its latest report, ranked Singapore 149th globally in terms of press freedom, down 14 places from 2012 and below many of its neighbors.

In 2011, the city-state's tiny opposition made big gains against the long-ruling People's Action Party in a parliamentary election, partly by using social media such as Facebook and YouTube to reach voters.

Rights groups have joined local bloggers in criticizing the move. Phil Robertson, deputy director of Human Rights Watch's Asia division, said that major Internet companies adding their voice should give Singapore serious pause about its approach.

The government, "like a little boy in a dark bedroom, imagines that every bump in the night means there are monsters under the bed ready to pounce on Singapore's much vaunted social stability", he said.

($1 = 1.2715 Singapore dollars)

(Reporting By Jeremy Wagstaff, Kevin Lim and John O'Callaghan; Editing by Alex Richardson and Ron Popeski)
http://www.reuters.com/article/2013/...9660JP20130708





Florida Accidentally Banned All Computers, Smart Phones In The State Through Internet Cafe Ban: Lawsuit

When Florida lawmakers recently voted to ban all Internet cafes, they worded the bill so poorly that they effectively outlawed every computer in the state, according to a recent lawsuit.

In April Florida Governor Rick Scott approved a ban on slot machines and Internet cafes after a charity tied to Lt. Governor Jennifer Carroll was shut down on suspicion of being an Internet gambling front -- forcing Carroll, who had consulted with the charity, to resign.

Florida's 1,000 Internet cafes were shut down immediately, including Miami-Dade's Incredible Investments, LLC, a café that provides online services to migrant workers, according to the Tampa Bay Times.

The owner, Consuelo Zapata, is now suing the state after her legal team found that the ban was so hastily worded that it can be applied to any computer or device connected to the Internet, according to a copy of the complaint obtained by The Miami Herald.
The ban defines illegal slot machines as any "system or network of devices" that may be used in a game of chance.

And that broad wording can be applied to any number of devices, according to the Miami law firm of Kluger, Kaplan, Silverman, Katzen & Levine, who worked with constitutional law attorney and Harvard professor Alan Dershowitz.

The suit maintains that the ban was essentially passed "in a frenzy fueled by distorted judgment in the wake of a scandal that included the Lieutenant Governor’s resignation" and declares it unconstitutional.
http://www.huffingtonpost.com/2013/0...n_3561701.html





Global Study Stresses Importance of Public Internet Access
Peter Kelley

Millions of people in low-income countries still depend on public computer and Internet access venues despite the global proliferation of mobile phones and home computers. However, interest in providing such public access has waned in recent years, especially among development agencies, as new technologies become available.

But a five-year, eight-country study recently concluded by the Technology & Social Change Group at the University of Washington Information School has found that community access to computer and Internet technology remains a crucial resource for connecting people to the information and skills they need in an increasingly digital world.

“Our study finds that many people in low- and middle-income countries, including the underemployed, women, rural residents and other who are often marginalized, derive great benefits in such areas as education, employment and health when they use computers and the Internet at public access venues,” said Araba Sey, Information School research assistant professor and lead investigator of the study.

The Global Impact Study of Public Access to Information & Communication Technologies surveyed 5,000 computer users at libraries, telecenters and cybercafés and 2,000 nonusers at home to learn about patterns of public access use.

The researchers also surveyed 1,250 operators of public access venues and conducted seven in-depth case studies to examine issues that have generated controversy. The study was conducted in eight low- and middle-income countries on three continents: Bangladesh, Botswana, Brazil, Chile, Ghana, Lithuania, Philippines and South Africa.

The researchers’ findings include:

• Public access venues were the only source of the Internet for one-third of users surveyed, and provided the first-ever computer contact for more than half of those users — a number that rose among lower socioeconomic groups and female populations.
• More than half said their use of computers would decrease if public access venues were no longer available, and about half cited a lack of computer access as their main reason for using public venues.
• Forty percent of users surveyed said public access venues had been crucial to their development of computer skills, and half said the same of learning Internet skills.

The study’s final report also makes recommendations for government and donor organizations as well as libraries and telecenter practitioners. Their suggestions include:

• Support the wide availability of public Internet access venues and incorporate them into national initiatives involving digital resources and services for health, education, governance and other areas.
• Use existing infrastructure such as libraries when considering investments in public Internet access.
• Embrace games, as they help build technology skills.
• Value the role of social networking and communications, which have become critical venues for accessing important resources.
• Embrace the use of mobile phones, which the study found do not pose a threat to the relevance of public access.

Chris Coward, director of the Technology & Social Change Group, said the motivation of the study was “to provide governments and the international development community, which have expended tremendous amounts to support the availability of computers and Internet, with empirical evidence about what types of impacts have resulted from these investments.”

The researchers have made all the data from this study publicly available for others to use on the project website, www.globalimpactstudy.org.

The Global Impact Study of Public Access to Information & Communication Technologies was funded by Canada’ s International Development Research Centre and a grant from the Bill & Melinda Gates Foundation.
http://www.washington.edu/news/2013/...ternet-access/





AT&T and Verizon Lose Bid to Maintain Secrecy of French Interconnection Deals
David Meyer

France’s telecoms regulator has been given the go-ahead to investigate the quiet war going on between ISPs and internet backbone providers, where users of services such as YouTube and Netflix risk being innocent victims.

AT&T and Verizon have failed in their attempt to block the French telecoms regulator from examining their secret interconnection agreements – deals that may be key to the erosion of net neutrality.

The regulator, ARCEP, is concerned that quiet battles between bandwidth providers and ISPs may in effect be degrading the quality of popular web services for French consumers — one specific case involves subscribers of the ISP Free getting lousy YouTube performance. The worry is similar to that in the U.S., where a spat between ISP Verizon and bandwidth provider Cogent Communications is thought to have been messing up Netflix performance for Verizon’s customers.

This all comes down to net neutrality. Data carriage providers have traditionally carried each other’s traffic for free under so-called peering agreements, which have been essential to making sure all internet services get an equal chance for delivery at decent quality. Now, with high-bandwidth services such as video on the rise, consumer ISPs are seeing a chance to extract cash out of the internet backbone or bandwidth providers by charging them for delivering heavy traffic to the end user.

Shining a light

ARCEP said in late March that it didn’t want to introduce ex ante or pre-emptive interconnection regulation because it doesn’t know exactly what’s going on behind closed doors, and wants a clearer picture. It wanted to gather information about the technical and pricing terms of these commercial interconnection deals, so that it could do its job and settle net neutrality disputes between ISPs and the likes of Google as and when they arise.

Verizon and AT&T and their French subsidiaries struck back in June, claiming that ARCEP had no right to demand data when there was no “demonstrated link to competitive or consumer harm.” In other words, the companies were trying to argue that, because the regulator has no evidence of potential market failure, it shouldn’t be allowed to gather evidence of potential market failure.

It seems France’s highest administrative court, the eagle-eyed Conseil d’Etat, spotted the logical problem with this blocking attempt — on Wednesday it confirmed that ARCEP had the right to do its job.

As ARCEP put it:

“The Conseil d’Etat confirmed that ARCEP has the power to gather information in this way from ISPs and [web service providers]. The Court thereby also upheld ARCEP’s power to query all market undertakings, including those located outside the European Union whose business and/or activity could have a significant impact on internet users in France.”

Now, popcorn in hand, let’s see what ARCEP digs up. I think it’s fair to say the results will be of interest to regulators around the world – as well as to us, the humble internet users who are the mercy of these backroom interconnection deals.
http://gigaom.com/2013/07/11/att-and...nection-deals/





Big Cable’s Sauron-Like Plan for One Infrastructure to Rule Us All
Susan Crawford

When Liberty Media chairman John Malone talks, it’s a good idea to pay attention. And this month, the craggy, whip-smart, billionaire cable mogul has set his sights on having the entire cable distribution industry charging for buckets of bits. Which means the Internet in America — as well as in the U.K., Belgium, Holland, Germany, and Switzerland — is in big trouble.

The issue is “cableization” of the entire Internet Protocol enterprise. After all, the cable distribution pipe is just a giant set of channels that will be dynamically reallocated between “Internet” access and other IP-based cable-provided services.

Malone’s bet (his word) is that we’ll all be buying channels from our local cable guy in the form of IP packets, and the cable industry will pull off the unrestrained monetization of its long-ago sunk cost in installing local monopoly distribution networks:

“…over the years more and more content is going to come all IP, all platforms, random access. And as that happens, the bandwidth demands are going to force market share cable’s way… [i]f cable can get its act together … I wouldn’t be surprised if you’d see over the top service providers that are wholesale to the cable operator, retail to the consumer, and that are bundled and discounted with the broadband connectivity side of the product offering. As that transpires, I think it’s going to change the game pretty dramatically.”

Malone calls this “creating value off the scale of a cooperative industry.” But creating this value for them is bad news for the rest of us.

What Happens When One Cable Rules Them All

Malone is my favorite cable guy because he’s frank, smart, and refreshingly outspoken: He admitted in 2011 that “cable’s pretty much a monopoly now” because it’s the only terrestrial network that can provide the high-capacity, low-latency connectivity needed for the applications of the future.

Cable’s only real competition is Verizon’s bundled Internet, telephone, and television over a fiber-optic communications network (FiOS) which “ran out of steam” (as Malone put it in last month’s shareholders’ meeting) when Verizon stopped expanding a few years ago. And AT&T’s U-Verse product doesn’t run fiber all the way to homes or provide the bandwidth of a cable connection.

All of this means, according to Malone, that “Cable is clearly winning in the U.S. broadband connectivity game.” Liberty Media is energetically back in that game, and Malone’s got big plans for the global future of the Internet. With 25 million subscribers worldwide following his acquisition of British cable company Virgin Media in February 2013, Malone’s company is now the largest cable distributor in the world.

Now he wants to “get together” with the other cable giants to “create global scale.”

In February, Malone bought 27% of the fourth largest cable distributor in America, Charter, a company that faces minimal competition from either FiOS (just a 4% overlap) or U-Verse (20%). Charter’s balance sheet and Malone’s access to long-term, low-interest financing will allow him to roll up additional cable distribution companies across the country. Meanwhile, Malone’s sorry he ever sold his TCI cable systems to AT&T for $54 billion in 1999, because he knows “the most addictive thing in the communications world is high-speed connectivity.”

While innovators around the world want to develop world-changing applications that require a lot of bandwidth — think telemedicine, tele-education, anything requiring “tele”presence — they’re in for a shock.

Because they (or their users) will have to pay whatever cable asks for the privilege of that reach.

That’s Malone’s plan: He wants the cable industry to sit right in the middle of the road that runs between online innovation and users, asking for tolls from applications and users alike.

How Will They Get Away With It? The Plan Behind the Plan

To make his plan work, Malone wants the cable industry to act collectively. His logic: Ensure that no maverick breaks ranks and provides users of IP bits with unlimited capacity at a reasonable price.

The key tool he’d like the industry to use to bring this vision to life is tiered pricing on the user side.

We’ve known for a while that the cable industry is interested in charging for buckets of bits used during a given period of time. We also know that tiered pricing is based on justifications such as fixing congestion, or recouping network investments.

But tiered pricing has little or nothing to do with either of those things.

Having made their significant network investments some time ago, the big cable guys are in harvesting mode and have been reaping enormous revenues for years. Comcast’s and Time Warner Cable’s revenues of $172 billion (between 2010 and 2012) were more than seven times their capital investment of $23 billion during that same period. Not only are all of the big cable companies’ revenues exponentially larger than their capital expenses, but this difference is getting much larger over time.

Usage caps are aimed at “fairly monetiz[ing] a high fixed cost,” former FCC Chairman Michael Powell said earlier this year. (He’s now the head of the National Cable & Telecommunications Association, which is clearing the way to drop the words ‘cable’ and ‘telecommunications’ from its brand by renaming itself “NCTA: The Internet and TV Association”.) The caps are not aimed at addressing high-bandwidth uses at peak hours, which might degrade the online experience of other users. (Outside peak hours, it makes no difference to the functioning of the network if someone is downloading a lot of bits.)

In a non-competitive local market, data caps are excellent tools with which to make as much money as possible from an existing monopoly facility. Although cable distributors could charge end-users a low flat fee for high download speeds — and Malone is confident that he’ll get his systems to gigabit downloads with very little investment — they have no reason to.

So Malone’s planning a use-based program that goes into broadband connectivity, “so that, you know, Reed [Hastings, CEO of Netflix] has to bear in his economic model some of the capacity that he’s burning … And essentially the retail marketplace will have to reflect the true costs of these various delivery mechanisms and investments.”

What he’s really saying is: Anyone who wants to use my pipes will have to give me money.

The cable industry, already gingerly exploring tiered pricing and usage-based billing, argues that such consumption caps are fair. They’re not choosing winners and losers, they say, they’re just drawing lines that affect every online application equally.

But that’s not true. A data consumption cap has the same effect as a priority lane or a toll-free lane for favored applications. It will reliably dampen demand across all users for any online application that is subject to the cap, according to French consulting firm Diffraction Analysis’ November 2011 report, “Do Data Caps Punish the Wrong Users?”

So some big guys will pay to avoid the cap, and little guys will be stuck trying to reach new customers who are worried about overage charges.

It’s not too late to pay attention to John Malone.
http://www.wired.com/opinion/2013/07...o-rule-us-all/





Telstra Storing Data On Behalf of US Government
Linton Besser

Telstra agreed more than a decade ago to store huge volumes of electronic communications it carried between Asia and America for potential surveillance by United States intelligence agencies.

Under the previously secret agreement, the telco was required to route all communications involving a US point of contact through a secure storage facility on US soil that was staffed exclusively by US citizens carrying a top-level security clearance.

The data Telstra stored for the US government includes the actual content of emails, online messages and phone calls.

The US Department of Justice and Federal Bureau of Investigation also demanded that Telstra "provide technical or other assistance to facilitate ... electronic surveillance".

In 2001, when the "network security agreement" was signed, Telstra was 50.1 per cent owned by the Commonwealth Government.

The revelations come as the British and US governments reel from the leaking of sensitive intelligence material that has detailed a vast electronic spying apparatus being used against foreign nationals and their own citizens.

This week, Fairfax Media reported that four Australian defence facilities are being used by the US in this intelligence collection regime, including Pine Gap and three secret signals facilities at Darwin, Geraldton and Canberra. The local centres are used in a National Security Agency surveillance program codenamed X-Keyscore.

Now, the latest revelations raise further questions about the extent of the Australian government's co-operation with the US global intelligence effort, as well as its own data collection regime.

The 2001 contract was prompted by Telstra's decision to expand into Asia by taking control of hundreds of kilometres of undersea telecommunications cables.

Telstra had negotiated with a Hong Kong company to launch Reach, which would become the largest carrier of intercontinental telecommunications in Asia. The venture's assets included not just the fibre-optic cables, but also "landing points" and licences around the world.

But when Reach sought a cable licence from the US Federal Communications Commission, the DOJ and the FBI insisted that the binding agreement be signed by Reach, Telstra, and its Hong Kong joint venture partner, Pacific Century CyberWorks Ltd (PCCW).

The contract does not authorise the company or law enforcement agencies to undertake actual surveillance. But under the deed, Telstra must preserve and "have the ability to provide in the United States" all of the following:

"Wire" or electronic communications involving any customers - including Australians - who make any form of communication with a point of contact in the US;
"Transactional data" and "call associated data" relating to such communications;
"Subscriber information"; and
"Billing records".

"All Domestic Communications ... shall pass through a facility ... physically located in the United States, from which Electronic Surveillance can be conducted pursuant to Lawful US Process," the contract says.

"The Domestic Communications Company [Reach] will provide technical or other assistance to facilitate such Electronic Surveillance."

The US facility had to be staffed by US citizens "eligible for appropriate US security clearances", who also "shall be available 24 hours per day, seven days per week, and shall be responsible for accepting service and maintaining the security of Classified Information".

It also makes it incumbent on Reach not to allow data and communications of interest to be destroyed.

Reach and Telstra were required to "take all reasonable measures" to prevent use of their infrastructure for surveillance by a foreign government. "These measures shall take the form of detailed technical, organisational, personnel related policies and written procedures, necessary implementation plans, and physical security measures," the contract says.

The document was signed by Douglas Gration, Telstra's then company secretary and now a Melbourne barrister.

His own webpage describes his responsibilities at the time to have included "liaising with law enforcement and national security agencies".

He told Fairfax he couldn't remember much about the agreement. "Every country has a regime for that lawful interception," he said. "And Australia has got it as well."

"It would be no surprise if you're setting up something like Reach, which I think from memory had a station where they man the traffic in the US. [So] they would need an agreement with the US to do that."

Reach has offices located in Hong Kong, Japan, Korea, Singapore, Taiwan and the UK. It also has two premises in the US, in New Jersey and San Francisco, either of which may house the secure storage facility stipulated by the contract.

In 2011, Telstra and PCCW restructured their partnership, giving Telstra control of the majority of Reach's undersea cables. The corporate restructuring most likely would have triggered a requirement to renegotiate the security deed with the US Government.

Scott Whiffin, a Telstra spokesman, said the agreement was required to "comply with US domestic law".

"It relates to a Telstra joint venture company's operating obligations in the United States under their domestic law. We understand similar agreements would be in place for all network infrastructure in the US."

"When operating in any jurisdiction, here or overseas, carriers are legally required to provide various forms of assistance to Government agencies."
http://www.canberratimes.com.au/it-p...712-hv0w4.html





Agreements with Private Companies Protect U.S. Access to Cables’ Data for Surveillance
Craig Timberg and Ellen Nakashima

The U.S. government had a problem: Spying in the digital age required access to the fiber-optic cables traversing the world’s oceans, carrying torrents of data at the speed of light. And one of the biggest operators of those cables was being sold to an Asian firm, potentially complicating American surveillance efforts.

Enter “Team Telecom.”

In months of private talks, the team of lawyers from the FBI and the departments of Defense, Justice and Homeland Security demanded that the company maintain what amounted to an internal corporate cell of American citizens with government clearances. Among their jobs, documents show, was ensuring that surveillance requests got fulfilled quickly and confidentially.

This “Network Security Agreement,” signed in September 2003 by Global Crossing, became a model for other deals over the past decade as foreign investors increasingly acquired pieces of the world’s telecommunications infrastructure.

The publicly available agreements offer a window into efforts by U.S. officials to safeguard their ability to conduct surveillance through the fiber-optic networks that carry a huge majority of the world’s voice and Internet traffic.

The agreements, whose main purpose is to secure the U.S. telecommunications networks against foreign spying and other actions that could harm national security, do not authorize surveillance. But they ensure that when U.S. government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely, say people familiar with the deals.

Negotiating leverage has come from a seemingly mundane government power: the authority of the Federal Communications Commission to approve cable licenses. In deals involving a foreign company, say people familiar with the process, the FCC has held up approval for many months while the squadron of lawyers dubbed Team Telecom developed security agreements that went beyond what’s required by the laws governing electronic eavesdropping.

The security agreement for Global Crossing, whose fiber-optic network connected 27 nations and four continents, required the company to have a “Network Operations Center” on U.S. soil that could be visited by government officials with 30 minutes of warning. Surveillance requests, meanwhile, had to be handled by U.S. citizens screened by the government and sworn to secrecy — in many cases prohibiting information from being shared even with the company’s executives and directors.

“Our telecommunications companies have no real independence in standing up to the requests of government or in revealing data,” said Susan Crawford, a Yeshiva University law professor and former Obama White House official. “This is yet another example where that’s the case.”

The full extent of the National Security Agency’s access to fiber-optic cables remains classified. The Office of the Director of National Intelligence issued a statement saying that legally authorized data collection “has been one of our most important tools for the protection of the nation’s — and our allies’ — security. Our use of these authorities has been properly classified to maximize the potential for effective collection against foreign terrorists and other adversaries.”

It added, “As always, the Intelligence and law enforcement communities will continue to work with all members of Congress to ensure the proper balance of privacy and protection for American citizens.”

Collecting information

Documents obtained by The Washington Post and Britain’s Guardian newspaper in recent weeks make clear how the revolution in information technology sparked a revolution in surveillance, allowing the U.S. government and its allies to monitor potential threats with a reach impossible only a few years earlier.

Yet any access to fiber-optic cables allows for possible privacy intrusions into Americans’ personal communications, civil libertarians say.

As people worldwide chat, browse and post images through online services, much of the information flows within the technological reach of U.S. surveillance. Though laws, procedural rules and internal policies limit how that information can be collected and used, the data from billions of devices worldwide flow through Internet choke points that the United States and its allies are capable of monitoring.

This broad-based surveillance of fiber-optic networks runs parallel to the NSA’s PRISM program, which allows analysts to access data from nine major Internet companies, including Google, Facebook, Microsoft, Yahoo, AOL and Apple, according to classified NSA PowerPoint slides. (The companies have said the collection is legal and limited.)

One NSA slide titled, “Two Types of Collection,” shows both PRISM and a separate effort labeled “Upstream” and lists four code names: Fairview, Stormbrew, Blarney and Oakstar. A diagram superimposed on a crude map of undersea cable networks describes the Upstream program as collecting “communications on fiber cables and infrastructure as data flows past.”

The slide has yellow arrows pointing to both Upstream and PRISM and says, “You Should Use Both.” It also has a header saying “FAA 702 Operations,” a reference to a section of the amended Foreign Intelligence Surveillance Act that governs surveillance of foreign targets related to suspected terrorism and other foreign intelligence.

Under that provision, the government may serve a court order on a company compelling it to reach into its networks for data on multiple targets who are foreigners reasonably believed to be overseas. At an Internet gateway, the government may specify a number of e-mail addresses of foreigners to be targeted without the court signing off on each one.

When the NSA is collecting the communications of a foreign, overseas target who is speaking or e-mailing with an American, that American’s e-mail or phone call is considered to be “incidentally” collected. It is considered “inadvertently” collected if the target actually turns out to be an American, according to program rules and people familiar with them. The extent of incidental and inadvertent collection has not been disclosed, leading some lawmakers to demand disclosure of estimates of how many Americans’ communications have been gathered. No senior intelligence officials have answered that question publicly.

Using software that scans traffic and “sniffs out” the targeted e-mail address, the company can pull out e-mail traffic automatically to turn over to the government, according to several former government officials and industry experts.

It is unclear how effective that approach is compared with collecting from a “downstream” tech company such as Google or Facebook, but the existence of separate programs collecting data from both technology companies and telecommunications systems underscores the reach of government intelligence agencies.

“People need to realize that there are many ways for the government to get vast amounts of e-mail,” said Chris Soghoian, a technology expert with the American Civil Liberties Union.

Controlling the data flow

The drive for new intelligence sources after the Sept. 11, 2001, attacks relied on a key insight: American companies controlled most of the Internet’s essential pipes, giving ample opportunities to tap the torrents of data flowing by. Even terrorists bent on destruction of the United States, it turned out, talked to each other on Web-based programs such as Microsoft’s Hotmail.

Yet even data not handled by U.S.-based companies generally flowed across parts of the American telecommunications infrastructure. Most important were the fiber-optic cables that largely have replaced the copper telephone wires and the satellite and microwave transmissions that, in an earlier era, were the most important targets for government surveillance.

Fiber-optic cables, many of which lie along the ocean floor, provide higher-quality transmission and greater capacity than earlier technology, with the latest able to carry thousands of gigabits per second.

The world’s hundreds of undersea cables now carry 99 percent of all intercontinental data, a category that includes most international phone calls, as well, says TeleGeography, a global research firm.

The fiber-optic networks have become a rich source of data for intelligence agencies. The Guardian newspaper reported last month that the Government Communications Headquarters, the British equivalent of the NSA, taps and stores data flowing through the fiber-optic cables touching that nation, a major transit point for data between Europe and the Americas. That program, code-named Tempora, shares data with the NSA, the newspaper said.

Tapping undersea transmission cables had been a key U.S. surveillance tactic for decades, dating back to the era when copper lines carrying sensitive telephone communications could be accessed by listening devices divers could place on the outside of a cable’s housing, said naval historian Norman Polmar, author of “Spy Book: The Encyclopedia of Espionage.”

“The U.S. has had four submarines that have been outfitted for these special missions,” he said.

But the fiber-optic lines — each no thicker than a quarter — were far more difficult to tap successfully than earlier generations of undersea technology, and interception operations ran the risk of alerting cable operators that their network had been breached.

It’s much easier to collect information from any of dozens of cable landing stations around the world — where data transmissions are sorted into separate streams — or in some cases from network operations centers that oversee the entire system, say those familiar with the technology who spoke on the condition of anonymity to discuss sensitive intelligence matters.

Expanding powers

In the aftermath of the Sept. 11 attacks, the NSA said its collection of communications inside the United States was constrained by statute, according to a draft report by the agency’s inspector general in 2009, which was obtained by The Post and the Guardian. The NSA had legal authority to conduct electronic surveillance on foreigners overseas, but the agency was barred from collecting such information on cables as it flowed into and through the United States without individual warrants for each target.

“By 2001, Internet communications were used worldwide, underseas cables carried huge volumes of communications, and a large amount of the world’s communications passed through the United States,” the report said. “Because of language used in the [Foreign Intelligence Surveillance] Act in 1978, NSA was required to obtain court orders to target e-mail accounts used by non-U.S. persons outside the United States if it intended to intercept the communications at a webmail service within the United States. Large numbers of terrorists were using such accounts in 2001.”

As a result, after White House and CIA officials consulted with the NSA director, President George W. Bush, through a presidential order, expanded the NSA’s legal authority to collect communications inside the United States. The President’s Surveillance Program, the report said, “significantly increased [NSA’s] access to transiting foreign communications.”

Gen. Michael Hayden, then the NSA director, described that information as “the real gold of the program” that led to the identification of threats within the United States, according to the inspector general’s report.

Elements of the President’s Surveillance Program became public in 2005, when the New York Times reported the government’s ability to intercept e-mail and phone call content inside the United States without court warrants, sparking controversy. The FISA court began oversight of those program elements in 2007.

As these debates were playing out within the government, Team Telecom was making certain that surveillance capacity was not undermined by rising foreign ownership of the fiber-optic cables that the NSA was using.

The Global Crossing deal created particular concerns. The company had laid an extensive network of undersea cables in the world, but it went bankrupt in 2002 after struggling to handle more than $12 billion in debt.

Two companies, one from Singapore and a second from Hong Kong, struck a deal to buy a majority stake in Global Crossing, but U.S. government lawyers immediately objected as part of routine review of foreign investment into critical U.S. infrastructure.

President Gerald Ford in 1975 had created an interagency group — the Committee on Foreign Investment in the United States, or CFIUS — to review deals that might harm U.S. national security. Team Telecom grew out of that review process. Those executive branch powers were expanded several times over the decades and became even more urgent after the Sept. 11 attacks, when the Defense Department became an important player in discussions with telecommunications companies.

The Hong Kong company soon withdrew from the Global Crossing deal, under pressure from Team Telecom, which was worried that the Chinese government might gain access to U.S. surveillance requests and infrastructure, according to people familiar with the negotiations.

Singapore Technologies Telemedia eventually agreed to a slate of concessions, including allowing half of the board of directors of a new subsidiary managing the undersea cable network to consist of American citizens with security clearances. They would oversee a head of network operations, a head of global security, a general counsel and a human resources officer — all of whom also would be U.S. citizens with security clearances. The FBI and the departments of Defense, Justice and Homeland Security had the power to object to any appointments to those jobs or to the directors who had to be U.S. citizens.

U.S. law already required that telecommunications companies doing business in the United States comply with surveillance requests, both domestic and international. But the security agreement established the systems to ensure that compliance and to make sure foreign governments would not gain visibility into the working of American telecommunications systems — or surveillance systems, said Andrew D. Lipman, a telecommunications lawyer who has represented Global Crossing and other firms in negotiating such deals.

“These Network Security Agreements flesh out the details,” he said.

Lipman, a partner with Bingham McCutchen, based in Washington, said the talks with Team Telecom typically involve little give and take. “It’s like negotiating with the Motor Vehicle Department,” he said.

Singapore Technologies Telemedia sold Global Crossing in 2011 to Level 3 Communications, a company based in Colorado. But the Singaporean company maintained a minority ownership stake, helping trigger a new round of review by Team Telecom and a new Network Security Agreement that added several new conditions.

A spokesman for Level 3 Communications declined to comment for this article.
http://www.washingtonpost.com/busine...a01_story.html





What the Gov't Pays Industry to Snoop
Anne Flaherty

How much are your private conversations worth to the government? Turns out, it can be a lot, depending on the technology.

In the era of intense government surveillance and secret court orders, a murky multimillion-dollar market has emerged. Paid for by U.S. tax dollars, but with little public scrutiny, surveillance fees charged in secret by technology and phone companies can vary wildly.

AT&T, for example, imposes a $325 "activation fee" for each wiretap and $10 a day to maintain it. Smaller carriers Cricket and U.S. Cellular charge only about $250 per wiretap. But snoop on a Verizon customer? That costs the government $775 for the first month and $500 each month after that, according to industry disclosures made last year to Rep. Edward Markey, D-Mass.

Meanwhile, email records like those amassed by the National Security Agency through a program revealed by former NSA systems analyst Edward Snowden probably were collected for free or very cheaply. Facebook says it doesn't charge the government for access. And while Microsoft, Yahoo and Google won't say how much they charge, the American Civil Liberties Union found that email records can be turned over for as little as $25.

Industry says it doesn't profit from the hundreds of thousands of government eavesdropping requests it receives each year, and civil liberties groups want businesses to charge. They worry that government surveillance will become too cheap as companies automate their responses. And if companies gave away customer records for free, wouldn't that encourage gratuitous surveillance?

But privacy advocates also want companies to be upfront about what they charge and alert customers after an investigation has concluded that their communications were monitored.

"What we don't want is surveillance to become a profit center," said Christopher Soghoian, the ACLU's principal technologist. But "it's always better to charge $1. It creates friction, and it creates transparency" because it generates a paper trail that can be tracked.

Regardless of price, the surveillance business is growing. The U.S. government long has enjoyed access to phone networks and high-speed Internet traffic under the U.S. Communications Assistance for Law Enforcement Act to catch suspected criminals and terrorists. More recently, the FBI has pushed technology companies like Google and Skype to guarantee access to real-time communications on their services. And, as shown by recent disclosures about the NSA's surveillance practices, the U.S. intelligence community has an intense interest in analyzing data and content that flow through American technology companies to gather foreign intelligence.

The FBI said it could not say how much it spends on industry reimbursements because payments are made through a variety of programs, field offices and case funds. In an emailed statement, the agency said when charges are questionable, it requests an explanation and tries to work with the carrier to understand its cost structure.

Technology companies have been a focus of law enforcement and the intelligence community since 1994, when Congress allotted $500 million to reimburse phone companies to retrofit their equipment to accommodate wiretaps on the new digital networks.

But as the number of law enforcement requests for data grew and carriers upgraded their technology, the cost of accommodating government surveillance requests increased. AT&T, for example, said it devotes roughly 100 employees to review each request and hand over data. Likewise, Verizon said its team of 70 employees works around the clock, seven days a week to handle the quarter-million requests it gets each year.

To discourage extraneous requests and to prevent losing money, industry turned to a section of federal law that allows companies to be reimbursed for the cost of "searching for, assembling, reproducing and otherwise providing" communications content or records on behalf of the government. The costs must be "reasonably necessary" and "mutually agreed" upon with the government.

From there, phone companies developed detailed fee schedules and began billing law enforcement much as they do customers. In its letter to Markey, AT&T estimated that it collected $24 million in government reimbursements between 2007 and 2011. Verizon, which had the highest fees but says it doesn't charge in every case, reported a similar amount, collecting between $3 million and $5 million a year during the same period.

Companies also began to automate their systems to make it easier. The ACLU's Soghoian found in 2009 that Sprint had created a website allowing law enforcement to track the location data of its wireless customers for only $30 a month to accommodate the approximately 8 million requests it received in one year.

Most companies agree not to charge in emergency cases like tracking an abducted child. They also aren't allowed to charge for phone logs that reveal who called a line and how long they talked - such as the documents the Justice Department obtained about phones at The Associated Press during a leaks investigation - because that information is easily generated from automated billing systems.

Still, the fees can add up quickly. The average wiretap is estimated to cost $50,000, a figure that includes reimbursements as well as other operational costs. One narcotics case in New York in 2011 cost the government $2.9 million alone.

The system isn't a true market-based solution, said Al Gidari, a partner at the law firm Perkins Coie who represents technology and telecommunications companies on privacy and security issues. If the FBI or NSA needs data, those agencies would pay whatever it takes. But Gidari said it's likely that phone and technology companies undercharge because they don't want to risk being accused of making a false claim against the government, which carries stiff penalties.

Online companies in particular tend to undercharge because they don't have established accounting systems, and hiring staff to track costs is more expensive than not charging the government at all, he said.

"Government doesn't have the manpower to wade through irrelevant material any more than providers have the bandwidth to bury them in records," Gidari said. "In reality, there is a pretty good equilibrium and balance, with the exception of phone records," which are free.

Not everyone agrees.

In 2009, then-New York criminal prosecutor John Prather sued several major telecommunications carriers in federal court in Northern California in 2009, including AT&T, Verizon and Sprint, for overcharging federal and state police agencies. In his complaint, Prather said phone companies have the technical ability to turn on a switch, duplicate call information and pass it along to law enforcement with little effort. Instead, Prather says his staff, while he was working as a city prosecutor, would receive convoluted bills with extraneous fees. That case is pending.

"They were monstrously more than what the telecoms could ever hope to charge for similar services in an open, competitive market, and the costs charged to the governments by telecoms did not represent reasonable prices as defined in the code of federal regulations," the lawsuit said.

The phone companies have asked the judge to dismiss the case. Prather's lawsuit claims whistle-blower status. If he wins, he stands to collect a percentage - estimated anywhere from 12 percent to 25 percent - of the money recovered from the companies.
http://hosted.ap.org/dynamic/stories...LATE=DEFAU LT





Snowden Reveals Australia's Links to US Spy Web
Philip Dorling

United States intelligence leaker Edward Snowden has provided his first disclosure of Australian involvement in US global surveillance, identifying four facilities in the country that contribute to a key American intelligence collection program.

Classified US National Security Agency maps leaked by Mr Snowden and published by US journalist Glenn Greenwald in the Brazilian O Globo newspaper reveal the locations of dozens of US and allied signals intelligence collection sites that contribute to interception of telecommunications and internet traffic worldwide.

The US Australian Joint Defence Facility at Pine Gap near Alice Springs and three Australian Signals Directorate facilities: the Shoal Bay Receiving Station near Darwin, the Australian Defence Satellite Communications Facility at Geraldton and the naval communications station HMAS Harman outside Canberra are among contributors to the NSA's collection program codenamed X-Keyscore.

X-Keyscore reportedly processes all signals before they are shunted off to various "production lines" that deal with specific issues and the exploitation of different data types for analysis - variously code-named Nucleon (voice), Pinwale (video), Mainway (call records) and Marina (internet records). US intelligence expert William Arkin describes X-Keyscore as a “national Intelligence collection mission system”.

Worldwide web

The documents published by O Globo show that US and allied signals intelligence collection facilities are distributed worldwide, located at US and allied military and other facilities as well as US embassies and consulates.

Fairfax Media recently reported the construction of a new state-of-the-art data storage facility at HMAS Harman to support the Australian signals directorate and other Australian intelligence agencies.

In an interview published in the German Der Spiegel magazine on Sunday, Mr Snowden said the NSA operates broad secret intelligence partnerships with other western governments, some of which are now complaining about its programs.

Mr Snowden said that the other partners in the "Five Eyes" intelligence alliance of the US, United Kingdom, Canada, Australia and New Zealand “sometimes go even further than the [National Security Agency] people themselves.”

He highlighted the British Government Communications Headquarters “Tempora” program as an example:

“Tempora is the first 'I save everything' approach ('full take') in the intelligence world. It sucks in all data, no matter what it is, and which rights are violated by it. ... Right now, the system is capable of saving three days' worth of traffic, but that will be optimised. Three days may perhaps not sound like a lot, but it's not just about connection metadata. 'Full take' means that the system saves everything. If you send a data packet and if makes its way through the UK, we will get it. If you download anything, and the server is in the UK, then we get it.”

Mr Snowden also argued that the “Five eyes” partnerships are organised so that authorities in each country can "insulate their political leaders from the backlash" when it became public "how grievously they're violating global privacy".

The Der Spiegel interview was conducted by US cryptography expert Jacob Appelbaum and documentary filmmaker Laura Poitras via encrypted emails shortly before Mr Snowden revealed himself publicly as the source of leaks of highly classified information on US signals intelligence and surveillance programs.

Another US NSA whistle-blower William Binney also recently disclosed that Australia was involved in the trial of an earlier US-designed Internet traffic interception and analysis program codenamed "ThinThread".

Other countries involved in the trials were the UK, Australia and Germany a decade ago. ThinThread was not adopted but Australia has also been directly involved with later collection programs codenamed "Trailblazer", "Turbulence" and "Trafficthief".

Stranded

The US government has charged Mr Snowden with offences including espionage and revoked his passport.

He has been stranded at a Moscow airport for two weeks after leaving Hong Kong where the US Government has sought his extradition.

Three Latin American countries, Venezuela, Bolivia and Nicaragua, have now offered Mr Snowden political asylum after European Governments last week denied their airspace to a plane carrying the Bolivian president Evo Morales home from a conference in Moscow after the US State Department alleged that the former US intelligence contractor was on board.

Russian officials have publicly urged Mr Snowden to take up Venezuela's asylum offer. Venezuelan Foreign Minister Elias Jaua said on Sunday that his government had not yet been in contact with Mr Snowden.

Mr Jaua said he expected to consult on Monday with Russian officials. Mr Snowden is being assisted by the anti-secrecy organisation, WikiLeaks.
http://www.theage.com.au/world/snowd...708-2plyg.html





Snowden Made the Right Call When He Fled the U.S.
Daniel Ellsberg

Daniel Ellsberg is the author of “Secrets: A Memoir of Vietnam and the Pentagon Papers.” He was charged in 1971 under the Espionage Act as well as for theft and conspiracy for copying the Pentagon Papers. The trial was dismissed in 1973 after evidence of government misconduct, including illegal wiretapping, was introduced in court.

Many people compare Edward Snowden to me unfavorably for leaving the country and seeking asylum, rather than facing trial as I did. I don’t agree. The country I stayed in was a different America, a long time ago.

After the New York Times had been enjoined from publishing the Pentagon Papers — on June 15, 1971, the first prior restraint on a newspaper in U.S. history — and I had given another copy to The Post (which would also be enjoined), I went underground with my wife, Patricia, for 13 days. My purpose (quite like Snowden’s in flying to Hong Kong) was to elude surveillance while I was arranging — with the crucial help of a number of others, still unknown to the FBI — to distribute the Pentagon Papers sequentially to 17 other newspapers, in the face of two more injunctions. The last three days of that period was in defiance of an arrest order: I was, like Snowden now, a “fugitive from justice.”

Yet when I surrendered to arrest in Boston, having given out my last copies of the papers the night before, I was released on personal recognizance bond the same day. Later, when my charges were increased from the original three counts to 12, carrying a possible 115-year sentence, my bond was increased to $50,000. But for the whole two years I was under indictment, I was free to speak to the media and at rallies and public lectures. I was, after all, part of a movement against an ongoing war. Helping to end that war was my preeminent concern. I couldn’t have done that abroad, and leaving the country never entered my mind.

There is no chance that experience could be reproduced today, let alone that a trial could be terminated by the revelation of White House actions against a defendant that were clearly criminal in Richard Nixon’s era — and figured in his resignation in the face of impeachment — but are today all regarded as legal (including an attempt to “incapacitate me totally”).

I hope Snowden’s revelations will spark a movement to rescue our democracy, but he could not be part of that movement had he stayed here. There is zero chance that he would be allowed out on bail if he returned now and close to no chance that, had he not left the country, he would have been granted bail. Instead, he would be in a prison cell like Bradley Manning, incommunicado.

He would almost certainly be confined in total isolation, even longer than the more than eight months Manning suffered during his three years of imprisonment before his trial began recently. The United Nations Special Rapporteur for Torture described Manning’s conditions as “cruel, inhuman and degrading.” (That realistic prospect, by itself, is grounds for most countries granting Snowden asylum, if they could withstand bullying and bribery from the United States.)

Snowden believes that he has done nothing wrong. I agree wholeheartedly. More than 40 years after my unauthorized disclosure of the Pentagon Papers, such leaks remain the lifeblood of a free press and our republic. One lesson of the Pentagon Papers and Snowden’s leaks is simple: secrecy corrupts, just as power corrupts.

In my case, my authorized access in the Pentagon and the Rand Corp. to top-secret documents — which became known as the Pentagon Papers after I disclosed them — taught me that Congress and the American people had been lied to by successive presidentsand dragged into a hopelessly stalemated war that was illegitimate from the start.

Snowden’s dismay came through access to even more highly classified documents — some of which he has now selected to make public — originating in the National Security Agency (NSA). He found that he was working for a surveillance organization whose all-consuming intent, he told the Guardian’s Glenn Greenwald, was “on making every conversation and every form of behavior in the world known to them.”

It was, in effect, a global expansion of the Stasi, the Ministry for State Security in the Stalinist “German Democratic Republic,” whose goal was “to know everything.” But the cellphones, fiber-optic cables, personal computers and Internet traffic the NSA accesses did not exist in the Stasi’s heyday.

As Snowden told the Guardian, “This country is worth dying for.” And, if necessary, going to prison for — for life.

But Snowden’s contribution to the noble cause of restoring the First, Fourth and Fifth amendments to the Constitution is in his documents. It depends in no way on his reputation or estimates of his character or motives — still less, on his presence in a courtroom arguing the current charges, or his living the rest of his life in prison. Nothing worthwhile would be served, in my opinion, by Snowden voluntarily surrendering to U.S. authorities given the current state of the law.

I hope that he finds a haven, as safe as possible from kidnapping or assassination by U.S. Special Operations forces, preferably where he can speak freely.

What he has given us is our best chance — if we respond to his information and his challenge — to rescue ourselves from out-of-control surveillance that shifts all practical power to the executive branch and its intelligence agencies: a United Stasi of America.
http://www.washingtonpost.com/opinio...080_story.html





Privacy International Files Legal Challenge Against UK Government Over Mass Surveillance Programmes

In the wake of revelations that the UK Government is accessing wide-ranging intelligence information from the US and is conducting mass surveillance on citizens across the UK, Privacy International today commenced legal action against the Government, charging that the expansive spying regime is seemingly operated outside of the rule of law, lacks any accountability, and is neither necessary nor proportionate.

The claim, filed in the Investigatory Powers Tribunal (IPT), challenges the UK Government on two fronts. Firstly, for the failure to have a publicly accessible legal framework in which communications data of those located in the UK is accessed after obtained and passed on by the US National Security Agency through the Prism programme. Secondly, for the indiscriminate interception and storing of huge amounts of data via tapping undersea fibre optic cables through the Tempora programme.

Dinah Rose QC and Ben Jaffey from Blackstone Chambers and Dan Squires from Matrix Chambers were instructed by Bhatt Murphy Solicitors who are acting for Privacy International.

Reports state that the UK had access to the Prism programme since at least June 2010, and has generated 197 intelligence reports from the system in 2012. Without a legal framework, which would allow citizens to know the circumstances in which such spying would take place, the Government effectively runs a secret surveillance regime, making it nearly impossible to hold them accountable for any potential abuses. The absence of this legal framework appears to be in breach of the European Convention of Human Rights, Article 8, which provides the right to privacy and personal communications, and Article 10, which provides the right to freedom of expression.

Eric King, Head of Research at Privacy International said:

One of the underlying tenets of law in a democratic society is the accessibility and foreseeability of a law. If there is no way for citizens to know of the existence, interpretation, or execution of a law, then the law is effectively secret. And secret law is not law. It is a fundamental breach of the social contract if the Government can operate with unrestrained power in such an arbitrary fashion.

Mass, indiscriminate surveillance of this kind goes against the most basic fundamental human rights to privacy. The scope and scale of this program, which monitors the entire British public and much of the world, cannot be justified as necessary and proportionate."


Bhatt Murphy Solicitors said:

The UK authorities have been engaged in a regime of surveillance which amounts to a serious and unjustifiable violation of the rule of law: it breaches EU law, and it breaches the rights of the citizen to freedom of expression and privacy as protected by the Human Rights Act.”

Additionally, Privacy International is challenging the Government's Tempora operation, a programme that reportedly secretly conducts mass surveillance by tapping fibre optic cables, giving the Government access to huge amounts of data on both innocent citizens and targeted suspects. Tempora is the name of a core programme within Mastering the Internet, designed to intercept internet traffic that flows through the undersea fibre-optic cables that land in the UK. It is reported that the GCHQ project has, since 2008, steadily been building capability and now claims to provide the “biggest internet access” of any intelligence agency in the Five Eyes alliance of eavesdropping agencies in the United Kingdom, the United States, Canada, Australia, and New Zealand. According to the Guardian, in 2011 “more than 39bn events in a 24-hour period” were recorded producing “larger amounts of metadata collection than the NSA".

The Tempora programme by its very nature appears to violate the underlying requirement for interception, which requires that surveillance is both necessary and proportionate under the Regulation of Investigatory Powers Act 2000 (RIPA).

While Privacy International intended to file the Prism claim in the Administrative Court, which would have made the proceedings public, Government lawyers, upon receiving notice of our intention, vociferously notified us that we could not bring such a claim in the Administrative Court. Rather, the claim has been forced to be filed with the IPT, a secret tribunal that does not make its proceeding public or have to justify reasons for its decisions.
Click here to read Privacy International's claim
https://www.privacyinternational.org...ment-over-mass





Privacy Group to Ask Supreme Court to Stop N.S.A.’s Phone Spying Program
James Risen

A privacy rights group plans to file an emergency petition with the Supreme Court on Monday asking it to stop the National Security Agency’s domestic surveillance program that collects the telephone records of millions of Americans.

The group, the Electronic Privacy Information Center, says it is taking the extraordinary legal step of going directly to the Supreme Court because the sweeping collection of the phone records of American citizens has created “exceptional circumstances” that only the nation’s highest court can address.

The group, based in Washington, also said it was taking its case to the Supreme Court because it could not challenge the legality of the N.S.A. program at the secret court that approved it, the Foreign Intelligence Surveillance Court, known as the FISA court, and because lower federal courts did not have the authority to review the secret court’s orders.

In its petition, the group said the FISA court had “exceeded its statutory jurisdiction when it ordered production of millions of domestic telephone records that cannot plausibly be relevant to an authorized investigation.”

The suit is the latest in a series of legal challenges to the N.S.A.’s domestic spying operations that have been filed over the past month after disclosures by a former N.S.A. contractor, Edward J. Snowden. Based on a document leaked by Mr. Snowden, The Guardian revealed early last month that the FISA court had issued an order in April directing Verizon Business Network Services to turn over all of the telephone records for its customers to the N.S.A. The secret court order was also published by The Guardian.

Within days of the disclosure of the court order, the American Civil Liberties Union filed suit in federal court in New York. Separately, Larry Klayman, a conservative lawyer who runs a group called Freedom Watch, filed a class-action lawsuit in federal court in Washington on behalf of Verizon customers.

Marc Rotenberg, the executive director of the Electronic Privacy Information Center, said his group’s lawsuit would be the first to directly challenge the legal authority of the FISA court to approve the phone records’ collection under the Patriot Act.

Alan Butler, a lawyer for the group, said the judge “lacked the authority to require production of all domestic call detail records.” He noted that the Patriot Act provision cited by the FISA court required that the business records produced be “relevant” to an authorized national security investigation. “It is simply implausible that all call detail records are relevant,” Mr. Butler said.

The new challenges come after the failure of a legal campaign against the N.S.A.’s domestic spying operations during the administration of President George W. Bush. A series of lawsuits were brought against an N.S.A. program of wiretapping without warrants soon after the existence of the program was revealed by The New York Times in December 2005.

Those lawsuits were against the telecommunications companies that cooperated with the N.S.A. program, but Congress later gave the companies retroactive legal immunity when it overhauled the nation’s national security wiretapping law in 2008. Those lawsuits also suffered in federal courts because it was difficult for the plaintiffs to prove that they had actually been spied upon by the N.S.A., since the domestic spying operations were secret and the courts refused to force the government to release any documents to reveal the targets of the surveillance.

But the new lawsuits benefit from the publication of the secret court order concerning Verizon, providing evidence that the records of Verizon customers have been collected. The American Civil Liberties Union, in its lawsuit, argues that it has legal standing to bring its case because the group is a Verizon customer.
https://www.nytimes.com/2013/07/08/u...g-program.html





Hackers Ask Feds to Stay Away from Convention to Defuse Tension Over Snowden
Jim Finkle

The annual Def Con hacking convention has asked the federal government to stay away this year for the first time in its 21-year history, saying Edward Snowden's revelations have made some in the community uncomfortable about having feds there.
"It would be best for everyone involved if the Feds call a 'time-out' and not attend Def Con this year," Def Con founder Jeff Moss said in an announcement posted Wednesday night on the convention's website.

An irreverent crowd of more than 15,000 hackers, researchers, corporate security experts, privacy advocates, artists and others are expected to attend the Las Vegas convention that begins August 2.

Moss, who is an advisor on cyber security to the Department of Homeland Security, told Reuters that it was "a tough call," but that he believed the Def Con community needs time to make sense of the recent revelations about U.S. surveillance programs.

"The community is digesting things that the Feds have had a decade to understand and come to terms with," said Moss, who is known as The Dark Tangent in hacking circles. "A little bit of time and distance can be a healthy thing, especially when emotions are running high."

He said that the move was not designed to create tension, but to defuse it. "We are not going on a witch hunt or checking IDs and kicking people out," he said.

In previous years the conference has attracted officials from federal agencies including the CIA, National Security Agency, FBI, Secret Service and all branches of the military.

Last year, four-star General Keith Alexander, head of the National Security Agency, was a keynote speaker at the event, which is the world's largest annual hacking conference.

The audience was respectful, gave modest applause and also asked about secret government snooping. Alexander adamantly denied that the NSA has dossiers on millions of Americans, as some former employees had suggested before the Snowden case.

"The people who would say we are doing that should know better," Alexander said. "That is absolute nonsense."

Alexander is scheduled to speak in Las Vegas on July 31 at Black Hat, a smaller, two-day hacking conference that was also founded by Moss. It costs about $2,000 to attend and attracts a more corporate crowd than Def Con, which charges $180.

Moss said that he believes Alexander will still speak at Black Hat and that his call for a "time out" only applies to Def Con. Officials with the National Security Agency and Department of Homeland Security could not be reached for comment late on Wednesday.

The Feds have previously always been welcome at the event.

Moss says he invited them the first year because he figured they would come anyway. They politely declined, then showed up incognito, he said. And they have attended every year since.

"We created an environment where the Feds felt they could come and it wasn't hostile," Moss said in an interview a year ago. "We could ask them questions and they wanted to ask the hackers about new techniques."

Some Feds have even worked among the motley crew of Def Con volunteers who run the conference and walk around wearing T-Shirts that identify them as "goons."

It has also become a fertile ground for recruiting. The U.S. military, intelligence agencies and law enforcement typically compete with corporations to find new talent at Def Con.

(Editing by Susan Fenton)
http://www.reuters.com/article/2013/...96A08120130711





Public Opinion Shifts on Security-Liberty Balance
Nate Silver

A new Quinnipiac poll has found a significant shift in public opinion on the trade-off between civil liberties and national security. In the new survey, released on Wednesday, 45 percent of the public said they thought the government’s antiterrorism policies have “gone too far in restricting the average person’s civil liberties” — as compared with 40 percent who said they have “not gone far enough to adequately protect the country.”

By comparison, in a January 2010 Quinnipiac poll that posed the same question, only 25 percent of the public said the government had gone too far in restricting civil liberties, while 63 percent said it hadn’t gone far enough to protect the country.

Although the shift in opinion is apparent among virtually all demographic groups, it has been somewhat more pronounced among Republicans, who may be growing more skeptical about President Obama’s national security policies. Whereas, in the 2010 survey, 17 percent of Republicans said the government had gone too far to restrict civil liberties while 72 percent said it had not gone far enough to protect the country, the numbers among G.O.P. voters were nearly even in the new poll, with 41 percent saying that antiterrorism programs had gone too far and 46 percent saying they haven’t gone far enough.

We generally caution against reading too much into a single poll result. But there are several reasons to think that the shift detected by the Quinnipiac poll is meaningful. First, the magnitude of the change was considerably larger than the margin of error in the poll. Second, the poll applied exactly the same question wording in both 2010 and 2013, making a direct comparison more reliable. Third, this was a well-constructed survey question, describing both the benefit (protecting the country) and the cost (restricting civil liberties) of antiterrorism programs in a balanced way.

What is less clear how much of the shift was triggered by the recent disclosures about the National Security Administration’s domestic surveillance programs, as opposed to reflecting a longer-term trend in public opinion. A Fox News poll conducted in April, just after the Boston Marathon bombings but before the N.S.A. story broke, found that only 43 percent of the public was “willing to give up some of your personal freedom in order to reduce the threat of terrorism” — considerably lower than in other instances of the survey. However, Fox News had last posed this question in 2006. Either way, it seems safe to conclude that the climate of public opinion on this issue has changed considerably since the years closely following the Sept. 11 attacks.

The Quinnipiac poll also asked about Edward J. Snowden, the former N.S.A. contractor who disclosed details about the agency’s programs to newspapers. The Quinnipiac poll, in contrast to other recent surveys, found ostensibly sympathetic views toward Mr. Snowden, with 34 percent of respondents describing him as “more of a traitor” while 55 percent said he was “more of a whistle-blower.”

Whereas I find Quinnipiac’s broader question on national security to be quite meaningful, I’m not sure that the one about Mr. Snowden tells us very much. The problem is that the sympathetic response toward him in the poll may reflect a sympathetically worded question.

The poll described Mr. Snowden as “the national security consultant who released information to the media about the phone scanning program.” However, Mr. Snowden has also released information to the news media about other N.S.A. activities, such as those it has conducted in China. Some Americans may be pleased by Mr. Snowden’s disclosures about how the N.S.A. conducted surveillance against U.S. citizens – but displeased that he has also disclosed details about its international surveillance. The Quinnipiac poll should probably have described a fuller spectrum of the information that Mr. Snowden has released.
http://fivethirtyeight.blogs.nytimes...berty-balance/





Federal Judge Allows EFF's NSA Mass Spying Case to Proceed

Rejects Government's State Secret Privilege Claims in Jewel v. NSA and Shubert v. Obama

San Francisco - A federal judge today rejected the U.S. government's latest attempt to dismiss the Electronic Frontier Foundation's (EFF's) long-running challenge to the government's illegal dragnet surveillance programs. Today's ruling means the allegations at the heart of the Jewel case move forward under the supervision of a public federal court.

"The court rightly found that the traditional legal system can determine the legality of the mass, dragnet surveillance of innocent Americans and rejected the government's invocation of the state secrets privilege to have the case dismissed," said Cindy Cohn, EFF's Legal Director. "Over the last month, we came face-to-face with new details of mass, untargeted collection of phone and Internet records, substantially confirmed by the Director of National Intelligence. Today's decision sets the stage for finally getting a ruling that can stop the dragnet surveillance and restore Americans' constitutional rights."

In the ruling, Judge Jeffrey White of the Northern District of California federal court agreed with EFF that the very subject matter of the lawsuit is not a state secret, and any properly classified details can be litigated under the procedures of the Foreign Intelligence Surveillance Act (FISA). As Judge White wrote in the decision, "Congress intended for FISA to displace the common law rules such as the state secrets privilege with regard to matter within FISA's purview." While the court allowed the constitutional questions to go forward, it also dismissed some of the statutory claims. A status conference is set for August 23.

EFF's Jewel case is joined in the litigation with another case, Shubert v. Obama.

"We are pleased that the court found that FISA overrides the state secrets privilege and look forward to addressing the substance of the illegal mass surveillance," said counsel for Shubert, Ilann Maazel of Emery Celli Brinckerhoff & Abady LLP. "The American people deserve their day in court."

Filed in 2008, Jewel v. NSA is aimed at ending the NSA's dragnet surveillance of millions of ordinary Americans and holding accountable the government officials who illegally authorized it. Evidence in the case includes undisputed documents provided by former AT&T telecommunications technician Mark Klein showing AT&T has routed copies of Internet traffic to a secret room in San Francisco controlled by the NSA. The case is supported by declarations from three NSA whistleblowers along with a mountain of other evidence. The recent blockbuster revelations about the extent of the NSA spying on telecommunications and Internet activities also bolster EFF's case.
https://www.eff.org/press/releases/f...g-case-proceed





Montana the First State to Pass Spy Law
Seaborn Larson

Montana made history this spring after passing the first state law to prevent the government from spying on anyone in the state by tracking personal information stored in their electronic devices.

The new law made Montana a pioneer in the age of electronic privacy rights by requiring state and local government entities to obtain a probable-cause warrant before remotely engaging personal electronic devices.

House Bill 603, sponsored by Rep. Daniel Zolnikov, R-Billings, was signed into law by Gov. Steve Bullock on May 6.

“I didn’t even know it was the first one in the country,” Zolnikov said. “We just saw other legislation and thought, ‘Why aren’t we doing this?’”

The law defines an electronic device as “a device that enables access to or use of an electronic communication service, remote computing service, or location information service.” That could mean cellphones, laptops, tablets and other electronic products.
Although the bill’s passage marked a win for Zolnikov, he originally drafted a much more aggressive version of the bill – House Bill 400 – aimed at banning private companies and the federal government from accessing personal electronic data without a warrant.

That bill was a nonstarter in the House Business and Labor Committee, so Zolnikov introduced House Bill 603, a more narrowly targeted version that was later amended to eliminate restrictions on the federal government.

“This is very small compared to what we want to accomplish,” said Zolnikov, who acknowledged that any state law to limit the federal authority would get tied up in court because the supremacy clause of the U.S. Constitution states that federal law supersedes state law whenever the two conflict.

During the past couple of months, federal government spying programs were exposed, leading to a public outcry for more comprehensive rights to privacy.

Sen. Chas Vincent, R-Libby, said Zolnikov recognized a need for limits on electronic spying before news surfaced that government contractor Edward Snowden had leaked information about several controversial domestic spying programs.

“The NSA reports hadn’t even come out at that time,” Vincent said.

Zolnikov also intended to restrict third parties such as cellphone companies from compiling and distributing personal information from customers who may consider their electronic data private. But the ban on third-party location tracking also bit the dust with House Bill 400.

“It was pretty much big business versus me, and they don’t want privacy,” Zolnikov said. “I’m all for people’s rights not being sold to the highest bidder.”

The bill includes exceptions that would allow state and local government agencies in Montana to access personal electronic data when “there exists a possible life-threatening situation,” if a device has been stolen, or if the owner of a device provides law enforcement with consent to obtain electronic data.

Although the Montana Legislature was the first to pass a law of this kind, Zolnikov said the idea was inspired by legislative momentum in Texas that paralleled the interests of Montana’s legislation. Zolnikov said the bill in Texas failed because it was too watered down.

In Montana, Zolnikov said, support for his bill depended more on age than party affiliation.

“The younger Democrats and Republicans were the ones really for the bill,” said Zolnikov, who is 25. “The older legislators in Helena didn’t say much for or against it.”

Vincent said state lawmakers recognized the need to pass some form of cyber-privacy law due to problems that have arisen across the state in recent years.

“The reason I voted for the bill and everyone voted for the bill was an issue in Bozeman where an employer required social media passwords so they could access employees’ networks to keep track of proprietary information," Vincent said.

Last week, The New York Times reported that more than a dozen other states, including Maine and Massachusetts, considered similar legislation this year.

National groups that advocate for privacy rights hailed Montana’s new law, saying other states considering similar legislation now have an example to follow. The state law may also provide additional momentum for the Geolocation Privacy and Surveillance Act, the federal counterpart of HB603.

“Perhaps Montanans, known for their love of freedom and privacy, intuitively understand how sensitive location information can be and how much where you go can reveal about who you are,” Allie Bohm, advocacy and policy strategist at the American Civil Liberties Union, noted recently in an online commentary. “The majority of state legislatures have adjourned for the year, but we hope they’ll follow Montana’s lead when they take up location tracking next session.”
http://www.dailyinterlake.com/news/l...9bb2963f4.html





MIT Project Reveals What PRISM Knows About You

An MIT project shows Wayne Rash just how much information PRISM can get without opening a single email

When I first heard about the National Security Agency’s PRISM operation at a conference in Washington, D.C., it wasn’t clear just how significant it might be. I knew that the government was collecting information from emails, including the names and addresses of the recipients, the originator, the time and date of the message, and perhaps the size of the message. But it wasn’t clear just how much the government could glean from that.

But that was before it became clear exactly how effectively visualisation tools can show the relationships between and among points of data. I found out a few days later just how effective that can be when I was introduced to its use as a cyber-security tool. Now it turns out that the same type of illustration is available from MIT, and it uses your own email to produce the illustration.
PRISM knows who you talk to

As Brian Fung reports in National Journal, this is the information that Google has available from your gmail account. If the government requests email data from Google, this is what the government gets. The tool, called Immersion, goes through your Gmail and reports to you on what it finds. Then Immersion displays it as a sort of bubble chart showing who you trade email with the most, and perhaps equally important, the relationship between those people.

The cluster of colored bubbles in our illustration are from TechWeekEurope editor Peter Judge. with the names of the people omitted. The size of those bubbles shows how much he has corresponded with those people, effectively showing how important they may be to him.

In the data from my own Gmail account, the largest bubbles are public relations agents, except for the second-largest which is my long-suffering Apple support person. Some of these bubbles also represent news sources, and if you could see them, there are thin lines between some of those bubbles showing that they also know each other.

If you click on the link in the word “Immersion” above, you can try this out for yourself. The results will appear in a few seconds, first with preliminary results, and then with more details as the data is analysed further. For people who are not all that active on Gmail (me, for example) the amount that the data shows is sobering. Just imagine if Gmail is your primary means of email as it is for many people.

Now, for the really scary part. When Google handles your email, it gets this information, but it also has been searching for keywords within your email so that it can use it for advertising. What this means is that Google not only knows all the information in your metadata, but also knows what is contained in your email. This could be a very revealing profile indeed. At least the NSA says it doesn’t read the contents of your email. Google does, and it admits that it does. Which is more scary?

But what about companies that use Google for their corporate email? Even if Google doesn’t use that for marketing info, there’s still the metadata that lives for a fairly long time in your Gmail account. As long as it’s in there, it can be mined and analyzed. My Gmail account goes back to 2008, so there are years of communications available.I’ve never been that uncomfortable about having the government or Google know that I get press releases (since they’re meant to be public anyway) or that I communicate with tech support people since my communications there will also probably be public. I also don’t communicate anything important using Gmail for exactly this reason.

The NSA doesn’t really need your permission to get this data because it can pick it up as it passes through certain parts of the Internet. Google can’t do that, so it needs your account. There’s not much you can do about the filtering of Internet data because your address information has to be readable if your email is going to get delivered.

You can assume that if the NSA is looking at your email, the information in Immersion is similar to what they will see. Consider that they probably see all of your email addresses (and not just Gmail) and that the metadata is examined along with the metadata from everyone you’ve corresponded with, and you can see just how much can be inferred from this data alone.

If this sounds as if you’re stuck in some sort of digital hell, it’s not as bad as it could be. First, you don’t need to use Gmail, and that will limit the information Google has about you and your company. You also don’t have to use Google for search, and that will limit it even more. None of this affects what the NSA may find out about you, but at least the government isn’t selling your info for ad revenue.
http://www.techweekeurope.co.uk/comm...mersion-121202





The NSA Slide You Haven’t Seen
Craig Timberg

Recent debate over U.S. government surveillance has focused on the information that American technology companies secretly provide to the National Security Agency. But that is only one of the ways the NSA eavesdrops on international communications.

A classified NSA slide obtained by The Washington Post and published here for the first time lists “Two Types of Collection.”

One is PRISM, the NSA program that collects information from technology companies, which was first revealed in reports by the Post and Britain’s Guardian newspaper last month. The slide also shows a separate category labeled “Upstream,” described as accessing “communications on fiber cables and infrastructure as data flows past.”

The interaction between Upstream and PRISM — which could be considered “downstream” collection because the data is already processed by tech companies — is not entirely clear from the slide. In addition, its description of PRISM as “collection directly from the servers” of technology giants such as Google, Microsoft and Facebook has been disputed by many of the companies involved. (They say access to user data is legal and limited).

However PRISM works, the NSA slide makes clear that the two collection methods operate in parallel, instructing analysts that “You Should Use Both.” Arrows point to both “Upstream” and “PRISM.”

The overall heading of the slide is “FAA 702 Operations” – a reference to a 2008 law that enabled collection on U.S. soil of communications of foreigners thought to be overseas without an individual warrant from a court, including when the foreigners are communicating with someone in the United States. The law says the collection may be for a foreign intelligence purpose, which includes terrorism, nuclear weapons proliferation or cyber-security.

The slide also shows a crude map of the undersea cable network that carries data from either side of North America and onto the rest of the world. As a story in Sunday’s Post made clear, these undersea cables are essential to worldwide data flows – and to the surveillance capabilities of the U.S. government and its allies.

This slide bears many resemblances to one published by the Guardian on June 8, shortly after the initial disclosures about PRISM. But the Guardian’s slide shows an undersea cable map of most of the world. The one obtained by the Post shows mainly sections of North America. It is not clear why the slides vary in this way.

Both slides have circles attached to arrows suggesting possible collection points, but they cover areas too broad to discern where NSA accesses fiber-optic cable networks. The slides also list code names under the Upstream program.

The Post version lists Fairview, Stormbrew, Blarney and Oakstar but does not describe any of them. The Guardian slide lists Fairview and Blarney but has two others blacked out.

The Post has previously reported that Blarney gathers up metadata – describing who is speaking to whom and through what networks and devices – as data flows through the Internet’s backbone.

For Sunday’s story, the Office of the Director of National Intelligence issued a statement defending its collection methods as crucial to protecting national security.

“As always,” the statement said, “the Intelligence and law enforcement communities will continue to work with all members of Congress to ensure the proper balance of privacy and protection for American citizens.”

Staff reporter Ellen Nakashima contributed to this report.
http://www.washingtonpost.com/busine...342_story.html





PRISM Exposé Boosts Swiss Data Center Revenues
Mateo Meier

The stringent laws which govern Swiss banks are derivative of the nation’s privacy legislation, and now – thanks to the PRISM scandal – the country is fast becoming the ideal location for those turning their back on the cloud.

Recent leaks of the American National Security Agency’s (NSA) PRISM surveillance program have sparked growing concern over data privacy, with implications for global corporations using US-controlled cloud services, such as AWS, Azure and Dropbox. As a result, businesses are now turning to Switzerland for their data hosting needs.

Swiss ‘private’ hosting companies are seeing huge growth because privacy in Switzerland is enshrined in law. As the country is outside of the EU, it is not bound by pan-European agreements to share data with other member states, or worse, the US. Artmotion, for example, has witnessed 45 per cent growth in revenue amid this new demand for heightened privacy.

Until now the PRISM scandal has focused on the privacy of the individual, but the surveillance undertaken by NSA and Britain’s own GCHQ has spurred corporate concern about the risks associated with using American based cloud providers to host data. It is especially troubling for businesses with data privacy issues, such as banks or large defence and healthcare organisations with ‘secret’ research and development needs.

Before PRISM, the US was at the forefront of the cloud computing industry and companies worldwide flocked to take advantage of the scalable benefits of cloud hosting, as well as the potential cost savings it offered.

However the scandal has unearthed significant risks to data for businesses, as well as for their customers. With US cloud service providers, the government can request business information under the Foreign Intelligence Surveillance Act (FISA) without the company in question ever knowing its data has been accessed.

For businesses large and small, data vulnerabilities and the threat of industrial espionage from US hosting sites can present real security risks or privacy implications, and it’s causing a real fear. Business owners are worried that by using US based systems, private information could potentially be seen by prying eyes.

The desire for data privacy has therefore seen a surge in large corporations turning to ‘Silicon’ Switzerland to take advantage of the country’s renowned privacy culture, which helps them host data without fear of it being accessed by foreign governments.
http://www.dailyhostnews.com/prism-e...enter-revenues





NSA Scandal Delivers Record Numbers of Internet Users to DuckDuckGo

Gabriel Weinberg, founder of search engine with zero tracking, credits Prism revelations with prompting huge rise in traffic
Charles Arthur

Gabriel Weinberg noticed web traffic building on the night of Thursday 6 June – immediately after the revelations about the "Prism" programme. Through the programme, the US's National Security Agency claimed to have "direct access" to the servers of companies including, crucially, the web's biggest search engines – Google, Microsoft and Yahoo.

Within days of the story, while the big companies were still spitting tacks and tight-lipped disclaimers, the search engine Weinberg founded – which pledges not to track or store data about its users – was getting 50% more traffic than ever before. That has gone up and up as more revelations about NSA and GCHQ internet tapping have come in.

"It happened with the release by the Guardian about Prism," says Weinberg, right, a 33-year-old living in Paoli, a suburb of Philadelphia on the US east coast. "We started seeing an increase right when the story broke, before we were covered in the press." From serving 1.7m searches a day at the start of June, it hit 3m within a fortnight.

Yet you've probably never heard of DuckDuckGo. "If you asked 100 people, 96 would probably think it was a Chinese restaurant," as the SFGate site observed. (The name comes from the children's game DuckDuckGoose, a sort of tag involving seated players.) You won't find it offered as an alternative default search engine on any browser, on desktop or mobile. Using it is very definitely an active choice, whereas using Google is the default option on most browsers. And 95% of people never change the default settings on anything.

But this 20-person business offers what none of the big search engines do: zero tracking. It doesn't use cookies or store data about its users' IP addresses, doesn't offer user logins, and uses an encrypted connection by default. (Google provides an encrypted connection for logged-in users, but not automatically for non-logged in users.) If the NSA demanded data from DuckDuckGo, there would be none to hand over.

Weinberg, who lives with his wife and two sons, did not build his search engine with that intention. The initial idea came after selling his previous startup, Opobox ("a sort of Friends Reunited"), for $10m (£6.7m) to Classmates.com in 2006. "My wife was doing her PhD, so I had some spare time," he says. Taking a class in stained-glass making, he discovered that the teacher's handout with "useful web links" didn't tally with Google's results at all. "I realised that there were millions of people who knew the right list of search terms and would make a better engine than Google."

Then he noticed growing amounts of junk sites in Google results – pushed there by experts who had gamed the giant's algorithms. He decided that by hooking into web services such as Wikipedia, Yelp and Qype, he could get focused answers cheaply. By using a combination of those services and crowdsourced links, he built the site's first search index.

Of the privacy angle, he says: "I kind of backed into that." It wasn't a political decision, but a personal one. "It's hard to define my politics. I take every issue seriously and come to my own conclusion. I don't really feel like I belong to any political party in the US … I guess I'm more on the liberal side."

The reason he decided not to store search data was because it reveals so much about us. In 2005, AOL accidentally released details of searches made by 650,000 of its users via Google; reporters from the New York Times were able to use the information to identify one of the users: a 62-year-old woman in Georgia. Nowadays Google would also have your IP address (indicating your ISP and perhaps precise location) and, if you were logged in, all your previous search history. If you logged in to use Google on your mobile, it would have your location history too.

Having decided that searching is intimately personal, he deduced that governments would want to get hold of search data. "I looked at the search fiascos such as the AOL data release, and decided that government requests were real and would be inevitable, and that search engines and content companies would be handing over that data [to government] in increasing amounts."

Search data, he says, "is arguably the most personal data people are entering into anything. You're typing in your problems, your desires. It's not the same as things you post publicly on a social network."

So why does Google store it? "It's a myth that Google needs to store all this data about you. Almost all the money they make on search is based on what you type into the search box. Nothing more. They need to track you for their other services – Gmail, YouTube – because those are hard to monetise, and that's why you get ads following around the internet all the time." (Google owns DoubleClick, the largest display ad supplier online.)

Having your data passed around can also lead you to be charged more for an item: if your browsing history shows you visit high-end sites, some sites will increase prices. (That's why plane fares can drop if you delete the "cookie" files in your browser.)

Google's mis-steps are turning out to be DuckDuckGo's biggest source of new users. In January 2012 – when Google announced that it would be aggregating user data across all its services - DuckDuckGo's traffic (which it publishes online) trebled in three months. Once Google implemented the change, "people came and stayed; it wasn't just a rise and fall," Weinberg says.

More recently, the Prism fallout has seen traffic keep rising, building on that success. "I think these people are going to stay too."

He wasn't that surprised at the Prism revelations. "A few months ago 60 Minutes did a programme about this humungous data centre the NSA is building in Utah. After hearing that, this didn't surprise me that much. But it did surprise me how much we have increased our traffic."

Even so, not everyone believes Weinberg's success matters much. Danny Sullivan, who runs the Search Engine Land site, and has been analysing the search business since Google was just a gleam in the eyes of Larry Page and Sergey Brin, argues that DuckDuckGo's size really indicates people don't care about privacy.

"Don't get me wrong. If you ask people about search privacy, they'll respond that it's a major issue," he wrote on his site. "Big majorities say they don't want to be tracked nor receive personalised results. But if you look at what people actually do, virtually none of them make efforts to have more private search." Compared with the 13bn searches Google does every day, he suggests, DuckDuckGo's 3m daily (90m monthly) barely registers.

Is that because people don't know it exists? Is it like Google in 1998, when the dominant search engine was Altavista (closed this week by Yahoo)? "I don't think that's it," Sullivan said. "Ask.com was pretty well-known. It did a big privacy push; didn't help. Yahoo played up [privacy] against Google; nope. I think most people trust Google – enough, at least."
http://www.guardian.co.uk/world/2013...weinberg-prism





Wonkbook: The Secret Surveillance Court Is Making Secret Surveillance Laws
Ezra Klein and Evan Soltas

Welcome to Wonkbook, Ezra Klein and Evan Soltas’s morning policy news primer. To subscribe by e-mail, click here. Send comments, criticism, or ideas to Wonkbook at Gmail dot com. To read more by Ezra and his team, go to Wonkblog.

The laws we live by aren’t just the bills Congress passes and the president signs. It’s what the courts decide those bills actually mean.

We’re used to that. The Affordable Care Act, for instance, says that states that don’t accept the Medicaid expansion lose all their Medicaid money. The Supreme Court decided that went too far. The law might still say that if you read the underlying bill, but it no longer means that. Now states can reject the Medicaid expansion without jeopardizing the rest of their Medicaid money — and many are.

But here’s the thing: When judges make the laws, Congress can always go back and remake the laws. The changes the court makes are public, and so is their reasoning. Both the voters and Congress know what the court has done, and can choose to revisit it.

Well, usually.

The Foreign Intelligence Surveillance Court (FISA court) that governs the national surveillance state is also remaking the law. But it’s remaking the law in secret. The public has no opportunity to weigh in, and Congress can’t really make changes, because few know what the court is deciding, and almost no one can discuss the decisions without endangering themselves.

One example: The Wall Street Journal reports that the FISA court quietly reinterpreted the language of the PATRIOT Act so the word “relevant” — which governs the information the government can scoop up — no longer means, well, “relevant.” It means “yeah, sure, whatever you want.”

The Journal quotes Mark Eckenwiler,who served as the Justice Department’s primary authority on federal criminal surveillance law until December, saying, ”‘Relevant’ has long been a broad standard, but the way the court is interpreting it, to mean, in effect, ‘everything,’ is new.”

In the New York Times, Eric Lichtbau reports that this kind of ambition has become common on the FISA court. “The rulings, some nearly 100 pages long, reveal that the court has taken on a much more expansive role by regularly assessing broad constitutional questions and establishing important judicial precedents, with almost no public scrutiny, according to current and former officials familiar with the court’s classified decisions.”

He quotes a former intelligence official who puts the situation very bluntly: “We’ve seen a growing body of law from the court.”

Surveillance types make a distinction between secrecy of laws, secrecy of procedures and secrecy of operations. The expectation is that the laws that empower or limit the government’s surveillance powers are always public. The programs built atop those laws are often secret. And the individual operations are almost always secret. As long as the public knows about and agreed to the law, the thinking goes, it’s okay for the government to build a secret surveillance architecture atop it.

But the FISA court is, in effect, breaking the first link in that chain. The public no longer knows about the law itself, and most of Congress may not know, either. The courts have remade the law, but they’ve done so secretly, without public comment or review.

“The government is operating under rules different from the rules that are made public,” says Elizabeth Goitein, co-director of the Brennan Center for Justice’s Liberty and National Security Program.

These rules have been remade in a court where the government is the only witness, and there’s no possibility for appeal, and all 11 judges were chosen by Chief Justice John Roberts, and 10 of the 11 judges were Republican appointees to the federal bench. This is not a court like any other court in the United States save for the secrecy. It’s a court pretty much unlike any other in the United States.

When asked who watches over the National Security Agency’s surveillance efforts, the administration says that the FISA courts do. Trite as it may be, that leads to the age-old question: Well, then who watches over the watchers?
http://www.washingtonpost.com/blogs/...eillance-laws/





Secret Court's Redefinition of 'Relevant' Empowered Vast NSA Data-Gathering
Jennifer Valentino-Devries and Siobhan Gorman

The National Security Agency's ability to gather phone data on millions of Americans hinges on a secret court ruling that redefined a single word: "relevant."

This change—which specifically enabled the surveillance recently revealed by former NSA contractor Edward Snowden—was made by the secret Foreign Intelligence Surveillance Court, a group of judges responsible for making decisions about government surveillance in national-security cases. In classified orders starting in the mid-2000s, the court accepted that "relevant" could be broadened to permit an entire database of records on millions of people, in contrast to a more conservative interpretation widely applied in criminal cases, in which only some of those records would likely be allowed, according to people familiar with the ruling.

In interviews with The Wall Street Journal, current and former administration and congressional officials are shedding new light on the history of the NSA program and the secret legal theory underpinning it. The court's interpretation of the word enabled the government, under the Patriot Act, to collect the phone records of the majority of Americans, including phone numbers people dialed and where they were calling from, as part of a continuing investigation into international terrorism.

"Relevant" has long been a broad standard, but the way the court is interpreting it, to mean, in effect, "everything," is new, says Mark Eckenwiler, a senior counsel at Perkins Coie LLP who, until December, was the Justice Department's primary authority on federal criminal surveillance law.

"I think it's a stretch" of previous federal legal interpretations, says Mr. Eckenwiler, who hasn't seen the secret ruling. If a federal attorney "served a grand-jury subpoena for such a broad class of records in a criminal investigation, he or she would be laughed out of court."

Two senators on the Intelligence Committee, Ron Wyden (D., Ore.) and Mark Udall (D., Colo.), have argued repeatedly that there was a "secret interpretation" of the Patriot Act. The senators' offices tell the Journal that this new interpretation of the word "relevant" is what they meant. An official at FISC, the secret court, declined to comment. The NSA referred questions to the Justice Department, saying this provision of the Patriot Act addressed FBI authorities. The Justice Department didn't comment.

U.S. surveillance programs are under fresh scrutiny after Mr. Snowden, the former NSA contractor, among other things revealed a secret order from the surveillance court directing Verizon Business Services Inc. to turn over "comprehensive communications routing information" to the NSA. Mr. Snowden also revealed a classified draft of a 2009 NSA Inspector General report that provides further details on the phone program and a related one that gathered Internet data. Other large phone companies, including AT&T Inc. and Sprint Nextel Corp., receive similar orders every three months, former officials say.

Under the Patriot Act, the Federal Bureau of Investigation can require businesses to hand over "tangible things," including "records," as long as the FBI shows it is reasonable to believe the things are "relevant to an authorized investigation" into international terrorism or foreign intelligence activities.

The history of the word "relevant" is key to understanding that passage. The Supreme Court in 1991 said things are "relevant" if there is a "reasonable possibility" that they will produce information related to the subject of the investigation. In criminal cases, courts previously have found that very large sets of information didn't meet the relevance standard because significant portions—innocent people's information—wouldn't be pertinent.

But the Foreign Intelligence Surveillance Court, FISC, has developed separate precedents, centered on the idea that investigations to prevent national-security threats are different from ordinary criminal cases. The court's rulings on such matters are classified and almost impossible to challenge because of the secret nature of the proceedings. According to the court, the special nature of national-security and terrorism-prevention cases means "relevant" can have a broader meaning for those investigations, say people familiar with the rulings.

The use of computers to look for links in massive data sets also means information previously not considered relevant could today, in fact, be important in some broad investigations, says Paul Rosenzweig, a former Deputy Assistant Secretary for Policy in the Department of Homeland Security in the administration of President George W. Bush.

"Large databases are effective" for this type of analysis "only to the extent they are actually comprehensive," says Mr. Rosenzweig, founder of homeland-security consultant Red Branch Consulting PLLC.

This explanation echoes recent statements by the Obama administration. "More narrow collection would limit our ability to screen for and identify terrorism-related communications," said James Clapper, Director of National Intelligence, in a statement June 6.

People familiar with the system that uses phone records in investigations say that the court's novel legal theories allow the system to include bulk phone records, as long as there are privacy safeguards to limit searches. NSA analysts may query the database only "when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization," according to Mr. Clapper.

The NSA database includes data about people's phone calls—numbers dialed, how long a call lasted—but not the actual conversations. According to Supreme Court rulings, a phone call's content is covered by the Constitution's Fourth Amendment, which restricts unreasonable searches, but the other types of data aren't.

The idea that large databases of American activity were needed to prevent terrorism gained steam following the terror attacks of Sept. 11, 2001. Soon after, the Bush administration began several expanded surveillance efforts.

Amid controversy over the programs starting in 2004, the administration agreed to move domestic Internet data collection under the authority of FISC orders, according to the Inspector General's report revealed by Mr. Snowden. (That Internet data collection program ended in 2011, the NSA has said.) By 2006, the administration looked to move the phone-records program under the court as well, according to the report.

In 2005 and early 2006, some lawmakers tried to tighten the Patriot Act when it came up for reauthorization. At that time, the part of the law being used to get phone records required investigators simply to state that records were sought for an authorized investigation into terrorism or foreign intelligence—a lower standard than "relevant." Congress added the word "relevant" to the law, but senators who wanted even stricter standards—which would have ended the ability to collect bulk phone records—failed.

Former Sen. Jon Kyl spoke on the floor of the Senate in favor of the "relevance" standard. "We all know the term 'relevance.' It is a term that every court uses," he said in 2006. "The relevance standard is exactly the standard employed for the issuance of discovery orders in civil litigation, grand jury subpoenas in a criminal investigation," he said.

But a few people cautioned that "relevant" could be defined to the point of irrelevance. "Relevance is a very broad standard that could arguably justify the collection of all kinds of information about law-abiding Americans," former Sen. Russ Feingold said on the Senate floor in February 2006. He argued for stricter wording, and failed.

President Bush signed the Patriot Act reauthorization in March 2006. And the NSA and Justice Department set about persuading the secret court, FISC, that the law allowed them to obtain bulk phone records.

The Bush administration didn't see the argument as a difficult one to make. According to the draft Inspector General's report revealed by Mr. Snowden, the administration had won court approval of the Internet data program two years before, something that made it easier to answer the court's questions. Of the requirement to show "relevance," a former official familiar with the discussions at the time says: "Usually, it's a pretty generous standard."

The court did limit the number of people who could access the data, and it required "more stringent oversight" by the Justice Department, according to the Inspector General's report. But in May 2006, the secret court agreed that, even with the addition of the word "relevant," bulk phone records could also be collected under the law.

The legal interpretations required to make this change were "aggressive," says Timothy Edgar, a former top privacy lawyer at the Office of the Director of National Intelligence and the National Security Council in the Bush and Obama administrations. Still, considering that the program previously had less congressional or court oversight, many lawmakers saw this as a step forward, he says.

"It wasn't seen that we're pushing the boundaries of surveillance law here," Mr. Edgar says. "It was the very opposite. You're starting from a huge amount of unilateral surveillance and putting it on a much sounder legal basis."

Some lawmakers now disagree. "The government must request specific records relevant to its investigation," Rep. Jim Sensenbrenner (R., Wis.), one of the authors of the Patriot Act, says. "To argue otherwise renders the provision meaningless," he says. "It's like scooping up the entire ocean to guarantee you catch a fish."

Given the traditional legal definition of relevant, Mr. Edgar says, it is "a fair point" to say that someone reading the law might believe it refers to "individualized requests" or "requests in small batches, rather than in bulk database form." From that standpoint, he says, the reinterpretation of relevant amounts to "secret law."

Still, he says, Congress repeatedly had the option to prohibit in legislation the bulk collection of records, and it didn't.

Defenders of using the Patriot Act this way make similar arguments. In a statement last month, the chair and ranking minority member on the Senate Intelligence Committee said that both the House and Senate Intelligence and Judiciary committees have "been briefed extensively" on this.

Mr. Edgar added, however, that Congress couldn't fully debate the issue because the program wasn't public.
http://online.wsj.com/article_email/...DEwNDgyWj.html





Judge Orders U.S. to Release Aaron Swartz’s Secret Service File
Kevin Poulsen

A federal judge in Washington, D.C. on Friday ordered the government to promptly start releasing thousands of pages of Secret Service documents about the late activist and coder Aaron Swartz, following months of roadblocks and delays.

“Defendant shall promptly release to Plaintiff all responsive documents that it has gathered thus far and shall continue to produce additional responsive documents that it locates on a rolling basis,” wrote U.S. District Judge Colleen Kollar-Kotelly.

The order was issued in my ongoing FOIA lawsuit against the Department of Homeland Security – the Secret Service’s parent agency.

It was Secret Service agents who, in 2011, investigated Swartz’ bulk downloads from the JSTOR academic database, leading to the computer hacking and wire fraud case that loomed over Swartz at the time he committed suicide in January.

That criminal case was formally dismissed after Swartz’s death. Yet in February, the Secret Service denied in full my request for any files it held on Swartz, citing a FOIA exemption that covers sensitive law enforcement records that are part of an ongoing proceeding. Other requestors reported receiving the same response.

When the agency ignored my administrative appeal, I enlisted David Sobel, a top DC-based FOIA litigator, and we filed suit. In May, the government belatedly answered my appeal, conceding that the law enforcement exemption no longer applies. But it still hasn’t produced any documents. The government then missed a May 23 deadline to file a reply to the lawsuit.

And then last Wednesday, the Justice Department lawyer on the case asked the court for still more time. He says the government has just discovered a vast new tranche of documents on Swartz.

Defendant has exercised diligence in processing these records. As part of that effort, it undertook an additional search for responsive records in certain agency files, including files located outside agency headquarters in the Washington, D.C. area. Based on this additional search, it learned yesterday, July 2, of files located outside the agency’s headquarters that contain several thousand additional pages that may be responsive to Plaintiff’s FOIA request. […]

The agency’s review of those files will require a substantial amount of additional time.


Judge Kollar-Kotelly is giving the government until August 5 to answer the lawsuit and produce a timetable for releasing all the responsive documents. In the meantime, the government has to start releasing the files it’s already processed. You’ll see them here when I get them.
http://www.wired.com/threatlevel/201...a/?cid=9593124





NYC Cases Show Crooked Cops' Abuse of FBI Database
Tom Hays

It's billed by the FBI as "the lifeline of law enforcement" — a federal database used to catch criminals, recover stolen property and even identify terrorism suspects.

But authorities say Edwin Vargas logged onto the restricted system and ran names for reasons that had nothing to do with his duties as a New York Police Department detective. Instead, he was accused in May of looking up personal information on two fellow officers without their knowledge.

The allegation against Vargas is one of a batch of corruption cases in recent years against NYPD officers accused of abusing the FBI-operated National Crime Information Center database to cyber snoop on co-workers, tip off drug dealers, stage robberies and — most notoriously — scheme to abduct and eat women.

The NCIC database serves 90,000 agencies and gets 9 million entries a day by users seeking information on stolen guns and cars, fugitives, sex offenders, orders of protection and other subjects, according to an FBI website. The NYPD system — called the "Finest," as in "New York's Finest" — also allows access to state criminal and Department of Motor Vehicles records.

How often the database is used for unauthorized purposes is unclear. The NYPD insists that officers are under strict orders to use it only during car stops, ongoing investigations or other police work. The department assigns them login names and passwords that allow supervisors to track their usage on desktop computers in station houses or on laptops in patrol cars.

NYPD recruits are warned that "if you misuse or you access information in an inappropriate manner ... you are in serious trouble — such as being prosecuted, being fired and also big fines," a police academy instructor testified at the trial of Gilbert Valle, who was convicted in March in a bizarre plot to kidnap, cook and cannibalize women.

In addition, an FBI compliance unit conducts spot audits to examine users' "policies, procedures, and security requirements," the FBI said in a statement. The FBI also requires each state to have its own audit programs and claims that "malicious misuse is not commonly discovered."

But both the instructor testifying at the Valle trial and an Internal Affairs Bureau investigator who took the witness stand in an earlier case have conceded that officers can easily circumvent safeguards.

The investigator testified as a government witness at the 2010 trial of an NYPD officer accused of using the database to conduct surveillance of a perfume warehouse in New Jersey before an armed robbery there. He told jurors that officers often do searches while logged in under another officer's name — either out of neglect or, in this case, intent.

"Unfortunately ... it's not unusual that it happens," the investigator said.

The instructor, when asked about an officer's ability to effectively log in anonymously, responded, "I know it occurs. I wouldn't say it's common, but I know it does occur."

At a trial where Valle was convicted in March, prosecutors alleged that the officer used the database — sometimes accessing it while riding in a patrol car with his supervising sergeant — to help compile dossiers on women that listed their birthdates, addresses, heights and weights. None of the women were harmed, but prosecutors alleged he went as far as to show up on one woman's block after striking an agreement to kidnap her for $5,000 for a New Jersey man who wanted to rape and kill her.

In another database abuse case last year, federal authorities charged NYPD patrolman Jose Tejada with being a member of a crew that posed as police officers while staging more than 100 robberies of drug traffickers that netted more than 250 kilograms of cocaine and $1 million in cash.

Tejada "ran the names of coconspirators through law enforcement databases to determine whether there were active warrants in the names of the coconspirators," prosecutors said in court papers. "In connection with these searches, Tejada advised coconspirators whether they could re-enter the United States without being arrested by law enforcement authorities."

The cases aren't confined to New York. In the last six years, authorities have accused a Memphis police officer of using the NCIC database to leak information to a confidential informant about a watch dealer who the informant believed had stolen a Rolex; a reserve patrolman in Clarkston, Ga., of running names and license plates for marijuana dealers; a Montgomery County, Md., officer of running checks on cars belonging to a woman who later reported that the vehicles had been vandalized; and a Hartford, Conn., police sergeant of supplying database records to a woman who used them to harass her ex-boyfriend's new girlfriend.

In the case of Vargas, the NYPD detective, prosecutors allege he hacked into the email accounts and passwords of 21 fellow officers and nine others. At least two times, he used the NIRC database without authorization to look up information on two officers whose private email accounts he'd secretly obtained, authorities said.

Prosecutors didn't give a motive, but police officials suggested he was looking to see who his ex-girlfriend, also a police officer, was chatting with. His lawyer said he was "shocked" by the allegations.

If convicted, Vargas would be fired from the force and face a year behind bars.
http://news.yahoo.com/nyc-cases-show...162152158.html





Data Brokers Are Now Selling Your Car's Location For $10 Online
Adam Tanner

The Berkeley Marina, a stretch of park and an enclosed yacht harbor, juts into the San Francisco Bay. Visitors regularly drive there to admire the dramatic view that includes Alcatraz Island and the Golden Gate Bridge. When I lived in the area, I often parked my car, surveyed the vista for many minutes, then drove away if the weather did not prove ideal for windsurfing.

When fertilizer salesman Scott Peterson made his last visits to the Berkeley Marina from his hometown of Modesto, Calif., he had a practical goal in mind. He wanted to see whether his pregnant wife whom he had murdered had washed up along the shoreline. In the Peterson case a decade ago, police placed a GPS tracker onto his vehicles when they began to suspect that he was lying. Peterson had driven a few times to the marina homicide site, even though he told police he had only learned his wife had gone missing after returning from a fishing expedition to the San Francisco Bay. That GPS evidence eventually helped convict him of murder; he is now on death row.

I thought of this story, revealed at Peterson’s murder trial which I occasionally attended, when a prominent data broker announced two weeks ago that it had begun selling locational information on license plates that have been filmed and identified. In recent years, police have also widely embraced license plate recognition to track suspected criminals. Repo men use the technology to recover vehicles; casinos in Las Vegas employ it to monitor cars in their parking lots. And now data broker TLO has begun selling information about the time and location at which cars have been sighted.

“With a massive database of one BILLION vehicle sightings and the addition of up to 50 million new sightings each month, Vehicle Sightings provide valuable information for both locating subjects and investigating the historical whereabouts of both individuals and vehicles,” advertises TLO, a data broker that caters to lawyers, private investigators, law enforcement and insurance firms, among others.

The service charges $10 per category of each license plate look up, divided into current, recent and historical. Cars are photographed or filmed and then matched with license plate recognition software. Initially I imagined a database that knew almost as much as a GPS locator: that you drove out of state three weekends ago, stopped off at the pharmacy on the way, spent the afternoon at a baseball game, then had dinner at a specific restaurant.

In reality, the feature is quite far from the all-knowing eye in the sky, although it can still reveal intimate clues. I searched for my own car, as well that those of two relatives with their permission. Of five cars that I looked up, three cars turned up nothing, but I found data on the other two.

One car had a single sighting: it was parked on Manhattan’s Upper West Side at 12:40 in the morning last December. The report included a picture of the car and license plate. A link showed exactly where the car was on Google Maps. For another car, the search turned up data from August last year which showed it parked in Austin, Texas, a few minutes after noon. The lot was in front of a building of doctors’ offices, potentially revealing intimate information about that person’s activity that day.

Simple math suggests it may be a while before such license plate recognition systems can regularly spot specific vehicles. TLO advertises it has a billion vehicle sightings, but according to the U.S. Department of Transportation, there are more than a quarter of billion registered vehicles in the country. That means TLO would hold an average of four sightings per vehicle.

“While the coverage is nationwide, certainly there will be areas with more expansive coverage than others,” said James Reilly, TLO’s senior vice president of sales and business development. “Variables such as the amount of time the vehicles are stationed in inaccessible areas (i.e. secured lots at places of employment, gated communities, etc.) could certainly affect the number of opportunities for ‘sighting.’”

Law enforcement agencies are among the biggest users of automated license plate recognition. Drivers’ information is one of the few sectors of personal data granted strong legal protections, along with areas such as medical, financial and job hiring data. TLO’s core clients such as law enforcement, private investigators and others can obtain the information if they have a legally permissible use.

Still, anyone can photograph and catalog license plates in public. Some private companies such as MVTRAC, which says it has spent many millions of dollars collecting hundreds of millions of vehicle sightings, supplies repo men, law enforcement and others access to its database of recorded plate numbers.

“People are afraid of the government collecting phone records from Verizon and the government’s response was you don’t understand we’re not really spying on you, it’s metadata,” said Scott Jackson, MVTRAC’s founder and CEO. “People don’t understand what metadata is. It’s abstract data that is just sitting there and it has no meaning whatsoever until one day there is a Scott Peterson who all of a sudden now he is a suspect.”

“Now you can take that plate and you can reach into the metadata that up to then had no meaning whatsoever, and the next thing you know you can interpolate various patterns of movement, what his patterns were in terms of habits.”

Yet Jackson said his industry was years and years away from possessing enough data to reconstruct a random person’s driving on a given day. Obviously GPS or cell phone data would far more accurately record what any individual car does than photos captured externally. In the Peterson murder case, the GPS evidence proved important to the prosecution because the victim’s body washed ashore months later in the San Francisco Bay near where he had often visited. Yet GPS data is harder to obtain. Last year the U.S. Supreme Court ruled that police needed a warrant to attach a tracker on a suspect’s car.

One possible longer term issue around license plate recognition is that new firms in the field seeking to gain market share could gather specific data such as who was visiting what churches or mosques, underground clubs, or medical clinics and perhaps distribute that information more freely than companies now do.

“Because legislation and our Congress is not going to be able to keep up with the dramatic growth of big data, people who are aggregating data do have at least a reasonable social responsibility to make sure that they handle themselves with reasonableness,” says Jackson of MVTRAC. “I don’t think it would be reasonable for me to put out all the data and say these are all the cars that drove by at this intersection — although lawful.”
http://www.forbes.com/sites/adamtann...tted-your-car/





A Look at the Black Underbelly of Windows 8.1 'Blue'
Woody Leonhard

As Windows 8.1 Milestone Preview testers push and prod their way into the dark corners of Windows 8.1 "Blue," they're finding a bunch of things that go bump in the night. From new and likely unwelcome features, to nudges into the Microsoft data tracking sphere, to entire lopped-off pieces of Windows 8, it looks like Microsoft is changing Windows to further its own agenda.

I'm not talking about the well-documented gotchas with the Win 8.1 Preview -- Microsoft makes no bones about the fact you won't be able to upgrade directly from the Preview to the final, shipping version of Windows 8.1, for example, and it warns repeatedly that you can't uninstall the Milestone Preview. I'm also not talking about typical beta blues -- clicking on a Metro app button and getting dumped back on the Metro Start screen kind of comes with the beta-testing ride. Nor am I talking about the updates to the Preview that have already shipped: I count 10 installed on my 64-bit test machine through Windows Update (not bad for a beta that's only been out for a couple of weeks).

The changes I'm seeing are more ... inscrutable. Some people think they're sinister. Few of them have even a wisp of documentation. We potential Windows 8.1 customers are left trying to figure out what Microsoft intends to do and how the changes will affect the way we work.

Microsoft Accounts bare its fangs

With Windows 8, you're encouraged to set up every new Windows user with a Microsoft Account [1] -- which is to say, it's easy to set up a new user by employing an email address that's been registered with Microsoft. It's possible to create a new Win8 user without providing a Microsoft Account, but you need to click a few rather obscure links in the setup routine to get around the restriction.

On the other hand, it's very difficult to install Windows 8.1 "Blue" Preview without using a Microsoft Account. While there are some clever workarounds [2]to bypass the forced Microsoft Account login, you have to be quite persistent to get the Preview installed without linking your installation -- your computer's unique ID -- to your Microsoft Account.

Microsoft says that the Microsoft Account requirement will be lifted [3] for the final release:

Warning

In order to use Windows 8.1 Preview you must sign in to your PC with a Microsoft account. The option to create a local account will be made available at the final release of Windows 8.1.


But there are no details about how the requirement will be lifted or whether the same hoops that worked with Windows 8 will work with the final version of Windows 8.1

Microsoft can track your local searches

If you use Microsoft Bing or Google search -- or almost any other search engine -- you already know that Microsoft and/or Google can and do keep track of your searches. That's why a casual Web search for "flugelhorn" will result in you seeing targeted ads for flugelhorns on almost every site you visit for the following month.

But running a search on your computer for "flugelhorn" through the Windows 8 Search charm doesn't increase your chances of seeing online ads for flugelhorns -- I think. Although I can't find a suitable legalistic disclaimer anywhere, Microsoft doesn't appear to be scraping, storing, and regurgitating local computer search strings to, uh, enhance your shopping experience.

That's changing by default in Windows 8.1. The new Win8.1 Smart Search -- invoked by default through the Windows 8.1 Search charm -- not only searches your computer for the string you specify. It also, all by itself, gathers up the terms and runs them through a Bing search. Making this cool new feature all the more lovable, Microsoft has officially announced that advertisers will be able to dish up advertising to your computer [4], based on the searches you perform on your computer.

Bing Ads will be an integral part of the new Windows 8.1 Smart Search experience. Now, with a single campaign setup, advertisers can connect with consumers across Bing, Yahoo, and the new Windows Search with highly relevant ads for their search queries. In addition, Bing Ads will include Web previews of websites and the latest features like site links, location, and call extensions, making it easier for consumers to complete tasks and for advertisers to drive qualified leads.

Unless you make Smart Search dumb, you not only hand Microsoft a complete history of all of your local computer search terms, you open your machine up to even more lovely ads, doled out on the Search results pane. If you search for "flugelhorn" on your local computer -- not on the Web, mind you, but on your own computer -- the results that Windows 8.1 shows you will include advertisements for flugelhorns on eBay and Amazon (no, I'm not joking -- try it), local flugelhorn manufacturers, flugelhorn party consultants, and no doubt some day flugelhorn addiction services.

You can turn Smart Search off by bringing up the Settings charm, clicking or tapping Change PC Settings, then choosing Search and Apps, and moving the Use Bing to Search Online slider off.

The Windows Experience Index bites the dust -- or does it?

If you look for the Windows Experience Index in the Windows 8.1 "Blue" Preview, you won't find it. While nobody ever took WEI too seriously -- it's a bit preposterous to think that you can distill a PC's performance down to a single number -- I've long used WEIs to quickly compare computers while I'm out shopping. They're also useful to double-check on new drivers, to see if they've boosted or strangled processing speeds.

Nobody knows for sure -- and Microsoft hasn't commented at all -- but it appears the WEI is dead. Nazmus Khandaker on the McAkins Online blog [5] puts it this way:

Microsoft removed the Experience Index from Windows RT but kept it on the original release of Windows 8 in October 2012. However with Windows 8.1, Microsoft has decided to kill off the Experience Index completely. I have tested this on several PCs (touch and nontouch). Before upgrading my PCs, I was able to view the Experience Index on Windows 8.0. After upgrading to Windows 8.1, they were no longer present.

One possible reason for its sudden disappearance: The lofty and expensive Microsoft Surface Pro gets a 5.6 on the WEI scale. That would've been a good score three or four years ago on a middle-of-the-road PC. I have an old single-core i3 machine with a Windows 8 WEI of 7.0.

The Metro Photos app loses its connections

The Windows 8.1 Metro Photos app that's circulating at the moment is a mess. While it sports a few new features [6] -- crop, rotate, auto slideshows, red-eye removal, all the features you would've expected from a photo app 10 years ago -- the current app can't even access photos stored on a network share or on SkyDrive. Clearly, it was rushed out the door.

The reason for the trampled release appears to be Microsoft's canning of its Facebook and Flickr links.

Windows 8 had automatic connections to your local pictures library, network shares, SkyDrive, Facebook, and Flickr; Win8 combines photos from all of those sources and offers them up with one, unified view. The Windows 8.1 "Blue" Preview can only get at local pictures. It uses the cumbersome-but-finger-friendly "file picker" metaphor for selecting files and folders. Barb Bowman, community moderator for Microsoft's Answers forum and a Microsoft MVP, took Microsoft to task [7]:

Photos App in 8.1 loses most of its best features, e.g., Facebook/Flickr support, network/homegroup support. I've just installed the 8.1 Preview on a desktop. The Photos App has changed:

1. No longer includes the ability to show images from Facebook, Flickr, SkyDrive

2. No longer allows images from other computers or the network


Microsoft hasn't responded officially to the burgeoning complaints, although a person who identified herself as Microsoft employee CarmenZ posted this in response:

In Windows 8, we wanted to provide a way for folks to view their photos on other services knowing there would be few (if any) apps in the store at launch that would do so. Now there are many apps in the store that offer ways to view photos on other services and soon there will even be a Facebook app from Facebook. We’re confident Facebook will offer great ways to view and engage socially with photos on Facebook. We welcome Flickr to do the same. In addition, the People app still offers the ability to socially engage with your friends and even your own photos.

Undeterred, Bowman fired back [8]:

This morning I was sending a tweet in a Windows 8[.1] App and when I used the image button, the Photos App opened (and not Windows Explorer, which is what happens on RTM W8) and was able to attach a file from a networked computer. This is more evidence that the Photos App is part of the OS and not an app ... Since the navigation is there, as evidenced by my experience, the question remains as to why there is no support for network folders in the Photos app itself. Microsoft has responded on the Facebook issue on the original thread, but has pointedly not answered the other questions.

If I were to speculate, I'd say that Microsoft ripped out the Facebook and Flickr parts of Metro Photos and, in a hurry, took out SkyDrive and network folder support. It's inconceivable to me that Microsoft would release a Metro Photos app without copious connections to SkyDrive -- if only to sell more SkyDrive space.

About the same time this observation hit the fan, Microsoft announced, quite unexpectedly, that Facebook would finally build a Metro Facebook app.

I think we're seeing a quid pro quo in action -- Facebook finally agrees to join the Windows Store and, in exchange, Microsoft agrees to drop Facebook integration from Metro Photos. If true, might other Microsoft Metro apps follow suit? And where's the Metro Flickr app?

Times really have changed if Facebook can arm-wrestle Microsoft into submission.

(Thanks for the heads-up, AR.)
https://www.infoworld.com/t/microsof...81-blue-222175





Report Indicates More Extensive Cooperation by Microsoft on Surveillance
James Risen

Microsoft has collaborated with the National Security Agency more extensively than it previously acknowledged, providing the spy agency with up-to-date access to its customer data whenever the company changes its encryption and related software technology, according to a new report based on disclosures by the former N.S.A. contractor Edward J. Snowden.

Quoting classified internal N.S.A. newsletters obtained from Mr. Snowden, The Guardian newspaper reported that Microsoft had helped the security agency find ways to circumvent its encryption on its Outlook.com portal’s encrypted Web chat function, and that the agency was given what The Guardian described as “pre-encryption stage” access to e-mail on Outlook, including Hotmail e-mail.

The Guardian, which did not release the N.S.A. documents that it quoted, said that Microsoft had also provided the F.B.I. with access to its SkyDrive service, a cloud storage service with millions of users.

Microsoft, according to The Guardian, also worked with the F.B.I. to study how Outlook allowed users to create e-mail aliases, while Skype, now owned by Microsoft, worked with the government to help it collect both the video and audio of conversations. It also reported that information collected through the N.S.A. program code-named Prism was shared with both the F.B.I. and the C.I.A.

Microsoft said in a statement that it only provided access to its systems when required to do so by court orders.

“We only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks,” the company said in its statement. “To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product. Finally, when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request.”

The latest disclosure from documents leaked by Mr. Snowden underscores the increasingly close ties between the N.S.A. and the high-tech community. Microsoft, Facebook and other companies have already been forced to address questions about their cooperation with the agency following Mr. Snowden’s disclosure of the Prism surveillance program.

Many of the companies have repeatedly denied that they agree to blanket collection requests from the government, despite evidence that the government has for years collected huge amounts of phone and Internet data from American citizens. An N.S.A. Internet metadata collection program revealed by Mr. Snowden, for example, was halted in 2011 only after two members of the Senate Intelligence Committee began to question its value.

Fearing a negative public response to their cooperation, some Silicon Valley companies are beginning to openly push back against the security agency. Yahoo, for example, is now asking the Foreign Intelligence Surveillance Court, the secret court that rules on data collection requests by the government, to allow it to make public the record of its 2008 challenge to the constitutionality of the law requiring it to provide its customer data to the agency.

A Yahoo spokeswoman said Thursday that the company was “seeking permission from the FISA court to unseal the arguments and orders from the 2008 case.”

Yahoo said in a public filing with the FISA court this week that releasing documents about the 2008 case would allow it “ to demonstrate that it objected strenuously to the directives that are now the subject of debate, and objected at every stage of the proceeding, but that these objections were overruled and its request for a stay was denied.”

Signs of a popular backlash against the security agency’s large-scale collection of the personal data of Americans have convinced a leading privacy advocate in Congress that the Obama administration may soon begin to back away from the most aggressive components of the agency’s domestic surveillance programs.

The advocate, Senator Ron Wyden, an Oregon Democrat and a member of the Senate Intelligence Committee, said in an interview Thursday that he believed that the security agency might soon abandon the bulk collection of the telephone calling data of millions of Americans.

The current controversy over the agency’s surveillance policies was first set off after Mr. Snowden leaked a secret FISA court order telling Verizon to turn over calling data from all of its customers. Mr. Wyden now believes that the White House is beginning to recognize that the program raises so many privacy concerns that it is willing to drop it.

“I have a feeling that the administration is getting concerned about the bulk phone records collection, and that they are thinking about whether to move administratively to stop it,” he said. He added he believed that the continuing controversy prompted by Mr. Snowden had changed the political calculus in Congress over the balance between security and civil liberties, which has been heavily weighted toward security since the Sept. 11 terrorist attacks.

“I think we are making a comeback,” Mr. Wyden said, referring to privacy and civil liberties advocates.

Claire Cain Miller contributed reporting from San Francisco.
http://www.nytimes.com/2013/07/12/us...veillance.html





HP Admits to Backdoors in Storage Products

Usernames and passwords in the wild, factory resets possible
Richard Chirgwin

Hewlett-Packard has agreed that there is an undocumented administrative account in its StoreVirtual products, and is promising a patch by 17 July.

The issue, which seems to have existed since 2009, was brought to the attention of The Register by Technion, the blogger who earlier published an undocumented backdoor in the company's StoreOnce products.

Since then, some HP users have confirmed the backdoors in e-mail to The Register, providing evidence of the account names and passwords that allow access to the devices. The Reg can report those credentials would not pass complexity tests required by many websites as they use no numerals, symbols or capital letters.

HP has now issued this security advisory, stating:

“This vulnerability could be remotely exploited to gain unauthorized access to the device.

“All HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer. This functionality cannot be disabled today.

“HP has acknowledged this vulnerability and will provide a patch that will allow customers to disable the support access mechanism on or before July 17, 2013.”

The company states that “Root access to the LeftHand OS does not provide access to the user data being stored on the system”.

Although data isn't accessible via the backdoor, one user with around 50 TB of StoreVirtual capacity said the account gave sufficient access to reboot nodes in a cluster, “and so cripple the cluster”.

“It lets you browse to "SMH » Security » Trusted Management Servers" though, ("Certificates are used to establish the trust relationship between Systems Insight Manager or Insight Manager 7 and the System Management Homepage.") You can use that to import a certificate to trust another Systems Insight Manager box,” said that user, who asked not to be identified.

And, of course, there's the "reset factory defaults" option, which would nuke all a user's data.
http://www.theregister.co.uk/2013/07..._storage_vuln/





Did NSA Put a Secret Backdoor in New Encryption Standard?
Bruce Schneier

Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.

Generating random numbers isn't easy, and researchers have discovered lots of problems and attacks over the years. A recent paper found a flaw in the Windows 2000 random-number generator. Another paper found flaws in the Linux random-number generator. Back in 1996, an early version of SSL was broken because of flaws in its random-number generator. With John Kelsey and Niels Ferguson in 1999, I co-authored Yarrow, a random-number generator based on our own cryptanalysis work. I improved this design four years later -- and renamed it Fortuna -- in the book Practical Cryptography, which I co-authored with Ferguson.

The U.S. government released a new official standard for random-number generators this year, and it will likely be followed by software and hardware developers around the world. Called NIST Special Publication 800-90 (.pdf), the 130-page document contains four different approved techniques, called DRBGs, or "Deterministic Random Bit Generators." All four are based on existing cryptographic primitives. One is based on hash functions, one on HMAC, one on block ciphers and one on elliptic curves. It's smart cryptographic design to use only a few well-trusted cryptographic primitives, so building a random-number generator out of existing parts is a good thing.

But one of those generators -- the one based on elliptic curves -- is not like the others. Called Dual_EC_DRBG, not only is it a mouthful to say, it's also three orders of magnitude slower than its peers. It's in the standard only because it's been championed by the NSA, which first proposed it years ago in a related standardization project at the American National Standards Institute.

The NSA has always been intimately involved in U.S. cryptography standards -- it is, after all, expert in making and breaking secret codes. So the agency's participation in the NIST (the U.S. Commerce Department's National Institute of Standards and Technology) standard is not sinister in itself. It's only when you look under the hood at the NSA's contribution that questions arise.

Problems with Dual_EC_DRBG were first described in early 2006. The math is complicated, but the general point is that the random numbers it produces have a small bias. The problem isn't large enough to make the algorithm unusable -- and Appendix E of the NIST standard describes an optional work-around to avoid the issue -- but it's cause for concern. Cryptographers are a conservative bunch: We don't like to use algorithms that have even a whiff of a problem.

But today there's an even bigger stink brewing around Dual_EC_DRBG. In an informal presentation (.pdf) at the CRYPTO 2007 conference in August, Dan Shumow and Niels Ferguson showed that the algorithm contains a weakness that can only be described a backdoor.

This is how it works: There are a bunch of constants -- fixed numbers -- in the standard used to define the algorithm's elliptic curve. These constants are listed in Appendix A of the NIST publication, but nowhere is it explained where they came from.

What Shumow and Ferguson showed is that these numbers have a relationship with a second, secret set of numbers that can act as a kind of skeleton key. If you know the secret numbers, you can predict the output of the random-number generator after collecting just 32 bytes of its output. To put that in real terms, you only need to monitor one TLS internet encryption connection in order to crack the security of that protocol. If you know the secret numbers, you can completely break any instantiation of Dual_EC_DRBG.

The researchers don't know what the secret numbers are. But because of the way the algorithm works, the person who produced the constants might know; he had the mathematical opportunity to produce the constants and the secret numbers in tandem.

Of course, we have no way of knowing whether the NSA knows the secret numbers that break Dual_EC-DRBG. We have no way of knowing whether an NSA employee working on his own came up with the constants -- and has the secret numbers. We don't know if someone from NIST, or someone in the ANSI working group, has them. Maybe nobody does.

We don't know where the constants came from in the first place. We only know that whoever came up with them could have the key to this backdoor. And we know there's no way for NIST -- or anyone else -- to prove otherwise.

This is scary stuff indeed.

Even if no one knows the secret numbers, the fact that the backdoor is present makes Dual_EC_DRBG very fragile. If someone were to solve just one instance of the algorithm's elliptic-curve problem, he would effectively have the keys to the kingdom. He could then use it for whatever nefarious purpose he wanted. Or he could publish his result, and render every implementation of the random-number generator completely insecure.

It's possible to implement Dual_EC_DRBG in such a way as to protect it against this backdoor, by generating new constants with another secure random-number generator and then publishing the seed. This method is even in the NIST document, in Appendix A. But the procedure is optional, and my guess is that most implementations of the Dual_EC_DRBG won't bother.

If this story leaves you confused, join the club. I don't understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It's public, and rather obvious. It makes no sense from an engineering perspective: It's too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.

My recommendation, if you're in need of a random-number generator, is not to use Dual_EC_DRBG under any circumstances. If you have to use something in SP 800-90, use CTR_DRBG or Hash_DRBG.

In the meantime, both NIST and the NSA have some explaining to do.
http://www.wired.com/politics/securi...tymatters_1115





Hard Drive-Wiping Malware that Hit South Korea Tied to Military Espionage

"Dark Seoul" attack that wreaked havoc is part of spy campaign operating since 2009.
Dan Goodin

The hackers responsible for a malware attack in March that simultaneously wiped data from tens of thousands of South Korean computers belong to the same espionage group that has targeted South Korean and US military secrets for four years, researchers said.

The conclusion, reported in a recently published research paper from security firm McAfee, is surprising. Most groups behind network-based espionage campaigns take pains to remain hidden to ensure their advanced persistent threat (APT) is able to siphon as much sensitive data as possible. The "Dark Seoul" attack, by contrast, has attracted huge amounts of attention because of its coordinated detonation. It struck government and media networks in South Korea precisely at 2pm local time on March 20, affecting both Internet and mobile banking applications, while taking automatic teller machines offline. Until now, researchers speculated the unknown group behind the attack was primarily motivated by a goal of causing disruptions.

In fact, Dark Seoul was just one component of "Operation Troy," a long-term spying campaign targeting military organizations that dates back to at least 2009. The covert operation gets its name from references to the ancient city found in malware developed by the attackers. The malware made use of a sophisticated control network to carry information over Web and Internet relay chat connections that were secured with strong encryption. Remote access tools installed on compromised target machines methodically searched for military terms and downloaded only documents that were deemed important. The malware initially took hold after the attackers planted a previously undocumented "zero-day" exploit on a military social networking site. The technique is known as a watering-hole-style attack, because it attempts to plant drive-by exploits into sites frequented by the people the attackers hope to infect (similar to a hunter targeting its prey as it drinks water).

"McAfee Labs can connect the Dark Seoul and other government attacks to a secret, long-term campaign that reveals the true intention of the Dark Seoul adversaries: attempting to spy on and disrupt South Korea’s military and government activities," McAfee researchers Ryan Sherstobitoff, Itai Liba, and James Walte wrote. "The attackers have attempted since 2009 to install the capability to destroy their targets using an MBR wiper component, as seen in the Dark Seoul incident. From our analysis we have established that Operation Troy had a focus from the beginning to gather intelligence on South Korean military targets. We have also linked other high-profile public campaigns conducted over the years against South Korea to Operation Troy, suggesting that a single group is responsible."

Among the tell-tale signs that the two attacks are related is the code used by Dark Seoul to destroy the master boot record (MBR) of infected machines. That capability also resides in the remote access trojan used in Operation Troy campaigns to wipe data from compromised machines that show they're in the process of being disinfected. By permanently disabling the machines, the attackers stand a much higher chance of hiding their campaign from adversaries. The wiping malware used in the two campaigns weren't identical, but the McAfee report said there were enough similarities that the different samples had to be spawned by the same group.

Also significant, the wiper malware used in Dark Seoul was compiled just hours before it was executed on tens of thousands of machines belonging to South Korean government agencies and media outlets. The timing suggests the targeted computers had been infected days, weeks, or even months in advance, since it's unlikely so many computers could be infected and destroyed in such a short period.

The terms Operation Troy malware searched for included "tactics," "brigade," "logistics," and "Operation Key Resolve," according to the BBC. The last phrase refers to a military exercise involving US and South Korean forces that is carried out every year. The report doesn't identify the group responsible for Operation Troy or the specific South Korean government networks that were infected.

It remains unclear why the wiping Dark Seoul malware was unleashed. The compilation data suggests it was done intentionally rather than by accident. The activation of such a destructive payload touched off the McAfee investigation that ultimately led to the new report about Operation Troy. If the group behind the campaign was hoping to cover its tracks, the clamor it set off by destroying tens of thousands of machines in unison may only have brought attention to a spying operation that previously was largely overlooked.
http://arstechnica.com/security/2013...ary-espionage/





In His Own Words: Confessions of a Cyber Warrior

A longtime friend working as a cyber warrior under contract to the U.S. government provides a glimpse of the front lines
Roger A. Grimes

Much of the world is just learning that every major industrialized nation has a state-sponsored cyber army [1] -- though many of the groups, including team USA, have been around for decades.

I've met a few cyber warriors. As you might imagine, they can't talk much about their duties. But if you work shoulder to shoulder with them long enough, certain patterns emerge. For starters, there are a lot of them. They are well armed with cyber weaponry, and they're allowed to experiment and hack in ways that, as we all now know, might be considered illegal in some circles.

I've been a longtime friend to one cyber warrior. On condition of anonymity, he agreed to be interviewed about what he does for a living and allowed me to record our conversation on a device he controlled, from which I transcribed our conversation. I was able to ask clarifying questions the next day.

We met in person in my boat off the coast of Florida, which might sound very clandestine, except that our primary goal was to catch some fish. It's interesting to note that he did not want me to contact him by email or phone during the months leading up to this interview or for a few months after, even though what he revealed does not disclose any national security secrets. The following is an edited version of our conversation. Certain inconsequential details have been altered to protect his identity.

Grimes: Describe yourself and your occupation.

Cyber warrior: Middle-aged, white male, not married. Somewhat smart. Music lover. Lifetime hacker of all things. Currently working on behalf of armed services to break into other countries' computer systems.

Grimes: What is your background? How did you learn to hack?

Cyber warrior: I got into computers fairly early in my life, though I grew up in a foreign country. My dad split when I was young, and my mom worked a lot. I got into computers by visiting one of the few Radio Shacks near my neighborhood. The sales guy hated me at first because I was always on their computers, but after I taught him a few things, we became good friends for years. I realized I had an aptitude for computers ... that most of the adults around me did not have. By the time I was 15, I had dropped out of school (it wasn't as big of a deal in the country I was in, as it is in most developed countries), and I was working a full-time job as the head IT guy at a federal hospital.

I was hacking everything. I hacked their systems, which wasn't too much of a problem because I was already the head IT guy. They had lost some of the admin passwords to the network and other computer systems, so I had to use my hacking skills to reclaim those systems. I hacked everything: door locks, Master locks, burglar alarms -- anything. For a while, I thought I was a master spy and thief, even though I never stole anything. I would spend all my earnings on buying security systems, install them in my house, then spend all my time trying to bypass them without getting caught. I got pretty good, and soon I was breaking into any building I liked at night. I never got caught, although I did have to run from security guards a few times.

Grimes: What did you like hacking the most: security systems or computer systems?

Cyber warrior: Actually, I loved hacking airwaves the most.

Grimes: You mean 802.x stuff?

Cyber warrior: How cute. How quaint. No, I liked hacking everything that lives in the sky. Computer wireless networks are such a small part of the spectrum. I bought literally dozens of antennas, of all sizes, from small handheld stuff to multi-meter-long, steel antennas. I put them all in a storage shed I rented. I put the antennas up on the roof. I don't know how I didn't get in trouble or why the storage shed people didn't tell me to remove the antennas. I had to learn about electricity, soldering, and power generation. I had dozens of stacked computers. It was my own little cloud, way back when. I would listen for all the frequencies I could. I was next to an airbase and I captured everything I could.

Back then a lot more was open on the airwaves than today. But even the encrypted stuff wasn't that hard to figure out. I would order the same manuals as the equipment they were using and learn about backdoors in their equipment. I could readily break into most of their equipment, including their high-security telephone system. It was fun and heady stuff. I was maybe 16 or 17 then. I was living and sleeping in the shed more than at my home.

One day I started to see strange cars show up: black cars and trucks, with government markings, like out of movie. They cut the lock off my shed and came in the door. My loft was up near the rafters, so I scooted over into the next storage area, climbed down, and went out the side door at the far end of the shed area. I walked off into desert and never went back. I must have left $100,000 worth of computers, radio equipment, and oscilloscopes. To this day, I don't know what happened or would have happened had I stayed -- probably not as much as I was worried about.

Grimes: Then what did you do?

Cyber warrior: My mom got married to my stepdad, and we moved back to the States. I was able to get a computer network admin job pretty quickly. Instead of hacking everything, I started to build operating systems. I'm a big fan of open source, and I joined one of the distros. I wrote laptop drivers for a long time and started writing defensive tools. That evolved into hacking tools, including early fuzzers.

Eventually I got hired by a few of the big penetration-testing companies [5]. I found out that I was one of the elite, even in a group of elites. Most of those I met were using tools they found on the Internet or by the companies that hired us, but all that code was so [messed up]. I started writing all my own tools. I didn't trust any of the hacking tools that most penetration testers rely on. I loved to hack and break into to things, but to be honest, it was pretty boring. Everyone can break into everywhere -- so I made it a game. I would only break in using tools that I built, and I would only consider it a success if none of my probes or attacks ended up in a firewall or other log. That at least made it more challenging.

Grimes: How did you get into cyber warfare?

Cyber warrior: They called me up out of the blue one day -- well, an employment agency on behalf of the other team. They were offering a lot more money, which surprised me, because I had heard that the guys working on behalf of the feds made a lot less than we did. Not true -- it's certainly not true anymore, if you're any good.

I had to take a few tests. I had a few problems getting hired at first because I literally didn't have a background: no credit, no high school or college transcripts. Even the work I had done was not something you could easily verify. But I scored really well on the tests and I was honest on what I had done in the past. They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future coworkers. I was impressed.

Grimes: Explain.

Cyber warrior: They had thousands of people just like me. They had the best computers. They had multiple supercomputers. They had water-cooled computers running around on handtrucks like you would rent library books. The guys that interviewed me were definitely smarter than I was. I went from always being the smartest guy wherever I worked to being just one of the regular coworkers. It didn't hurt my ego. It excited me. I always want to learn more.

Grimes: What happened after you got hired?

Cyber warrior: I immediately went to work. Basically they sent me a list of software they needed me to hack. I would hack the software and create buffer overflow exploits. I was pretty good at this. There wasn't a piece of software I couldn't break. It's not hard. Most of the software written in the world has a bug every three to five lines of code. It isn't like you have to be a supergenius to find bugs.

But I quickly went from writing individual buffer overflows to being assigned to make better fuzzers. You and I have talked about this before. The fuzzers were far faster at finding bugs than I was. What they didn't do well is recognize the difference between a bug and an exploitable bug or recognize an exploitable bug from one that could be weaponized or widely used. My first few years all I did was write better fuzzing modules.

Grimes: How many exploits does your unit have access to?

Cyber warrior: Literally tens of thousands -- it's more than that. We have tens of thousands of ready-to-use bugs in single applications, single operating systems.

Grimes: Is most of it zero-days?

Cyber warrior: It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.

Grimes: What do you like hacking now?

Cyber warrior: Funny enough, it's a lot of wireless stuff again: public equipment that everyone uses, plus a lot of military stuff that the general public knows nothing about. It's mostly hardware and controller hacking. But even that equipment is easy to exploit.

Grimes: Does your team sometimes do illegal things?

Cyber warrior: Not that I know of. We get trained in what we can and can't do. If we do something illegal, it's not on purpose. Well, I can't speak for everyone or every team, but I can tell you the thousands of people I work with will not do anything intentionally illegal. I'm sure it happens, but if it happens, it's by mistake. For instance, I know we accidentally intercepted some government official's conversations one day, someone high-level. We had to report it to our supervisors and erase the digital recordings, plus put that track on our red filter list.

Grimes: You say you don't do anything illegal, but our federal laws distinctly say what we cannot offensively hack other nations. And we are hacking other nations [6].

Cyber warrior: They say we can't hack other nations without oversight. John Q. Public and John Q. Corporation can't hack other nations, but our units operate under laws that make what we are doing not illegal.

Grimes: I know you from many years ago, and I think the young you would revile hacking any government by any government. I think I heard you say this many times, and you were passionate about it.

Cyber warrior: I'm still passionate about it, but the older self realizes that the young self didn't have all the facts. We have to do what we do because [other nation states and other armies] are doing it. If we didn't, we would literally be dead. It's already something that I don't know if we are winning. I know we have the best tools, the best people, but our laws actually stop us from being as good as we could be.

Grimes: What about your job would surprise the average American?

Cyber warrior: Nothing.

Grimes: I really think the average American would be surprised you do what you do.

Cyber warrior: I don't agree. I think everyone knows what we have to do to keep up.

Grimes: What does your work location look like?

Cyber warrior: I work in obscure office park in Northern Virginia. It's close to DC. There's no lettering or identifiers on the building. We park our cars in an underground garage. There are about 5,000 people on my team. I still work for the same staffing company I was hired by. My badge does not say "U.S. government" on it. We are not allowed to bring any computers, electronics, or storage USB drives into the building. They aren't even allowed in our cars, so I'm the guy at lunch without a cellphone. If people were to look around, they could spot us. Look for the group of people being loud that don't have a single cellphone out -- no one texting. Heck, they should let us carry cellphones just so we don't look so obvious.

Grimes: What do you do for a hobby?

Cyber warrior: I play in a hardcore rap/EDM band, if you can imagine that. I play lots of instruments, make beats and percussion stuff. I wish I could make more money doing music than hacking. I'm even considering now leaving my job and doing music. I don't need much money. I have enough for retirement and enough to support my lifestyle.

Grimes: What do you wish we, as in America, could do better hacking-wise?

Cyber warrior: I wish we spent as much time defensively as we do offensively. We have these thousands and thousands of people in coordinate teams trying to exploit stuff. But we don't have any large teams that I know of for defending ourselves. In the real world, armies spend as much time defending as they do preparing for attacks. We are pretty one-sided in the battle right now.

Grimes: What do you think of Snowden [7]?

Cyber warrior: I don't know him.

Grimes: Let me clarify, what do you think of Snowden for revealing secrets [8]?

Cyber warrior: It doesn't bother me one way or the other.

Grimes: What if it could lead to your program shutting down? You'd be without a job.

Cyber warrior: There's no way what we do will be shut down. First, I don't intentionally do anything that involves spying on domestic communications. I don't think anyone in my company does that, although I don't know for sure. Second, it would be very dangerous to stop what we do. We are the new army. You may not like what the army does, but you still want an army.

If I was out of job I'd just get better at playing my instruments. I like to hack them, too.
https://www.infoworld.com/d/security...warrior-222266





Root SSH Key Compromised in Emergency Alerting Systems

Digital Alert Systems From Monroe Electronics Contain a Known SSH Private Key and are Vulnerable to Remote Attack
Steve Ragan

File this one among the stories that fell through the cracks due to the 4th of July holiday in the U.S. According to a July 3 advisory from the Department of Homeland Security’s ICS-CERT, the Root SSH Key for Monroe Electronics emergency alert systems has been compromised.

The private SSH key used in firmware images prior to version 2.0-2 of Monroe’s DASDEC-I and DASDEC-II, which are emergency alert system (EAS) encoder/decoder devices used to broadcast EAS messages over digital and analog channels, has been compromised – though how it happened exactly remains a puzzle.

Emergency Alerting System Can be HackedThe SSH key was hardcoded into the devices, which is bad form really. Most programmers avoid it, but those who use hard-coded crypto keys in their firmware often do so because they feel it is safer than using hard-coded passwords. In reality, this sense of security is a false one.

In the case of Monroe’s hardware, unless the default settings were altered during deployment, then the impacted systems are using a known key that enables remote access – meaning an attacker would have no problems accessing them if they are publically faced or if they’ve already compromised the network.

The vulnerability was discovered by Mike Davis, a principal research scientist at IOActive.

“Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network’s regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,” Davis said.

“These DASDEC application servers are currently shipped with their root privileged SSH key as part of the firmware update package," he continued. "This key allows an attacker to remotely log on in over the Internet and can manipulate any system function. For example, they could disrupt a station’s ability to transmit and could disseminate false emergency information."

Monroe told customers about the problem in April, but have remained silent with regards to how the compromise was brought to their attention. They did however; tell customers that passwords were no longer being hard coded and that changes to password handling were implemented as part of the patching process.

"The EAS is designed to enable the President of the United States to speak to US citizens within 10-minutes of a disaster occurring," IOActive explained. "In the past these alerts were passed from station to station using the Associate Press (AP) or United Press International (UPI) 'wire services' which connected to television and radio stations around the US. Whenever the station received an authenticated Emergency Action Notification (EAN), the station would disrupt its current broadcast to deliver the message to the public."

According to an advisory from the company, most (but not all) of their customers have installed the updated firmware.

"For any of these issues to be resolved, we believe that re-engineering needs to be done on the digital alerting system side and firmware updates to be pushed to all appliances,” Davis said.

Additional technical details on the vulnerabilities from IOActive are available here.
https://www.securityweek.com/root-ss...adcast-systems





Tired of Helping the CIA? Quit Facebook, Venezuela Minister Urges

A Venezuelan government minister on Wednesday urged citizens to shut Facebook accounts to avoid being unwitting informants for the U.S. Central Intelligence Agency, referring to recent revelations about U.S. surveillance programs.

Edward Snowden, a former U.S. National Security Agency contractor who is stuck in a Moscow airport while seeking to avoid capture by the United States, last month leaked details about American intelligence agencies obtaining information from popular websites including Facebook.

"Comrades: cancel your Facebook accounts, you've been working for free as CIA informants. Review the Snowden case!" wrote Prisons Minister Iris Varela on her Twitter account.

Venezuela has offered to provide asylum for Snowden, but he has not responded and appears unable to leave the transit zone of Sheremetyevo International Airport.

He exposed a program known as Prism that relied on customer data supplied by major technology companies.

"Countries and people that have fallen victim to gringo spying should sue the United States to ensure fair compensation. We're going to bankrupt the U.S. economy!" wrote Varela, known for radical rhetoric and ardent support of the late socialist leader Hugo Chavez.

(Reporting by Diego Ore; Editing by Will Dunham)
http://www.reuters.com/article/2013/...96A01120130711





The Quiet Coup: No, Not Egypt. Here.
John Tirman

When is a coup d'etat a coup d'etat? A silly debate about the Egyptian military's complete undoing of the state (presidency, constitution, etc.) is grabbing some attention, mainly because those who applaud the military takeover don't want to describe it accurately. But it nonetheless is an interesting question. And it has resonance not just in the beleaguered Middle East. It has high relevance, sadly, to our own battered republic.

The revelations about spying by the National Security Agency (NSA) on American citizens, foreign governments, and just about everyone in between have been aptly treated as a scandal, although the objects of scorn vary. Edward Snowden, the whistleblower or traitor, depending on your predilections, and Glenn Greenwald, the columnist for The Guardian to whomSnowden revealed most of his information, have shaken the complacent status quo in Washington by revealing the massive, years-long programs to gather data in the name of national security. It's very doubtful that such spying is necessary to protect U.S. security, but that's a topic for another day. So is the media attention to the actions of Snowden and Greenwald (which I believe are brave and necessary).

What is vastly more important is how the spying has been conducted and justified. It comprises nothing less than a coup d'etat.

It's not the kind of coup we are accustomed to, where the CIA prompts thugs to murder a democratically elected president (Chile, 1973), or oust a democratically elected prime minister for challenging oil interests (Iran, 1953) or other U.S. corporate interests (Guatemala, 1954), or gives the green light to a military for security interests (Turkey, 1980; Egypt, 2013?). The generals aren't marching into the presidential palace; the president doesn't have an airplane waiting to fly him to exile in the south of France. No, this coup d'etat has been accomplished by an accretion of power unchecked by any institutions that are empowered by the Constitution. It is not just a coup d'etat (a "blow to the state"), but a blow to the tradition and authority of constitutional government, the sine qua non of the American political experience.

How so? The revelations and subsequent reporting, what press critic Jay Rosen calls the "Snowden Effect," expose a parallel state, one dedicated to massive surveillance and covert operations, with an untouchable judicial structure that approves the spying. Enabled by the USA Patriot Act that President George W. Bush pushed through Congress in the shadow of 9/11, the Foreign Intelligence Surveillance Court operates by its own rules and procedures, ones not subject to anything resembling constitutionality. The Supreme Court, the Fourth Amendment, citizen petitioning -- none of what we have taken for granted as comprising the legal, national state has the power to stop it.

Snowden's and the others' revelations should not be completely surprising, given the work of Dana Priest and William Arkin in their 2011 book, Top Secret America. Many of the most shocking bits were excerpted in the Washington Post, where Priest is a reporter. They uncovered a vast, opaque security bureaucracy, extremely inefficient but aggressively intrusive. "The federal-state-corporate partnership has produced a vast domestic intelligence apparatus that collects, stores, and analyzes information about tens of thousands of U.S. citizens and residents, many of whom have not been accused of any wrongdoing," they wrote. It involved, they calculated, nearly 4,000 organizations in the United States, "each with its own counterterrorism responsibilities and jurisdictions."

So we have had now for at least a dozen years the growth of a parallel state that operates by its own rules, in secret, and in ways that would be considered unconstitutional. (I know we needn't remind our readers of what the Fourth Amendment guarantees, but just to refresh your memories: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.") Again, what's important here is not the mere incidence of the government violating the Constitution, but the creation, nurturing, shielding, and rapid growth of structures that institutionalize an alternative authority, set of rules, and permissible action.

When, years ago, I was researching a book on Turkey, then under the sway of its military, observers would often speak darkly of "the deep state" -- those hidden, powerful, extralegal agencies and cadres that would act on their own authority. Other countries would have them too, usually enabled by police ministries or intelligence agencies. Dissidents, out-of-line newspaper editors, priests and nuns speaking truth to power, union organizers -- these types would come under the scrutiny and often the harsh reprisals of the deep state.

Now we know: the United States of America is partially governed by a deep state, undemocratic, secret, aligned with intelligence agencies, spying on friend and foe, lawless in almost every respect.

If this doesn't constitute a coup d'etat, it's hard to imagine what would. People we barely know of -- the director of NSA, the eleven judges on FISC, who knows who else -- are running the deep state. The actual president seems just fine with everything it's doing, or is so weak-kneed he can't see fit to put an end to it. I'm not sure which is worse.

We have known for many years that corporate money in politics had essentially bought Congress at the expense of the middle class, the environment, and other popular causes. The Israel Lobby owns U.S. policy in the Middle East. Other lobbies -- Big Pharma, military contractors, agribusiness -- have corrupted policy for profiteering through campaign spending and other old tricks of the Washington trade. But the deep state is a different phenomenon -- less about money or corporate privilege, far more about a security pathology that has become embedded, empowered, and rogue, constitutional governance be damned. The seduction of policymakers by corporate money is sad. The psychotic, parallel state is terrifying.
http://www.huffingtonpost.com/john-t...b_3569316.html

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 6th, June 29th, June 22nd, June 15th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 30th, '11 JackSpratts Peer to Peer 0 27-07-11 06:58 AM
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 07:44 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)