P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 12-11-14, 08:27 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - November 15th, '14

Since 2002


































"Simply put: No service should be stuck in a 'slow lane' because it does not pay a fee." – President Barack Obama


"At no point did Wheeler make it clear that he was going to buck the White House." – Marvin Ammori


"I am an independent agency." – FCC Chairman Tom Wheeler






































November 15th, 2014




Pirate Bay Co-Founder Peter Sunde Freed from Prison
Katie Collins

Pirate Bay co-founder Peter Sunde has been released from prison today after being arrested in Sweden earlier this year.

Sunde was convicted of aiding copyright infringement and was initially sentenced to a year a prison. His sentence was later reduced to eight months, but following his conviction he failed to show up at prison and was on the run from Interpol from 2012 until May 2014. He has been incarcerated in a high-security unit ever since he was arrested.

Little is known about Sunde's time inside prison, especially his final few months. In August, German Pirate Party MEP Julia Reda visited Sunde in jail, interviewing him for Torrent Freak. He revealed to Reda that he suffered from boredom and depression and had not been allowed to follow a vegan diet. He also told her that he was "brimming with ideas", particularly when it came to finding ethical ways to fund activism.

No doubt Sunde will also continue working on his other projects now he has his freedom back. Before he was put in prison, he was known to be working on a social micropayments platform called Flattr, and Hemlis, an encrypted messaging app.

Sunde has yet to comment or give any interviews following his release, other than tweeting: "My body just got re-united with my soul and mind, the parts of me that matters and that never can be held hostage. #freebrokep #brokepfree".

He also thanked his supporters and added that he would be offline until tomorrow. "Need to sleep, eat and travel," he said.

His release comes only days after the arrest of the last fugitive co-founder Hans Frederik Lennart Neij in Thailand under an Interpol warrant last week. The week prior to that, Pirate Bay's third co-founder Gottfrid Svartholm was found guilty on hacking charges in Denmark.

Despite all efforts by law enforcement to pursue, detain and punish the three, the Pirate Bay is still going strong.
http://www.wired.co.uk/news/archive/...ed-from-prison





Creator of “Dancing Jesus” Music Site Hit with 32-Month Jail Sentence

UK authorities show they'll keep giving out prison time for copyright crimes.
Joe Mullin

Two men in the United Kingdom have been sentenced to jail for operating "Dancing Jesus," a website with illegal links to music that was operational between 2006 and 2011.

The BBC reports that Kane Robinson, 26, of North Shields, was sentenced to 32 months. Richard Graham, a 22-year-old from Leicestershire, was sentenced to 21 months. At previous hearings, both men admitted they were guilty of the charge of illegal distribution of music.

The Dancing Jesus site had links to more than 250,000 music tracks over its lifespan, according to the British Phonographic Society (BPI). In 2010, the group launched an investigation of the men that also involved the City of London police and the UK Intellectual Property Office.

The US Department of Homeland Security even became involved, seizing the site's Dallas-based servers in 2011.

Robinson was the creator and operator of the site, while Graham was "a major contributor," according to the Leicester Mercury.

The BPI emphasized that much of the music featured on Dancing Jesus was made available before its official release.

"Piracy—particularly pre-release—can make or break an artist’s career and can determine whether a record label is able to invest in that crucial second or third album," said David Wood, director of BPI’s copyright protection unit, who spoke to the press following the sentencing. “In this day and age, with so many quality digital music services available offering access to millions of tracks through free and premium tiers, there is no good reason to use pirate sites that give nothing back to artists and offer a sub-standard experience for consumers."

The site's Twitter feed, inactive since 2009, features the image of a Jesus bobblehead doll and the slogan "because we listen to music before you."

Piracy sites in the US have led to major civil lawsuits, but criminal copyright charges for distributing music are a rarity, with Kim Dotcom's Megaupload being a huge exception to that rule. In the UK, however, private copyright investigations can lead to criminal prosecutions and jail time, such as the four-year-sentence for Anton Vickerman, who created the illegal TV-linking site SurfTheChannel.
http://arstechnica.com/tech-policy/2...jail-sentence/





EFF: ‘Jailbreaking is Not a Crime’ and We Will Fight to ‘Keep it that Way’
Chris Smith

Many smartphone and tablet users, whether on the iPhone or Android, prefer to jailbreak or root their devices in order to better customize them. But not all device makers agree with these practices, and jailbreaking and rooting have been frowned upon. The Electronic Frontier Foundation (EFF) said in a blog post on Thursday that it wants to keep these procedures legal, as “jailbreaking is not a crime.”

The EFF this week filed a petition with the Librarian of Congress and Copyright Office “to extend and expand the exemption that allows you to ‘jailbreak’ your phone from those restrictions, without running afoul of the Digital Millennium Copyright Act (DMCA).”

EFF has already obtained such exemptions in 2010 and 2012, “but thanks to the frustrating way DMCA exemptions are considered, groups like EFF have to return to the Copyright Office and Librarian of Congress every three years and argue the case anew.”

Jailbreaking or rooting a device might be important for users from a security point of view, the EFF argues. “It may be a necessary step before installing security updates after a device has stopped being supported by the manufacturer. In other cases, it may help users install accessibility software that allows them to use a device despite disabilities,” the group said.

EFF further added that copyright law shouldn’t have any impact on jailbreaking phones, but that’s not the case. “Many folks find it strange that copyright law has anything to say about jailbreaking phones and tablets. It seems intuitive that copyright law shouldn’t put severe limits on how we use the devices we own. But because so much of our technology relies on a layer of software—and because that software is usually copyrighted—the law has a foothold that can be used and abused to increase manufacturer control of secondary uses and markets, and to discourage competition,” the EFF said.
http://bgr.com/2014/11/07/eff-iphone...-android-root/





Cory Doctorow: Information Doesn’t Want To Be Free
Cory Doctorow

Editor’s note: Cory Doctorow is a science-fiction author, activist, journalist and blogger, as well as the co-editor of Boing Boing. The former European director of the Electronic Frontier Foundation and co-founder of the U.K. Open Rights Group lives in London. This is an excerpt from the chapter “Worse Than Nothing” from his latest book “Information Doesn’t Want to Be Free” published this month by McSweeney’s.

The technical implausibility and unintended consequences of digital locks are big problems for digital-lock makers. But we’re more interested in what digital locks do to creators and their investors, and there’s one important harm we need to discuss before we move on. Digital locks turn paying customers into pirates.

One thing we know about audiences is that they aren’t very interested in hearing excuses about why they can’t buy the media they want, when they want it, in the format they want to buy it in. Study after study shows that overseas downloading of U.S. TV shows drops off sharply when those shows are put on the air internationally. That is, people just want to watch the TV their pals are talking about on the Internet—they’ll pay for it if it’s for sale, but if it’s not, they’ll just get it for free. Locking users out doesn’t reduce downloads, it reduces sales.

The first person to publish a program to break the digital locks on old-style DVDs, in 1999, was Jon Lech Johansen, a fifteenyear- old Norwegian teenager. “DVD Jon” took up the project because his computer ran the GNU/Linux operating system, for which the movie studios wouldn’t license a DVD player. In order to watch the DVDs he bought, he had to break their locks. Seven years later, Muslix64 broke HD-DVD’s DRM for similar reasons—he wanted to watch a legitimate out-of- region DVD that he’d purchased. Both of these seminal figures in the history of digital locks were inspired not by “piracy” but by frustration with the limitations put on the legitimate media they’d paid good money for.

In 2007, NBC and Apple had a contractual dispute over the terms of sale for Apple’s iTunes Store. NBC’s material was withdrawn from iTunes for about nine months. In 2008, researchers from Carnegie Mellon University released a paper investigating the file-sharing impact of this blackout (“Converting Pirates Without Cannibalizing Purchasers: The Impact of Digital Distribution on Physical Sales and Internet Piracy”). What they found was that the contract dispute resulted in a spike of downloads on “pirate” sites, and not just of NBC material—it seemed that once people who had been in the habit of buying their shows on iTunes found their way onto the free-for-all file-sharing sites, they clicked on everything that looked interesting. Downloads of NBC shows went up a lot, and downloads of everything else went up a little.

More interesting is what happened after the NBC-Apple dispute ended, and the shows returned to iTunes. As the CMU paper showed, download rates for those shows stayed higher than they had been before the blackout. That is:

• Refusing to sell their viewers the content they wanted in the format they preferred drove those viewers to piracy.
• Once the audience started pirating the content they wanted, they quickly turned to pirating other content, too.
• Having become aware of and proficient in the ways of downloading, the audience developed a downloading habit that outlasted the end of the blackout.

Digital-lock vendors will tell you that their wares aren’t perfect, but they’re “better than nothing.” But the evidence is that digital locks are much worse than nothing. Industries that make widespread use of digital locks see market power shifting from creators and investors to intermediaries. They don’t reduce piracy. And customers who run into frustrations with digital locks are given an incentive to learn how to rip off the whole supply chain.

If you’re a publisher, label, or studio, the answer is simple: don’t let companies sell your goods with digital locks on them. And if a company refuses to sell your goods unless they can put their locks on your products? Well, you can be pretty sure that those locks aren’t there for your benefit.

It’s harder if you’re a creator, because many of the biggest investors have bought into the idea of selling with DRM or not at all. When it comes down to negotiating DRM, you just have to make a decision about whether you’re willing to let your creative work be put in some tech company’s jail in order to make your investors happy, or whether you’ll keep shopping for a saner, better investor.

A few years back, I sold a children’s picture book to the largest publisher in the world (which will remain nameless here), which then spent a couple of years developing it with me, commissioning rough illustrations and going through several rounds of rewrites until it was something we were all excited about.

One of my editors at Nameless Giant Publishing was also the head of its UK digital strategy, and he and I were very sympatico, as you might expect. After several months had gone by without a contract showing up at my agent’s office, he called me up and explained what had happened.

He’d gone to the contracts people and requested a no-DRM guarantee for the digital editions of my books. None of us thought it would be a problem, since Nameless Giant is my publisher in several other 34 formats, languages, and territories, and in every case, it sells my work without DRM.

But Nameless Giant had a new directive, from the very top of the business. From now on, all books had to be acquired with e-book rights, and all e-books would have DRM on them. My editor tried to negotiate (“Can we not acquire the e-book rights? No? Okay, how about we acquire them, but promise not to use them?”), but it was in vain.

Finally, my editor explained to the contracts person that the expected return from the digital edition was -£80—that’s negative eighty pounds. In other words, the company expected to lose eighty pounds on the digital edition, based on the performance of its other digital picture books.

The contracts person told my editor that the DRM was non-negotiable, and that if it was going to be a problem, he should cancel my contract.

So my editor quit.

It’s very hard to get angry with an editor who has just quit in protest over your book getting canceled, even in the face of your book getting canceled.

The story has a happy ending. Nameless Giant sank thousands into developing a book that I can now easily sell to one of its less doctrineblind competitors, and I don’t have to let DRM companies lock up my copyrights. Also, my editor got a much better job.
http://techcrunch.com/2014/11/09/worse-than-nothing/





Spotify Says Fights Piracy, has Paid $2 Billion to Artists, Industry
Michael Roddy

The music streaming portal Spotify made an impassioned defence of its business model on Monday, saying it fights music piracy and had paid out $2 billion (1.26 billion pounds) to the industry and artists since its launch in 2008.

The statement in a blog post by CEO Daniel Ek came a week after U.S. singer Taylor Swift pulled her entire catalogue from the popular streaming site as she released her new album "1989", which immediately soared to the top of the U.S. charts.

Swift's label Big Machine has declined to say why it asked for Swift's albums to be removed from the free service of Spotify, which also offers a subscription service to users who want to eliminate advertising.

But in an op-ed piece for the Wall Street Journal in July, Swift wrote that music was valuable and "it's my opinion that music should not be free".

"Taylor Swift is absolutely right: music is art, art has real value and artists deserve to be paid for it," Ek said in the posting on the Spotify website.

He said Spotify was fighting back against music piracy on the Internet, which he said generated "nothing, zilch, zero" revenue for artists, by offering a combined free listening and subscription service that compensates the music industry.

Its subscriber base has grown to 12.5 million, up from 10 million when the number was last reported in May, he said.

With revenue coming largely from advertising and subscriptions, Spotify had paid out $1 billion to the recording industry and artists from 2008 to last year, and another $1 billion since then, Ek said.

"And that's $2 billion worth of listening that would have happened with zero or little compensation to artists and songwriters through piracy or practically equivalent services if there was no Spotify," he said, taking a swipe at competing Internet streaming sites, some of which do not charge users.

"We're working day and night to recover money for artists and the music business that piracy was stealing away," he said.

Spotify, a Swedish start-up, is widely seen as preparing for an IPO at some point in the future, although it has declined to comment on its plans.

(Editing by Tom Heneghan)
http://uk.reuters.com/article/2014/1...0IV1V020141111





Obama Calls for Strict Net Neutrality Policy
Michael D. Shear and Edward Wyatt

President Obama on Monday put the full weight of his administration behind an open and free Internet, calling for a strict policy of so-called net neutrality and formally opposing deals in which content providers like Netflix would pay huge sums to broadband companies for faster access to their customers.

The president’s proposal is consistent with his longstanding support for rules that seek to prevent cable and telephone companies from providing special access to some content providers. But the statement posted online Monday, as Mr. Obama traveled to Asia, is the most direct effort by the president to influence the debate about the Internet’s future.

In the statement, and a video on the White House website, Mr. Obama urged the Federal Communications Commission to adopt the strictest set of neutrality rules possible and to treat consumer broadband service as a public utility, similar to telephone or power companies.

“We cannot allow Internet service providers to restrict the best access or to pick winners and losers in the online marketplace for services and ideas,” Mr. Obama wrote in the statement.

The F.C.C. is an independent agency not subject to Mr. Obama’s direct authority. But the president is adding his voice to the 3.7 million people who submitted comments to the agency, most on behalf of a free and open Internet in which broadband companies could not pick which content would arrive quickly and which would be slowed down.

Mr. Obama said that new rules under consideration by the F.C.C. should adhere to several key principles: No website or service should be blocked by an Internet service provider; no content should be purposefully slowed down or sped up; there should be more transparency about where traffic is routed; and no paid deals should be made to provide a speed advantage to some providers over others in delivering content.

That last principle would directly affect some of the megadeals already being made by companies like Netflix, whose video streaming service has been gobbling up bandwidth and slowing down the Internet as millions of people attempt to watch movies and television shows on their computers and tablets.

Earlier this year, Netflix struck a deal with Comcast under which it pays Comcast for a direct connection into its broadband network so subscribers experience less delay in viewing Netflix’s streaming video.

Mr. Obama said he opposed such deals and urged the commission to adopt rules that would prevent them.

“Simply put: No service should be stuck in a ‘slow lane' because it does not pay a fee,” Mr. Obama wrote. “That kind of gatekeeping would undermine the level playing field essential to the Internet’s growth. So, as I have before, I am asking for an explicit ban on paid prioritization and any other restriction that has a similar effect.”

Tom Wheeler, chairman of the Federal Communications Commission, on Monday said he welcomed the president’s input and said he agreed that the Internet should remain free and open. But he did not say whether he would fully support reclassifying broadband as a utility. He did say, however, that the F.C.C. would need more time to formulate its rules, meaning that a proposal was unlikely to come by the end of the year.

Mr. Wheeler had most recently been leaning toward a hybrid approach to net neutrality, one that would keep a light touch on the consumer end of Internet service but that would apply the more strict Title II oversight to the relationship between an Internet service provider and content companies.

“Whether in the context of a hybrid or reclassification approach,” he said, “Title II brings with it policy issues that run the gamut from privacy to universal service to the ability of federal agencies to protect consumers, as well as legal issues ranging from the ability of Title II to cover mobile services to the concept of applying forbearance on services under Title II.”

“We found we would need more time to examine these to ensure that whatever approach is taken, it can withstand any legal challenges it may face,” he said.

Reaction from some of the biggest broadband companies was swift and negative. Shares of some of the big broadband providers, including Comcast and Time Warner Cable, were down about 3 percent on Monday morning.

Verizon, which brought the court challenge that struck down the F.C.C.'s 2010 rules on net neutrality, called Mr. Obama’s proposal “a radical reversal of course that would in and of itself threaten great harm to the Internet.”

Both Verizon, which provides both wired and wireless broadband services, and CTIA-The Wireless Association, the leading mobile phone association, also decried Mr. Obama’s call to apply net neutrality rules to wireless broadband.

“Imposing antiquated common carrier regulation, or Title II, on the vibrant mobile wireless ecosystem would be a gross overreaction,” said Meredith Attwell Baker, president and chief executive of the trade association and a former Republican commissioner for the F.C.C.

Such action “would impose inappropriate regulation on a dynamic industry and would threaten mobile providers’ ability to invest and innovate, all to the detriment of consumers,” she said.

Consumers groups hailed the president’s statement. Gene Kimmelman, president of Public Knowledge, said: “Today the Obama administration expanded its leadership to promote an open Internet by supporting the strongest tools to prevent blocking or throttling of Internet traffic, and by also supporting the strongest tools to deter fast lanes and prioritized traffic on the public’s most essential communications platform of the 21st century.”
http://www.nytimes.com/2014/11/11/te...ality-fcc.html





Obama and Scalia, United on Broadband as a Utility
Edward Wyatt

The number of issues on which President Obama agrees with Justice Antonin Scalia probably could be counted on one hand. But one such agreement is a doozy – that broadband Internet service should be regulated as a utility.

President Obama on Monday urged the Federal Communications Commission to reverse a decision it made in 2002 that high-speed Internet service shouldn’t be treated as a “telecommunications service” – that is, a sort of utility-like telephone service – under Title II of the Communications Act of 1934.

At the time, the F.C.C. decided that the Internet had a better chance to thrive if broadband were classified as an “information service,” making it subject to a lighter regulatory touch under Title I of the Communications Act.

The commission reasoned that Internet service providers offered not just the transmission of digits, but rather an integrated service that also offered the capability for manipulating and storing information.

That judgment was affirmed by the United States Supreme Court in 2005, in National Cable & Telecommunications Association v. Brand X Internet Services, No. 04-277. The court ruled 6-3 in the case that the F.C.C. correctly decided that the changed market conditions under which the Internet was developing warranted different treatment of broadband.

Republicans have repeatedly seized on that ruling this week in warning the F.C.C. and President Obama against reclassifying broadband as a Title II service.

But attached to the Supreme Court opinion is a strong dissent written by Justice Scalia, one that puts him on the same side with President Obama.

The gist of the majority’s opinion was that broadband companies did not “offer” a telecommunications service by itself to consumers. Rather, the majority wrote, the service was integrated within more complex services and not offered on a stand-alone basis.

Justice Scalia disagreed, joined by two others, Justice Ruth Bader Ginsburg and Justice David H. Souter, who is now retired.

“It seems to me,” Justice Scalia wrote, “that the analytic problem pertains not really to the meaning of ‘offer,’ but to the identity of what is offered.”

“It would be odd to say that a car dealer is in the business of selling steel or carpets because the cars he sells include both steel frames and carpeting,” he wrote. “Nor does the water company sell hydrogen, nor the pet store water (though dogs and cats are largely water at the molecular level).”

What is sometimes true, however, is not always true, Justice Scalia said, and the basis of broadband Internet service is the transmission of digits from one point to another – in other words, a telecommunications service.

“The pet store may have a policy of selling puppies only with leashes,” he wrote, “but any customer will say that it does offer puppies – because a leashed puppy is still a puppy, even though it is not offered on a ‘stand-alone’ basis.”

Most people in the Internet world expect that whatever path the F.C.C. takes will end up back in court. If the dispute makes it to the Supreme Court, broadband might make for strange bedfellows.
http://bits.blogs.nytimes.com/2014/1...-as-a-utility/





The FCC Weighs Breaking with Obama Over the Future of the Internet
Brian Fung and Nancy Scola

Hours after President Obama called for the Federal Communications Commission to pass tougher regulations on high-speed Internet providers, the agency’s Democratic chairman told a group of business executives that he was moving in a different direction.

Huddled in an FCC conference room Monday with officials from major Web companies, including Google, Yahoo and Etsy, agency Chairman Tom Wheeler said he preferred a more nuanced solution. His approach would deliver some of what Obama wants but also would address the concerns of the companies that provide Internet access to millions of Americans, such as Comcast, Time Warner Cable and AT&T.

“What you want is what everyone wants: an open Internet that doesn’t affect your business,” a visibly frustrated Wheeler said at the meeting, according to four people who attended. “What I’ve got to figure out is how to split the baby.”

The dissonance between Obama and Wheeler has the makings of a major policy fight affecting multibillion-dollar industries. The president wants clear rules to prevent Internet service providers from auctioning the fastest speeds to the highest bidders, a scenario that could favor rich Web firms over start-ups.

Wheeler, a former lobbyist for the cable and telecommunications industry, has floated proposals that aim to limit the ability of service providers to charge Web companies, such as Netflix or Google, to reach their customers. But critics have argued that his approach would give the providers too much leeway to favor some services over others.

Given the high stakes, White House aides had wrestled over whether Obama should publicly prod the FCC to adopt the strongest rules possible on the “net neutrality” issue. Ultimately, aides felt that a public stance would galvanize allies in Congress as well as young, tech-savvy progressives, a key part of the Democratic base, according to several people familiar with the matter. The decision to speak out also comes as Democrats are aggressively courting Silicon Valley in preparation for the 2016 campaigns.

But the move by the White House has put Wheeler in an uncomfortable spotlight. The two men have long been allies. Wheeler raised hundreds of thousands of dollars for Obama’s campaign and advised the president on his transition into the White House. Obama last year appointed Wheeler to lead the FCC as it was poised to tackle its biggest issue in years — the rules that govern content on the Web.

A growing source of frustration for White House and congressional Democrats is that they have three of their own on the five-member commission at the FCC, a majority that should give them the power to push through a policy of their liking. But if Wheeler charts a different course, he could bring the other members along with him.

And, as Wheeler reminded participants at his meeting with Web companies Monday, the FCC does not answer to the Obama administration.

“I am an independent agency,” Wheeler told them repeatedly, according to several officials.

Both Wheeler and the FCC declined to comment for this story. The White House had no additional comment beyond the president’s statement Monday, in which he said the FCC is an independent agency and “ultimately this decision is theirs alone.”

Obama’s statement caught industry observers by surprise, but it was the product of mounting concern at the White House that Wheeler and the FCC were clouding the issue.

Administration aides worried that Wheeler’s efforts to strike a compromise between open-Internet advocates and telecom firms would result in rules that were murky and ineffective, according to officials familiar with the thinking, who spoke on the condition of anonymity because the discussions were private. The FCC has tried to solve the Internet access issue with a compromise approach, only to have it struck down in court this year under a challenge from Verizon.

Obama promised during his 2008 campaign that he would seek rules supporting net neutrality, or the principle that all Internet traffic should be treated the same. Ultimately, the White House decided that telecom companies probably would challenge any strong FCC rules in court anyway, so why not fully support calls by the tech lobby for far-reaching rules protecting an open Internet?

The aides saw a political upside to a strong statement. A key contingent of the president’s base — young, tech-savvy progressives — would be energized by the action, and a strong statement on net neutrality could also help his relationship with congressional Democrats, according to government and industry officials.

Obama also saw a more immediate opportunity to retake the political high ground from Republicans, according to a Democratic congressional aide. Should GOP lawmakers vote to overturn any protections enacted by the FCC, a presidential veto would put Obama on the side of millions of consumers who have called on the FCC to adopt strong regulations.

“I see him almost salivating over a congressional fight, or a fight with the carriers, over this issue,” said the aide, who spoke on the condition of anonymity because he is not authorized to talk on the record. “This is a populist issue he thinks he can win on.”

The president’s statement galvanized supporters of net neutrality. Sens. Elizabeth Warren (D-Mass.), Mark Udall (D-Colo.) and John D. Rockefeller IV (D-W.Va.) quickly issued statements calling on the FCC to move quickly to implement the president’s plan.

“The president set a solid target out there,” said Evan Engstrom, policy director for Engine Advocacy, which represents tech start-ups.

But the move puts Wheeler in an uncomfortable position.

Wheeler worries that the president’s more drastic approach is too simplistic, according to people familiar with his thinking. With his long experience in the telecommunications industry, Wheeler is well aware of concerns that ill-considered regulations could stifle innovation and slow the growth of the country’s broadband infrastructure, those people said. And he worries that the White House is being naive about the ripple effects of changing how a major piece of national infrastructure is governed.

One telecom industry lobbyist was sympathetic to Wheeler’s position: “I don’t think anybody goes into the FCC saying, ‘I want to be at the center of drama.’ But they seem to find themselves there frequently.”

Behind closed doors, Wheeler has fretted about how Republicans on Capitol Hill would react to far-reaching net neutrality rules, according to people familiar with his deliberations. Already on Monday, the Senate Republican leadership dismissed Obama’s plan as “last century’s rules.”

Obama would probably veto an attempt by Republicans to roll back any FCC rules. But Congress could hamstring the FCC by withholding funding on other, lower-profile issues, and it could put Wheeler in the hot seat during congressional hearings or as the target of lengthy investigations.
http://www.washingtonpost.com/blogs/...-the-internet/





FCC Chairman Tom Wheeler Tells Silicon Valley He's Open to Obama Net Neutrality Plan
Dana Liebelson and Ryan Grim

On Monday, President Barack Obama went public with his support of an aggressive approach to protecting net neutrality. Shortly after that, Federal Communications Commission Chairman Tom Wheeler told a gathering of business representatives and public interest groups that he was taking the president's comments under advisement and that he would need the groups' support in the coming fight over net neutrality, according to multiple sources in the meeting.

The sources said that Wheeler did not, as had been reported earlier, say that he had decided to go in a different direction from what the White House wanted.

Obama said on Monday that the Internet ought to be regulated as if it were a utility similar to water, sewer and power, and that there should be only one network that everyone has access to. Cable companies and other Internet providers want to create a second network that companies would pay to use in order to get faster service.

The Washington Post reported Tuesday night that Wheeler's comments put the chairman "at odds" with Obama. The report said Wheeler was "moving in a different direction" than the one the president was calling for, and quoted the chairman as saying he would need to "split the baby" between competing plans.

But people who were at the meeting told The Huffington Post that Wheeler was driving at a different message with the "baby" metaphor. Rather, they said, Wheeler was saying that he was the man at the center of what is becoming an increasingly tense fight, and that he needed political support to fend off the expected attacks.

HuffPost spoke with six people who were at the meeting, five of whom agreed to be quoted on the record. All of them had the same impression of Wheeler's comments.

Julie Samuels, executive director and board president of Engine, an organization that advocates on issues relevant to startups, was at the meeting. She told HuffPost that she wouldn't describe Wheeler's comments as being defiant towards the president. Instead, her impression was that Wheeler was taking Obama's plan under consideration.

Coming out of the meeting, she said, it was clear that Wheeler had initially been leaning -- before the president's statement -- towards the so-called “hybrid” or compromise approach. But after the statement, “it’s not clear anymore.”

She added, “I think he hasn't made up his mind yet.”

Samuels said that Wheeler called on those at the meeting to back up the FCC in the net neutrality battle. Other meeting attendees agreed. "What I took from the meeting is it's important for the corporations that we know support net neutrality, like Google and Facebook, to get really loud about it," said David Segal of Demand Progress, an online tech advocacy group.

Nick Berning, an official with MoveOn.org who was at the meeting, also did not think that Wheeler said he was going to break with the White House. "I didn't read his line about splitting the baby as he'd end up in a place other than what the White House wanted. I read it as, he has a difficult task," he said.

"He certainly did not commit in the meeting that he would do what the White House wants. But he also didn't indicate in any way that he is planning to buck the White House and go rogue," Berning added.

One meeting attendee, who asked not to be named due to the sensitive nature of the discussions, said the Washington Post story was “fairly accurate” but that the “framing was a little too aggressive.”

"My impression was not that the Chairman expressed a strong point of view that he would depart from the president’s recommendations," the attendee said. Rather, the source suggested that the quotes could be attributable to the fact that Wheeler “was under a lot of pressure and it had been a long day, and him being a human being, rather than him making a firm decision to break with the president or not.”

Ed Black, president and CEO of the Computer & Communications Industry Association, noted that Wheeler indicated he was certainly taking the president’s views under consideration and that he “didn't indicate he had made up his mind on exactly how he would proceed."

One attendee said on background that he thought Wheeler would ultimately go along with Obama. "Personally, my sense coming out of the meeting was it was more likely than not that he would end up doing what the president asked," the attendee said.

Those at the meeting said Wheeler made it clear that he wanted to slow down the process. Marvin Ammori, a lawyer for the tech industry who supports net neutrality, said that while it was wrong to say that Wheeler indicated he'd be going in a different direction from the White House, the chairman did call for delaying the process. Ammori said he worries that delaying would undermine the possibility of strong regulations.

"At no point did Wheeler make it clear that he was going to buck the White House," Ammori said. "He definitely tried to justify a delay and I think that delay is certainly not what the White House had in mind."

On Monday, Wheeler said in a statement that more time is needed. "The more deeply we examined the issues around the various legal options, the more it has become plain that there is more work to do," the statement said. "The reclassification and hybrid approaches before us raise substantive legal questions. ... We must take the time to get the job done correctly, once and for all, in order to successfully protect consumers and innovators online."

Johanna Shelton, a lobbyist for Google, was also at the meeting. A Google spokesperson pointed HuffPost to a statement put out Tuesday by the Internet Association, of which Google is a member, that praised regulating the Internet as a public utility, or so-called Title II reclassification. “The Internet Association applauds President Obama’s proposal for the adoption of meaningful net neutrality rules that apply to both mobile and fixed broadband," the statement reads. "As we have previously said, the FCC must adopt strong, legally sustainable rules that prevent paid prioritization and protect an open Internet for users. Using Title II authority, along with the right set of enforceable rules, the President’s plan would establish the strong net neutrality protections Internet users require."

"We welcome the President’s leadership, and encourage the FCC to stand with the Internet’s vast community of users and move quickly to adopt strong net neutrality protections that ensure a free and open Internet," the statement added.

In addition to those mentioned, the meeting included Leigh Freund of AOL (which owns The Huffington Post), Jeffrey Blum of DISH, Althea Erickson of Etsy, Brian Rice of Facebook, Paula Boyd of Microsoft, Michael Beckerman of the IA, Tumblr's Ari Shahdadi, and Margaret Nagle of Yahoo. At least five FCC staff also attended.

The groups and companies who were present are all broadly supportive of net neutrality, but some of the major companies have been less than vocal. This is partly because, as wealthy, entrenched incumbents, these companies could benefit from rules that made it more difficult for small companies, even as they themselves were forced to pony up to the Internet providers to assure faster speeds. The smaller companies, the thinking goes, wouldn't be able to afford the fees.

Whatever Wheeler decides, he will still need the support of his two fellow Democratic FCC commissioners, who, like Wheeler, now hold enormous power following the president's announcement.

The FCC said in a statement Wednesday, “Reports that Chairman Wheeler has decided on the best approach for implementing legally sustainable open Internet rules are inaccurate. No decision has been made. All options remain on the table, including Title II reclassification.”

UPDATE: 6:40 p.m. -- Brian Dietz, an official with the National Cable and Telecommunications Association, tells HuffPost that "there has been no talk by any ISP of creating a second network for providing some parties a faster service. In fact, NCTA and others have said ISPs will abide by the FCC’s 2010 rules even though they were dismissed by the court."

John Oliver doesn't buy that.
http://www.huffingtonpost.com/2014/1...n_6146720.html





Cable Companies 'Stunned' by Obama's 'Extreme' Net Neutrality Proposals

Major telecoms, lobbyist groups and politicians sharply respond to president’s call for greater regulation of internet as utility
Dominic Rushe

America’s major telecoms and cable companies and business groups came out fighting on Monday after Barack Obama called for tough new regulations for broadband that would protect net neutrality, saying they were “stunned” by the president’s proposals.

The president called for new regulations to protect “net neutrality” – the principle that all traffic on the internet should be treated equally. His move came as the Federal Communications Commission (FCC) finalises a new set of proposals for regulation after the old rules were overturned by a series of court defeats at the hands of cable and telecom companies.

In response, Republican senator Ted Cruz went so far as to call Obama’s proposal for regulating the web “Obamacare for the internet”, saying on Twitter “the internet should not operate at the speed of government.”

The powerful National Cable and Telecommunications Association (NCTA), which represents cable companies including Comcast and Time Warner said it was “stunned” by the president’s proposals.

“The cable industry strongly supports an open internet, is building an open internet, and strongly believes that over-regulating the fastest growing technology in our history will not advance the cause of internet freedom,” said NCTA president Michael Powell, former chairman of the Federal Communications Commission (FCC), which is now rewriting the internet rules.

The cable and telcoms giants are particularly concerned by Obama’s call for FCC to reclassify consumer broadband service under Title II of the Telecommunications Act. Such a move would reclassify consumer internet as a “common carrier” service – like the telephone – and give the regulator greater power to control prices and services.

“We are stunned the president would abandon the longstanding, bipartisan policy of lightly regulating the internet and [call] for extreme Title II regulation,” said Powell.

Fred Campbell, former head of wireless communications at the FCC and now executive director of free market tech group Center for Boundless Innovation in Technology said applying Title II to the internet would create “legal uncertainty at home and encourage the efforts of totalitarian regimes abroad to tighten their control over the internet – the 21st Century’s mass media communications system.”

Obama’s endorsement “of 1930s era Title II classification would lead to unprecedented government interference in the internet, and would hurt consumers and innovation,” said lobby group Broadband for America.

Obama’s statement also set him at loggerheads with David Cohen, the executive vice-president of Comcast, who has been one of the president’s biggest fundraisers.

Cohen said the cable company “fully embraces the open internet principles that the president and the chairman of the FCC have espoused” but argued section 706 of the telecommunications act – the regulatory legislation preferred by the cable and telecoms industry “provides more than ample authority to impose those rules”.

The president’s move has set the stage for a political showdown in Washington where the cable industry has been left looking flat-footed by a vocal and well- organised grass roots opposition.

The FCC is chaired by Tom Wheeler, a Democrat and former cable lobbyist. There are two Republican members of the five-member board, and both are expected to be staunchly against Obama’s proposals.

But their opposition comes after over four million comments were submitted to the FCC about its new internet regulation rules. Analysis has shown the overwhelming majority of submissions called for more regulation, not less.

The split is likely to be one of the key battlegrounds after Obama’s midterm election defeats. Mitch McConnell, who will become majority leader in the Senate when the Republicans take control in January, urged the FCC to reject Obama’s comments, saying it amounted to “heavy-handed regulation that will stifle innovation”.

The FCC will ultimately decide on its own rules but will face intense political pressure as it finishes drawing them up. Washington sources had expected the proposals to be circulated as soon as this month before a meeting of the FCC in December.

A leaked proposal last week suggested a “hybrid” compromise was under discussion which would expand the FCC’s powers to regulate broadband while also allowing a carve out for cable providers to charge more money for fast lanes.

In his response to Obama, Wheeler said the FCC has explored a “hybrid” solution but that it had created as many questions as it had answered. “The more deeply we examined the issues around the various legal options, the more it has become plain that there is more work to do,” said Wheeler.
http://www.theguardian.com/technolog...sals-fcc-fight





AT&T Bluffs, Halts Dwindling Fiber Investment on Neutrality News
Karl Bode

In response to the President's announcement this week that he unequivocally supports Title II reclassification to protect net neutrality, AT&T has unveiled a rather amusing political ploy. AT&T CEO Randall Stephenson this morning proclaimed that the company is halting investment in next-generation fiber networks until the government wimps out and backs off tougher rules to protect consumers. "We can't go out and invest that kind of money deploying fiber to 100 cities not knowing under what rules those investments will be governed," CEO Stephenson told investors this morning.

"We think it is prudent to just pause and make sure we have line of sight and understanding as to what those rules would look like," added the CEO.

The problem? AT&T's fiber investments weren't particularly impressive to begin with. As we've noted for some time, AT&T has used network investment as carrot on a stick with regulators for most of the last decade, promising to withhold or accelerate network infrastructure investment only if government does their bidding. They've been doing it again lately to get their DirecTV acquisition approved.

Except in reality, despite a decade of unprecedented deregulation for the telco, AT&T's investment in their fixed-line network has dropped considerably year over year as the company focuses on more profitable wireless services. When there is a modest expansion in their "next-gen" U-Verse service, the company generally massages the numbers to make those expansions seem larger than they actually appear.

That's particularly true of the company's claim that they're planning to offer 1 Gbps services to a potential 100 cities. What AT&T's actually been doing is bumping speeds to a select number of high-end affluent housing developments, then pretending said deployments are much more significant than they actually are as to save face in the age of Google Fiber. In fact if anything AT&T's actually reducing it's traditional broadband footprint as it looks to back away from DSL customers they refuse to upgrade via something it's calling the "IP transition."

The amusing bit perhaps is that AT&T had already quietly announced another $3 billion fixed-line CAPEX cut last Friday. In short, AT&T's "halting" a fiber expansion that barely existed in the first place, then pretending it's a massive deal in the hopes the government chickens out on Title II.
http://www.dslreports.com/news/131279





FCC Calls AT&T’s Fiber Bluff, Demands Detailed Construction Plans

AT&T claims net neutrality forced it to "pause" fiber builds it never started.
Jon Brodkin

Two days after AT&T claimed it has to "pause" a 100-city fiber build because of uncertainty over network neutrality rules, the Federal Communications Commission today asked the company to finally detail its vague plans for fiber construction.

Despite making all sorts of bold promises about bringing fiber to customers and claiming its fiber construction is contingent on the government giving it what it wants, AT&T has never detailed its exact fiber plans. For one thing, AT&T never promised to build in all of the 100 cities and towns it named as potential fiber spots. The company would only build in cities and towns where local leaders gave AT&T whatever it wanted. In all likelihood, only a small portion of the 100 municipalities were likely to get fiber, and nobody knows which ones.

Yet this week, AT&T CEO Randall Stephenson made it sound as though a full 100 cities and towns would lose a fiber opportunity if the company doesn't like the FCC's final net neutrality proposal. "We can't go out and invest that kind of money deploying fiber to 100 cities not knowing under what rules those investments will be governed," he told investors Wednesday.

AT&T has separately claimed it will bring fiber-to-the-premises Internet service to "2 million additional locations" if it's allowed to buy DirecTV. But since AT&T never said how many locations it would bring fiber to if the merger is rejected, it's not clear what that 2 million number is in addition to. In short, no one outside of AT&T knows how extensive the company's fiber buildouts are planned to be.

Today, the FCC challenged AT&T to finally reveal some facts about its fiber plans in a letter to AT&T Senior VP Robert Quinn. Jamillia Ferris, a former Justice Department antitrust lawyer who joined the FCC to review the AT&T/DirecTV merger, began the letter by describing Stephenson's statement that "the Company would limit its fiber deployment to the '2 million additional homes' that are 'commitments to the DirecTV announcement' and that any other fiber deployment would depend on the outcome of the Commission’s Open Internet Proceeding." Ferris then asked Quinn for:

(a) Data regarding the Company’s current plans for fiber deployment, specifically: (1) the current number of households to which fiber is deployed and the breakdown by technology (i.e., FTTP [fiber-to-the-premises] or FTTN [fiber-to-the-node]) and geographic area of deployment; (2) the total number of households to which the Company planned to deploy fiber prior to the Company’s decision to limit deployment to the 2 million households and the breakdown by technology and geographic area of deployment; and (3) the total number of households to which the Company currently plans to deploy fiber, including the 2 million households, and the breakdown by technology and geographic area of deployment;

(b) A description of (1) whether the AT&T FTTP Investment Model demonstrates that fiber deployment is now unprofitable; and (2) whether the fiber to the 2 million homes following acquisition of DirecTV would be unprofitable; and

(c) All documents relating to the Company’s decision to limit AT&T’s deployment of fiber to 2 million homes following the acquisition of DirecTV.


Ferris asked Quinn for a response by November 21. AT&T told Re/code that it is “happy to respond to the questions posed by the FCC in its review of our merger with DirecTV. As we made clear earlier this week, we remain committed to our DirecTV merger-related build-out plans.”

The net neutrality debate went into overdrive this week when President Obama urged the FCC to reclassify broadband as a utility and prevent Internet providers from blocking or throttling content or charging websites for prioritization. FCC Chairman Tom Wheeler hasn't detailed his plans yet, but Internet service providers, Republican members of Congress, and Republican members of the FCC lined up in opposition.
http://arstechnica.com/business/2014...ruction-plans/





Wolf In Sheep’s Clothing: Comcast Kisses-Up To Obama, Agrees With His Stance On Net Neutrality
Paul Lilly

Comcast is one of two companies to have earned Consumerist's "Worst Company in America" title on more than one occasion (once in 2010 and again this year, 2014), and it looks like the company is lobbying for a third title. That is, unless there's another explanation as to how the cable giant can claim (seemingly with straight face) that it's in agreement with President Barack Obama for a free and open Internet.

In case you missed it, Obama issued an open letter to the FCC urging it to enact strong net neutrality rules and to reclassify Internet service as a utility, all in support of a free and open Internet. He made clear that he's against things like paid fast lanes and throttling speeds, and in response, Comcast issued a statement of its own saying it backs the exact same things, it just doesn't want to go the utility route.

"A clear consensus has emerged for the FCC to adopt new rules that will strengthen the open Internet and ensure that the Internet remains a vital engine for innovation, economic growth, and free expression. And while some have been led to believe something else, we support net neutrality," Comcast stated in a blog post.

Comcast went on to list specific bullet points that it's supposedly in wholehearted agreement with, such as:

• Free and open Internet. We agree - and that is our practice.
• No blocking. We agree - and that is our practice.
• No throttling. We agree - and that is our practice.
• Increased transparency. We agree - and that is our practice.
• No paid prioritization. We agree - and that is our practice.

Really? REALLY? Comcast conveniently fails to address the giant elephant in the room whose name is Netflix. Earlier this year, Netflix begrudgingly inked a multi-year deal with Comcast in which the streaming service agreed to pay a toll to ensure faster delivery into the homes of Comcast subscribers, who prior to the deal had been complaining of frequent buffering and video degradation when watching content on Netflix.

Comcast would undoubtedly argue that it's not a paid fast lane, but it's hard to see the deal as anything other than that. And certainly Netflix views it as one. Nevertheless, Comcast remains firm that supports net neutrality, just not reclassifying broadband as a telecommunications service under Title II, which it claims would harm future innovation and investment in broadband.

"We continue to believe that Section 706 of the Telecommunications Act provides more than ample authority to impose [net neutrality] rules," Comcast added.

Sure, except the FCC already tried that approach, only to have the U.S. Court of Appeals overturn the rules it tried to put in place. Why? Because the FCC has classified broadband providers "in a manner that exempts them from treatment as common carriers."
http://hothardware.com/News/Wolf-In-...et-Neutrality/





There’s One ISP that Actually Agrees with Obama on Net Neutrality
Brad Reed

Most ISPs were quick to denounce President Obama’s net neutrality plan in apocalyptic terms on Monday, which isn’t too surprising considering they were really looking forward to being able to charge extra for Internet fast lanes under FCC chairman Tom Wheeler’s plan. That said, there was one ISP that not only declined to attack the new net neutrality proposal but embraced its principles as ones that every ISP in the United States should follow.

California ISP Sonic.net emails us to let us know that it agrees with Obama that Internet “fast lanes” are a bad idea while adding that ISPs shouldn’t be discriminating against some traffic in favor of others.

“Sonic continues to adhere to the net neutrality practices implemented since its founding in 1994,” the company explains. “We don’t disadvantage any source or type of traffic. There are no speed tiers and no usage caps. We host content delivery equipment as close to our customers as possible. By partnering with large content sources, we save money on Internet transit while delivering the best performance to our members.”

Sonic, which is led by CEO Dane Jasper, has long been a maverick in the Internet service industry and has not hesitated to call out fellow ISPs for what it says are bad practices such as bandwidth caps and speed tiers.

“When it comes to broadband performance and speed, the limits are artificial,” Jasper explained earlier this year. “They sound fair, but they’re entirely contrived. There isn’t a cost around speed. We believe that tiered pricing doesn’t make sense.”

Jasper’s company is putting its money where its mouth is too and is preparing to deploy a 1Gbps service to its customers in Brentwood, Calif. that will be bundled with voice services for only $40 a month. Impressively, this is the same monthly subscription fee that Sonic charges to its customers who subscribe to its copper-based services that deliver speeds of 20Mbps. Sonic also plans on upping speeds of its residential copper customers up to 50Mbps and won’t charge them extra for the increase.

Sonic is still a small ISP and won’t be challenging Comcast or Time Warner Cable in your neighborhood anytime soon. Even so, it’s interesting to see that at least one ISP has no problem with being told not to discriminate against traffic or charge money for prioritization.
http://bgr.com/2014/11/10/obama-net-...lan-reactions/





Behind Closed Doors, Ford, UPS, and Visa Push for Net Neutrality
Joshua Brustein

The corporate battle lines over the new federal rules for the Internet have been well established. Vocal technology startups have been leading the charge for muscular regulations for broadband access, and Internet service providers including Comcast (CMCSA) and Verizon (VZ) have been arguing loudly for more flexibility. Blue chip companies without obvious tech interests have kept a lower profile.

But a corporate alliance with subtle interests in this fight has been quietly pushing the Federal Communications Commission for strict broadband rules. In a series of meetings this year attended by representatives from Ford Motor (F), Visa (V), United Parcel Service (UPS), and Bank of America (BAC), participants urged FCC commissioners to reclassify broadband service under Title II, according to documents filed with the FCC.

That places some of the biggest Fortune 500 companies firmly on one side of the net neutrality debate, advocating for Internet access to be regulated like public utilities. It’s a position President Obama came out in support of this week. But it’s particularly striking, since none of these companies have discussed the issue publicly—and all four deny advocating for net neutrality behind closed doors with the FCC.

A corporate advocacy group, the Ad Hoc Telecommunications Users Committee, has so far paid at least three visits to commissioners at the FCC this year. The group, which has been around for at least three decades, doesn’t disclose information about its membership, doesn’t make public statements, and doesn’t even have a website.

Anyone who meets FCC commissioners must submit information about these visits. The corporate representatives affiliated with Ad Hoc Telecom are listed in the FCC filings without mention of their employers, but their affiliations were not disputed by the companies. The attendees included:

• Nicholas Lewis, senior vice president for federal legislative affairs at UPS
• Lawrence Chattoo, senior vice president for regulatory and public policy at Bank of America
• Carl Holshouser, a government relations leader at Visa
• James Carroll, Washington counsel for Ford Motor

The FCC is also required to post information on what was discussed, and the disclosures make it clear that the people in these meetings echoed the arguments being made by consumer advocates agitating against Internet fast lanes of all kinds.

“Protecting and Promoting the Open Internet” was the subject under discussion, according to the FCC disclosures, and Ad Hoc Telecom members argued that Internet providers have “terminating access monopolies.” That bit of telecom jargon means that a company trying to reach a customer has to go through the Internet providers first. Widespread concerns that Internet providers will exploit that power is the entire justification for net neutrality rules. The Ad Hoc Telecom members specifically argued for Title II reclassification and passed out a handout to that effect, according to the FCC filings, which can be found here, here, and here.

Despite the FCC disclosures, the companies whose executives attended the FCC meetings told Bloomberg Businessweek that the proceedings did not include statements of support for Title II.

“For this meeting, Ford’s goal was to understand the commissioner’s perspective and to also share our objective of providing a fast and reliable connection for our customers and their vehicles. Ford did not advocate for Title II classification,” says Ford spokeswoman Emily Olin. Visa likewise says it isn’t pushing a particular point of view on net neutrality. Kara Ross, a spokeswoman for UPS, says, “We were talking to the commissioners about terminating access monopoly.”

Ad Hoc Telecom’s low profile hasn’t prevented the group from sparring periodically with telecommunications companies. In July, for instance, representatives from the group filed a comment with the FCC urging it to reclassify broadband under Title II of the Telecommunications Act. The group argued that the Internet had become too vital to remain subject to lighter regulations afforded to information services. “This is a question of fact, not policy,” the group wrote. “As a result of changes in the engineering and deployment of network and Internet technologies, the commission’s classification of Internet service in 1997 as an unregulated ‘information service’ is simply out of step with reality.”

It’s not surprising that these companies don’t want to talk openly about net neutrality. They have little to gain by alienating business partners such as Verizon, AT&T (T), and Comcast. Groups like the Telecommunications Users Committee exist to shield them from those conflicts, even as the companies quietly pursue policy goals in talks with the FCC.

What is surprising is that such nontech companies as Ford and Bank of America feel strongly enough about net neutrality to bother advocating behind closed doors. A startup like video streaming service Vimeo (IACI) clearly has a lot to lose from Internet fast lanes—the risk to a trucking company like UPS is a bit less obvious.

Ad Hoc Telecom knows it’s a little strange for offline giants to take an interest in Internet rules. Here’s how the group explained that dynamic in a filing with the FCC back in July: “Every retailer with an online catalogue, every manufacturer with online product specifications, every insurance company with online claims processing, every bank offering online account management, every company with a website–every business in America interacting with its customers online is dependent upon an open Internet.”
http://www.businessweek.com/articles...-fcc-in-secret





ISPs Removing Their Customers' Email Encryption
Jacob Hoffman-Andrews

Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the US and Thailand intercepting their customers' data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server2. STARTTLS was also relatively uncommon until late 2013, when EFF started rating companies on whether they used it. Since then, many of the biggest email providers implemented STARTTLS to protect their customers. We continue to strongly encourage all providers to implement STARTTLS for both outbound and inbound email. Google's Safer email transparency report and starttls.info are good resources for checking whether a particular provider does.

Several Standards for Email Encryption

The SMTP protocol, the underpinning of email, was not originally designed with security in mind. But people quickly started using it for everything from shopping lists and love letters to medical advice and investigative reporting, and soon realized their mail needed to be protected from prying eyes. In 1991, Phil Zimmerman implemented PGP, an end-to-end email encryption protocol that is still in use today. Adoption of PGP has been slow because of its highly technical interface and difficult key management. S/MIME, with similar properties as PGP, was developed in 1995. And in 2002, STARTTLS for email was defined by RFC 3207.

While PGP and S/MIME are end-to-end encryption, STARTTLS is server-to-server. That means that the body of an email protected with, e.g. PGP, can only be read by its intended recipient, while email protected with STARTTLS can be read by the owners of the sending server and the recipient server, plus anyone else who hacks or subpoenas access to those servers. However, STARTTLS has three big advantages: First, it protects important metadata (subject lines and To:/From/CC: fields) that PGP and S/MIME do not. Second, mail server operators can implement STARTTLS without requiring users to change their behavior at all. And third, a well-configured email server with STARTTLS can provide Forward Secrecy for emails. The two technologies are entirely compatible and reinforce each other. The most secure and private approach is to use PGP or S/MIME with a mail service that uses STARTTLS for server-to-server communication.

There are several weak points in the STARTTLS protocol, however. The first weakness is that the flag indicating that a server supports STARTTLS is not itself encrypted, and is therefore subject to tampering, which can prevent that server from establishing an encrypted connection. That type of tampering is exactly what we see today. EFF is working on a set of improvements to STARTTLS, called STARTTLS Everywhere, that will make server-to-server encryption more robust by requiring encryption for servers that are already known to support it.

It is important that ISPs immediately stop this unauthorized removal of their customers' security measures. ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves.
https://www.eff.org/deeplinks/2014/1...ngrade-attacks





Americans Believe They Live in a Privacy Dystopia, Report Finds
Andrea Peterson

Americans are very worried about governments and private businesses tracking their online behavior in the post-Snowden era, a new report from the Pew Research Center found, and most want to do more to protect their privacy online.

Eight in 10 Americans believe the public should be concerned about the government's monitoring of phone calls and Internet communications according to a survey conducted by the organization in January. Some 61 percent said they "would like to do more" to protect the privacy of their personal information online.

And it's not just the government consumers worry about: Americans increasingly feel they aren't in control over how private companies collect and use information about them. Over 90 percent of those surveyed by Pew agreed or "strongly" agreed that they have lost control over how their personal data is collected and used by companies. Nearly two-thirds believe the government should do more to regulate advertisers while over 60 percent were skeptical that providing personal information to companies made their online experiences better in a meaningful way, disagreeing with the statement: “I appreciate that online services are more efficient because of the increased access they have to my personal data.”

But 55 percent agreed they were willing to share some information in exchange for free online services. This type of cognitive dissonance explains how even as consumers become more and more wary of the ways data about them is being hoarded, the underlying economic model of most online services continues to rely on turning user data into a commodity that can be sold to advertisers.

Distrust of advertisers is widespread according to Pew. Only 1 percent of respondents to the survey said they trusted advertisers to do what's right "just about all of the time," with an additional 11 percent trusting advertisers "most of the time." The government fares only slightly better in terms of public perception, with 2 percent trusting them almost all the time and 16 percent most of the time.

Americans have been inundated with news about government surveillance programs since former National Security Agency contractor Edward Snowden leaked information about the scope of those efforts in the summer of 2013. According to Pew, most Americans have now heard at least something about government surveillance -- with 43 percent saying they've heard "a lot," and 44 percent saying they've heard at least "a little" about the government collecting information.

The more consumers hear about the programs, the less they like digital snooping. "Just 23% of adults who have heard “a lot” about the NSA revelations think online surveillance is good for society, compared with 46% of those who have heard less about the NSA revelations," said Pew.

Overall, most surveyed by Pew don't think it's good for society to believe their online activities are being watched. Over 60 percent disagreed or strongly disagreed with the statement "it is a good thing for society if people believe that someone is keeping an eye on the things that they do online."

The revelations of the past year and a half also left consumers skeptical of their communication channels. Over 80 percent of those surveyed felt "not very" or "not at all secure" using social media sites to share private information with others, while 68 percent felt insecure using instant messaging and 57 percent felt insecure when sending private information via e-mail.

Text messages weren't trusted by 58 percent of respondents, but cellphones and landlines fared slightly better: Just over 30 percent felt insecure using landlines when sharing private information while 46 percent were skeptical of the security of sharing private information during a cellphone call.

Those surveyed by Pew also felt they had little recourse in shielding themselves online: Just 24 percent agreed it was easy for them to be anonymous online.
http://www.washingtonpost.com/blogs/...s/?tid=rssfeed





U.S. Using Fake Cellphone Towers On Planes to Gather Data – WSJ

An agency of the U.S. Justice Department is gathering data from thousands of cell phones, including both criminal suspects and innocent Americans, by using fake communications towers on airplanes, the Wall Street Journal reported on Thursday.

The programme run by the U.S. Marshals Service began operations in 2007 and uses Cessna planes flying from at least five major airports and covering most of the U.S. population, the newspaper said, citing people familiar with the operations.

The planes use devices made by Boeing Co that mimic the cell phone towers used by major telecommunications companies and trick mobile phones into revealing their unique registration data, the report said.

The devices, nicknamed "dirtboxes," can collect information from tens of thousands of cell phones in a single flight, which occur on a regular basis, according to those with knowledge of the programme, the Journal said.

It said a Justice Department official would not confirm or deny the existence of such a programme, saying such discussion would allow criminal suspects or foreign powers to determine U.S. surveillance abilities, but that department agencies comply with federal law, including by seeking court approval.

A Department of Justice spokesman declined to comment to Reuters.

The programme is similar to one used by the National Security Agency which collects the phone records of millions of Americans in order to find a single person or a handful of people.

The Journal cited the people familiar with the programme as saying that the device used in the programme decides which phones belong to suspects and "lets go" of non-suspect phones.

Although it can interrupt calls on some phones, authorities have made software changes to make sure it doesn't interrupt anyone calling the 911 emergency number for help, one person familiar with the matter said, the Journal reported.

It also bypasses telephone companies, allowing authorities to locate suspects directly, people with knowledge of the programme said.

The Journal quoted Christopher Soghoian, chief technologist at the American Civil Liberties Union, as calling it "a dragnet surveillance programme. It's inexcusable and it's likely, to the extent judges are authorizing it, they have no idea of the scale of it."

The newspaper said it was unknown what steps are being taken to ensure data collected on innocent people is not kept for future perusal by authorities.

(Writing by Eric Walsh; Editing by Eric Beech)
http://uk.reuters.com/article/2014/1...0IX2SO20141114





David Cameron Says People Aren't Radicalized By Poverty Or Foreign Policy, But By Free Speech Online, So ISPs Agree To Censor Button
Mike Masnick

A few years ago, we mocked then Senator Joe Lieberman's request that internet companies put "report this content as terrorist content" buttons on various types of online content. The plan went nowhere, because it's a really bad idea, prone to massive abuse. Yet, over in the UK, some apparently think it's such a grand idea that they're actually moving forward with it. This isn't a huge surprise -- the current UK government has been going on for quite some time about banning "extremist" content, and just recently ramped up such efforts.

And now it appears that a bunch of big UK broadband access providers have agreed to play along:

The UK’s major Internet service providers – BT, Virgin, Sky and Talk Talk – have this week committed to host a public reporting button for terrorist material online, similar to the reporting button which allows the public to report child sexual exploitation.

They have also agreed to ensure that terrorist and extremist material is captured by their filters to prevent children and young people coming across radicalising material.


I love the term "radicalising material" as if it's the material itself that has the power to magically turn mild-mannered Brits into violent jihadis just by appearing on their screens. That's not how it works. Yet some have such an irrational fear of the power of words we disagree with that it must be prevented from anyone ever seeing it.

Also, the comparison to child porn is a common one, but wrong. Images of sexually exploited children are not a judgment call issue, for the most part. It's an obvious thing. "Extremist" material or "terrorist" material, on the other hand, is almost entirely subjective. And, over time, the definition of what counts always seems to expand, rather than contract. And that doesn't even take into account how many people will simply choose to use such buttons to try to censor any sort of content they dislike.

David Cameron seems quite excited about turning an open and free internet into a closed and censored space, where only content he likes is allowed:

Addressing a special sitting of federal parliament, Cameron said:“We must not allow the internet to be an ungoverned space”.

Why? What's wrong with letting people speak their minds? The whole "terrorism!" claim is overplayed:

“In both our countries we have seen some of our young people radicalised, going off to fight in Iraq and Syria, and even appalling plots to murder innocent people back in our own countries.”

Yes, but perhaps you should look at the root causes of why that's happening? But Cameron insists it can't possibly be poverty or UK foreign policy:

“And let us be frank. It’s not poverty, though of course our nations are united in tackling deprivation wherever it exists. It’s not exclusion from the mainstream. Of course we have more to do but we are both successful multicultural democracies where opportunities abound.

“And it’s not foreign policy. I can show you examples all over the world where British aid and British action have saved millions of Muslim lives, from Kosovo to Syria – but that is not exactly the real point. In our democracies, we must never give in to the idea that disagreeing with a foreign policy in any way justifies terrorist outrages.”


Hmm. So disagreeing with foreign policy cannot justify terrorist outrages... but, apparently it can justify blatant censorship. Because, apparently, the only possible reason why people are radicalized is because they read something on the internet. David Cameron insists that's the case:

The root cause was in fact the “extremist narrative”, Cameron said.

This meant “we must ban extremist preachers from our country, we must root out extremism from our schools, universities and prisons”, as well as dealing with the internet.


So he presents no actual evidence, but completely waves off poverty and disagreements over UK foreign policy as being non-factors -- and then automatically assumes that the problem is "extremist" speech online? Incredible.

And the end result is pure censorship. How long until calling it censorship is considered an "extremist" position as well?
https://www.techdirt.com/articles/20...r-button.shtml





Berlin’s Digital Exiles: Where Tech Activists Go to Escape the NSA

With its strict privacy laws, Germany is the refuge of choice for those hounded by the security services. Carole Cadwalladr visits Berlin to meet Laura Poitras, the director of Edward Snowden film Citizenfour, and a growing community of surveillance refuseniks
Carole Cadwalladr

It’s the not knowing that’s the hardest thing, Laura Poitras tells me. “Not knowing whether I’m in a private place or not.” Not knowing if someone’s watching or not. Though she’s under surveillance, she knows that. It makes working as a journalist “hard but not impossible”. It’s on a personal level that it’s harder to process. “I try not to let it get inside my head, but… I still am not sure that my home is private. And if I really want to make sure I’m having a private conversation or something, I’ll go outside.”

Poitras’s documentary about Edward Snowden, Citizenfour, has just been released in cinemas. She was, for a time, the only person in the world who was in contact with Snowden, the only one who knew of his existence. Before she got Glenn Greenwald and the Guardian on board, it was just her – talking, electronically, to the man she knew only as “Citizenfour”. Even months on, when I ask her if the memory of that time lives with her still, she hesitates and takes a deep breath: “It was really very scary for a number of months. I was very aware that the risks were really high and that something bad could happen. I had this kind of responsibility to not fuck up, in terms of source protection, communication, security and all those things, I really had to be super careful in all sorts of ways.”

Bad, not just for Snowden, I say? “Not just for him,” she agrees. We’re having this conversation in Berlin, her adopted city, where she’d moved to make a film about surveillance before she’d ever even made contact with Snowden. Because, in 2006, after making two films about the US war on terror, she found herself on a “watch list”. Every time she entered the US – “and I travel a lot” – she would be questioned. “It got to the point where my plane would land and they would do what’s called a hard stand, where they dispatch agents to the plane and make everyone show their passport and then I would be escorted to a room where they would question me and oftentimes take all my electronics, my notes, my credit cards, my computer, my camera, all that stuff.” She needed somewhere else to go, somewhere she hoped would be a safe haven. And that somewhere was Berlin.

What’s remarkable is that my conversation with Poitras will be the first of a whole series of conversations I have with people in Berlin who either are under surveillance, or have been under surveillance, or who campaign against it, or are part of the German government’s inquiry into it, or who work to create technology to counter it. Poitras’s experience of understanding the sensation of what it’s like to know you’re being watched, or not to know but feel a prickle on the back of your neck and suspect you might be, is far from unique, it turns out. But then, perhaps more than any other city on earth, Berlin has a radar for surveillance and the dark places it can lead to.

“There is just a very real historical awareness of how information can be used against people in really dangerous ways here,” Poitras says. “There is a sensitivity to it which just doesn’t exist elsewhere. And not just because of the Stasi, the former East German secret police, but also the Nazi era. There’s a book Jake Appelbaum talks a lot about that’s called IBM and the Holocaust and it details how the Nazis used punch-cards to systemise the death camps. We’re not talking about that happening with the NSA [the US National Security Agency], but it shows how this information can be used against populations and how it poses such a danger.”

“Jake” – Jacob Appelbaum – is an American who helped develop the anonymous Tor network, and went on to work with WikiLeaks. He’s also in Berlin, having discovered that he was the subject of a secret US grand jury investigation, and it was he who advised Poitras to come here. “I’d been filming him doing this extraordinary work training activists in anti-surveillance techniques in the Middle East and I asked him where I should go, because I just didn’t think I could keep my footage safe in the US. And he said Germany because of its privacy laws. And Berlin because of all the groups doing anti-surveillance work here.”

People’s reactions in Germany to the Snowden revelations differed to those in Britain or America. There was full-on national outrage when it was revealed that even chancellor Angela Merkel’s phone had been bugged. I know this already, vaguely, in theory, but it’s a different matter to actually come to Berlin and hear person after person talk about it. I start out with three names, three high-profile “digital exiles” who have all taken refuge in the city: Poitras, Appelbaum and Sarah Harrison, another WikiLeaker who was with Snowden during his time in transit in Sheremetyevo airport near Moscow and helped him apply for political asylum in 21 countries. But I end up with reams of others. And, I can’t help thinking that Berlin, the city that found itself at the frontline of so much of the 20th century’s history, has found itself, once again, on the fracture point between two opposing world orders. And I wonder if the people I meet are the start of the internet fightback; if Berlin really is becoming a hub for a global digital resistance movement.

Is that too fanciful a word, I ask Martin Kaul, the social movements editor of Berlin’s most radical newspaper, Die Tageszeitung, or “Taz” as it’s known – and if anyone is in a position to know, it’s him (he is the only social movements editor he’s ever come across, he tells me). Is it a movement? Kaul ums and ahs a bit at first, especially about the idea of the city as a harbour for “digital exiles”, a concept I’d first heard in a talk Julian Assange gave at the South by Southwest festival in Austin, Texas, earlier this year.

“They are very high profile, the exiles,” he says, “but I don’t think there are hundreds of them here, or even dozens. I’d be interested to know if they are growing. But, what is true is that there were already many very influential groups here. Hacker culture is especially strong in Germany. There were a lot of people already working on these issues. And then the exiles arrived. They are like an international avant garde at the cutting edge of it.”

“It” is the ideological fault line that has opened up between a free and open web, and a web where everything is logged, catalogued. “It is a movement,” says Kaul. “But it’s not out on the streets. It’s more like Berlin is a laboratory, an experimental space, where practices of subversion, of hacktivism, of cyber-resistance are taking place. Because if it’s not working in Germany … where is it going to work?”

That is the question that troubles almost everyone I meet. Because there are so many angles to the subject in Germany, and even more in Berlin, where history seems so recent, so present. I do a double-take when I pass a bookshop and see copies of Das Kapital piled high in the window – it takes me a moment to realise it’s Thomas Piketty’s, not Marx’s version – and many of the people I interview seem to unconsciously pick places of historic significance to meet me in. I meet Diani Barreto, a Cuban-American activist who’s been in the city since 1990, in Unter den Linden’s most historic cafe, the Einstein, and she tells me how it’s the artists who created the fertile ground that brought in the later wave of technologists and campaigners, groups she brings together in a monthly salon. And Markus Hesselmann, the editor of Tagesspiegel’s website, who talks to me about the city’s deeply rooted suspicion of authority, selects a museum cafe in the formerly Jewish area of the city. It’s no coincidence that you can barely use a credit card to buy things in Berlin, he says. “People think – why should anyone know what I spend my money on?”

And when I meet Martin Kaul, it’s in a cafe in Prenzlauer Berg, the former East Berlin suburb that’s now the city’s centre for artisan coffee and over-specced baby buggies, and afterwards he drops me in his camper van by the underground station next to the bridge where the first crossings from East to West Berlin took place 25 years ago today. Or, as it seems to me, as someone who first came to Berlin in the very early 1990s – a time when Prenzlauer Berg was still just shabby and not yet chic – the blink of an eye.

But then, it is the blink of an eye. It’s 25 years since the wall came down. And, in a strange historical collision, 25 years since the world wide web was invented. When I first came to Berlin, the internet didn’t exist and I was still some years away from sending my first email. In a historical time frame, the evolution of digital technology, its capabilities, the never-going-back cultural cataclysm that it’s precipitated, has all happened while most of us, a single generation, were working out what to have for dinner, or who to marry, or how to earn a living; a microscopic sliver of time that has changed not just the world at our fingertips but, we’ve discovered since Snowden, the secret world beyond our fingertips. What is known about us. Who we are. What our records say.

Because there are records. That’s what we also know since Snowden, and especially in Britain: everyone in Berlin takes a horrified delight in telling me that we have what Poitras calls “the worst of the worst”. It’s notable that she travelled back to the US last month for the premiere of Citizenfour but she wouldn’t come to Britain. “It’s what I was advised by my lawyers.” We don’t just have GCHQ, which goes far beyond even what the NSA is doing – according to Snowden it harvests “everything” – but we also have no constitutional protections, no amendments that guard the freedom of the press, no nothing. Just a historical perspective that gives us one, possibly distorted, view of how our intelligence services work.

Annie Machon, a whistleblower from another time, makes this point to me. She and her then partner, David Shayler, were MI5 agents who went to the press back in 1997. “In relative terms, that was a golden time for MI5. It was after it had finally publicly acknowledged its existence in 1989 but before the war on terror, and yet, we were still horrified by what we saw happening. There were no limits on its power. And there were so many things it was doing: illegal wiretapping of journalists, state-sponsored terrorism, files being held on government ministers, withholding of evidence, the imprisonment of innocent people… ”

She’s now an activist on behalf of whistleblowers, who she calls “the regulators of last resort”. It’s why she has left Britain and relocated part-time in Berlin, having become aware that she was, again, under surveillance. Our problem, in her view, is that for most of us James Bond is our main point of reference when it comes to our intelligence services. “We think they’re the good guys.” Whereas we actually don’t have any way of knowing if they are or not. We have no legitimate means of knowing anything about what they’re doing.

In Germany, they don’t know either, but no one assumes they’re the good guys. Everyone cites the Stasi when talking about NSA surveillance, and I wonder how meaningful that comparison is. Hubertus Knabe, a historian who’s the head of the Berlin-Hohenschönhausen Memorial, a former Stasi prison, tells me how he wrote to the public prosecutor last year. “Because I was not satisfied that he had decided to investigate only the case of who bugged the German chancellor, not the cases of ordinary people. He said that it is because in this case it is clear there is a victim. Whereas you can’t investigate a case against everyone.”

So they’re saying because it’s a crime against everyone, it’s a crime against no one?

“Exactly! It makes no sense to me.”

Germany has some of the strongest laws in the world when it comes to surveillance and privacy. It is illegal for the foreign security service, the BND, to spy on its own citizens. But, the NSA has had bases in Germany since 1945 and there are no laws that govern its behaviour. A parliamentary inquiry is now under way, to try and establish what the BND knew – the only one of its kind in the world, post-Snowden – but when I visit Hans-Christian Ströbele, the veteran Green MP who is leading the inquiry, in his office in the Bundestag he tells me: “We think we will find good information about what the BND has been doing.” And the NSA? GCHQ? He shakes his head. “Isn’t that a bit depressing?” I say. “That we’re sitting here in the parliament of one of the greatest democracies on earth, with a constitution that had to be rebuilt from the ground up, and there is nothing, legislatively that you can do?”

“It is,” he says.

But then Hubertus Knabe tells me: “The minister of the Stasi always said, ‘We have to answer the question, who is who?’ Those were his words. That means, who thinks what? It used to be an obvious fundamental difference between a democratic state and a dictatorial one that you don’t investigate someone until they did a criminal act. Innocent people are not surveiled. And in this, the difference between how a democratic state acts and how a totalitarian one acts has diminished. And this is very, I don’t know the English word. Besorgniserregend? Hold on, I will look it up,” and he taps into his phone. “Alarming! This is very alarming to me.”

I’m about to leave when he tells me about a conference he held recently at the museum. “And this man, a former prisoner, kept saying this very strange thing. It was very annoying at first. He kept saying, ‘I am your future’. ‘I already experienced what will be your future.’ But he was very serious. He had emigrated to Paris. He really meant it.”

The German premiere of Citizenfour is at the Leipzig film festival. It’s a town in the former East Germany that’s famous for its role in starting what the Germans call “the peaceful revolution”, the acts of civil disobedience that led, seemingly out of the blue, to the fall of the Wall on 9 November 1989. And before the screening, an introduction from Edward Snowden to the people of Leipzig is broadcast. “Your history is an inspiration to me,” he says. “It is critical to remember the lessons of history.” Of how a regime was changed “by ordinary people in the streets”.

Having now met Poitras, it’s no surprise that Citizenfour is such a quietly humane film. It shows Snowden’s courage and conviction but also his vulnerability, his youth; the terrible self-awareness he has of everything he’s giving up. Poitras is the softly spoken, self-effacing counterpart to Glenn Greenwald’s more strident style of media engagement. It was Snowden who first got in touch with her, and it was her familiarity and facility with encryption techniques and security measures that made the entire story possible. It’s not just Snowden who comes across as brave and principled.

I speak to dozens of people after the event, of all ages, and the more people I talk to, the more depressing it becomes; the more poignant Snowden’s appeal seems; the more unlikely and far-fetched this idea, of a groundswell of public opinion effecting political change, appears. From Jürgen Kleinig, a 44-year-old maker of investigative films from Berlin, who tells me “there have been no political consequences. None. It’s such a massive threat, to democracy, to everything, but nothing has changed.” To Ulrike Böhnisch, a 28-year-old documentary maker from Leipzig, who tells me how scary she finds it in theory. “But then I think who is going to be interested in my silly little love notes to my boyfriend? For ordinary small people with simple ordinary lives, I think it is not so much of an issue.”

But what if they are? What if somebody is interested? What if Ulrike decides, in 20 years’ time, to stand for parliament? What if Germany’s government changes? What if someone does read her silly little love notes? What if they don’t seem so silly – or so innocent – at some unknown point in the future?

It could happen because it has happened. Anne Roth, a political scientist who’s now a researcher on the German NSA inquiry, tells me perhaps the most chilling story. How she and her husband and their two children – then aged two and four – were caught in a “data mesh”. How an algorithm identified her husband, an academic sociologist who specialises in issues such as gentrification, as a terrorist suspect on the basis of seven words he’d used in various academic papers.

Seven words? “Identification was one. Framework was another. Marxist-Leninist was another, but you know he’s a sociologist… ” It was enough for them to be placed under surveillance for a year. And then, at dawn, one day in 2007, armed police burst into their Berlin home and arrested him on suspicion of carrying out terrorist attacks.

But what was the evidence, I say? And Roth tells me. “It was his metadata. It was who he called. It was the fact that he was a political activist. That he used encryption techniques – this was seen as highly suspicious. That sometimes he would go out and not take his cellphone with him… ”

He was freed three weeks later after an international outcry, but the episode has left its marks. “Even in the bathroom, I’d be wondering: is there a camera in here?”

Knabe tells me how the modern, digital system “is more abstract. It’s not so violating of your personal emotions”. He speaks as one who discovered in his Stasi file that he had been betrayed by a friend. But the difference is perhaps not so clear cut. Mathilde Bonnefoy, the French-American editor of Citizenfour, says the same thing, initially. “It’s signals intelligence, not personal intelligence. It’s mostly a theoretical threat. It’s not like you know there’s people standing on the street corner looking at you.”

Bonnefoy doesn’t know. Can’t know. And since she lives in Berlin and is in a relationship with Dirk Wilutzky, the film’s producer, they found themselves conducting that relationship under some sort of unknown, unknowable scrutiny. Are they still under surveillance? Wilutzky pushes his mobile phone toward me. “I think you are probably talking directly to them.”

They chose to ignore it. It’s what dissidents in East Germany did too, Knabe tells me, a political and philosophical act of resistance. Though talking to Bonnefoy, you wonder what the other options were. “There was a moment, I remember, when it had become very clear to us that we were being listened to and we started speaking in hushed words and elliptical phrases at home when we were talking to each other,” she says. “And I remember Dirk said, ‘We have to stop now. We can’t let this change our lives this much.’ Though, even now, there are still things that we don’t talk to each other about.”

The comparison to the film The Lives of Others is unavoidable. Poitras tells me that someone in the intelligence community told her that it’s probable “that Glenn and I had our own psychologist assigned to us. That there was someone who is paying attention to your friends, to what you might do next. It’s very creepy.”

And, even without that, it’s unclear if this modern version of what’s called “signals intelligence” is less intrusive. Roth’s husband’s metadata is an example of that, and even your Google search terms are practically a psychogram of your thoughts. “I’m so careful about that,” says Poitras. “I use different computers for different uses.” And all over the city, there are people working on ways to fight the technology with technology; who’ve devised the crypto equivalent of what, in the former German Democratic Republic, was done by turning on the radio or running the tap.

There’s Claudio Agosti of GlobaLeaks, a platform he describes as “like WikiLeaks but open source” and Stephanie Hankey, a Brit who’s director of Tactical Tech, an anti-surveillance NGO which moved to Berlin a couple of years ago. And Christian Mihr, the German director of Reporter Ohne Grenzen (Reporters Without Borders), whose office specialises in cases of international digital repression and who helps journalists from oppressive regimes around the world find safe harbour in Berlin. Though it’s not until I finally track down Andy Müller-Maguhn of the Chaos Computer Club (CCC) that I start to really understand why. Everywhere I go, people tell me about the CCC, that it’s one of the most influential digital organisations anywhere, the centre of German digital culture, hacker culture, hackitivism, and the intersection of any discussion of democratic and digital rights. It holds an annual congress which started in Berlin in 1990 and is attended by more than 10,000 people.

But then so much started in 1990 in Berlin. “Half of the people were coming from the east and others, like me, from the west, and at that time, it was pretty easy to break some rules somewhere,” he says. “It was so cheap and the infrastructure was a bit shit but we came together during this period when Germany was in the process of revealing what the East German intelligence did.

“There was this incredible transparency. It was one of the best documented intelligence agencies ever. We had access to all these manuals: ‘how to destroy social relationships’, ‘how to organise distrust’, ‘how to destroy political movements’ and all these things we discussed in the club. We were very aware of how the intelligence services could do these things… and this was part of our creation from the very beginning.”

What’s so interesting about this is that the CCC has helped define important parts of what is now considered internet culture. “The power we had,” says Müller-Maguhn, “was the power of definition. We helped explain to people how technology was part of society.” It’s why hacker culture is so much stronger in Germany than almost anywhere else in the world, but certainly Europe, and why it’s largely seen as a force for good. “Unlike in the US and Britain, we were able to promote our ideas in a positive way.”

And suspicion of authority is encoded into that DNA. It considers digital rights no different from the rest of our fundamental human rights and there’s an intellectual thread that leads from the CCC to one of the most affecting scenes in Laura Poitras’s film, in which Edward Snowden talks about the excitement he felt as a child about the internet, “the greatest invention the world had ever seen”. And his determination to try to defend that vision.

There are so many impassioned voices in Berlin telling the same story in different ways. Diani Barreto describes the city as having an entre-deux-guerres feel, how there’s a touch of Weimar, a hint of Christopher Isherwood, to the way the international community has discovered the city, not least the freedom it offers from the constraints of Piketty’s Das Kapital (I visit a friend whose teenage daughter bursts into the room to say she’s found a one-bedroom flat to rent for “€300, warm, ie including heating and hot water”). Wilutzky describes the experience of coming to West Berlin in the 1980s: “There was this terrible feeling of oppression as you drove through the east, and then suddenly this amazing sense of freedom! It felt like the freest place on Earth. You could do anything here.”

Berlin was for a long time this strange geopolitical anomaly, a shadow theatre for the great powers, the capital of nazism, the frontline of the cold war, and the alternating experiences of stifling oppression and mind-blowing liberation are the twin strands of its 20th-century history. The most compelling voice of all that I encounter belongs to a woman called Anke Domscheit-Berg, who has known both. She’s a 46-year-old feminist and activist who used to work as a lobbyist for Microsoft (and whose name is possibly familiar because her husband, Daniel, was a spokesman for WikiLeaks until he fell out with Assange). She was born and grew up in the east and was 21 when the wall fell, an event she describes as “the most emotional day of my life”.

She was an art student and she tells the story of how the Stasi tried to recruit her as an informant. “People say of the NSA, ‘I have nothing to hide.’ But it doesn’t matter. There is no such thing as innocent information. I had things I needed to hide from the East German authorities but that wasn’t what they blackmailed me with. They blackmailed me with my father’s job. He was a doctor, employed by the state. They said: ‘Don’t you care about what happens to your family if he loses his job?’

“All information can be used against you in some way. And we have an entire generation, the first one ever, about whom everything will be known. Their entire youth is being monitored. And we don’t know what that might mean. How that might be used against them. I look at my father who is 80 and he has only known democracy for the shortest portion of his life. And that is why we have to act now. We have the power to change things. I remember how hopeless it seemed, 25 years ago, that it would ever change. But it did. And we did that. We, the people. And that is why it’s up to us Germans to tell this to the world.”

She is such a powerful, clear, impassioned voice. And it’s obvious that for her, this is personal. “I feel responsible. I feel like I look into one of those glass balls, where others see fog, I see a clear picture and I feel obliged to tell people. These are the tools of a totalitarian system. And just as you cannot be a little bit pregnant so you cannot be a little bit totalitarian without corrupting democracy. And we … in this city … we know where that ends up. We have seen the darkest times, right here.”

Poitras tells me how she has come to censor herself. “It’s not whether or not they’re watching, but the fact that you don’t know if they’re watching. You’ve internalised in some way this authority of the state.” At the end of the interview, I tell her how Snowden spoke at the Observer Festival of Ideas and how afterwards I and my colleague John Naughton asked him questions via Google Hangouts from my laptop. “Am I on the grid?” I ask her.

She guffaws. “You are so on the grid.” It’s only semi-serious but still. “As soon as you start to censor yourself,” Domscheit-Berg tells me, “then you leave the path of free speech. So many people now do this in Berlin. They avoid certain expressions. When we have meetings they leave their phones in different rooms. You have already lost your freedom.”

Have I already lost mine? Has it affected my online behaviour? Possibly. My thoughts have always flowed seamlessly from my brain to my fingers to Google’s all-knowing rectangular white box. And now? There’s the briefest pause. A hesitancy. It’s not exactly an iron curtain but it’s not nothing either. I’m being watched. But then, you are too. And, if you think it doesn’t matter, go to Berlin. Go to the Stasi museum. See how it all panned out last time around.
http://www.theguardian.com/world/201...sts-escape-nsa





German Spy Agency Seeks Millions to Monitor Social Networks Outside Germany

The prototype real time social media monitor will only look at publicly available data though, according to the plans
Loek Essers

Germany's foreign intelligence agency reportedly wants to spend €300 million (about US$375 million) in the next five years on technology that would let it spy in real time on social networks outside of Germany, and decrypt and monitor encrypted Internet traffic.

The Federal Intelligence Service (BND) wants the funds for a program called "Strategische Initiative Technik" (SIT, Strategic Technology Initiative), according to a report by German daily the Süddeutsche Zeitung and television stations NDR and WDR.

The report is based on a confidential document in which the BND asked the Confidential Committee of the Bundestag's Budget Committee to approve a sum of €28 million for the program in 2015.

A German government spokesman confirmed the existence of the SIT program on Monday and said that its main goal is to build an early warning system for cyber attacks. He declined however to give further details about either the program or its budget.

It is a remarkable move given the German uproar over the NSA affair and the alleged U.S. spying on German Chancellor Angela Merkel's phone, which led the German government to demand a "no-spy" agreement from the U.S. Such a deal is unlikely to be made by U.S. president Barack Obama.

The BND, which already spent €6.22 million in preparation for this online surveillance push, also wants to use the money to set up an early warning system for cyber attacks, the report said.

The system for real time social network monitoring is still in the construction phase. But a prototype is expected to be launched next June with the aim of monitoring publicly available data on Twitter and blogs. The program should filter out and discard data in the German language.

The BND also wants to spend €4.5 million to crack and monitor HTTPS (Hypertext Transfer Protocol Secure) encrypted Internet traffic. By 2020 some of that money may be spent the black market to buy zero day exploits, unpublicized vulnerabilities that can be exploited by hackers. That program, called "Nitidezza", should also provide better protection for government networks, German weekly Der Spiegel said in a separate report on BND's budget requests.

Moreover, a plan to monitor Internet exchanges outside Germany is also in the works. Next year, the agency wants to spend €4.5 million on a program called "Swop" to provide additional hidden access to a non-German exchange, the newspaper report said.
http://www.itworld.com/article/28456...e-germany.html





Controversial Anonabox is Back, Raises $14,000 on Indiegogo in 2 Days
Rob Price

Just under a month after Kickstarter suspended the privacy-centric anonabox for misleading its customers, the controversial router is now on Indiegogo for another go—and it’s already raised almost $14,000.

The anonabox first launched on crowdfunding site Kickstarter in early October, promising plug-and-go anonymity by routing all traffic through the Tor network by default. Despite asking for just $7,500 in total, the campaign ended up receiving almost $600,000 in backing from almost 9,000 privacy enthusiasts and enjoyed glowing write-ups in the Guardian, Wired, TechCrunch and beyond, before Kickstarter finally pulled the plug.

The reasons for the campaign's shutodown were numerous, including: The project claimed to be four-years in the making, but its circuity was sourced straight from online marketplace Alibaba at $20 a pop; the off-the-shelf hardware meant the claims that it was totally open-source were misleading; the promotional material was clearly photoshopped; critics highlighted what appeared to be glaring backdoors in the software; and it was allegedly less secure than just connecting to Tor via the official Web browser bundle.

Now, however, the anonabox has returned, turning to alternative crowdfunding site Indiegogo to raise capital. The new, month-long campaign launched on Nov. 8, and just two days in, it has already raised almost $14,000, easily exceeding its $13,1370 target.

One anonabox costs $51, with estimated delivery in Feb. 2015, and perks stretch from the reasonable ($149 for three devices) to the bulk-buy: $44,000 for 1,000 of the routers.

Tacitly acknowledging the barrage of criticism the original product faced, the official page says that the team “got a lot of input from developers and the Open Source community,” and the “feedback we received was enough to make the device better than ever.”

The new-and-improved “gen 5” anonabox will have a “totally custom built circuit board available nowhere else in the world,” a new outer case, a “hardened version” of open-source operating system (OS) OpenWrt, and a “more secure configuration” of the latest version of Tor.

The funds raised will go towards Federal Communications Commission (FCC) certification, “production costs” and new features, the campaign page says, and a “portion” will also go to digital-rights advocacy group the Electronic Frontier Foundation (EFF), as well as to the Tor Project. EFF's Dave Maass told the Daily Dot he had been unaware of promised donation before we reached out. Maass added that they do not endorse the product, but are also not in the business of “policing donations.”

It remains to be seen whether the anonabox, led by “IT security professional” August Germar, has managed to address all the issues that critics raised with its previous iteration. But having raised more than ten thousand dollars in just two days, close scrutiny is likely imminent.

However, even if serious issues are raised, its unclear whether Indiegogo will suspend the anonabox campaign. In contrast to Kickstarter’s relatively stringent vetting process, Indiegogo is much more relaxed over what it allows on its platform. It recently refused to suspend a pseudoscientifc ultrasonic health product even after its creator admitted to the Daily Dot there was no evidence of the product’s efficacy, and numerous other dodgy devices have raised millions of dollars on the site, despite experts’ warnings.

This time, Germar may make good on his promises, and deliver affordable plug-and-go anonymity for all. But even if he doesn’t, he’ll still be walking away with tens of thousands of dollars.

Update 6:10pm ET, Nov. 10: Steve Lord from IT Security Guru reports that Germar is misrepresenting his involvement with the Tor Project, claiming to volunteer for support forum Tor Stack Exchange despite no evidence of his contributions and claiming to be an admin of the Tor Project’s LinkedIn page—a page former Tor official Runa Sandvik has confirmed is unofficial.
http://www.dailydot.com/politics/ano...gogo-relaunch/





81% of Tor Users Can Be De-Anonymised by Analysing Router Information, Research Indicates
Martin Anderson

Research undertaken between 2008 and 2014 suggests that more than 81% of Tor clients can be ‘de-anonymised’ – their originating IP addresses revealed – by exploiting the ‘Netflow’ technology that Cisco has built into its router protocols, and similar traffic analysis software running by default in the hardware of other manufacturers.

Professor Sambuddho Chakravarty, a former researcher at Columbia University’s Network Security Lab and now researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology in Delhi, has co-published a series of papers over the last six years outlining the attack vector, and claims a 100% ‘decloaking’ success rate under laboratory conditions, and 81.4% in the actual wilds of the Tor network.

Chakravarty’s technique [PDF] involves introducing disturbances in the highly-regulated environs of Onion Router protocols using a modified public Tor server running on Linux - hosted at the time at Columbia University. His work on large-scale traffic analysis attacks in the Tor environment has convinced him that a well-resourced organisation could achieve an extremely high capacity to de-anonymise Tor traffic on an ad hoc basis – but also that one would not necessarily need the resources of a nation state to do so, stating that a single AS (Autonomous System) could monitor more than 39% of randomly-generated Tor circuits.

Chakravarty says: “…it is not even essential to be a global adversary to launch such traffic analysis attacks. A powerful, yet non- global adversary could use traffic analysis methods […] to determine the various relays participating in a Tor circuit and directly monitor the traffic entering the entry node of the victim connection,”

The technique depends on injecting a repeating traffic pattern – such as HTML files, the same kind of traffic of which most Tor browsing consists – into the TCP connection that it sees originating in the target exit node, and then comparing the server’s exit traffic for the Tor clients, as derived from the router’s flow records, to facilitate client identification.

Tor is susceptible to this kind of traffic analysis because it was designed for low-latency. Chakravarty explains: “To achieve acceptable quality of service, [Tor attempts] to preserve packet interarrival characteristics, such as inter-packet delay. Consequently, a powerful adversary can mount traffic analysis attacks by observing similar traffic patterns at various points of the network, linking together otherwise unrelated network connections.”

The online section of the research involved identifying ‘victim’ clients in Planetlab locations in Texas, Belgium and Greece, and exercised a variety of techniques and configurations, some involving control of entry and exit nodes, and others which achieved considerable success by only controlling one end or the other.

Traffic analysis of this kind does not involve the enormous expense and infrastructural effort that the NSA put into their FoxAcid Tor redirects, but it benefits from running one or more high-bandwidth, high-performance, high-uptime Tor relays.

The forensic interest in quite how international cybercrime initiative ‘Operation Onymous’ defied Tor’s obfuscating protocols to expose hundreds of ‘dark net’ sites, including infamous online drug warehouse Silk Road 2.0, has led many to conclude that the core approach to deanonymisation of Tor clients depends upon becoming a ‘relay of choice’ – and a default resource when Tor-directed DDOS attacks put ‘amateur’ servers out of service.
http://thestack.com/chakravarty-tor-...nalysis-141114





Rap Sheets, Watchlists and Spy Networks Now Available with Single Click
Aliya Sternstein

Law enforcement officials nationwide now have the ability to search multiple sensitive databases, including spy agency intranets and homeland security suspicious activity reporting – with a single login.

The breakthrough in interconnectivity is expected to close information gaps that, among other things, have contributed to the rise in homegrown terrorism and school shootings.

"Let's say you have a lone-wolf incident or an active-shooter incident, where you need to be able to securely share information in a timely way. With a single sign-on capability, there is no wrong door," Kshemendra Paul, program manager for the Information Sharing Environment at the Office of Director of National Intelligence, said during an interview. "If you have an account, you can get to the virtual command center that the fusion center may be using – in a very direct way."

It took about three years to tear down silos without eroding privacy controls.

"In many cases, the data sources have different access requirements – so you can do a federated query that goes across the multiple sources, but with controlled access," Paul said Thursday.

That means some users still will be blocked from seeing certain information.

"For example, to access criminal intelligence information you have to have special training around privacy, civil rights and civil liberties," Paul said. So, for users without that training, some search results will be out of reach, he said.

"It's always a balance between sharing and safeguarding," Paul said. "We are increasing security by introducing more consistent identity proofing and the ability to enforce policies to control access to information."

The databases now accessible through a single sign-on include the Homeland Security Information Network, a key exchange between state-run intelligence fusion centers and the federal government, as well as the Justice Department's Regional Information Sharing Systems, which tracks local crime and gang activity.

Also available are the intelligence community's internal networks, collectively described as "Intelink," and the FBI's Law Enforcement Enterprise Portal, the gateway to background check data, facial recognition tools and other criminal records. The four networks are each labeled sensitive but unclassified.

Many of the systems are not searchable through a single query – yet. But that's the next step.

Right now, querying Intelink will retrieve some results from the law enforcement portal, but it's not possible, for instance, to bring up hits across all four networks with one search entry.

The new arrangement is expected to save taxpayer money over the long run. "What we're doing here isn't building something new," Paul said. "We're interconnecting existing systems. That’s a really cost-effective way to go."

That streamlining, however, could expedite the flow of false or protected information that harms innocent people, some privacy advocates said in reaction on Friday.

“These systems often include unreliable information about supposedly suspicious activity that is protected by the First Amendment and entirely innocuous,” American Civil Liberties Union attorney Hugh Handeyside. “Law enforcement officials have themselves raised privacy concerns about these systems. Making that information available to more people, with greater ease, erodes our privacy while doing nothing to make us safer.”
http://www.nextgov.com/defense/2014/...e-click/98423/





Strippers Sue to Prevent Identity Disclosure
Anthony Zurcher

Government open-records requests can be boring. Government open-records requests made by a man who wants to obtain information about 70 licensed strippers in his town so he can "pray for them", on the other hand...

The godly citizen in question is David Allen Van Vleet of Tacoma, Washington. In September he filed court papers to obtain personal information on 70 government-licensed nude dancers at a nightclub in his area - including their full names, addresses, photos and dates of birth.

(Yes, Washington requires nude dancers to pay a $75 (£47) a year licence fee. If government oversight is good enough for beauticians, it seems, it's good enough for lap dancers.)

The county auditor granted his request under the state's open-records law - although she also notified area dancers and club managers of her action. On 21 October two licensees sued to block the release of the information. Two days later a county judge issued a temporary order blocking the release, with a final decision scheduled for 15 December.

Mr Van Vleet was not happy with the judge's action.

"He essentially silenced 7 million people in the state of Washington to protect 70 people's so-called right to privacy who dance on a stage naked," he said.

The plaintiffs' lawyer, on the other hand, told the Associated Press that Mr Van Vleet's interests were trumped by his clients's rights.

"There's some stigma attached to the occupation, and most dancers for personal privacy reasons and safety reasons, don't want the customers to know who they are outside of the club," he said.

The case has set up an unusual debate over free speech and privacy rights. What deserves more consideration, open access to government records or adult entertainers' right to "artistic" expression under stage names?

"It's entirely likely the person who wants this information is a crazy stalker or an anti-sex nutjob," writes Reason magazine's Elizabeth Nolan Brown. "Maybe both. Maybe merely a blackmailer or a 4chan-er. At any rate, it's hard to imagine many non-nefarious reasons for requesting personal information on a wide swath of individuals in a sensitive job."

She points to a 2013 case where another Tacoma man who had been arrested for stalking and convicted of intimidating a judge tried to use the same public record laws to get contact information for strippers so he could offer them his social media marketing services (or so he claimed). He obtained nearly 100 records before a stripper-initiated lawsuit ended his requests.

There's just no reason for a government-maintained stripper database, she says.

The editors of the Tacoma News Tribune worry that the judge's decision could be the first step in permanently weakening the state's open records law, however.

"We don't quarrel with the outcome so much as the process," they write. "It suggests a federal judge can step in at his own discretion and void parts of the act because they don't feel right to him."

"It doesn't matter if you think the citizen is annoying or that he might do something irritating with the licence information," they continue. "There is no constitutional right not to be embarrassed or criticised."

The case could have larger implications as well, writes the Washington Post's Eugene Volokh. For instance a decision supporting Mr Van Vleet could be cited by those who want to access information on licensed gun owners.

The Columbia Journalism Review's Jonathan Peters concludes that conflict between open records and privacy concerns has few clear solutions. The laws in the US are a patchwork of different standards and legal precedents.

Give public officials discretion to withhold public records requests made with flimsy justification, and there's the chance that they could abuse that power. Give out too much information, however, and individuals could find embarrassing or personal information revealed.

"Government records contain all manner of personal information that citizens are required to disclose under certain circumstances: data related to births, deaths, marriages, arrests, and so on - even family dynamics, financial status, and health condition, and contact information," he writes.

Too much government disclosure could leave even the most reticent individual feeling a bit naked.
http://www.bbc.com/news/blogs-echochambers-29946114





Federal Judge Says Public Has a Right to Know About FBI’s Facial Recognition Database
Dustin Volz

A federal judge has ruled that the FBI's futuristic facial-recognition database is deserving of scrutiny from open-government advocates because of the size and scope of the surveillance technology.

U.S. District Judge Tanya Chutkan said the bureau's Next Generation Identification program represents a "significant public interest" due to concerns regarding its potential impact on privacy rights and should be subject to rigorous transparency oversight.

"There can be little dispute that the general public has a genuine, tangible interest in a system designed to store and manipulate significant quantities of its own biometric data, particularly given the great numbers of people from whom such data will be gathered," Chutkan wrote in an opinion released late Wednesday.

Her ruling validated a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center that last year made a 2010 government report on the database public and awarded the group nearly $20,000 in attorneys' fees. That government report revealed the FBI's facial-recognition technology could fail up to 20 percent of the time. Privacy groups believe that failure rate may be even higher, as a search can be considered successful if the correct suspect is listed within the top 50 candidates.
"The opinion strongly supports the work of open-government organizations and validates their focus on trying to inform the public about government surveillance programs," said Jeramie Scott, national security counsel with EPIC.

Privacy groups, including EPIC, have long assailed Next Generation Identification, which they argue could be used as an invasive means of tracking that collects images of people suspected of no wrongdoing. The program—a biometric database that includes iris scans and palm prints along with facial recognition—became "fully operational" this summer, despite not undergoing an internal review, known as a Privacy Impact Assessment, since 2008. Government officials have repeatedly pledged they would complete a new privacy audit.

FBI Director James Comey has told Congress that the database would not collect or store photos of ordinary citizens, and instead is designed to "find bad guys by matching pictures to mug shots." But privacy groups contend that the images could be shared among the FBI and other agencies, including the National Security Agency, and even with state motor-vehicle departments.

In his testimony, given in June, Comey did not completely refute that database information could potentially be shared with states, however.

Government use of facial-recognition technology has undergone increasing scrutiny in recent years, as systems once thought to exist only in science fiction movies have become reality. TheNew York Times reported on leaks from Edward Snowden revealing that the NSA intercepts "millions of images per day" across the Internet as part of an intelligence-gathering program that includes a daily cache of some 55,000 "facial-recognition quality images."

The Justice Department did not immediately return a request for comment regarding whether it will appeal Chutkan's decision.
http://www.nextgov.com/cybersecurity...relatedstories





Unsealed Filing Shows DOJ Misled Appeals Court About National Security Letter Gag Orders
Dave Maass

A court filing unsealed late Wednesday shows that the U.S. Department of Justice (DOJ) made a highly misleading argument to an appeals court in October during a hearing on the constitutionality of National Security Letters (NSLs).

On October 8, the Electronic Frontier Foundation argued before the United States Court of Appeals for the Ninth Circuit that provisions in the USA PATRIOT Act that prohibit service providers from discussing NSLs they may have received violates the First Amendment. During the hearing, the judges’ questioning addressed concerns that the government is using its NSL authority to stifle recipients’ constitutionally protected right to comment on the government’s actions. But DOJ Attorney Douglas Letter countered that these companies are free to discuss the “quality” of NSLs letter they received from the FBI—a claim that contradicted the government’s prior position and turned out not to be true.

Following the hearing, EFF’s clients requested that the DOJ reconcile the statement Letter made to the court with the department’s longstanding contention that companies could not discuss having received NSLs at all. In response, the DOJ filed a letter with the court admitting that Letter’s statements were incorrect, reaffirming its position that the broad gag includes any statement about the NSLs they have received. The DOJ also apologized to the court.

EFF Legal Director Cindy Cohn issued the following statement in response to the retraction:

EFF’s clients have consistently challenged the indiscriminate use of gag orders in combination with National Security Letters. In particular, they have challenged the government’s contention that NSL recipients can’t even use their experiences receiving overbroad NSLs to push for reform in Congress or in the broader public debate. This is especially the case now that the USA FREEDOM Act, which has some limited NSL reform, is going to be discussed in the Senate.

At the oral argument, the judges were very concerned that the government is using its NSL authority to stifle recipients’ constitutionally protected right to comment on the government’s actions. We were surprised to hear, in response to those concerns, the government retreat from its position that the NSLs gags prevent recipients from talking about "very fact of having received" an NSL.

When we wrote to the government asking if this new position meant that our clients could indeed talk about the quality of the NSLs they have received, the government retracted its statements to the court and apologized. But it's troubling that we had to raise the issue before the government addressed it and that it seems the government was willing to let the court believe that the gag was narrower than it actually is in order to win the case.


EFF represents two companies challenging NSLs—a telecom company and an Internet company. The names of these companies remain under seal, as the government continues to insist that even identifying them might endanger national security. In March 2013 a federal district court judge in San Francisco agreed with EFF and ruled the NSL provisions unconstitutional, barring future NSLs and accompanying gag orders. That ruling was stayed pending appeal, however, and the district court has subsequently enforced separate NSLs—including NSLs issued to both EFF clients—and indicates that it will continue to do so until the Ninth Circuit rules on EFF’s challenges.

Here's what Doug Letter originally told the court (mp3 available here):

There is a category that the deputy attorney general provided that recipients can make disclosures and there is a category of 0-249 so recipients can disclose that. They’re allowed to disclose within these bands. And they can fully participate in the public debate, they can say as we have disclosed we’re in that band 0-249 and it can say the very things that [EFF Senior Staff Attorney Kurt Opsahl] said they can’t. They can say and we think the government is asking for too much in many of the NSLs we received and we want to talk to our fellow recipients and see if they too have felt that there’s too much and we think Congress ought to do something about that. They can do all of that. There’s nothing that says that they can’t comment, they’re allowed to make specific comments about quantity, there’s absolutely no ban on them commenting on the quality of those they’ve received.

Here's an excerpt from the subsequent retraction:

In the course of discussing disclosures described in this letter, approximately 49 minutes into the Court's recording of the argument, government counsel indicated that if a company discloses that it is in one of these two bands starting with zero, it could publicly discuss the fact that it had received one or more NSLs and could discuss the quality of the specific NSL(s) that it had received. That suggestion was mistaken. The district court correctly noted that “the NSL nondisclosure provisions . . . apply, without distinction, to both the content of the NSLs and to the very fact of having received one."

For the full text of the Justice Department's letter:

https://www.eff.org/document/governm...-oral-argument
https://www.eff.org/deeplinks/2014/1...ity-letter-gag





Justice Dept. Apologizes for Inaccuracy in National Security Letters Case
Charlie Savage

The Justice Department has apologized to a federal appeals court for providing inaccurate information about a central issue in a case challenging the constitutionality of a disputed law-enforcement power known as national security letters.

The letters are a kind of subpoena that the F.B.I. can issue without court oversight. The case centers on the constitutionality of a gag rule that forbids companies from disclosing whether they have received such letters.

The Justice Department said it had misled the court by incorrectly saying that telecommunications companies were permitted to disclose that they had received at least one such letter seeking records about a customer. In a letter unsealed this week, the department said that the misstatement was “inadvertent.”

It is the latest in a series of inaccurate statements that the executive branch has made to other branches of government about surveillance rules and practices, many of which have come to light during the scrutiny on data collection that came after the leaks last year by the former intelligence contractor Edward J. Snowden.

Even before Mr. Snowden’s leaks, the Electronic Frontier Foundation filed a lawsuit challenging the constitutionality of the letters on behalf of an unnamed telecommunications provider. In March 2013 a Federal District Court judge in San Francisco struck them down, ruling that the gag provision violated the First Amendment.

The Obama administration appealed to the Court of Appeals for the Ninth Circuit, which heard oral arguments last month. In the arguments, Kurt Opsahl, a lawyer for the foundation, emphasized that recipients of such letters could not participate with authority in the public debate because they could not describe their experiences, because that would reveal that they had received at least one letter.

The Justice Department recently began permitting companies to say how many national security letters they had received, but only in broad bands like “between 0 and 999.” As a result, they cannot confirm that they have received any, because even those in the lowest band might have received zero.

But during the oral arguments, a Justice Department lawyer, Douglas Letter told the appeals court that Mr. Opsahl’s claim that companies could not fully participate in public debate was not true because a firm could say that it was in the lowest band, and go on to say “and we think the government is asking for too much in many of the N.S.L.'s we have received.”

While providers are limited in commenting about the quantity they received, Mr. Letter added, “There is absolutely no ban on them commenting on the quality of those they received.”

After the arguments, Cindy Cohn, the legal director of the Electronic Frontier Foundation, wrote a letter to the Justice Department saying that it appeared to be changing its rule, and listed a variety of comments her client would like to make in public in light of what Mr. Letter said was permissible.

But the Justice Department wrote to the Ninth Circuit saying that Mr. Letter had inadvertently misstated the rule. In fact, so long as a firm has received fewer than 1,000 national security letters, it may not disclose whether it had received any at all, the letter said.

“We regret this inadvertent inaccuracy and apologize for any confusion that may have been caused,” wrote Jonathan H. Levy, a Justice Department lawyer, in the letter.

In a once-secret ruling in October 2011 by the Foreign Intelligence Surveillance Court, which the Obama administration declassified after Mr. Snowden’s leaks, Judge John D. Bates chastised the executive branch for having misled the court on at least three occasions about how various N.S.A. surveillance and data-collection programs worked.

In 2012, during another lawsuit challenging the N.S.A.'s warrantless surveillance program under the FISA Amendments Act, the Justice Department successfully urged the Supreme Court to dismiss the case because the plaintiffs could not prove they had been wiretapped.

The department told the justices that doing so would not prevent judicial review of the law because prosecutors would tell criminal defendants that they faced evidence derived from such eavesdropping, and they would have standing to challenge it. But it emerged last summer that prosecutors’ actual practice had been to conceal the origins of such evidence from defendants.

And during Senate testimony in March 2013, the director of national intelligence, James R. Clapper, said the National Security Agency did not deliberately collect records of any type about millions of Americans. Three months later, Mr. Snowden’s leaks brought to light the fact that the agency was systematically collecting calling records of Americans in bulk.
http://www.nytimes.com/2014/11/15/us...ters-case.html





Senate May Vote on NSA Reform as Soon as Next Week
Aaron Sankin

After last week's election, it didn't look like Congress was going to do much legislating during the rest of this year's lame duck session; however, a Wednesday evening announcement suggests that at least one big bill may be heading for a vote. Senate Majority Leader Harry Reid (D – Nev.) indicated that he filed a procedural motion on the USA FREEDOM Act, meaning the bill could get an up-or-down vote in the Senate as early as next week. If the legislation passes the Senate it could become the law of the land before the end of the year.

Introduced by Sen. Pat Leahy (D - Vt.) and Rep. Jim Sensenbrenner (R- Wis.), the USA FREEDOM Act is aimed at reforming the National Security Agency by curtailing some of the agency's powers to conduct surveillance on the electronic communications of American citizens.

The bill would prohibit the NSA from indiscriminately collecting and storing the cell phone metadata of all Americans—a program revealed by whistleblower Edward Snowden. It would also introduce greater transparency into the Foreign Intelligence Surveillance Court through new disclosure rules and the appointment of a "public advocate," who would be present during court proceedings.

The USA FREEDOM Act is an acronym for "Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet Collection, and Online Monitoring" Act.

"Although far too many good bills continue to collect dust on Senator Reid's desk, I am pleased he has finally decided to move the USA FREEDOM Act. There is no excuse not to pass this fundamental piece of legislation during the lame duck," Sensenbrenner said in a statement. "Senator Leahy and I introduced the USA FREEDOM Act over a year ago. It is past-time for Washington to ensure Americans' civil liberties are protected while preserving important intelligence gathering authorities that are vital to our national security."

Sensenbrenner, ironically, was the legislator who introduced the USA PATRIOT Act, the piece of post-9/11 legislation that granted the NSA much of these surveillance powers in the first place.

Upon its introduction in 2013, the bill was cheered by privacy activists as a way to stop the government from violating citizens' Fourth Amendment rights against unreasonable search and seizure. However, over the course of the past year, the bill as been significantly amended to the point where many of the bill's initial supporters have subsequently come out in opposition.

One of the biggest sticking points was a modification to the bill's language indicating what data the NSA would be allowed to collect. The original version limited it to terms "used to uniquely describe a person, entity, or account," whereas the current version now adds addresses and devices to things that could be identified as targets. In addition, it inserts the words "such as," which could allow for an interpretation of the law that grants far more wiggle room than the otherwise tightly worded rules would allow.

Critics also charge that the updated version of the bill also weakens disclosure requirements for companies that provide data on their users to the government.

Civil liberties-minded lawmakers like Reps. Justin Amash (R - Mich.), Anna Eshoo (D - Calif.), Zoe Lofgren (D - Calif.), and Jared Polis (D - Colo.) who had signed up as co-sponsors to the legislation, all ended up voting against the bill when it came up in the House of Representatives earlier this year. Nevertheless, the bill passed the House by a 182-vote margin.

A coalition of tech companies including Google, Apple, and Microsoft—which were worried that a global perception of the U.S. government being able to snoop on all online traffic going through the systems of American firms would hurt their bottom lines—originally cheered the bill. After the revisions, the tech giants sent an open letter to Congress expressing their disappointment:

Unfortunately, the version that just passed the House of Representatives could permit bulk collection of Internet "metadata" (e.g. who you email and who emails you), something that the Administration and Congress said they intended to end. Moreover, while the House bill permits some transparency, it is critical to our customers that the bill allow companies to provide even greater detail about the number and type of government requests they receive for customer information. It is in the best interest of the United States to resolve these issues.

Confidence in the Internet, both in the U.S. and internationally, has been badly damaged over the last year. It is time for action. As the Senate takes up this important legislation, we urge you to ensure that U.S. surveillance efforts are clearly restricted by law, proportionate to the risks, transparent, and subject to independent oversight.


The revamped bill's critics worried that, instead of reigning in government surveillance, the USA FREEDOM Act just served to codify the most damaging of those practices further into law.

Even so, the bill still does have a significant number of supporters. For example, Central Intelligence Agency Chief James Clapper and Attorney General Eric Holder both recently endorsed the bill, calling it a "reasonable compromise."

For their part, many of civil liberties groups have admitted that the watered down bill isn't perfect, but still advocate for it's passage.

"Passage of the USA FREEDOM Act would be an important step forward for restoring Americans’ privacy and rebuilding trust in our government,” said Nuala O'Connor, president of the open Internet advocacy nonprofit Center for Democracy and Technology, in a statement. "The specter of surveillance has hung over this Congress for the last year and a half. Congress should seize the opportunity to act in a decisive, bipartisan manner to bring about the surveillance reform Americans have been calling for."

The USA FREEDOM Act was something that House Judiciary committee Chairman Bob Goodlatte (R – Va.) said in an interview prior to the election would be one of the first items on the GOP's agenda if they took control of the Senate in the midterm elections.

President Obama has indicated that he would sign the bill if it were sent to his desk. If passed, it would be the first piece of legislation significantly reforming the American surveillance state since 9/11.
http://www.dailydot.com/politics/usa...t-senate-vote/





Government Employees Responsible for Half of Federal Cyberattacks
AP

A $10 billion-a-year effort to protect sensitive government data, from military secrets to Social Security numbers, is struggling to keep pace with an increasing number of cyberattacks and is unwittingly being undermined by federal employees and contractors.

Workers scattered across more than a dozen agencies, from the Defense and Education departments to the National Weather Service, are responsible for at least half of the federal cyberincidents reported each year since 2010, according to an Associated Press analysis of records.

They have clicked links in bogus phishing emails, opened malware-laden websites and been tricked by scammers into sharing information.

One was redirected to a hostile site after connecting to a video of tennis star Serena Williams. A few act intentionally, most famously former National Security Agency contractor Edward Snowden, who downloaded and leaked documents revealing the government's collection of phone and email records.

Then there was the contract worker who lost equipment containing the confidential information of millions of Americans, including Robert Curtis, of Monument, Colorado.

"I was angry, because we as citizens trust the government to act on our behalf," "I was angry, because we as citizens trust the government to act on our behalf," he said. Curtis, according to court records, was besieged by identity thieves after someone stole data tapes that the contractor left in a car, exposing the health records of about 5 million current and former Pentagon employees and their families.

At a time when intelligence officials say cybersecurity trumps terrorism as the No. 1 threat to the U.S. — and when breaches at businesses such as Home Depot and Target focus attention on data security — the federal government isn't required to publicize its own data losses.

Last month, a breach of unclassified White House computers by hackers thought to be working for Russia was reported not by officials but The Washington Post. Congressional Republicans complained even they weren't alerted to the hack.

To determine the extent of federal cyberincidents, the AP filed dozens of Freedom of Information Act requests, interviewed hackers, cybersecurity experts and government officials, and obtained documents describing digital cracks in the system.

That review shows that 40 years and more than $100 billion after the first federal data protection law was enacted, the government is struggling to close holes without the knowledge, staff or systems to outwit an ever-evolving foe.

Fears about breaches have been around since the late 1960s, when the federal government began shifting its operations onto computers. Officials responded with software designed to sniff out malicious programs and raise alarms about intruders. And yet, attackers have always found a way in, exposing tens of millions of sensitive and private records that include employee usernames and passwords and veterans' medical files.

From 2009 to 2013, the number of reported breaches just on federal computer networks — the .gov and .mils — rose from 26,942 to 46,605, according to the U.S. Computer Emergency Readiness Team. Last year, US-CERT responded to a total of 228,700 cyberincidents involving federal agencies, companies that run critical infrastructure and contract partners. That's more than double the incidents in 2009.

And employees are to blame for at least half of the problems.

Last year, for example, about 21 percent of all federal breaches were traced to government workers who violated policies; 16 percent who lost devices or had them stolen; 12 percent who improperly handled sensitive information printed from computers; at least 8 percent who ran or installed malicious software; and 6 percent who were enticed to share private information, according to an annual White House review.

In one incident around Christmas 2011, Education Department employees received an email purportedly from Amazon.com that asked them to click on a link. Officials quickly warned staff that it could be malicious. The department did not release information to the AP about any resulting damage.

Reports from the Defense Department's Defense Security Service, tasked with protecting classified information and technologies in the hands of federal contractors, show how easy it is for hackers to get into DOD networks. One military user received messages that his computer was infected when he visited a website about schools. Officials tracked the attacker to what appeared to be a Germany-based server.

"We'll always be vulnerable to ... human-factor attacks unless we educate the overall workforce," said Assistant Secretary of Defense and cybersecurity adviser Eric Rosenbach.

Although the government is projected to spend $65 billion on cybersecurity contracts between 2015 and 2020, many experts believe the effort is not enough to counter a growing pool of hackers whose motives vary. Russia, Iran and China have been named as suspects in some attacks, while thieves seek out other valuable data. Only a small fraction of attackers are caught.

For every thief or hostile state, there are tens of thousands of victims For every thief or hostile state, there are tens of thousands of victims like Robert Curtis.

He declined to talk about specifics of his case. According to court records, a thief in September 2011 broke into a car in a San Antonio garage and stole unencrypted computer tapes containing the Pentagon workers' information. The car belonged to an employee of a federal contractor tasked with securing those records.

Criminals have tried to get cash, loans, credit — even establish businesses — in Curtis' name, according to court records. He and his wife have frozen bank and credit accounts. A lawsuit brought by victims was dismissed.

"It is very ironic," said Curtis, himself a cybersecurity expert who worked to provide secure networks at the Pentagon. "I was the person who had paper shredders in my house. I was a consummate data protection guy."
http://mashable.com/2014/11/10/federal-cyberattacks/





Apple iOS Bug Makes Devices Vulnerable to Attack – Experts
Jim Finkle

Researchers have warned that a bug in Apple Inc's iOS operating system makes most iPhones and iPads vulnerable to cyber attacks by hackers seeking access to sensitive data and control of their devices.

Cybersecurity firm FireEye Inc published details about the vulnerability on its blog on Monday, saying the bug enables hackers to access devices by persuading users to install malicious applications with tainted text messages, emails and Web links.

The malicious application can then be used to replace genuine, trusted apps that were installed through Apple's App Store, including email and banking programs, with malicious software through a technique that FireEye has dubbed "Masque Attack."

These attacks can be used to steal banking and email login credentials or other sensitive data, according to FireEye, which is well-regarded in cybersecurity circles for its research.

"It is a very powerful vulnerability and it is easy to exploit," FireEye Senior Staff Research Scientist Tao Wei said in an interview.

Apple's iOS has robust security features that make it extremely difficult for attackers to install malware on devices using traditional techniques for infecting Windows machines and Android mobile devices with malicious emails and Web links. The "Masque Attack" makes that possible by exploiting a system that Apple developed to allow large organizations to deploy custom-built software without going through Apple's App Store, according to David Richardson, iOS product manager at mobile security firm Lookout.

Those applications are not vetted by Apple for malicious software, unlike apps in its App Store, though users do receive pop-up notifications asking if they want to prevent the apps from installing on devices, he said.

“You can just say 'Don’t install.' As long as you do that, you will be protected from this vulnerability,” Richardson said.

FireEye disclosed the vulnerability to Apple in July and representatives of the company said they were working to fix the bug, according to Wei.

Apple could not immediately be reached for comment.

News of the vulnerability began to leak out in October on specialized Web forums where security experts and hackers alike discuss information on Apple bugs, Wei said.

He said FireEye decided to go public with its findings after Palo Alto Networks Inc last week uncovered WireLurker, the first campaign to exploit the vulnerability.

"Currently WireLurker is the only one, but we will see more," Wei said.

(Reporting by Jim Finkle in Boston; editing by Andrew Hay and Matthew Lewis)
http://uk.reuters.com/article/2014/1...0IU1W820141110





Retailers Demanding Federal Action on Data Breach

Add retailers to the chorus of voices calling for federal legislation on cyber security and data protection.
Paul F. Roberts

In an unusual move, retail groups from across the U.S. sent a letter to Congressional leaders that urged them to pass federal data protection legislation that sets clear rules for businesses serving consumers. The letter, dated November 6, was addressed to the majority and minority party leaders of the U.S. Senate and the House of Representatives and signed by 44 state and national organizations representing retailers, including the National Retail Federation, the National Grocers Association, the National Restaurant Association and the National Association of Chain Drug Stores, among others.

“The recent spate of news stories about data security incidents raises concerns for all American consumers and for the businesses with which they frequently interact,” the letter reads. “A single federal law applying to all breached entities would ensure clear, concise and consistent notices to all affected consumers regardless of where they live or where the breach occurs.”

Pointedly, the signatories warn Congress against creating a law with loopholes or exemptions for specific industries or interest group – such as the telecommunications industry, which represents major Internet service providers. “Better security at the source of the problem is needed. The protection of American’s sensitive financial information is not an issue on which sacrificing comprehensiveness makes any sense at all,” the letter reads. The providers of the connections that data moves across as well as cloud-based service providers should be bound by the same security standards and disclosure mandates as retailers, the groups argue.

Currently, there are 47 different state-based security breach notification laws, as well as laws in the District of Columbia and Guam. Business and consumer groups have been generally aligned on the need for a federal law to create a uniform, national standard and set policy on a problem (online crime) that doesn’t respect state or national borders.

However, political gridlock in Congress since 2010 has allowed small disagreements about the scope of a final law and enforcement to stay the federal government’s hand. Following the breach at Target Stores, which had information on 70 million customers stolen in a cyber attack, credit card issuers and retailers said they would move to implement more secure chip-and-PIN technology by 2015. Absent federal action, the Obama Administration threw its weight behind that effort. President Obama signed an executive order in October requiring the government to require the use of chip and PIN technology for any new or existing government-issued debit and credit cards.

Speaking at an event in Las Vegas hosted by the firm Digitrust, Craig Spiezle, the Executive Director and President of the Online Trust Association (OTA) said that the current patchwork of state laws is harmful to businesses and consumers alike. Current legislation across the states sets wildly different standards for everything from what kinds of data is protected to what constitutes a breach and what affected firms need to do to respond to cyber incidents.

Speaking to The Security Ledger, Spiezle said that there are many places that lawmakers in Congress can look for a model for effective data breach legislation. Laws like CAN SPAM provide a ready template for a federal standard that also leaves enforcement to state attorneys general – one concern about an overarching federal law. OTA has briefed both the FCC and FTC. The group supports a federal law and is urging Congress to act before the end of the lame duck session that runs until the next Congress is sworn in. “We’d like to see it in 90 days,” Spiezle said.
https://securityledger.com/2014/11/r...n-data-breach/





For Guccifer, Hacking Was Easy. Prison Is Hard.
Andrew Higgins

He reveled in tormenting members of the Bush family, Colin L. Powell and a host of other prominent Americans, and also in outfoxing the F.B.I. and the Secret Service, foiling their efforts to discover even his nationality, never mind his identity. Early this year, however, the elusive online outlaw known as Guccifer lost his cocky composure and began to panic.

He smashed his hard drive and cellphone with an ax.

That spasm of precautionary destruction, at his home in Romania’s rural Transylvania region, did not help him much — especially as he left pieces of what would later become evidence scattered in the mud.

Two weeks later, on Jan. 22, a global hunt for the celebrated and mysterious hacker who first revealed self-portraits painted by George W. Bush and plundered a trove of personal emails from politicians, military officers and celebrities finally ended in an early morning raid of his home.

“I was expecting them, but the shock was still very big for me,” the hacker, now serving a seven-year sentence, said. He spoke in an interview, his first, at the Arad Penitentiary here. “It is hard to be a hacker, but even harder to erase your tracks.”

In many ways, however, his two-year rampage through the email accounts of rich and powerful Americans showed how easy it can be to go rogue on the Internet and, even when armed with only rudimentary skills, to stay one step ahead of the law, at least for a while.

The hacker who signed off as Guccifer (pronounced GUCCI-fer) — a nom de guerre coined, he said, to combine “the style of Gucci and the light of Lucifer” — turned out to be Marcel-Lehel Lazar, a jobless 43-year-old former taxi driver. He had no expertise in computers, no fancy equipment, only a clunky NEC desktop and a Samsung cellphone, and no special skills beyond what he had picked up on the web.

Viorel Badea, the Romanian prosecutor who directed the case, expressed dismay that Mr. Lazar had gotten so far with so little. “He was not really a hacker but just a smart guy who was very patient and persistent,” Mr. Badea said.

Instead of burrowing into his victims’ email accounts using computer worms and other hacking tools, the prosecutor said, Mr. Lazar trawled the web for information about his targets and then simply guessed the right answers to security questions. “He is just a poor Romanian guy who wanted to be famous,” said the prosecutor, who leads a cybercrime team in Romania’s organized crime unit.

It took six months of trial and error for Mr. Lazar to guess the right answers and gain access to the emails of Corina Cretu, a 47-year-old Romanian politician who sent pictures of herself in a bikini and a flirtatious message to Mr. Powell, the former secretary of state. Mr. Powell, who has denied having an affair with Ms. Cretu, had urged her to delete all their messages after he discovered that his own email account had been hacked.

Mr. Lazar, who is half-Hungarian, acknowledged that he relied mostly on educated guesswork. He said he had no training in computers, though he did work, briefly, in a computer factory. “I got fired after two weeks,” he said.

To cover his tracks, he launched most of his raids through a proxy server in Russia. He figured that would hide any fingerprints leading back to Romania, where he already had a police record. That followed a 2011 conviction for hacking into the email accounts of Romanian starlets and other celebrities under the name Micul Fum, or Little Smoke.

Mr. Lazar was so confident of his ability to elude detection that, late last year, he started boasting of his exploits to The Smoking Gun, an American website that on Jan. 6 posted a defiant email message in broken English from the still unidentified Guccifer: “NO I am not concerned, i think i switch the proxies go to play some backgammon on yahoo watch tv, play with my family and daughter.”

A day later, however, Mr. Lazar got a shock when George Maior, the head of Romania’s domestic intelligence agency, announced that the authorities would soon catch America’s most wanted hacker, a vow that suggested they knew he was in Romania. Mr. Lazar, in his prison interview, said he was also badly shaken by Mr. Maior’s description of him as “Little Guccifer,” which to him indicated that investigators had linked Guccifer with Little Smoke, the pseudonym he used before his 2011 arrest.

Thrown into a panic, he decided it was time to destroy evidence of his hacking and took an ax to his computer and cellphone in his yard in the village of Sambateni, about 11 miles east of Arad, the Transylvanian city where he is now in prison. “I knew they were coming for me,” he recalled. “My sixth sense told me I was surrounded. I was losing control of the situation.”

In reality, the authorities still had little idea who Guccifer was. Mr. Maior, in an interview in Bucharest, the Romanian capital, said he was not aware that Guccifer was the same person as Little Smoke, and had merely called him “little” to “minimize his aura of un-catchability.” The authorities, Mr. Maior said, did not even know at the time that Guccifer was Romanian.

But they had suspected he might be since September, when Guccifer hijacked a personal email account used by Mr. Maior, the security chief, and then used it to send Romanian-language messages to Mr. Maior’s official email account at the Romanian Intelligence Service.

Mr. Maior promptly ordered an investigation. “It was clear he had broken into my email,” Mr. Maior said. “He wanted to prove something. I took it seriously.”

Aided by American investigators, who had been hunting in vain for Guccifer for months, the Romanians quickly homed in on Mr. Lazar, who had left a clumsy trail of clues.

“He made many mistakes,” Mr. Badea, the prosecutor, said.

Mr. Lazar said he could have covered his tracks better if he had had more money — for a more powerful computer, for instance.

“Of course, I could have stolen money from them,” he said, distancing himself from the legions of his countrymen who have made Romania, the second-poorest country in the 28-member European Union, a global leader in Internet fraud. “I didn’t. Not a single dollar.”

An American indictment filed against Mr. Lazar in Virginia in June accused him of trying to extort “money and property by means of materially false and fraudulent representations, pretenses and promises” to his American victims, but Romanian investigators say they found no evidence of extortion.

Romanian officials say the United States has not asked Romania to extradite Mr. Lazar but has sent investigators to question him to learn how he managed to prey on so many powerful Americans. The United States Justice Department declined to comment.

Before agreeing to answer questions from The New York Times in prison, where he shares a cell with four others, including two convicted murderers, he read out a lengthy handwritten statement that he said explained the purpose of his hacking.

A potpourri of conspiracy theories about the terrorist attacks of Sept. 11, 2001, the 1997 death of Princess Diana and alleged plans for a nuclear attack in Chicago in 2015, it said: “This world is run by a group of conspirators called the Council of Illuminati, very rich people, noble families, bankers and industrialists from the 19th and 20th century.”

Mr. Badea, the Romanian prosecutor, scoffed at Mr. Lazar’s fixation on so-called Illuminati as a ruse intended to give a political gloss to a peeping-tom hacking addiction. The hacking exploits that led to his 2011 conviction involved “no Illuminati, just famous and beautiful girls,” the prosecutor said.

Mr. Lazar denied any interest in celebrities, asserting that he had only stumbled on most of the people he hacked as Guccifer, a long list that included the actress Mariel Hemingway, the “Sex and the City” author Candace Bushnell, the editor Tina Brown, the comedian Steve Martin, the author Kitty Kelley and many others.

With no access to a computer in jail, he now pours out his phobias and conspiracy theories in notebooks filled with his small, neat handwriting. “O.K., I broke the law, but seven years in a maximum-security prison? I am not a murderer or a thief,” he said. “What I did was right, of course.”
http://www.nytimes.com/2014/11/11/wo...-is-hard-.html

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

November 8th, November 1st, October 25th, October 18th


Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Old 14-11-14, 07:52 AM   #2
Bright Eyes
Global Security Octopus
 
Bright Eyes's Avatar
 
Join Date: Apr 2000
Location: In the 1960s
Posts: 621
Default

Thanks again, Jack.
__________________
Hippopotomonstrosesquippedaliophobia is the fear of long words.

This is the Century of the Insane.
Bright Eyes is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - November 24th, '12 JackSpratts Peer to Peer 0 21-11-12 09:20 AM
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 03:37 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)