P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 29-06-11, 08:02 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - July 2nd, '11

Since 2002



















In CONGRESS, July 4, 1776

The unanimous Declaration of the thirteen united States of America,

When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. --That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, -- That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. --Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain [George III] is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.

He has refused his Assent to Laws, the most wholesome and necessary for the public good.

He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.

He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.

He has called together legislative bodies at places unusual, uncomfortable, and distant from the depository of their public Records, for the sole purpose of fatiguing them into compliance with his measures.

He has dissolved Representative Houses repeatedly, for opposing with manly firmness his invasions on the rights of the people.

He has refused for a long time, after such dissolutions, to cause others to be elected; whereby the Legislative powers, incapable of Annihilation, have returned to the People at large for their exercise; the State remaining in the mean time exposed to all the dangers of invasion from without, and convulsions within.

He has endeavoured to prevent the population of these States; for that purpose obstructing the Laws for Naturalization of Foreigners; refusing to pass others to encourage their migrations hither, and raising the conditions of new Appropriations of Lands.

He has obstructed the Administration of Justice, by refusing his Assent to Laws for establishing Judiciary powers.

He has made Judges dependent on his Will alone, for the tenure of their offices, and the amount and payment of their salaries.

He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people, and eat out their substance.

He has kept among us, in times of peace, Standing Armies without the consent of our legislatures.

He has affected to render the Military independent of and superior to the Civil power.

He has combined with others to subject us to a jurisdiction foreign to our constitution and unacknowledged by our laws; giving his Assent to their Acts of pretended Legislation:

For Quartering large bodies of armed troops among us:

For protecting them, by a mock Trial, from punishment for any Murders which they should commit on the Inhabitants of these States:

For cutting off our Trade with all parts of the world:

For imposing Taxes on us without our Consent:

For depriving us, in many cases, of the benefits of Trial by Jury:

For transporting us beyond Seas to be tried for pretended offences:

For abolishing the free System of English Laws in a neighbouring Province, establishing therein an Arbitrary government, and enlarging its Boundaries so as to render it at once an example and fit instrument for introducing the same absolute rule into these Colonies:

For taking away our Charters, abolishing our most valuable Laws, and altering fundamentally the Forms of our Governments:

For suspending our own Legislatures, and declaring themselves invested with power to legislate for us in all cases whatsoever.

He has abdicated Government here, by declaring us out of his Protection and waging War against us.

He has plundered our seas, ravaged our Coasts, burnt our towns, and destroyed the lives of our people.

He is at this time transporting large Armies of foreign Mercenaries to compleat the works of death, desolation and tyranny, already begun with circumstances of Cruelty and perfidy scarcely paralleled in the most barbarous ages, and totally unworthy the Head of a civilized nation.

He has constrained our fellow Citizens taken Captive on the high Seas to bear Arms against their Country, to become the executioners of their friends and Brethren, or to fall themselves by their Hands.

He has excited domestic insurrections amongst us, and has endeavoured to bring on the inhabitants of our frontiers, the merciless Indian Savages, whose known rule of warfare, is an undistinguished destruction of all ages, sexes and conditions.

In every stage of these Oppressions We have Petitioned for Redress in the most humble terms: Our repeated Petitions have been answered only by repeated injury. A Prince whose character is thus marked by every act which may define a Tyrant, is unfit to be the ruler of a free people.

Nor have We been wanting in attentions to our British brethren. We have warned them from time to time of attempts by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our emigration and settlement here. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred to disavow these usurpations, which, would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our Separation, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends.

We, therefore, the Representatives of the united States of America, in General Congress, Assembled, appealing to the Supreme Judge of the world for the rectitude of our intentions, do, in the Name, and by the Authority of the good People of these Colonies, solemnly publish and declare, That these United Colonies are, and of Right ought to be Free and Independent States; that they are Absolved from all Allegiance to the British Crown, and that all political connection between them and the State of Great Britain, is and ought to be totally dissolved; and that as Free and Independent States, they have full Power to levy War, conclude Peace, contract Alliances, establish Commerce, and to do all other Acts and Things which Independent States may of right do. And for the support of this Declaration, with a firm reliance on the protection of divine Providence, we mutually pledge to each other our Lives, our Fortunes and our sacred Honor.


Signed,


New Hampshire: Josiah Bartlett, William Whipple, Matthew Thornton

Massachusetts: John Hancock, Samual Adams, John Adams, Robert Treat Paine, Elbridge Gerry

Rhode Island: Stephen Hopkins, William Ellery

Connecticut: Roger Sherman, Samuel Huntington, William Williams, Oliver Wolcott

New York: William Floyd, Philip Livingston, Francis Lewis, Lewis Morris

New Jersey: Richard Stockton, John Witherspoon, Francis Hopkinson, John Hart, Abraham Clark

Pennsylvania: Robert Morris, Benjamin Rush, Benjamin Franklin, John Morton, George Clymer, James Smith, George Taylor, James Wilson, George Ross

Delaware: Caesar Rodney, George Read, Thomas McKean

Maryland: Samuel Chase, William Paca, Thomas Stone, Charles Carroll of Carrollton

Virginia: George Wythe, Richard Henry Lee, Thomas Jefferson, Benjamin Harrison, Thomas Nelson, Jr., Francis Lightfoot Lee, Carter Braxton

North Carolina: William Hooper, Joseph Hewes, John Penn

South Carolina: Edward Rutledge, Thomas Heyward, Jr., Thomas Lynch, Jr., Arthur Middleton

Georgia: Button Gwinnett, Lyman Hall, George Walton

































"We decided to go all out with BitTorrent and spend our time making FrostWire the best BitTorrent client out there, and not fighting the endless spam battle. There are many opportunities to take in the realm of legal file-sharing and social networking that you will see happen as FrostWire 5 keeps evolving." – FrostWire team


"The way peer-to-peer is used for TDL-4 will make it extremely hard to take down this botnet. The TDL guys are doing their utmost not to become the next gang to lose their botnet." – Roel Schouwenberg


"The 'freedom of speech,' as originally understood, does not include a right to speak to minors (or a right of minors to access speech) without going through the minors' parents or guardians." – Justice Clarence Thomas


"He cites no case, state or federal, supporting this view, and to our knowledge there is none." – Justice Antonin Scalia on Justice Thomas




































July 2nd, 2011




Knowledge Lacking Over Anti-Filesharing Laws
Dan Robinson

Many consumers do not fully understand the anti-filesharing measures introduced by the Digital Economy Act, a poll has revealed.

In a study conducted by Be Broadband, 86 per cent of consumers said they were aware of the legislation, which was passed during the parliamentary wash-up period in April 2010.

However, a mere 33 per cent of survey respondents said they fully understand the section of the act relating to illegal copyright infringement.

A further 52 per cent of consumers said they understand some but not all of the new legislative measures, while 15 per cent said they have no knowledge of the law.

Under the Digital Economy Act, broadband providers will be required to send warning letters to internet users who are suspected of illegal filesharing activity.

The worst offenders could see their broadband services disconnected - a principle which has caused major concern among both broadband providers and open rights campaigners.

BT and TalkTalk brought a judicial review to challenge this part of the act, although the High Court recently ruled in favour of the government and approved the legislation.
http://top10.com/broadband/news/2011...esharing_laws/





Court Orders ISPs To Disconnect File-Sharers
enigmax

A group of music labels currently taking action against The Pirate Bay in Finland have pulled off something anti-piracy groups in other countries have been dreaming of. Following file-sharing complaints filed earlier this year, a court has now issued orders for the ISPs of three subscribers to disconnect them from the Internet.

In May, news broke that a group of record labels had initiated steps to have The Pirate Bay censored in Finland. The Copyright Information and Anti-Piracy Centre (CIAPC) and the local branch of the IFPI announced that they had filed a lawsuit at the District Court in Helsinki.

The legal action targeted Elisa, one of the largest ISPs in Finland, demanding that the Internet provider stops providing subscriber access to The Pirate Bay.

While the result in that case is yet to be decided, CIAPC have just pulled off quite a victory in their battle against illicit file-sharing.

During the course of their online anti-piracy monitoring, CIAPC discovered five Internet connections which were making available thousands of music tracks on file-sharing networks. According to the group, in all cases the file-sharer was either an actual Internet subscriber or a family member of a subscriber.

CIAPC took the information to court looking for an order to prevent the individuals continuing with their activities. Now, under Section 60c of Finland’s Copyright Act, a court has granted CIAPC injunctions in three of the cases.

What this means is without the sending of a so-called “first strike” letter, the respective ISPs of the subscribers in question are now required to completely disconnect their infringing customers from the Internet.

“This has not happened in Finland before nor did we expect it to happen,” says Joonas Mäkinen of the Pirate Party of Finland.

Mäkinen told TorrentFreak this morning that legal sanctions available to rightsholders should always be proportionate and that these disconnections overstep the mark.

“This is indeed a worrisome addition to the anti-piracy arsenal. It seems that lately politicians and legal procedures alike have been more focused on how civil rights can be restricted rather than how they can be protected. There shouldn’t even exist anything in the legislation that allows such a limitation to people’s right to communicate,” says Mäkinen.

“With no own means of using their everyday social interactions, working or handling their bills and bank account online, the damages to the accused are unreasonable.”

Furthermore, Mäkinen – who is Vice Chairman of Pirate Party of Finland’s youth organisation, Piraattinuoret – raises the question about the neutrality of Internet service providers in respect of this court-ordered intervention.

“It shouldn’t be surprising that we expect all Internet communications to be governed as responsibly as one’s right to send a letter using postal services. ISPs should not be forced to take back anyone’s right to send electronic messages privately, be it love letters or torrent traffic.

“And if there is evidence of misuse, it is up to the police to handle all individual cases, not copyright organisations demanding a total ban on the communication services.”

Large-scale file-sharers in Finland are indeed usually referred to the police, sometimes with severe consequences. Earlier this year two individuals received huge fines and suspended jail sentences for their part in a file-sharing hub. Whether or not they would have preferred to have their Internet connections taken away instead is a question for them.

While the individuals in all of these cases were caught using a sharing system known as Direct Connect where it is easy to get caught sharing many files at once, CIAPC are warning users of The Pirate Bay that they’re not safe either.

“Many might believe that by using the Pirate Bay they can not get caught, when in fact the result can be they have to pay several hundred euros in compensation,” says CIAPC Managing Director Antti Kotilainen.

“Legal services being offered now are so good that no one should have to download music from an illegal source,” Kotilainen adds, a point contested by Pirate Party of Finland.

“The legal options given to music consumers are definitely not ‘good enough’ yet to compare with Internet filesharing,” says Mäkinen, who goes on to bemoan ongoing global music rights battles, lack of better-than-mp3 quality music on streaming services, DRM and counter-intuitive payment systems.

Whether these injunctions will be replicated again against other file-sharers remains to be seen, but in the meantime Finland must sit and wait to discover if ISP Elisa is ordered to terminate access to The Pirate Bay.
http://torrentfreak.com/court-orders...harers-110629/






Hollywood Force ISP To Use Child Abuse Filter Against File-Sharing Site
enigmax

Last year Hollywood’s Motion Picture Association (MPA) went to court seeking an injunction against UK ISP BT in order to force them to block Newzbin2, the resurrected version of the original Newzbin Usenet indexer. This week the MPA are back at the High Court again as they attempt to force BT to use their child abuse filter to block Newzbin2.

In March 2010, the MPA won a significant legal battle against Usenet indexing site Newzbin and in May the site collapsed under a mountain of debt.

The celebrations following the site’s demise were to be short-lived. Newzbin was quickly resurrected under new management as Newzbin2, and the MPA faced the prospect of taking on new legal action against the site’s new owners. Rather than tackle Newzbin2 head on, Hollywood tried a different approach.

During September 2010, TorrentFreak learned that the MPA were developing plans to take leading UK ISP BT to court and by December we had solid proof that was indeed the case. The MPA went to court seeking an injunction against BT in order to force them to block Newzbin2.

“In launching this case, the MPA is aiming to secure an order that will enable BT to block Internet access to the site, thus preventing the site from using the Internet to make money through infringement,” the MPA informed us in a statement.

This week the MPA are back at the High Court again, hoping it can get an injunction to force BT to block the site for its 5.6 million subscribers. According to an MPA spokesperson, BT was selected for two reasons.

“BT was chosen because it’s the largest [ISP] and already has the technology in place, through its Cleanfeed system, to block the site,” she said.

Developed by BT at an estimated cost of £500,000, Cleanfeed is a content blocking system that has been operational since 2004. In conjunction with information supplied by the Internet Watch Foundation, it is used by BT to block child pornography sites.

Traffic destined for a blacklisted URL or IP address is intercepted by Cleanfeed. At this point BT impersonates the destination web server and returns an HTTP 404 status code, causing a subscriber’s web browser to show a site “not found” message.

It is unclear how much development work has been done on the system since its inception, but early versions of Cleanfeed had a number of limitations. The product only worked on the standard port for regular browsing, port 80. It was also unable to block encrypted or proxied web traffic, unless the proxy itself was on the blacklist.

Interestingly, according to comments made in 2004 by Mike Galvin, then Director of Internet Services for BT Retail, the company already had concerns that outsiders would attempt to widen the purpose of Cleanfeed. Another ISP, Wanadoo, was apparently approached by the BPI to use a system similar to Cleanfeed to block music piracy.

In response, Galvin said that if the pressure to “extend the scope” of Cleanfeed became too great, BT would cancel the project. BT has made no recent public comment to that effect in connection with this current action by the MPA.

“The MPA application to engage in censorship of the Internet for their own petty interests would, if granted, set a dangerous precedent in a Western democracy,” Newzbin told TorrentFreak in an earlier statement.

“‘Drive-by’ litigation such as this will cut off access to substantial legitimate content and is entirely unwarranted & disproportionate.”

Newzbin have already taken steps to mitigate any site blocking measures by using the TOR anonymity system.

“The MPA’s lame attempt at censoring us in the UK won’t be permitted to cut Brits off from us if it happens,” concludes Newzbin’s Mr White.
http://torrentfreak.com/hollywood-fo...g-site-110627/





Lawyer to Judge: I Swear My Browser Ate My Homework
David Kravets

A lawyer for copyright troll Righthaven is declaring under penalty of perjury that an update to his computer’s browser prohibited him from electronically submitting a legal filing before an angry judge’s deadline.

And it was no ordinary filing U.S. District Judge Roger Hunt was demanding.

Nevada’s chief judge two weeks ago ordered Righthaven, which sues bloggers and websites for infringement of Las Vegas Review-Journal articles, to explain why the litigation factory made “dishonest statements to the court.” Hunt wanted the answer by June 28, but Righthaven’s Las Vegas lawyer filed a reply a day late.

The reason it was untimely, Righthaven attorney Shawn Mangano said, was because an “automatic software update for the internet browser” on his computer caused the browser to stop working with the federal judiciary’s electronic filing system, known in legal circles as CM/ECF.

“This automatic software update caused my internet browser to be incompatible with the court’s CM/ECF electronic filing system. While the CM/ECF system was accessible to me, it did not permit any files to be attached for submission,” Mangano wrote the judge.

The judiciary’s filing service is generally compatible with the major browsers, including Internet Explorer, Safari, Firefox and Chrome. Mangano did not respond for comment.

Mangano’s filing was in response to a June 14 order in which Hunt called Righthaven’s litigation effort “disingenuous, if not outright deceitful.”

Hunt demanded Righthaven explain why Hunt should not sanction it for trying to “manufacture standing.” Standing is a legal concept that has enabled Righthaven to bring 200-plus lawsuits for infringing the copyrights of Stephens Media, which owns the Review-Journal.

Hunt wanted Righthaven to explain why it failed to disclose, under a rule of civil procedure, that Las Vegas firm Stephens Media had a “pecuniary interest” in the outcome of Righthaven cases.

An internal accord between Righthaven and Stephens Media granted the Review-Journal’s owner and Righthaven each a 50 percent stake in any settlements or verdicts.

What’s more, Righthaven said in its lawsuits that it owned the copyrights it was suing over. But the internal memo disclosed in the case showed that Stephens Media retains “an exclusive license to exploit the Stephens Media assigned copyrights for any lawful purpose whatsoever and Righthaven shall have no right or license to exploit or participate in the receipt of royalties from the exploitation of the Stephens Media assigned copyrights other than the right to proceeds in association with a recovery.”

With that, Judge Hunt dismissed Righthaven’s suit against the Democratic Underground blog because, he ruled, “a copyright owner cannot assign a bare right to sue.”

Several other cases have been dismissed for the same reason, and many more are likely.

Mangano told Judge Hunt he didn’t think it was necessary to disclose the financial link contained in the Strategic Alliance Agreement between Righthaven and Stephens Media, which invested $500,000 in Righthaven.

“I reasonably viewed any contingent payment to Stephens Media under the SAA as constituting an indirect interest that required a two-step payment process assuming any case resulted in a recovery. Simply put, receipt of settlement funds through settlement or recovery by the enforcement of a judgment would be made to Righthaven,” he wrote. “Righthaven would then be contractually obligated under the SAA to subsequently pay Stephens Media any recovered sums over and above costs incurred.”

Mangano said he has started “taking corrective action” and has filed “amended disclosures” in 80 pending cases in Nevada and 34 in Colorado.
http://www.wired.com/threatlevel/201...haven_browser/





FrostWire ‘Kills’ Gnutella to Go All BitTorrent
Ernesto

After LimeWire was shut down last year FrostWire took over as the leading file-sharing application on the Gnutella network. But this didn’t last long. Today FrostWire announces that it will leave Gnutella entirely and focus on BitTorrent instead. This decision may very well signal the end of the once-mighty Gnutella network, while existing BitTorrent networks will only grow stronger.

For many years Gnutella was one of largest P2P networks on the Internet, but after the shutdown of its flagship LimeWire client, it started to collapse quickly.

Today the news breaks that FrostWire will also leave the Gnutella network, an announcement that could be seen as the final nail in Gnutella’s coffin. Unable to cope with this increasingly spam-ridden network, Frostwire’s upcoming 5.0 release will be a BitTorrent-only affair.

“We decided to go all out with BitTorrent and spend our time making FrostWire the best BitTorrent client out there, and not fighting the endless spam battle. There are many opportunities to take in the realm of legal file-sharing and social networking that you will see happen as FrostWire 5 keeps evolving,” the FrostWire team told TorrentFreak.

When FrostWire was first released in 2004 it was nearly identical to its big brother LimeWire, using the Gnutella network to share files. In 2006 FrostWire first added BitTorrent support, but the client’s core user base continued to mainly use the Gnutella network.

However, in recent months spam took control over the Gnutella network, and the FrostWire team eventually decided to focus entirely on BitTorrent.

“The team decided to listen to what’s happening in the p2p world and to make FrostWire a great BitTorrent client that makes BitTorrent easy to use,” FrostWire states. “The Gnutella Protocol is an amazing piece of technology, but one which the team is no longer interested in or capable of developing further.”

With the upcoming release of FrostWire 5 its users will only be able to download files via BitTorrent. As can be seen in the screenshot above, users don’t have to leave the client as all search results are presented within FrostWire. In the latest beta build the search results come from various BitTorrent sites including isoHunt and BTJunkie.

By presenting the search results in FrostWire most users won’t have much trouble adapting to the massive underlying changes. On the other hand, for the existing BitTorrent community it means that a few million ForstWire users will be added to their swarms, which is generally a good thing.

With its large user base FrostWire will become one of the most-used BitTorrent clients once most of its users move over to the upcoming 5.0 release. For Gnutella, however, the future is looking more and more bleak. Although there are still a few Gnutella-based clients out there, its unclear how long they will remain usable.

For those developers who appreciate a challenge, the latest version of the Gnutella-based FrostWire client is available at the BitBucket repository.
http://torrentfreak.com/frostwire-ki...orrent-110627/





Academic Publisher Steps Up Efforts to Stop Piracy of Its Online Products

Stolen university passwords may be at fault, and while safeguards can be a hassle for users, librarians say the effort is worth it
Jeffrey R. Young

Now on sale in some online marketplaces: cheap, illegal access to SciFinder, an extensive database of scholarly articles and information about chemical compounds run by a division of the American Chemical Society. The sellers are pirates, hawking stolen or leaked SciFinder account information from college students and professors.

"There are reseller Web sites in China where we've purchased access to our own products for pennies on the dollar," says Michael Dennis, vice president for legal administration and applied research at the Chemical Abstracts Service, the division that publishes SciFinder. "We're shutting down hundreds of these every couple of months," he says, though in some cases the publisher has trouble taking effective action against sites in other countries.

He says sellers use Taobao, a Chinese service similar to eBay, and other online marketplaces to sell SciFinder access, giving buyers hacked user names and passwords and instructions on how to remotely log in to a college Web site so that they appear to be on the campus. The database is popular with companies as well as with academics, though exactly who is buying the access is not clear.

There is so much unauthorized access through college Web sites that SciFinder has focused antipiracy efforts on higher education. Its leaders have run informational campaigns aimed at college presidents, librarians, and technology officials encouraging them to do more to secure their accounts.

Other scientific publishers have experienced piracy on their online databases as well. One site that gave away hacked journal passwords, called journalpasswords.com, was recently shut down because of the efforts of publishers, according to Edward McCoyd, director of digital policy at the Association of American Publishers.

Most hackers, to be clear, are not after the latest scientific journals when they steal college users' names and passwords: In many cases, they use the information to send spam e-mails from college accounts, according to campus security officials. But considering the high price of online journal access, and the usefulness of some of the information to industry, some security experts say it is only natural that at least a few clever hackers try selling pirate access to scholarly databases.

"Truthfully, nothing surprises me," says Jason Franklin, a graduate student at Carnegie Mellon University who researches online identity-theft marketplaces, though he says he had not heard of this practice until being told about it by a reporter. "If you connect something to the Internet, you better believe that thing's going to get hacked."

Some college technology officials see the informational campaign by SciFinder's publisher as a charge that colleges are not vigilant enough about security, and they bristle at that suggestion.

"To imply that we're disinterested is not correct, because we have our own cyberassets to protect," says Rodney J. Petersen, who directs cybersecurity efforts at Educause, a higher-education-technology group. In some cases, he argues, the unauthorized access comes when students or professors share their passwords with others—which violates college policies but is difficult to police.

Universities Get Alerts

SciFinder's publisher first heard of illegal sales of access to its site a few years ago, when "whistle-blowers" alerted the abstracts service, says Mr. Dennis. At the time, the publisher sent alerts to campus technology officials and librarians to be more vigilant. It included an online checklist for colleges to better secure their Web sites, and a video message from Chris McCue, the service's vice president for marketing.

Since then, the abstracts service regularly looks for unusual traffic patterns, such as the same user logging into the service from different countries on the same day. "We have some other forensic tools that let us look deeper, but we can't disclose all of the techniques," Mr. Dennis says. He stressed that China is not the only country where the passwords are sold or shared, and that the company has several legitimate paying clients in the country.

Some recent technical changes, although not made in response to piracy, could make such hacking more difficult. Unfortunately, the changes make legitimate academic use more difficult as well.

The publisher recently changed the rules for gaining remote access to SciFinder. The move eliminated a stand-alone software client called SciFinder Scholar, in favor of reaching SciFinder via the Web from a library's Web site. All users must now set up a separate account with SciFinder, rather than simply using their existing college login and password, as many other scholarly databases allow. A spokesman says the move is not related to security, but some librarians say that it appears to be an attempt to give the service more control over password access to the database.

For librarians, the changes mean explaining to users why a popular database just got slightly more difficult to use, says Hilary Davis, associate head of collection management at North Carolina State University. It also means that alumni and other visitors can no longer walk into the library to use SciFinder, as they had in the past, because only current students and professors can set up the new SciFinder accounts, she adds.

Though she says she knows of no unauthorized use of the database from her university, she praises the database and says she understands the publisher's concerns. "They don't want to give it away for free, that's for sure," she says. "They charge us a lot of money for it."

Spotting Thieves and Hackers

Security experts say it is difficult to determine how often, and how hard, pirates hit scholarly databases. In some cases, unauthorized users have attempted to log in and download vast numbers of articles to their own sites, presumably to resell them, and so some publishers limit the number of downloads one user can make on a given day.

"Every one of the contracts that university libraries have with major database providers have provisions in them on what to do when the algorithm on the system detects what they usually refer to as excess use," says Ann J. Wolpert, director of libraries at the Massachusetts Institute of Technology. In those cases, the account is automatically deactivated, and someone from the university investigates. In some cases it turns out to be a student testing out a mass-downloading algorithm, she says. "We're trying hard, and we investigate every incident, and I'm sure all of my colleagues do, too."

College technology officials say they are seeing increases in so-called phishing attacks, in which malevolent hackers trick users into sharing their logins and passwords. It is unclear what those attackers use the login information for, but many administrators have increased efforts to inform students and professors about guarding their passwords.

Colleges are also doing more to coordinate their response to hackers, says Jack J. Suess, chief information officer at the University of Maryland-Baltimore County. He points to a private e-mail list for campus security officials that was set up a few years ago and has grown to more than 300 participants nationwide.

"This is a proactive response that I think is critical because security is such a dynamic issue," says Mr. Suess. "The bad people share a lot of information. So if those that are trying to defend themselves are not sharing information, they are really at a loss."

Many academic publishers are reluctant to talk about the issue publicly. Officials at Elsevier, which publishes several scholarly databases, decline to comment. Officials at Thomson Reuters, another publisher of such databases, did not respond by press time.

Mr. McCoyd, of the publishing association, which in recent years has pushed to stop piracy of e-textbooks and scholarly publications, says that until the past few years, most publishers simply assumed that colleges would manage password access to databases without issue.

"It's quite unfortunate," he says, "that a small number of people would engage in this behavior and hamper that otherwise frictionless system."
http://chronicle.com/article/Academi...eps-Up/128031/





How to Bypass the New York Times Paywall In Three Seconds, Zero Hacking Required
Jesus Diaz

If you're annoyed by the New York Times' stupid paywall, here's the secret trick to destroy it and read as many articles as you want. As this video shows, it only takes three seconds:

Step 1. Select everything in the browser page address field starting from the ? to the end.
Step 2. Delete all that numbojumbo.
Step 3. Hit enter to reload the page.

Done. It works perfectly. Obviously it's a big, glaring mistake in their programming, which I'm sure they will fix soon. Until then, enjoy their incompetence while it lasts!
http://gizmodo.com/5815360





e-Reader Ownership Surges Since Last November; Tablet Ownership Grows More Slowly

The share of adults in the United States who own an e-book reader doubled to 12% in May, 2011 from 6% in November 2010. E-readers, such as a Kindle or Nook, are portable devices designed to allow readers to download and read books and periodicals. This is the first time since the Pew Internet Project began measuring e-reader use in April 2009 that ownership of this device has reached double digits among U.S. adults.

Tablet computers—portable devices similar to e-readers but designed for more interactive web functions—have not seen the same level of growth in recent months. In May 2011, 8% of adults report owning a tablet computer such as an iPad, Samsung Galaxy or Motorola Xoom. This is roughly the same percentage of adults who reported owning this kind of device in January 2011 (7%), and represents just a 3 percentage-point increase in ownership since November 2010. Prior to that, tablet ownership had been climbing relatively quickly.

Growth over time

These findings come from a survey conducted from April 26-May 22 among 2,277 adults ages 18 and over, including surveys in English and Spanish and on landline and cell phones. The margin of error for the sample is plus or minus 2 percentage points.

Both e-book reader and tablet computer adoption levels among U.S. adults are still well below that of other tech devices that have been on the market longer. Cell phones are far and away the most popular digital device among U.S. adults today, followed by desktop and laptop computers, DVRs, and MP3 players.

Both e-reader and tablet ownership far behind other devices

There is notable overlap in e-reader and tablet computer ownership – 3% of US adults own both devices. Nine percent own an e-book reader but not a tablet, while 5% own a tablet computer but not an e-reader.

Three percent of all adults own both an e-reader and a tablet

Further confirming the overall trend toward adoption of mobile devices, this survey marks the first time that laptop computers are as popular as desktop computers among U.S. adults. In November of last year, desktop ownership outpaced laptop ownership by 8 percentage points, 61% to 53%. This changing pattern is the result of both a steady decline in the popularity of desktops and a steady increase in the popularity of laptops over time. Laptops have already overtaken desktops in popularity among adults under age 30, and appear poised to do the same among older adults.
http://pewinternet.org/Reports/2011/...ts/Report.aspx





If Jay Maisel's Photograph Is Original Artwork, Then So Is The Pixelated Cover Of 'Kind Of Bloop'
Mike Masnick

Okay. I'm going to say right from the top that I expect some (not all) photographers are going to read this and get very angry. I'm going to try to explain myself as carefully as possible to make my point clear, because it's not what many people are going to jump to a conclusion about. That is, I am not saying that photography is not art. I believe that photography absolutely is art -- and it's an artform I love. At one time in my life, I spent more time in a dark room than was healthy (perhaps literally, given some of those chemicals), and even pondered pursuing photography as a career. What I am going to say, however, is that it seems like there's a bit of a double standard when it comes to photographers, copyright and fair use on transformative and/or derivative works.

In the time I spend talking about copyright issues, it's always seemed that it was a certain group of photographers who get much more worked up about these things than anyone else. I very much understand why this is. In many cases, photographers are self-employed, and they've come to believe that copyright is their sole way of making a living (I believe they're wrong on this, but they believe it strongly). So anything that takes away from copyright protections -- including such legally enshrined issues as fair use -- are seen as being serious threats. Again, I think this is somewhat short-sighted and wrong, but I understand where the feelings come from.

We recently wrote about Andy Baio's legal fight with Jay Maisel over Baio's use of a pixelated version of Maisel's photograph of Miles Davis that became the iconic album cover for Kind of Blue.

When I wrote that, I fully expected that many photographers would come to Maisel's defense, even as much of the internet commentary sided (heavily) with Baio (including some from photographers). There were, of course, also some very thoughtful discussions from some photographers, who disagreed with Baio's fair use analysis and presented reasonable explanations for why they did not believe his use would be covered as fair use. I disagree with their analysis, and think that the fair use case here is quite strong, but fair use is a funny thing and it very often comes down to the whims of the judge on the case.

However, there is one argument I've seen in numerous places by photographers that strikes me as either incredibly self-unaware, or just downright hypocritical. There were a few such comments on our post about it, such as this one that insisted that since you could still recognize the photo, Andy "didn't turn it into something different." Similarly, a photographer by the name of William Beem (and I really don't mean to single out Mr. Beem, but to use his comments as a sample of the general argument) commented a few times on a post by Mathew Ingram about this whole affair, again arguing vehemently that there's no fair use here and that Andy "stole" the image. For example, Beem states the following:

Andy took something that wasn’t his and he didn’t have any license or right to take it. Digital or physical, that’s theft. Your argument that Jay Maisel still has the original is true, so Andy stole a copy. It’s still not his. The image is recognizable as the original. All rights to that image belong with the copyright holder, whether original or duplicated.

Saying that all art is derivative in some way is very nebulous.

It's this form of argument that I find incredibly hypocritical. The whole "took something that wasn't his." What did Baio (or, really, the guy he hired) do? He copied an image that he saw, but did so in a different and artistic way. What did Maisel do to make his photograph: he copied the scene of Miles Davis in front of him, but did so in a different and artistic way. It's the same thing any photographer does. Part of the very process of photographing is, literally, making a copy, often without a "license" from whatever it is you're making a copy of. Again, that doesn't make it any less art. In fact, the reason that photographs are considered eligible for copyright protection at all (and some have questioned this) is because of the artistic choices in making a photograph: how it was framed, lighting, etc. Yet, in the pixelated image, again, there are similar artistic choices made: how to pixelate the image. How to still make it look good, but within the limitations of the pixelated artform, etc.

Some have, incorrectly, assumed that you could just apply a filter to the original image and get out the pixelated version that Baio used. This is false. You can see, pretty obviously, just from looking at the tie, that the guy who made the pixelated image didn't just Photoshop it, but found a way to recreate the general feel of the original image, but within the artform of pixelated images. You could just as easily argue that Maisel found a way to recreate the general feel of Miles Davis performing, but within the artform of photography. If you don't understand this, you can see if you look at an actual attempt to run a Photoshop filter on Maisel's original, the result is quite different. Furthermore, as David Liu pointed out, a scaled down version of an image is quite different than a hand-pixelated image, and in the case of Kind of Bloop, the image was hand-pixelated, using all sorts of artistic choices by the artist.

What I have trouble with is the argument that this is different than photography. In both cases, you have artists who took something that was out there -- something they did not create -- and then turned it into an artform. In Maisel's case, it was taking the real, physical 3D Miles Davis performing, and turning it into a photograph. In Baio's case, it was taking the Maisel photo, and turning it into an 8-bit image in homage to the original.

Photography, by its very nature, starts with simply copying what's on the other side of the lens. Yes, there is more to it on top of that. There are all sorts of artistic choices to be made about how to copy. How to frame, how to focus, how to light, how to shade, how to dodge, how to print, etc. That's what makes it an artform. But it's incredibly hypocritical to then decry others similarly making a copy, with similar artistic choices, by somehow claiming that that version of copying is "theft." So, photographers, please don't be so quick to decry other artforms that also start with copying, but which also then apply additional artistic choices. If Jay Maisel's photograph of Miles Davis is unique and original artwork (and I believe it is), then so is the cover of Andy Baio's album.
http://www.techdirt.com/articles/201...nd-bloop.shtml





There’s No Such Thing as a Compulsory License for a Photo
Fred Benenson

My friend Andy has a terrific post up about his ordeal settling with the photographer Jay Maisel over the threat of a copyright lawsuit. Chances are if, you’re reading this, you know about that. If you haven’t ready Andy’s story, go and read it and then come back.

There’s one pointed question I’ve seen crop up in a number of conversations about the settlement:

Isn’t it wrong that Andy chose to pay the licensing fees for the music but not for the photograph?

This question makes the assumption that Andy could have paid the licensing fees to Maisel like he did for the music. He couldn’t have. This is because Jay Maisel refused to license the image and there’s no compulsory license for photography like there is for musical compositions.

A compulsory license is what it sounds like: the owner of the underlying musical composition is required, by law, to license it to anyone who wants to use it at a predetermined rate. This prohibits song writers from picking and choosing who gets to perform their works. It also allows Andy to license, at a fair rate, the underlying song compositions from a Miles Davis album to make a new album of original recordings (remember, copyrights to recordings are different from copyrights to the compositions of a song).

The copyright of photographic works, unlike works of music composition, is not subject to a compulsory license.

This means that photographers, unlike song writers, can forbid anyone from reusing their work, whether it is for a poster or for an album cover.

Now, artists like Jay Maisel obviously enjoy this absolute control over their work because it lets them dictate who uses their art and when. Song writers, unfortunately aren’t afforded to this their published works.

So while no one could have prevented Andy from recording an album of remixed music written by Miles Davis — not even Miles Davis himself if he were alive — the same does not hold for a photo of Miles Davis.

Remember, Maisel admitted he would have refused to license to Andy the rights to the photo. So Andy’s only option, short of not using the photo at all, was to use the 8-bit remix cover and wager it was a fair use.

That Andy could, in one case, hire artists to legally remix music by paying a compulsory license, but in another case had to make an expensive and risky bet on fair use (a bet that didn’t pan out) feels unfair.

Put another way: why are composers required to license their compositions at a fair rate to anyone, but yet virtually every other type of artist doesn’t have to play by the same rule?

I doubt anyone would argue that song composition is a lesser art or any less deserving of full royalties than other arts.

One reason is that the practicalities of compulsory rights for photographs (and other works) are hard to imagine. Music compositions are written, then performed, then recorded, whereas photographs are snapped and then printed. There’s no underlying right in a photograph (thank goodness) to its “composition” like there is for a piece of music. So that is part of why compulsory licenses for photos don’t exist.

But I think another part of the story is that the law has evolved the musical compulsory license as an implicit acknowledgement that music compositions are both maleable and fundamental components to our culture. Compulsory licenses make possible everything from karaoke bars to cover bands to remixes like Andy’s. The alternative — allocating complete power to composers over who reuses their work — yields transactional costs on culture that are simply too high. The law hasn’t felt the same way for the visual works.

So will other art forms, like photography, adopt compulsory licenses? I doubt it, but I can’t help but they’d be a great compromise in light of Andy’s settlement. I asked Andy over email whether he would have paid a mechanical license for the photo:

“Absolutely. If the laws and protocols for remixing photos were as clear and fair as covering music, I would’ve bought a mechanical license for the photo in a heartbeat. But the laws around visual art are frustratingly vague, and requiring someone’s permission to create art that doesn’t affect the market for the original doesn’t seem right. I didn’t think it would be a problem, especially considering the scope of my project, but I was wrong. Nobody should need a law degree to understand whether art is legal or not.”
http://fredbenenson.com/blog/2011/06...e-for-a-photo/





Is Internet Copyright Dead?
Jenny Keown

A chorus of IT professionals made a controversial call that copyright had no place on the internet at the inaugural NetHui in Auckland yesterday run by lobby group InternetNZ.

Independent adviser Laurence Millar told the conference that "[digital] copyright is dead".

"Trying to mess and improve the way that copyright is operating is trying to prolong something that should be put down," he said.

He likened the internet to a giant copying machine, and said the law wasn't going to stop people copying from it.

"If we are going to introduce laws that artificially put up barriers for copying then we are criminalising an increasing portion of the population."

Millar's statement was met by a round of applause from conference attendees.

Independent internet consultant Jordan Carter said individual jurisdictions should be able to draw the boundaries around where the balance between producers and consumers and intellectual property lies.

He said New Zealand should be able to set its own rules on these issues, not be bullied by bigger powers elsewhere.

"If we decide these things internationally in forums where the loudest and most powerful voices are on a different side to New Zealand, then it's just a downside for us."

Queensland University of Technology's Anne Fitzgerald, a copyright lawyer of twenty years, said there was "a lot of agro in the room".

Copyright wasn't just about the interests of multinational corporations, she said.

"It's an extensive set of rights that can be used for small companies and individuals, particularly in the global world of the internet. When we look at how we can assert our contribution and recognition of our creativity - the thing we have is copyright."

The New Zealand Government has recently enacted the illicit peer-to-peer filesharing legislation, the Copyright (Infringing File Sharing) Amendent Act.

Carter said the most important issue was the price internet providers could charge rightholders for upholding their copyright when they lodge a notice of infringement. The Government was still considering what that cost should be.

The copyright issue will get another airing tomorrow when one of North America's leading academics, Lawrence Lessig, makes a keynote speech as the conference ends. He's widely known in the global internet community as a vocal proponent of reduced legal restrictions on digital copyright, and a champion of notions of fair use and free culture.
http://www.stuff.co.nz/business/5209...copyright-dead





All-You-Can-Watch MoviePass Brings Netflix Model to Theaters
Angela Watercutter

MoviePass, a new $50-per-month service for film fans, will let subscribers watch unlimited movies in theaters using their smartphones as tickets.

Using an HTML5 application (native smartphone apps coming soon), MoviePass will let users search for a film, find a local show time, check in to the theater and go straight to the ticket-taker.

The all-you-can-watch service, announced Monday with a private beta starting in the San Francisco Bay Area just in time for the Fourth of July blockbuster weekend, is looking to shake up the theater business in much the same way Netflix has changed the DVD-rental game.

“Even with online ticketing, this side of the business is still a 75-year-old business and there’s not a lot of innovation,” MoviePass co-founder Stacy Spikes said in an interview with Wired.com. “Getting your tickets, how you do that, how you interact with the theater, how you interact with the studio, none of that has really changed. We’re giving the viewer a lot more power and also allowing [studios and moviegoers] to speak with each other.”

MoviePass will let users reserve tickets using their smartphones.Image courtesy MoviePass

MoviePass will launch with an “unlimited pass” service allowing subscribers to go to as many films as they can stand for $50 a month. If they want to see a 3-D or Imax film, they will pay a $3 surcharge. A “limited pass” offering four movies a month for $30 is in the works.

“MoviePass makes spur-of-the-moment movie-going as simple as choosing a film on the phone and checking in at the theater,” Spikes said in a press release. “No more waiting in line.”

The private beta will launch with 21 theaters in the San Francisco Bay Area this weekend (see list below), then roll out to other U.S. cities throughout the summer. MoviePass plans to offer access to about 40 percent of the nation’s screens when the service launches nationally in the fall.

The flat-rate service, which will presumably work best for city-dwellers with access to multiple theaters and show times, will give hard-core movie buffs early looks at new trailers, plus invites to promotional screenings based on their movie picks. It will also give studios opportunities to target movies and promotions directly to fans interested in particular film genres.

MoviePass’ model could be highly beneficial for theater chains, which make great profit margins on concession sales, simply by getting people to go to more movies. Studios could also benefit from an all-you-can-watch model by encouraging people to take a chance on films they otherwise might not see, and ultimately leading to DVD sales. However, the number of people who can go to enough films in a given month to get a good return on their $50 investment is a niche audience, said Wade Holden, a motion picture and home entertainment analyst for SNL Kagan.

“At first glance I don’t think it’s going to be something that’s going to be sweeping in every moviegoer into its wake,” Holden said Monday in a phone interview with Wired.com.

But avid moviegoers who routinely hit the theater on opening night and are likely to buy DVDs are the kind of fans MoviePass is hoping to attract — and deliver to studios.

“We enable our members to extend their connection to the movie they just saw by pre-ordering the DVD, digital download or other merchandise as soon as they walk out of the theater,” said MoviePass co-founder Hamet Watt in a press release. “MoviePass also enables studios and producers to engage with avid movie buffs based on their film-attendance history.”
http://www.wired.com/epicenter/2011/...l-to-theaters/





After Theaters Balk at MoviePass, Beta Is Put On Hold
Angela Watercutter

AMC Theatres and other cinema chains say they will not participate in all-you-can-watch movie service MoviePass, leading the startup to put its beta on hold just as the blockbuster Fourth of July weekend is getting under way.

After MoviePass announced its launch earlier this week, movie exhibitors have been pulling away from the service, which would offer users unlimited movie screenings for $50 per month and allow them to buy tickets using their smartphones. AMC even claimed MoviePass included the theater chain without its consent.

“Plans for this program were developed without AMC’s knowledge or input,” Stephen Colanero, AMC Theatres‘ marketing chief, said Thursday in a press release. “It was news to us to see that we were participants and we will be communicating to those theaters they are not to accept MoviePass.”

Camera Cinemas will also turn away customers who attempt to use MoviePass, director of operations Dominic Espinosa said in an interview with Bloomberg. Landmark Theatres CEO Ted Mundorff told TheWrap he didn’t know about the service prior to the announcement of the beta launch.

“We are stunned that an announcement like this was made, and they ‘forgot’ to discuss it with their clients,” Mundorff said. “We are not interested in outside entities setting ticket prices for us.”

MoviePass coordinated its ticketing with online ticket sellers, instead of cinemas, after not being able to get exhibitors to sign on. The company hoped to get a proof-of-concept out of its private beta, scheduled to take place over the July 4 weekend in the San Francisco Bay Area, and use that to get the movie chains on board, said MoviePass co-founder Stacy Spikes in a phone interview with Wired.com.

With the beta on hold, the company is currently looking at other theaters to test the service, with the aim of resuming the trial period and proving the model to theater chains.

“We’re enthusiastic that once we can walk them through the service they’ll be excited, we just haven’t had that opportunity yet,” Spikes said. “The silver lining of all of this is that this has created the ability to have that dialog now.”

One of AMC’s issues with MoviePass is how purchases of the all-you-can watch pass would be credited to its AMC Stubs members, who receive rewards for ticket and concession purchases.

“As MoviePass was created without AMC’s input and testing, we cannot confidently say the guest experience would be positive for our guests and specifically our AMC Stubs members,” Colanero said in the statement.

‘We kind of turned the spigot off.’

When MoviePass announced its private beta earlier this week, the company was scheduled to launch its service in the San Francisco Bay Area over the July 4 weekend, and claimed 21 theaters were participating. The service began to launch Wednesday but “we kind of turned the spigot off,” Spikes said.

Despite the reaction from theater chains, Spikes said he remains confident MoviePass can move forward.

“If we have to do some modifications to get people to do that, we’re glad to,” Spikes said. “We want to help bring people back to theaters.”
http://www.wired.com/epicenter/2011/...-beta-on-hold/





Netflix Quietly Helps Capped U.S. Broadband Users With New Video Quality Settings That First Appeared in Canada
Karl Bode

Facing the low caps and high overages common in the Canadian market, Netflix back in March introduced settings that allowed streaming viewers to adjust the quality of the stream -- and thereby the bandwidth consumed. With companies like AT&T now imposing caps on its users, Rich Karpinski at Connected Planet has noticed that Netflix has very quietly delivered these settings for users in the U.S. market as well. Netflix isn't drawing attention to the shift because obviously they want consumers to be experience the service at its highest quality, but you can find the settings under "manage video quality." There, Netflix informs users:

We know that some of you have Internet data caps and we want to make it easier for you to manage how much data you use. We offer 3 video quality settings to help you manage your data usage. No matter what level you choose, your Netflix membership price will remain the same.

The settings appear to exactly mimic those offered in Canada, and provide viewers with three video options:

Good: limits video/audio to 625 kbps/64 kbps. With this setting, 30 hours of content would be up to 9 GBytes per month. (about 0.3 GBytes/hour)

Better: limits video/audio to a maximum of 1300 kbps/192 kpbs. With this setting, 30 hours of content would be less than 20 GBytes per month. (about 0.7 GBytes/hour)

Best: will use any of the video/audio rates available. Our highest quality files are 4800 kbps (for 1080p HD video) and 384 kbps audio (for 5.1 audio). 30 hours of this highest quality streaming would be less than 67 GBytes. (about 1.0 GBytes/hour - or up to 2.3 GBytes/hour when streaming HD content).

Caps have only just started to be foisted upon consumers in the U.S. market, and we've already got the country's largest digital video shop degrading their service quality to compensate. That works well for incumbent ISPs, who as we've been saying for years aren't imposing these caps and steep overages on landline networks due to congestion or expense (despite repeated claims to the contrary) -- but because they want to both cash in on Internet video -- and ensure that services like Netflix don't seriously challenge their own traditional TV offerings.

In this case, AT&T imposed caps and $10 per 50GB overages on DSL/VDSL networks that weren't congested to create artificial scarcity (not that the press bothered to check), and the direct benefit is the degradation of a competitor's service.
http://www.dslreports.com/shownews/N...d-Users-114834





Why is European Broadband Faster and Cheaper? Blame the Government
Rick Karr

If you've stayed with friends who live in European cities, you've probably had an experience like this: You hop onto their WiFi or wired internet connection and realize it's really fast. Way faster than the one that you have at home. It might even make your own DSL or cable connection feel as sluggish as dialup.

You ask them how much they pay for broadband.

"Oh, forty Euros." That's about $56.

"A week?" you ask.

"No," they might say. "Per month. And that includes phone and TV."

It's really that bad. The nation that invented the internet ranks 16th in the world when it comes to the speed and cost of our broadband connections. That's according to a study released last year by Harvard's Berkman Center for Internet & Society on behalf of the Federal Communications Commission.

It's not surprising that we lag behind such hacker havens as Sweden (number one worldwide, according to the study) and Finland (number seven), nor densely-populated Asian nations like Japan and South Korea (numbers three and four). But the U.S. also trails countries that are poor by European standards: Portugal is just ahead of us in 15th place; Italy is number 14. (The full rankings are on page 81 of the study.)

By most measures, the U.S. has been losing ground. The UK, which traditionally lagged in international broadband rankings, is now number eleven, Germany, which has been slow to move to the most-recent DSL and fiber technologies, is number twelve.

I wanted to find out why we're doing so badly. So earlier this year I went to the UK and Netherlands under the aegis of the Washington-based Center for Investigation and Information to learn why broadband in those countries is so much better than ours. The project was funded by the Ford Foundation. (In April, my colleagues and I produced the first version of the story for the weekly PBS newsmagazine Need to Know; you can see that report here. Later this year, we hope to produce additional reporting for two NPR programs.)

We went to the Netherlands because it has one of the world's most advanced and fastest-growing fiber-optic networks. We visited homes there that get 100 mbps service in both directions -- they can upload as fast as they download -- as well as TV and phone for under $100 a month.

We chose the UK because it's racing ahead in global rankings. Over the past decade, average speeds increased by 25 percent between 2009 and 2010, while prices have tumbled. Broadband service comparable to what we get here in the U.S. is available for less than $6 a month. And no, there isn't a zero missing there. Six bucks a month.

So, what's the difference?

Our reporting suggests a one-word answer: Government.

Not government spending. The UK's administration hasn't invested a penny in broadband infrastructure, and most of the network in the Netherlands has been built with private capital. (The city government in Amsterdam took a minority stake in the fiber network there, but that's an investment that will pay dividends if the network is profitable -- and the private investors who own the majority share of the system plan to make sure that it will be.)

The game-changer in these two European countries has been government regulators who have forced more competition in the market for broadband.

The market in the UK used to be much like ours here in the U.S.: British homes had two options for broadband service: the incumbent telephone company British Telecom (BT), or a cable provider. Prices were high, service was slow, and, as I mentioned above, Britain was falling behind its European neighbors in international rankings of broadband service.

The solution, the British government decided, was more competition: If consumers had more options when it came to broadband service, regulators reasoned, prices would fall and speeds would increase. A duopoly of telephone and cable service wasn't enough. "You need to find the third lever," says Peter Black, who was the UK government's top broadband regulator from 2004 to 2008.

Starting around 2000, the government required BT to allow other broadband providers to use its lines to deliver service. That's known as "local loop unbundling" -- other providers could lease the loops of copper that runs from the telephone company office to homes and back and set up their own servers and routers in BT facilities.

BT dragged its feet and very few firms stepped up to compete with the telephone giant. "The prices were too high," Black says. "There were huge barriers to entry. The processes were long and drawn out."

When Black was named Telecommunications Adjudicator in 2004, he fought on two fronts to break the BT logjam. First, he used his own experience as a former employee of the telecom giant to push for change from the inside. When that wasn't enough, he used the bully pulpit provided by his government post to embarrass BT in public. He publicized the company's failure to meet goals. Reporters loved the story of the government regulator holding the giant firm's feet to the fire.

"Embarrassment works, you know?" he laughs.

When Black started work, only 12,000 British homes had multiple broadband providers. By the time he stepped down in 2008, about 5 million did, and today the number's closer to 6 million. "That's about a 500-fold increase in less than ten years," he says.

You can see evidence of the UK's competitive market on the streets of London: Broadband providers splash ads across bush shelters and train stations, touting prices that seem outrageously low by U.S. standards. Post offices sell broadband service; so does Tesco, one of the UK's largest supermarket chains.

Those providers target their offerings to users' needs. If all you plan to do is check you email every now and then, try TalkTalk's plan that goes for £3.25 a month (under $6). If you're a gamer and low latency is a key factor, buy a more expensive plan from Demon. (Bonus: Their customer service people are trained geeks who won't repeatedly insist that you reboot your computer and modem before moving on to help solve the problem.) Some London homes now have a dozen or more broadband providers.

Competition is spurring technological improvements. BT and its dozens of competitors realize that they're already pushing old-fashioned copper wires to the limit, and that speeds will increase only if homes are connected to fiber-optic cables. So right now, a consortium of competitive broadband providers is negotiating with BT for the right to use the phone company's poles and underground ducts to build their own fiber-optic network.

What's good for Britain is bad for America?

America's AT&T and Verizon are members of that consortium, pushing for faster service for British broadband users. Both firms back more competition in the UK and across Europe and fight to take market share from incumbent telephone companies there.

Yet both firms say the same policies they support in the UK would be a mistake here in the U.S. (You can see my questions to the firms here and here. AT&T's response is here, while Verizon's is here.)

Verizon told me in its written statement that it flat-out opposes the kind of local-loop unbundling that's reduced prices and increased speeds in Britain "for competitive reasons". Those regulations are "bad public policy and bad news for consumers", Verizon says, which "only benefit a few big phone companies, and those companies do not pass their savings on to consumers." Verizon also claims that "those competitors do not invest in their own networks".

Broadband industry insiders in the UK beg to differ.

AT&T takes a different tack: The firm says it supports competition, but notes that, "There is no 'one-size fits all' regulatory regime" that will work worldwide. AT&T cites two main differences between the UK and U.S. markets: First, more U.S. homes have the option of buying broadband service from cable companies. Second, the U.S. is more spread out -- the technical term is that those "loops" are longer.

But again, the facts in the UK suggest otherwise. Many homes in Britain's largest city -- London -- have cable access, but cable prices have fallen alongside that of DSL service.

Meanwhile, the size of the U.S. may be a red herring. Most of the region between Boston and Washington is as densely populated as most of Europe and the UK. So is the California coast between San Francisco and San Diego. And so is the region of the Midwest centered on Chicago. Those areas are home to about a quarter of all Americans. In other words, we live in a big country, but a lot of it is relatively empty space.

The argument that the U.S. is too spread out is nonsense, according to Herman Wagter, one of the Netherlands' most prominent evangelists for next-generation broadband. He thinks there's something else going on in Verizon's and AT&T's opposition to competition at home: They're afraid of it.

Standing next to an Amsterdam canal, Wagter used a historical analogy: Those canals were built and operated by private firms, he says. When they were built, they helped Amsterdam become the world capital of commerce and finance. But after a hundred years or so, a new technology -- railroads -- was proving itself to be more efficient. The new transportation system was helping Holland's neighbor to the west, the UK, race ahead of the Netherlands. When Dutch entrepreneurs petitioned to build a train, the owners of the canals "were screaming murder".

"They were saying, 'Oh, we can accelerate the boats a little bit, and convey a little bit more if you need more capacity'," Wagter says. The canal owners said the new railroads would "take away their business, and it was absolutely forbidden, and government shouldn't interfere."

Wagter says it's fortunate that the Dutch government at the time didn't listen to those arguments. Whether or not U.S. officials will make the same decision when it comes to next-generation broadband, he says, is "a matter of political will."
http://www.engadget.com/2011/06/28/w...-the-governme/





Mobile Phone Roaming Charges Set to Drop in Europe
Kevin O'Brien

The fees that consumers pay to make or receive mobile phone calls while traveling abroad in the European Union were set to be lowered for a fourth consecutive year on Friday, and the European Commission prepared to extend the system of retail price caps to roaming charges for mobile data paid by smartphone and laptop users.

The per-minute roaming charge for making a voice call in the E.U. was set to fall to 35 cents a minute from 39 cents on Friday, and the roaming charge to receive a call was set to drop to 11 cents from 15 cents.

Roaming charges are levied in addition to normal long-distance calling charges and value-added taxes. The European Union’s retail price caps on roaming charges first took effect on July 1, 2007, and have been progressively lowered on July 1 each year since through a formula set out in the original legislation.

Neelie Kroes, the European commissioner responsible for telecommunications, has said that she is considering imposing the Continent’s first retail price caps on mobile data roaming, which consumers incur when they use smartphones or laptops to surf the Internet and download e-mails while outside of their home network.

At present, data roaming charges are regulated only at the wholesale level, tied to the prices that operators charge one another to carry the others' calls.

Wholesale roaming caps were set to fall to 50 cents per megabyte on Friday from 80 cents. But consumer groups and Mrs. Kroes have criticized the wholesale caps as ineffective, noting that most E.U. consumers incur the maximum allowable monthly data roaming charge of €50, or $72.50, within a few hours of downloading simple e-mails.

After reaching the limit, most operators significantly slow their customers’ download speeds for the remainder of the month.
https://www.nytimes.com/2011/07/01/t...roaming01.html





40GB of Data that Costs the Same as a House
Barry Collins

How much would it cost to download the same amount of data as you get bundled with your home broadband on a mobile roaming tariff? About the same price as a three-bedroom house in Surrey.

The cost of mobile data is coming under investigation from the EU, which is set to impose new caps on mobile roaming rates this week. As our infographic below shows, regulatory action is long overdue.

We compared the cost of downloading 40GB of data - the standard quantity bundled with BT's Total Broadband packages - on various mobile tariffs.
http://www.pcpro.co.uk/news/368383/4...ame-as-a-house





Free Knowledge Requires Free Software and Free File Formats
Jimmy Wales

People sometimes ask me why I’m so adamant that Wikipedia must always use free software, even when in some cases it might be the case that proprietary software might be more convenient or better suited for some particular need that we have.

After all, the argument goes, our primary mission is to produce free knowledge, not to promote free software, and whlie we might prefer free software on practical grounds (since it is generally best of breed for webserving applications), we should not be sticklers about it.

I believe this argument is seriously mistaken, and not on merely practical grounds, but on grounds of principle. Free knowledge requires free software. It is a conceptual error to think about our mission as being somehow separate from that.

What is free knowledge? What is a free encyclopedia? The essence is something that anyone who understands free software can immediately grasp. A free encylopedia, or any other free knowledge, can be freely read, without getting permission from anyone. Free knowledge can be freely shared with others. Free knowledge can be adapted to your own needs. And your adapted versions can be freely shared with others.

We produce a massive website filled with an astounding variety of knowledge. If we were to produce this website using proprietary software, we would place potentially insurmountable obstacles in front of those who would like to take our knowledge and do the same thing that we are doing. If you need to get permission from a proprietary software vendor in order to create your own copy of our works, then you are not really free.

For the case of proprietary file formats, the situation is even worse. It could be argued, though not persuasively I think, that as long as Wikimedia content can be loaded into some existing free software easily enough, then our internal use of proprietary software is not so bad. For proprietary formats, even this seductive fallacy does not apply. If we offer information in a proprietary or patent-encumbered format, then we are not just violating our own commitment to freedom, we are forcing others who want to use our allegedly free knowledge to themselves use proprietary software.

Finally, we should never forget as a community that we are the vanguard of a knowledge revolution that will transform the world. We are the leading edge innovators and leaders of what is becoming a global movement to free knowledge from proprietary constraints. 100 years from now, the idea of a proprietary textbook or encyclopedia will sound as quaint and remote as we now think of the use of leeches in medical science.

Through our work, every single person on the planet will have easy low cost access to free knowledge to empower them to do whatever it is that they want to do. And my point here is that this is not some idle fantasy, but something that we are already accomplishing. We have become one of the largest websites in the world using a model of love and co-operation that is still almost completely unknown to the wider world. But we are becoming known, and we will be known, for both our principles and achievements — because it is the principles that make the achievements possible.

Toward that end, it should be a strong point of pride to us that the Wikimedia Foundation always uses free software on all computers that we own, and that we always put forward our best effort to ensure that our free knowledge really _is_ free, in that people are not forced to use proprietary software in order to read, modify, and redistribute it as they see fit.
http://jimmywales.com/2004/10/21/fre...-file-formats/





Google Boots Transdroid Torrent Manager From Android Market
Ernesto

Google has pulled one of the most popular torrent download managers from the Android Market because of policy violations. Before Google booted the application, Transdroid had been available for two years and amassed 400,000 users during that time. Thus far Google hasn’t specified what the exact nature of Transdoid’s violations are, but it’s not unlikely that they relate to copyright infringement.

For many Android users Transdroid is the perfect remote access app for managing their BitTorrent clients on the go. The app allows users to start and stop torrents, search torrent files and even use the barcode scanner to find matching torrent files.

Transdroid offered both a free and a paid version of the app, and judging from the 400,000 downloads people seemed to appreciate it. However, as of this week, Google decided that Transdroid is no longer eligible to be placed in the Android Market.

“I have just received an e-mail from Google that Transdroid, both the free and donate version, have been pulled form the Android Market. This is due to apparent violations in the content policies of publishing in the Android Market,” Transdroid’s developer announced.

Google’s notification wasn’t very clear on what the violations were, but considering the nature of the app it wouldn’t come as a surprise if they relate to copyright infringement.

According to the developer content policy apps should not be infringing copyrights in any way.

“Don’t infringe on the intellectual property rights of others, including patent, trademark, trade secret, copyright, and other proprietary rights. We will respond to clear notices of alleged copyright infringement,” the policy reads.

Although Transdroid itself isn’t infringing any copyrights, the screenshots on the app’s website do feature some copyrighted downloads which Google may see as a violation of the Android developer policy. As we highlighted previously, this is not a particularly wise thing to do.

Unlike Apple, Google is not banning everything BitTorrent related, but if developers showcase infringing uses they may see no other option that to take the app down. Even Cydia, the alternative market place for iPhone apps, is taking a harsh line on file-sharing software that ‘promote’ infringing uses.

For Transdroid, however, things aren’t completely over yet. The developer has asked Google to explain what he should change so the site can be added to the Android Market again. In the meantime the app and the source code are available as a direct download through the Transdroid website.

“Thanks to all Transdroid users for their support and enthusiasm. Let me be clear that I am happy to build a version for the Android Market that does satisfy their policies and can still help thousands of happy BitTorrent users around the world,” Transdroid’s developer says.
http://torrentfreak.com/google-boots...market-110626/





Google And The USA PATRIOT Act.
sneak

I’m presently reading Steven Levy’s amazing new book “In The Plex” – a fairly in-depth look at what exactly Google was, is, and is trying to be, and the impact they’ve had on the Internet (and thus the entire world) in the process. It’s pretty amazing to me (and I’m only about two-thirds of the way through).

One thing that struck me, though, was how their underlying mantra of “Don’t be evil” is actually something real. I’ve always taken it with a grain of salt, but I truly believe now that it’s something quite real in practice. Despite Steve Jobs’ proclamation of it being bullshit and all of the creepy stuff that Schmidt’s put forth into the media, the true scale of Google outlined in this book coupled along with the actual corporate output and effects upon the Internet that the company has imposed indicate that it can be nothing short of an innate attitude and cultural outlook held by a great many Googlers.

I’ve been kicking around a little post, though, about how no matter un-evil you wish to be, an American company is subject to American law. Guns and other forms of nonviolent political disobedience are, I get the impression, quite “un-Googley”, which means that if the FBI et al show up with MP5s and such, you can bet any money that the starry-eyed California idealists are going to bend to the whims of Congress, no questions asked.

For those of you playing along at home, in 2001 president George W. Bush signed the USA PATRIOT Act into law. One of the major provisions of the PATRIOT Act is that it effectively suspends the fourth amendment protections that Americans have had for hundreds of years. The original amendment reads:

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

The USA PATRIOT Act now allows for federal anti-terrorism organizations (such as the FBI) to request and receive all sorts of personal data and records from service providers under the guise of something called an NSL, or National Security Letter. These are not backed by probable cause, nor reviewed by a judge. Furthermore, it becomes a very serious crime for the service provider who receives an NSL to mention the existence of such an order to anyone, including their lawyer or their spouse. You literally go to jail if you utter a single peep about the fact that you’ve been unwillingly co-opted into a fundamentally constitutionally illegal government spying operation.

So, no matter how un-evil the Googlers may endeavor to be, they’re still at the mercy of the government under which which they choose to operate their company. I was going to make a big deal about pointing this out, but, ever true to form, Google has beat me to the punch by several years:

“If you really need that kind of privacy, the reality is that search engines – including Google – do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.” — Eric Schmidt, December 2009

What he fails to mention, here, is that the PATRIOT Act doesn’t require a warrant or subpoena of any kind. The FBI sends out something like 60,000 of these every year, and their manifold abuses are well-documented.

(One of the big downsides of the hyper-brainy intra-’plex way of thinking is that they take having certain bits of knowledge for granted (things that don’t usually exist in the minds of the general public), so when making statements, basic prerequisite facts sometimes go implicitly unsaid.)

Anyway, while doing a bit of research for the post, I came across this quote.

So, my basic question has gone from this first version:

Dear Google: If you want us to trust you to not be evil, why do you position your company and our personal data in a place (the USA) where the ruling regime can freely do all the evil they want, regardless of your organization’s basic philosophy?

To this current version:

Dear Google: How can you possibly take the moral high ground and claim to not be evil when you know, BEFOREHAND, that every single tool that you build and deploy is working to centralize individual private data into a repository YOU YOURSELVES have built tools for the government to freely access without any judicial oversight or evidence of criminal wrongdoing?

Google has gone from “unfortunate casualty of US policy” to “willing participant in the surveillance state”. “Don’t be evil” may well have been as real as gravity at one point – but that world no longer exists.

They’ve pulled out of China, ostensibly to “support freedom”. Isn’t it time to pull out of the USA for the exact same reasons?
http://sneak.datavibe.net/20110627/g...e-patriot-act/





Microsoft May Add Eavesdropping To Skype
Kurt Bakke

Tags: Microsoft, patent, Skype

The U.S. Patent and Trademark Office published a Microsoft patent application that reaches back to December 2009 and describes “recording agents” to legally intercept VoIP phone calls.

The “Legal Intercept” patent application is one of Microsoft’s more elaborate and detailed patent papers, which is comprehensive enough to make you think twice about the use of VoIP audio and video communications. The document provides Microsoft’s idea about the nature, positioning and feature set of recording agents that silently record the communication between two or more parties.

The patent was filed well before Microsoft’s acquisition of Skype and there is no reason to believe that the patent was filed with Skype as a Microsoft property in mind. However, the patent mentions Skype explicitly as an example application for this technology and Microsoft may now have to answer questions in which way this patent applies to its new Skype entity and if the technology will become part of Skype.

Legal intercept structure (RA= recording agent)

In the patent descriptions, the company justifies such a feature with the fact that monitoring of calls has been around for a long time for traditional calls, but devices that were used for plain old telephone service (POTS) simply do not work with VoIP anymore. Recording agents are designed to take the place of those outdated devices, but are – not surprisingly – much more capable, can be placed in different locations and automate call interceptions. For example, Microsoft says that recording will be triggered by “events”, or a “sequence of events” – for example when specific callers are involved.

The patent does not mention an eavesdropping module that is integrated into the client software. However, it describes recording agents that can be placed in a multitude of devices, including routers (see image, RA = recording agent). There is also the note of a recording agent software that represents “a software module that logically and/or physically sits between the call server and the network.” According to Microsoft, the agent will have access “to each communication sent to and from the call server,” which clearly refers to the general infrastructure of a VoIP service and network.

Legal intercept process

The patent lists the following process of a silently recorded call (we removed references to drawings in the description for easier reading):


1. A delivery endpoint is registered with a call server. For example, the intercept requestor may register an IP address/port for delivery of copies of recorded communications associated with a designated VoIP entity.

2. A request to monitor a selected VoIP entity is sent by the requestor to the call server. For example, the intercept requestor may request that the call server record communications for the VoIP entity.

3. An initiating entity negotiates candidate network paths with a media relay. For example, the VoIP entity may talk to a STUN, TURN, and/or other servers to determine what IP address/port of the VoIP entity is visible from the network. For example, if the VoIP entity is connected to a NAT, the NAT may translate IP addresses and port numbers. In STUN/TURN environments, the call gateway may act as a STUN and/or TURN server. The SDP parameters indicated previously are an example of what may result as the entity negotiates candidate communication points with a media relay.

4. The initiating entity sends an invite to the call server. The invite includes data regarding establishing a communication session between at least two entities via a switched packet network for a communication that includes audio. For example, the VoIP entity sends an invite (such as the SDP parameters mentioned previously) to the call server to communicate with a VoIP entity in the enterprise.

5. A copy of the invite is sent to the delivery point. For example, the call server may send a copy of the invite to the intercept requestor or another endpoint designated by the intercept requestor.

6. An invite with no local candidates is sent to the remote entity. For example, the call server sends an SDP with the local candidates deleted to the remote entity of the enterprise . Having no local candidates is synonymous with having “no direct paths.” In STUN/TURN terminology, this means that the VoIP entity needs to employ a TURN server to communicate with the remote entity.

7. The remote entity responds to the invite by sending “OK.” For example, the remote entity in the enterprise responds to the invite by sending an OK to the call server.

8. A copy of the OK is sent to the delivery point. For example, the call server sends a copy of the OK to the intercept requestor or another endpoint designated by the intercept requestor.

9. The OK is sent to the initiating entity. For example, the call server sends the OK to the VoIP entity.

10. The agent that will be recording the subsequent communication between the entities is configured so that it will create a copy of the communication. For example, the call server, the call gateway, or some other server may configure the router to create a copy of the communication to and from the VoIP entity. Note, that the recorded may be configured to record a communication for an entity any time after a monitoring request for the entity is received.

11. The VoIP entity sends a packet to the media relay. For example, the VoIP entity may send a packet to the call gateway.

12. The packet passes to the recorder. For example, the packet may pass to the router.

13. The packet is sent to the remote entity. In addition, a copy of the packet is sent to the delivery point and/or stored for later sending to the delivery point or retrieval by a law enforcement agent. For example, the router sends the packet to the VoIP entity in the enterprise and sends a copy of the packet to the intercept requestor or another endpoint designated by the intercept requestor. This continues until the communication is terminated.

14. Upon termination, the delivery endpoint may be informed that the communication has terminated.



The patent clearly addresses the need of governments and law enforcement to record Internet calls. There is also a certain sense that especially closed networks are targeted with this technology, yet the clear notion that VoIP applications targeted by this patent “may include audio messages transmitted via gaming systems, instant messaging protocols that transmit audio, Skype and Skype-like applications, meeting software, video conferencing software, and the like” may raise privacy concerns and surely the question of how Microsoft intends to use such a patent now that it owns Skype.

So, Microsoft: Will Skype officially include eavesdropping capability in the future?

A request for clarification we sent to Microsoft has remained unanswered so far.
http://www.conceivablytech.com/8108/...pping-to-skype





Despite Controversy, Federal, State Wiretaps On the Rise

Cell phones leading device to get Federal wiretap attention while California, New York, and New Jersey have most wiretaps
Michael Cooney

While their over-use is controversial federal and state requests for court permission to intercept or wiretap electronic communications increased 34% in 2010 over 2009 with California, New York, and New Jersey accounting for 68% of all wire taps approved by state judges.

According to the 2010 Wiretap Report, released today by the Administrative Office of the United States Courts (AOUSC) the most frequently noted location in wiretap requests was "portable device," a category that includes cellular telephones and digital pagers. In 2010, a total of 96% of all authorized wiretaps were designated as portable devices. The most common surveillance method was wire surveillance that used a telephone - land line, cellular, cordless or mobile. Telephone wiretaps accounted for 97% (2,253 cases) of the intercepts installed in 2010, the majority of which were cell telephones.

According to the report, 84% of all applications for intercepts (2,675 wiretaps) in 2010 cited illegal drugs as the most serious offense under investigation. As of Dec. 31, 2010, a total of 4,711 people had been arrested and 800 had been convicted as a result of all interceptions reported as terminated.

In 2010, installed wiretaps were in operation for an average of 40 days, two days less than in 2009. The federal wiretap with the most intercepts occurred in the Southern District of California, where a narcotics investigation involving cellular telephones resulted in the interception of 74,715 messages over 210 days. The second-highest number of intercepts stemmed from a cellular telephone wiretap in the Western District of Missouri for a narcotics investigation; this wiretap was active for 118 days and resulted in a total of 74,144 interceptions, the AOUSC report noted.

The state wiretap with the most intercepts was conducted in Queens County, New York, where a 62-day wiretap in a corruption investigation involving cell phone interceptions resulted in the interception of 134,410 messages. A wiretap installed in Gwinnett County, Georgia, lasted 415 days and generated 88,518 cellular telephone and text message interceptions, the report stated.

The three major categories of surveillance are wire, oral and electronic communications. For many years, nearly all intercepts involved telephone surveillance, the remainder involved microphone (oral) surveillance. A third category was added for reporting electronic communications with the passage of the Electronic Communications Privacy Act of 1986. These communications usually are made through digital-display paging devices, fax machines, text messaging and computer transmissions, the report noted.

The average cost per wiretap can vary widely across the country. The report notes for example that wiretap costs in New York state alone range from a little over $1,00 to close to $500,000.

Wiretapping activities are divisive. Earlier this year, the FBI said Web-based e-mail, social-networking and peer-to-peer services are frustrating law enforcement wiretapping efforts but did not offer concrete ideas on how to fix the problem.

Another report complained that law enforcement organizations were making tens of thousands of requests for private electronic information from companies such as Sprint, Facebook and AOL, but few detailed statistics are available.

Police and other agencies have "enthusiastically embraced" asking for e-mail, instant messages and mobile-phone location data, but there's no U.S. federal law that requires the reporting of requests for stored communications data, wrote Christopher Soghoian, a doctoral candidate at the School of Informatics and Computing at Indiana University, in a paper.
http://www.networkworld.com/news/201...-wiretaps.html





Justices Reject Ban on Violent Video Games for Children
Adam Liptak

The Supreme Court on Monday struck down on First Amendment grounds a California law that banned the sale of violent video games to children. The 7-to-2 decision was the latest in a series of rulings protecting free speech, joining ones on funeral protests, videos showing cruelty to animals and political speech by corporations.

In a second decision Monday, the last day of the term, the court also struck down an Arizona campaign finance law as a violation of the First Amendment.

Justice Antonin Scalia, writing for five justices in the majority in the video games decision, Brown v. Entertainment Merchants Association, No. 08-1448, said video games were subject to full First Amendment protection.

“Like the protected books, plays and movies that preceded them, video games communicate ideas — and even social messages — through many familiar literary devices (such as characters, dialogue, plot and music) and through features distinctive to the medium (such as the player’s interaction with the virtual world),” Justice Scalia wrote. “That suffices to confer First Amendment protection.”

Depictions of violence, Justice Scalia added, have never been subject to government regulation. “Grimm’s Fairy Tales, for example, are grim indeed,” he wrote, recounting the gory plots of “Snow White,” “Cinderella” and “Hansel and Gretel.” High school reading lists and Saturday morning cartoons, too, he said, are riddled with violence.

The California law would have imposed $1,000 fines on stores that sold violent video games to anyone under 18.

It defined violent games as those “in which the range of options available to a player includes killing, maiming, dismembering or sexually assaulting an image of a human being” in a way that was “patently offensive,” appealed to minors’ “deviant or morbid interests” and lacked “serious literary, artistic, political or scientific value.”

The definitions tracked language from decisions upholding laws regulating sexual content. In 1968, in Ginsberg v. New York, the court allowed limits on the distribution to minors of sexual materials like what it called “girlie magazines” that fell well short of obscenity, which is unprotected by the First Amendment.

Justice Scalia rejected the suggestion that depictions of violence are subject to regulation as obscenity. “Because speech about violence is not obscene,” he wrote, “it is of no consequence that California’s statute mimics the New York statute regulating obscenity-for-minors that we upheld in” the Ginsberg decision.

The video game industry, with annual domestic sales of more than $10 billion, welcomed Monday’s ruling.

“Everybody wins on this decision,” John Riccitiello, chief executive of Electronic Arts, one of the largest public video game companies, said in a statement. “The court has affirmed the constitutional rights of game developers, adults keep the right to decide what’s appropriate in their houses, and store owners can sell games without fear of criminal prosecution.”

Leland Yee, a California state senator who wrote the law, said in a statement that “the Supreme Court once again put the interests of corporate America before the interests of our children,” adding: “It is simply wrong that the video game industry can be allowed to put their profit margins over the rights of parents and the well-being of children.”

The industry had viewed the court’s decision to hear the case as worrisome, given that the lower courts had been in agreement that laws regulating violent expression were unconstitutional.

The justices had, moreover, agreed to hear the case just after issuing their 8-to-1 decision last year in United States v. Stevens, striking down a federal law making it a crime to buy and sell depictions of animal cruelty like dog fighting videos.

That also suggested that at least some of the justices had viewed California’s law as problematic.

But on Monday, the majority said the Stevens decision required the court to strike down the California law. Only a few kinds of speech, like incitement, obscenity and fighting words, are beyond the protection of the First Amendment, Justice Scalia said, adding that the court would not lightly create new excluded categories.

Stevens did not involve speech directed to minors, but the majority said the California law’s goal of protecting children from seeing violence did not alter the constitutional analysis.

“No doubt a state possesses legitimate power to protect children from harm,” Justice Scalia wrote, “but that does not include a free-floating power to restrict the ideas to which children may be exposed.”

Justices Anthony M. Kennedy, Ruth Bader Ginsburg, Sonia Sotomayor and Elena Kagan joined the majority opinion in the case.

Justice Samuel A. Alito Jr., in a concurrence joined by Chief Justice John G. Roberts Jr., voted with the majority but did not adopt its reasoning. Justice Alito said the California law was too vague. A more carefully worded law, he wrote, might survive constitutional scrutiny.

Justice Alito said the majority opinion was too quick to dismiss differences between current video games and other media.

“The objective of one game is to rape a mother and her daughters,” he wrote. In another, “players attempt to fire a rifle shot into the head of President Kennedy as his motorcade passes by the Texas School Book Depository.”

Soon, he added, children may play three-dimensional high-definition games wearing equipment that will allow them to “actually feel the splatting blood from the blown-off head” of a victim.

Justice Scalia acknowledged that Justice Alito had identified some disturbing images. “But disgust,” Justice Scalia wrote, “is not a valid basis for restricting expression.”

Justices Clarence Thomas and Stephen G. Breyer filed separate dissents. Justice Thomas said the drafters of the First Amendment did not understand it to protect minors’ free speech rights.

“ ‘The freedom of speech,’ as originally understood, does not include a right to speak to minors (or a right of minors to access speech) without going through the minors’ parents or guardians,” Justice Thomas wrote.

Justice Scalia, who shares with Justice Thomas a commitment to interpreting the Constitution in accord with its original meaning, parted ways with his usual ally on this point. “He cites no case, state or federal, supporting this view, and to our knowledge there is none,” Justice Scalia wrote of Justice Thomas.

Justice Breyer also dissented, saying the statute survived First Amendment scrutiny. He relied on studies that he said showed violent video games were positively associated with aggressive behavior.

“Unlike the majority,” Justice Breyer wrote, “I would find sufficient grounds in these studies and expert opinions for this court to defer to an elected legislature’s conclusion that the video games in question are particularly likely to harm children.”

Matt Richtel contributed reporting from San Francisco.
https://www.nytimes.com/2011/06/28/us/28scotus.html





Facebook Bans KDE Application, Deletes User Photos
Joe Brockmeier

KDE users have gotten a rather unpleasant surprise from Facebook: Not only is the site blocking KDE apps like Gwenview from uploading, the social media giant has also taken down photos uploaded with the KDE plugins. Yet another reason that users might think twice before depending on Facebook for photo storage.

I stumbled on this via, of course, Facebook. A friend of mine had posted that the "kipi" (KDE Plug-Ins) that handles uploading to Facebook had been banned. That's annoying, but not a major issue — but the real issue is that the site has also apparently zapped photos already uploaded using KDE applications that depend on the plugin. I would point you to the bug, but apparently bugs.kde.org is unaccustomed to the amount of interest that the bug is receiving. (Maybe it's up by the time you read this, though.)
Thinking it might be a single user glitch or limited to one area, I decided to fire up Gwenview and try to upload a picture. No dice — I got the "Facebook Call Failed: Invalid API key" error. I don't typically use Gwenview to upload photos, so I can't see of my photos missing, but I'll take my friend's word for it.

It's popular for people to talk about hating Facebook or, for a smaller group, not using Facebook. I'm not going to go there — I don't particularly trust Facebook, but I do use the site and (so far) find that the positives outweigh the negatives. But this is an object lesson in why users should never depend on Facebook or assume that their data stored on the site will be there five minutes from now. (You also should not assume that anything stored on Facebook is private, but that's another conversation for another time.)

While I use Facebook and other sites, I always keep local copies of photos or anything else that I share. What's a shame is that you have to assume that the conversations that accompany photos, etc., are ephemeral. Maybe they'll be there in six months, maybe they'll be gone in sixty seconds.

Whether Facebook will be able to revert the photos, or why the company mistakenly banned an innocent FOSS application from uploads and storage is almost beside the point. It's nothing new, and almost certainly won't be the last time that the site mistakenly blocks a legitimate app or fumbles user data.

This is yet another argument for distributed, free software social media tools like GNU MediaGoblin. Facebook's mission is not to carefully tend to its users data. Facebook's users aren't even the company's customers — it's all about the advertisers and companies it can sell marketing data to. Your comments, photos, profile, and time spent on Facebook's site are the company's product not its business.

So I won't tell people "don't use Facebook" because that ship has already sailed unless the company commits a particularly heinous breach of user trust, or something more popular eclipses it. But I will say this: Use Facebook like you use any shared space. You never know who might be observing, and anything you leave behind might be gone five seconds after you turn your back.
http://www.networkworld.com/community/node/75598





Got Twitter? You’ve Been Scored
Stephanie Rosenbloom

IMAGINE a world in which we are assigned a number that indicates how influential we are. This number would help determine whether you receive a job, a hotel-room upgrade or free samples at the supermarket. If your influence score is low, you don’t get the promotion, the suite or the complimentary cookies.

This is not science fiction. It’s happening to millions of social network users.

If you have a Facebook, Twitter or LinkedIn account, you are already being judged — or will be soon. Companies with names like Klout, PeerIndex and Twitter Grader are in the process of scoring millions, eventually billions, of people on their level of influence — or in the lingo, rating “influencers.” Yet the companies are not simply looking at the number of followers or friends you’ve amassed. Rather, they are beginning to measure influence in more nuanced ways, and posting their judgments — in the form of a score — online.

To some, it’s an inspiring tool — one that’s encouraging the democratization of influence. No longer must you be a celebrity, a politician or a media personality to be considered influential. Social scoring can also help build a personal brand. To critics, social scoring is a brave new technoworld, where your rating could help determine how well you are treated by everyone with whom you interact.

“Now you are being assigned a number in a very public way, whether you want it or not,” said Mark W. Schaefer, an adjunct professor of marketing at Rutgers University and the executive director of Schaefer Marketing Solutions. “It’s going to be publicly accessible to the people you date, the people you work for. It’s fast becoming mainstream.”

Influence scores typically range from 1 to 100. On Klout, the dominant player in this space, the average score is in the high teens. A score in the 40s suggests a strong, but niche, following. A 100, on the other hand, means you’re Justin Bieber. On PeerIndex, the median score is 19. A perfect 100, the company says, is “god-like.”

Companies are still refining their methodologies — sifting through data and evaluating other networking sites.

This month, Klout announced that it was beginning to incorporate LinkedIn profiles.

As Azeem Azhar, chief executive of PeerIndex, put it, “We’re at the start of this journey and we expect the journey to take us into much more nuance and granularity.”

Marketers are signing on. More than 2,500 companies are using Klout’s data. Last week, Klout revealed that Audi would begin offering promotions to Facebook users based on their Klout score. Last year, Virgin America used the company to offer highly rated influencers in Toronto free round-trip flights to San Francisco or Los Angeles. In Las Vegas, the Palms Hotel and Casino is using Klout data to give highly rated guests an upgrade or tickets to Cirque du Soleil.

“For the first time, we’re all on an even playing field,” said Joe Fernandez, the chief executive and co-founder of Klout. “For the first time, it’s not just how much money you have or what you look like. It’s what you say and how you say it.”

How does one become an influencer?

After analyzing 22 million tweets last year, researchers at Hewlett-Packard found that it’s not enough to attract Twitter followers — you must inspire those followers to take action. That could mean persuading them to try Bikram yoga, donate to the Sierra Club or share a recipe for apple pie. In other words, influence is about engagement and motivation, not just racking up legions of followers.

Industry professionals say it’s also important to focus your digital presence on one or two areas of interest. Don’t be a generalist. Most importantly: be passionate, knowledgeable and trustworthy.

Still, scoring is subjective and, for now, imperfect: most analytics companies rely heavily on a user’s Twitter and Facebook profiles, leaving out other online activities, like blogging or posting YouTube videos. As for influence in the offline world — it doesn’t count.

Mr. Azhar, of PeerIndex, calls this “the Clay Shirky problem,” referring to the writer and theorist who doesn’t use Twitter much. “He’s obviously massively influential,” Mr. Azhar said, “and right now he has a terrible PeerIndex.”

Jeremiah Owyang, an analyst with Altimeter Group, a digital-strategy consulting firm, wrote a few months ago that using a single metric to evaluate influence is dangerous. He noted that Klout “lacks sentiment analysis” — so a user who generates a lot of digital chatter might receive a high score even though what’s being said about the user is negative. Also, a single metric can be misleading: someone with little Twitter experience can snag a high score if they happen to post a video that goes viral.

More broadly, Mr. Schaefer of Schaefer Marketing and others are concerned that we are moving closer to creating “social media caste systems,” where people with high scores get preferential treatment by retailers, prospective employers, even prospective dates.

No wonder some people are trying to game their scores. Attaining true influence requires time and commitment. And while your flesh-and-blood self deserves a break every now and then, your digital self will pay the price.

“I went on vacation for two weeks,” said Mr. Schaefer, “and my Klout score went down.”

Stephanie Rosenbloom is a style reporter for The New York Times.
https://www.nytimes.com/2011/06/26/s...osenbloom.html





Google’s War on Nonsense
Virginia Heffernan

Imagine a sci-fi universe in which every letter, word and sentence is a commodity. Companies make money off chunks of language. Bosses drive writers to make more words faster and for less pay. Readers then pay for exposure to these cheaply made words in the precious currency of their attention.

You can get a glimpse of that world on the Web right now. Just take a sunny summer tour of a content farm like Associated Content or Answerbag. You can find these content farms in some quarters of the CNN and AOL sites, too.

Content farms, which have flourished on the Web in the past 18 months, are massive news sites that use headlines, keywords and other tricks to lure Web-users into looking at ads. These sites confound and embarrass Google by gaming its ranking system. As a business proposition, they once seemed exciting. Last year, The Economist admiringly described Associated Content and Demand Media as cleverly cynical operations that “aim to produce content at a price so low that even meager advertising revenue can support it.”

As a verbal artifact, farmed content exhibits neither style nor substance. You may faintly recognize news in some of these articles, especially gossip — but the prose is so odd as to seem extraterrestrial. “Another passenger of the vehicle has also been announced to be dead,” declares a typical sentence on Associated Content. “Like many fans of the popular ‘Jackass’ franchise, Dunn’s life and pranks meant a great amount to me.”

The insultingly vacuous and frankly bizarre prose of the content farms — it seems ripped from Wikipedia and translated from the Romanian — cheapens all online information. A few months ago, tired of coming across creepy, commodified content where I expected ordinary language, I resolved to turn to mobile apps for e-books, social media, ecommerce and news, and use the open Web only sparingly. I had grown confused by the weird articles I often stumbled on.

These prose-widgets are not hammered out by robots, surprisingly. But they are written by writers who work like robots. As recent accounts of life in these words-are-money mills make clear, some content-farm writers have deadlines as frequently as every 25 minutes. Others are expected to turn around reported pieces, containing interviews with several experts, in an hour. Some compose, edit, format and publish 10 articles in a single shift. Many with decades of experience in journalism work 70-hour weeks for salaries of $40,000 with no vacation time. The content farms have taken journalism hackwork to a whole new level.

So who produces all this bulk jive? Business Insider, the business-news site, has provided a forum to a half dozen low-paid content farmers, especially several who work at AOL’s enormous Seed and Patch ventures. They describe exhausting and sometimes exploitative writing conditions. Oliver Miller, a journalist with an MFA in fiction from Sarah Lawrence who once believed he’d write the Great American Novel, told me AOL paid him about $28,000 for writing 300,000 words about television, all based on fragments of shows he’d never seen, filed in half-hour intervals, on a graveyard shift that ran from 11 p.m. to 7 or 8 in the morning.

Mr. Miller’s job, as he made clear in an article last week in The Faster Times, an online newspaper, was to cram together words that someone’s research had suggested might be in demand on Google, position these strings as titles and headlines, embellish them with other inoffensive words and make the whole confection vaguely resemble an article. AOL would put “Rick Fox mustache” in a headline, betting that some number of people would put “Rick Fox mustache” into Google, and retrieve Mr. Miller’s article. Readers coming to AOL, expecting information, might discover a subliterate wasteland. But before bouncing out, they might watch a video clip with ads on it. Their visits would also register as page views, which AOL could then sell to advertisers.

So that’s how you really commodify writing: you pay little or nothing to writers, and make readers pay a lot — in the form of their “eyeballs.” But readers get zero back, no useful content. That’s the logic of the content farm. An eyeball for nothing.

“Do you guys even CARE what I write? Does it make any difference if it’s good or bad?” Mr. Miller asked his boss, one night, by instant message.

Mr. Miller says the reply was brief: “Not really.”

Mr. Miller’s experience is consistent with other recent stories by content farm workers. It also jibes with the master plan laid out in “The AOL Way,” a company document leaked to the press not long ago. That document reduces the art of journalism to a process that begins with using metrics to “identify high-demand topics” and ends with the review of this “hi-vol, lo-cost” textual content — those are articles, folks — for such important literary virtues as Google rank and social-media traction.

But an astonishing thing has happened. After months of inaction and seeming paralysis, the forces of good — or the Forces That Claim to Disdain Evil, anyway — fought back. With its near-missionary calling “to organize the world’s information and make it universally accessible and useful,” Google had evidently been humiliated by the content-farm system.

Like an earnest teacher who’d been outsmarted by a clique of relentlessly cheating students, it had lost credibility.

You can’t mess with Google forever. In February, the corporation concocted what it concocts best: an algorithm. The algorithm, called Panda, affects some 12 percent of searches, and it has — slowly and imperfectly — been improving things. Just a short time ago, the Web seemed ungovernable; bad content was driving out good. But Google asserted itself, and credit is due: Panda represents good cyber-governance. It has allowed Google to send untrustworthy, repetitive and unsatisfying content to the back of the class. No more A’s for cheaters.

At the same time, the goal, according to Amit Singhal and Matt Cutts, who worked on Panda, is to “provide better rankings for high-quality sites — sites with original content and information such as research, in-depth reports, thoughtful analysis and so on.”

For big media companies, the Panda formula is now as precious and coveted as any pink diamond or nuclear microchip in a Hollywood thriller. Content farmers will need to beat it if they want to keep up business as usual. And many media companies — old and new — are betting on ad revenue, and ad revenue comes with eyeballs, and eyeballs come from being in Google’s good graces. The secret code that puts a site on top of Google’s search results, or casts it to the bottom, is invaluable.

On Tuesday, Google officially rolled out Panda 2.2. Put “Whitey Bulger” into Google, and where you might once have found dozens of content farms, today you get links to useful articles from sites ranging from The Boston Globe, The Los Angeles Times, the F.B.I. and even Mashable, doing original analysis of how federal agents used social media to find Bulger.

Last month, Demand Media, once the most notorious of the content farms, announced plans to improve quality by publishing more feature articles by hired writers, and fewer by “users” — code for unpaid freelancers. Amazing. Demand Media is stepping up its game.

To see how this might play out for readers, I visited eHow, a former content-farm division of Demand Media, and found an article by a library-science graduate student named Alison Sperry. It was called “How to Write a Poem Like Walt Whitman,” and if it wasn’t E. B. White, it wasn’t precisely robot prose, either.

“Think about an event or experience you are passionate about or brings about a lot of emotion,” Ms. Sperry advised. “Your best writing will come from events, experiences and knowledge you are passionate about.” You don’t say.
http://opinionator.blogs.nytimes.com...r-on-nonsense/





Memory Restart Tells You When Firefox’s Memory Usage Gets Too High (and Restarts It For You)
Whitson Gordon

Firefox: Memory Restart tackles Firefox's well-known memory leak problem by telling you when they get out of control, and restarting Firefox automatically when they do.

Firefox still has trouble managing memory sometimes, and if you open a lot of tabs or leave it open for a long time, it can slow down to a crawl. This is especially bad if your computer doesn't have a lot of RAM. Despite this issue, many people still use Firefox for its other advantages. If that's you, you can at least keep a lid on slowdowns with Memory Restart. Memory Restart display's Firefox's memory usage in the add-on bar, and gives you the option to automatically restart Firefox when that usage gets past your comfortable level. You can also restart it manually with the click of Memory Restart's button, which you can put in the toolbar or the add-on bar.

Note that Memory Restart uses Firefox's about:memory to determine how much its using, which may be different than what you see in the Task Manager. Either way, all you need to do is keep an eye on Memory Restart's display, and note the threshold at which Firefox starts to slow down for you. Then, set that as your threshold in the preferences, and the button will turn red (or restart automatically) whenever Firefox reaches that level of memory usage.

Memory Restart is a free download, works anywhere Firefox does. If you're on Windows, you'll also want to check out previously mentioned Memory Fox, which tries to manage Firefox's memory for you.
http://lifehacker.com/5815636/memory...rts-it-for-you





China's Cloud Districts Offer Censorship-Free Area - For Foreigners
Curt Hopkins

The city of Chongqing will be the first in China to see the debut of a "cloud district," or, to give it its official name, an "International Offshore Cloud Computing Special Management District." This area in an industrial city in the southwest is primarily designed to "gain market share of cloud computing technology." But users within the district can access the Internet outside of the traditional Chinese censorship regime.

The special district in Chongqing is a reflection of a huge overall investment in cloud computing. According to the People's Daily, the government is making a $772 million investment in a 93,000-square mile "cloud computing industrial base."

Because of China's censorship policies, China's market share of the burgeoning IT sector is zero,according to Epoch Times.

"The Cloud District's network will connect directly to the Internet, bypassing the Chinese regime's firewall; foreign investors will thus be able to carry out offshore data services unfettered by regime's censorship. But staff have to go through strict security checks to enter the district."

The fact that the special district will be solely for the use of foreigners, and foreign corporations in particular, is a sore spot for many Chinese.

Some seem angry at their exclusion from a free Internet. Others are outraged by what they see as a new "exclusion zone," mirroring the delegation of Chinese to servant status in their own country during the Opium Wars of the 19th century. Still others, like independent journalist Michael Anti, believes the district is a scam.

"The Cloud Computing District is probably a trap," he said on his Twitter account. "Who dares to store information there?"

The restrictions on direct Internet access even in the cloud district remain draconian. Domestic subsidiaries and branches of international companies will have no access and even the international companies themselves will have to work within restrictions that are not clear. The semi-autonomy of regional bosses also make it difficult for international businesses to be confident of the future. Chongqing's mayor, Bo Xilai, is frequently described as a neo-Maoist, who has had accusations of corruption leveled at him.

Will Western individuals and companies show willing to upload their information into the "Chinese cloud"? Given the government's relationship to the Web, not just its censorship but its reputed official hacking, that seems an iffy proposition at best.
http://www.readwriteweb.com/archives...free_distr.php





Hackers are Being Radicalised by Government Policy

LulzSec is not an isolated phenomenon – official efforts to control the internet are increasing online radicalisation
Loz Kaye

Now that the LulzSec boat has sailed over the horizon, it seems a good moment to take stock of the past weeks' "hacktivism" frenzy. We've been bombarded with images of oddballs lurking in murky chatrooms – geeky teenagers who are simultaneously global cyber-villains. Given the reporting, we'd be forgiven for thinking that it's all about the personal obsessions of a few nerds. This would be to ignore the wider context.

LulzSec wasn't an isolated or unique phenomenon. People with passionate beliefs have been using new technological tools to effect change out of a sense of powerlessness. In the last year, I've watched 38 Degrees using the strength of association online to change government policy, WikiLeaks force transparency on those who'd rather run from it, even the amorphous mass that is Anonymous taking a stand on whatever issue they feel deserves their attention.

These tools are now themselves under attack. Lord Mandelson's last gift to us, the Digital Economy Act, is just one of a raft of "three strikes laws" worldwide that threaten to cut off households from the web. Buried in the coalition's Prevent strategy is the assertion that "internet filtering across the public estate is essential". Nor is it solely a British issue; Nicolas Sarkozy called for global online governance at the eG8 in his attempt to civilise the "wild west" of the web.

We're starting to see what this civilising process entails. Open Rights Group revealed that Ed Vaizey and lobbyists held a secret meeting discussing the future of web blocking powers. There was no public oversight and no one asked the net natives. Vaizey has relented a little via Twitter, consenting to open up the discussion – the Pirate Party and I welcome that invitation. It will take more, however, than getting a few NGOs around a table to ease the real sense of anger poisoning the online community.

What even the MoD insists on calling "cyberspace" has become contested territory. Many recent events have been fuelled by a fear that the internet is under siege by governments hell-bent on restricting its subversive potential. Nato has added to this perception with violent rhetoric and an expressed desire to penetrate Anonymous. No surprise the response has been "Well, penetrate you, Nato".

We've reached a critical juncture: either we sail headlong into escalating confrontation, or we attempt to change tack and reduce the tension by finding a democratic way forward, one that preserves our right to free association. From anonymous bloggers in Iran, to those using Twitter and Facebook in Tahrir Square and even teenagers in the bedrooms of Essex, there is a common thread. A feeling of persecution and dismay that our freedoms are being suppressed.

These concerns haven't gone unnoticed; a recent report by the UN special rapporteur on free expression, Frank La Rue, explicitly criticised legislation including the Digital Economy Act, considering it to be a violation of freedom of speech. This broadside from La Rue has finally spurred our MPs into action. An early day motion calling for a review of the most invasive provisions of the Digital Economy Act has been sponsored by Julian Huppert. It is supported by only 26 of his colleagues, which seems to show that there are only a few in the Commons prepared to stand up for an online constituency.

In the days ahead it may prove that the real headline last Saturday was not the disbanding of LulzSec, but the fact that ISP Telstra was pulling out of an agreement with the Australian government to implement web filtering due to worries about hacking. This was portrayed as a significant victory. As long as it seems that direct action is more effective than democratic engagement, it's clear that the former will appear a more attractive option to many. The official line that the internet is a dangerous territory to be subdued is responsible for an alarming radicalisation. This is not just an issue for the tabloids' oddballs and nerds, it's an issue for everyone who believes in the fundamental importance of freedom.

It's time for governments to turn their ship around and plot a new course.
http://www.guardian.co.uk/commentisf...ec-governments





Sony Says Protecting Content Made it Hackers' Target
Isabel Reynolds

Sony Corp believes it was targeted by hackers because it tried to protect its intellectual property, CEO Howard Stringer told a shareholders' meeting at which he sidestepped a call for him to step down over the incident.

Sony has been under fire since hackers in April accessed personal information on 77 million PlayStation Network and Qriocity accounts, 90 percent of which are users in North America or Europe.

Sony said at the time credit card information may have been stolen, sparking lawsuits and casting a shadow over its plans to combine content and hardware products via online services. The company also disclosed more hacking attacks against it in May and June.

No one has claimed responsibility for the massive hacking attack in April but many have speculated it was sparked by Sony's efforts to clamp down on customers who try to modify its systems.

"We believe that we first became the subject of attack because we tried to protect our IP (intellectual property), our content, in this case videogames," Stringer told shareholders at Tuesday's meeting in response to a question about the background to the incident.

Other high-profile firms, including defense contractor Lockheed Martin and Google Inc, have also been victims of recent cyber attacks.

Sony sued hacker George Hotz for copyright infringement and circumventing PlayStation 3's protection schemes after he posted information on the Internet that would enable gamers to run self-created applications on their consoles.

The company, which says the information would make pirating games easier, announced on April 11 it had settled the charges against Hotz. About a week later, Sony's systems were hacked.

Hotz, who first gained notoriety by unlocking Apple's iPhone, has now landed a job at Facebook, media reports said on Monday.

"Not Just Sony"

Stringer did not respond directly when another shareholder asked him to step down to allow the company to make a fresh start after what is believed to be the world's biggest ever Internet security breach.

Sony's share price has fallen about 16 percent since April 26, the day before the company revealed the first attack, and were almost flat on Tuesday.

The 69-year-old Welsh-born former TV producer, said only that his foremost responsibility was to oversee the company's development and to nurture the next generation of management.

Stringer also referred to the growing list of other companies and organizations that have been hacked.

"I think you see that cyber terrorism is now a global force, affecting many more companies than just Sony," he added.

"If hackers can hack Citibank, the FBI and the CIA, and yesterday the video game company Electronics Arts, then it's a negative situation that governments may have to resolve," Stringer said.

In April, Sony appointed Kazuo Hirai, 50, as second-in-command, and Stringer has said he is in pole position to take over the top job, though the timing is unclear.

Sony says usage of its PlayStation video games network has returned to about 90 percent of the level before the security breach, but some users remain angry.

A court case filed in the United States this month accuses Sony of laying off employees in a unit responsible for network security two weeks before the hacking incident.

Sony also spent lavishly on security to protect its own corporate information while failing to do the same for its customers' data, the proposed class action lawsuit alleges. ($1 = 80.890 Japanese Yen)

(Editing by Edmund Klamann, Joseph Radford and Muralikumar Anantharaman)
http://www.reuters.com/article/2011/...75R0DP20110628





Employees, Not Hackers, Are The Biggest Threat to Security
Dan Rowinski

The Department of Homeland Security will release a new guidance document today intended to make the software that runs the Web less susceptible to malicious hacks.

DHS has teamed with security and technology experts at the SANS Institute and Mitre to create a list of the top 25 programming errors that lead to the most serious hacks, according to The New York Times. The idea is to educate companies and organizations about the channels that criminal hackers use to gain access to confidential information and servers. These are often common software errors that can lead to "zero day" exploits.

According to the Times, the number one error on the list is a programming mistake that can leave a server vulnerable to SQL-injection attacks like those LulzSec and Anonymous have used to access supposedly secure information.

The guidance framework will include "vignettes" for various industry verticals, like banking and manufacturing, and will highlight which vulnerabilities are most frequent in the types of software is used.

Not Always A Tech Issue

While groups like Anonymous and LulzSec (which reportedly is disbanding) use sophisticated hacking methods (like SQL-injections), the greatest threat to security within the government and large corporations does not come from programming vulnerabilities.

It is their employees.

Bloomberg published an in-depth article June 27 titled "Human Errors, Idiocy Fuel Hacking." That may seem like an outrageous accusation but remember that one of the biggest security leaks in recent history - WikiLeaks - was the result of one person with physical storage (a CD) and access to confidential files. All Ryan Manning needed to do was put the disc into a computer and start downloading.

Bloomberg reports that DHS staff secretly dropped CDs and USB drives into the parking lot of government buildings to see if they were picked up and put into a computer. The ones that were picked up were plugged in 60% of the time and ones with official logos 90% of the time.

It is one thing for an average citizen to pick up a USB drive marked "DHS" and put it into a computer but another entirely for government workers supposedly trained on security risks to do so. It is reminiscent of the movie "Burn After Reading" where Brad Pitt finds a CD filled with another character's bank records and thinks it is top-secret information.

Bloomberg also notes that social engineering attacks are growing more sophisticated and are on the rise. According to security company Symantec's State of Spam and Phishing monthly report, phishing attempts rose 6.7% between June 2010 and May 2011. Phishing has become more targeted with "spear phishing" aimed at specific groups of individuals and "whale phishing" aimed at C-level executives.

"Rule No. 1 is, don't open suspicious links," Mark Rasch of Computer Sciences Corporation told Bloomberg. "Rule No. 2 is, see Rule No. 1. Rule No. 3 is, see Rules 1 and 2."

Once a phishing target clicks on a malicious link, it is likely that one of the top 25 software errors listed in the DHS guidance are being exploited. When it comes to security, the fact of the matter is that an organizations' own people are the biggest threat, not some esoteric group of hackers living in the Internet ether.
http://www.readwriteweb.com/archives...reat_to_se.php





US Govt. Plant USB Sticks in Security Study, 60% of Subjects Take the Bait

You can have all the firewalls and Internet security software in the world, but sometimes there’s just no accounting for human curiosity and stupidity.

Bloomberg reports that The US Department of Homeland recently ran a test on government employees to see how easy it was for hackers to gain access to computer systems, without the need for direct network access.

Computer disks and USB sticks were dropped in parking lots of government buildings and private contractors, and 60% of the people who picked them up plugged the devices into office computers. And if the drive or CD had an official logo on it, 90% were installed.

The full report on the Homeland Security study is due to be published later this year.

You may remember the Stuxnet Microsoft Windows worm last year, which targeted industrial software and equipment. Basically, computers with no external network connections were infected with the worm through what was thought to have been contaminated hardware, such as USB drives.

We’ve written a lot about IT security of late, much of which was related to the LulzSec hackers. Whilst systems that are pretty robust and ‘secure’ are still susceptible to hacks from those hellbent on causing havoc, it seems that the inherent curiosity and carelessness of humans is still at the root of many problems.

All this points to the much-used ‘user error’ acronym, PICNIC: problem in chair, not in computer.

Mark Rasch, director of network security and privacy consulting for Falls Church, Virginia-based Computer Sciences Corp., told Bloomberg:

“There’s no device known to mankind that will prevent people from being idiots.”
http://thenextweb.com/industry/2011/...take-the-bait/





Groupon Leaks Entire Indian User Database

Dude where's my .sql?
Patrick Gray

The entire user database of Groupon's Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google.

The database includes the e-mail addresses and clear-text passwords of the site's 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address and password pairs.

Grzelak used Google to search for SQL database files that were web accessible and contained keywords like "password" and "gmail".

"A few hours and tweaks later, this database came up," he said. "I started scrolling, and scrolling and I couldn't get to the bottom of the file. Then I realised how big it actually was."

Interesting...!

Since leaving a security consulting position with Australian information security company Stratsec, Grzelak has been working on a start-up gaming media company with two friends.

As a side project, he created shouldichangemypassword.com, a website that allows any Internet user to search a database of known-compromised e-mail address and password pairs to see if their password has been compromised.

Grzelak was searching for more compromised accounts to add to the website's database when he stumbled across the Sosasta database.

The shouldichangemypassword.com database includes leaked or stolen account information from 17 recent high-profile breaches. "There are now... 1.3 million records on the site," he said. "All the LulzSec releases are included as well as data from other high profile incidents such as the Mt. Gox Bitcoin exchange hack and the Gawker breach from a year ago."

Grzelak contacted Risky.Biz after the Sosasta discovery to seek advice on disclosure. This website contacted the CEO of Groupon, Andrew Mason, who called back personally within 24 hours of initial contact.

The database was removed immediately and the company has launched an internal investigation to find out how it wound up publicly accessible in the first place.

Groupon is notifying all its Sosasta users of the incident and is advising them that the passwords they used on the website are now compromised and cannot be relied upon to secure other accounts.

Grzelak, meanwhile, says this type of accidental disclosure is actually quite common. "There are thousands of these databases indexed by Google," he said. "This just happened to be by far the biggest I found."

Groupon's statement is below:

On Friday morning India time (Thursday night Central US time), Groupon was alerted to a security issue potentially affecting subscribers of Sosasta, a website acquired by Groupon in January 2011.

After being alerted to this issue by an information security expert, we corrected the problem immediately. We have begun notifying our subscribers and advising them to change their Sosasta passwords as soon as possible. We will keep our Indian subscribers fully informed as we learn more.

Sosasta runs on its own platform and servers, and is not connected to Groupon sites in other countries.

We are thoroughly reviewing our security procedures for Sosasta and are implementing measures designed to prevent this kind of issue from recurring.

This issue does not affect data from any other country or region.

Groupon takes security and privacy very seriously. Our users' trust is of paramount importance to us and we deeply regret this incident. We will provide more information as soon as possible.

http://risky.biz/sosasta





Please Hacker Don’t Hurt Us: The Media’s Coverage Of LulzSec Has Been Cowardly and Pathetic
Paul Carr

“There can be no higher law in journalism than to tell the truth and to shame the devil ” – Walter Lippmann

So, that’s it. The hacking group known as LulzSec has called off its vandalism spree, three days after releasing its one meaningful “payload”: a batch of documents from the Arizona Department of Public Safety. Bold promises of similar data dumps, including “five gigabytes of government and law enforcement data from across the world“, were apparently just that; promises.

Still the Arizona release was serious enough on its own, comprising details of police use of informants and the names and home addresses of police officers and their families. The hack, we’re told, was in retaliation for SB1070, the Arizona immigration law which many have (rightly) argued encourages racial profiling. This despite the fact that blaming individual Arizona officers (and their families) for a state senate law is as wrong-headed as holding a single US army private accountable for the entire Iraq war.

But digging too deeply into LulzSec’s motives is like wrestling with a pig. What we’re dealing with here — with LulzSec, and with groups like Team Poison who released details of Tony Blair’s dentist in “protest” for the former British prime minister’s foreign policy — is a small group of angry, technologically savvy post-adolescents rebelling against authority. Post-adolescents who, as I wrote in the Guardian earlier this week, “in previous generations… would organise protest marches or start angry magazines or accidentally blow themselves up trying to make a pipe-bomb from The Anarchist Cookbook“. The only difference is that in previous generations those kids rarely had the resources to pose a danger to anyone other than themselves. Today the Internet gives them the ability to do real harm, and to risk actual innocent lives.

But, still, kids will be kids and by the time they limp out of federal prison, twenty years hence, they’ll be older and wiser. What’s far harder to comprehend is why so many fully-grown adults are happy to publicly support even the hackers’ most criminally-negligent activities.

Across the Internet, LulzSec’s Arizona hack and the morally incoherent justification that followed was met with an alarming amount support; applause even. “Who represents us in government? We have no voice, and it’s time to take it back.” wrote one commenter here on Techrunch; “I love these guys, good job :) I think we need a little revolution ala middle east in the US: Less government regulations, pro immigration laws, legalize drugs” said another. Meanwhile, over on the snappily titled “How the Media Gets it Wrong On Infosec” blog, LulzSec supporter ‘Laurelai Bailey’ added to the chorus of praise, suggesting that if the authorities really want to stop hackers then rather than arresting them “they would work to defuse the anger and outright hate people feel toward the government these days, they would take steps to show people that they are not the bad guys and stop taking such a hard approach. “

Yes, because if only the government were nicer, then teenagers would stop being so damn angry. And if only the students and teachers at Columbine hadn’t been so mean to those two nice boys then all that unpleasantness could have been avoided.

Please.

One might expect more measured coverage of the attacks from members of the professional media. Indeed, my former colleagues at the Guardian published a series of critical articles about LulzSec, including logs from one of the group’s IRC channels and an account of the events that lead to the arrest of alleged Anonymous member Ryan Cleary. The LA Times’, too, did some solid reporting, including Salvador Rodriguez’s interview with Jimmy Chavez, president of the Arizona Highway Patrol Association, who argues “our guys are out there doing what they’re supposed to be doing, and they put themselves in harm’s way every single day. They don’t need any additional pressure on them from a — let’s just call it what it is — a terrorist organization.”

Incredibly, though, most journalists were all too happy to hop aboard the “Lulz Boat”. On Friday, the BBC’s Susan Watts conducted an interview with a spokesperson for the group, publishing a transcript that was almost indistinguishable from a celebrity fluff piece, with questions like “What is Operation Antisec in your own words?” and “Why are they (other hackers) attacking you and claiming to expose you?” The closest Watts got to challenging the group was to point out how their stated aims — to destroy copyright, and to oppose Arizona’s immigration law — seemed a bit broad. Faced with the baffling incoherence of the spokesperson’s answer — “Cannonballs will fire at banks, police, and entire governments until we (the internet) are satisfied” — she simply moved on to the next question.

And if the performance of traditional reporters was bad, that of online journalists and bloggers was downright shameful. The majority of online publications chose to take — at best — a morally ambivalent position over the hacks or — at worst — a supportive one. Boingboing happily republished chunks of text and imagery from the Arizona documents without any consideration of the morality of how they were obtained; Gawker’s Adrian Chen provided another spokesperson for the group with a self-promotional platform; while PCWorld’s Tony Bradley even argued that “We Owe LulzSec a Thank You” (for exposing holes in security). Even today, when the group made the frankly ludicrous claim that they had always planned to disband after fifty days (despite telling Susan Watts to expect more leaks on Monday), most reporters simply repeated the statement as fact rather than making any attempt to discover the real cause of the volte-face.

I’d love to say that we at TechCrunch provided a refreshing exception to this media trial-by-handjob; but we didn’t. Every LulzSec release was faithfully and uncritically reported on these pages, and in one case we even helpfully provided a link to the stolen Arizona documents that gave the home address of police officers (the link was later removed).

I mean, I get it. I really do. A lot of reporters covering the tech beat, particularly those writing online, are barely out of high school themselves and are naturally inclined to be generous towards their peers — they read LulzSec’s claims of sticking it to the man and they think “yeah, fuck the man”. That’s why young journalists need experienced editors, and why a lack of professional editorial control is the greatest hurdle to the maturation of online reporting.

But naivety is just the minor factor in the lack of critical reporting of LulzSec. The major factor is fear. Journalists are terrified that if they make so much as a murmur of criticism against cyber-criminals then they might find themselves the victims of a hack. It’s far safer just to report the most basic facts, perhaps along with a positive quote or two from the criminals, and then dive back behind the barricades; a display of moral and physical cowardice parodied rather wonderfully this week by the Daily Show’s John Hodgman.

Of course, no-one wants to see their personal emails splashed all over the Internet, or their website DDOS’d — it’s embarrassing, annoying and potentially costly. The few publications who dared to criticize LulzSec are doubtless aware that they risk retaliation: particularly the Guardian who took a similar risk earlier this year when they started to report critically on their former source, Julian Assange. But news is news and crime is crime and, when lives are put at risk by criminals, it’s the responsibility of a professional journalist to hold those criminals to account without fear or favor.

Students of journalism might recall that Irish journalist Veronica Guerin was shot in retaliation for her reporting on organized crime and drugs. In Pakistan, American journalist Daniel Pearl was beheaded by Al-Qaeda while reporting a story on shoe bomber Richard Reid. According to the Committee to protect journalists, since 1992 615 journalists have been murdered for doing their jobs.

Given how many of their colleagues have made the ultimate sacrifice in pursuit of truth, any “journalist” who gives an easy ride to a group of kids risking innocent lives “for the lulz”, just because they’re scared of having their Amazon account hacked or receiving a barrage of late night pizza deliveries, might want to consider an urgent change of career.
http://techcrunch.com/2011/06/26/the...that-squeaked/





NBC News: Hacker Attack Cripples al-Qaida Web Communications

Digital assault is similar to one last year linked to UK government
Pete Williams Justice correspondent

Computer hackers shut down al-Qaida's ability to communicate its messages to the world through the Internet, interrupting the group's flow of videos and communiqués, according to a terrorism expert.

"Al-Qaida's online communications have been temporarily crippled, and it does not have a single trusted distribution channel available on the Internet," said Evan Kohlmann, of Flashpoint Global Partners, which monitors the group's communications.

The attack was carried out within the past few days by unknown hackers targeting al-Qaida's Internet communications systems. It was "well coordinated and involved the use of an unusual cocktail of relatively sophisticated techniques," Kohlmann said.

"My guess is that it will take them at least several days more to repair the damage and get their network up and functioning again," he said.

A year ago, al-Qaida's Internet communications suffered a similar hacker attack.

British newspapers reported earlier this month that the the UK government hacked into an al-Qaida website last year and inserted recipes for making cupcakes in place of instructions on how to build bombs. The target was the group's English language magazine, "Inspire," intended for Muslims in the West. The magazine is the product of al-Qaida in the Arabian Peninsula, based in Yemen.

Instead of an article called "Make a Bomb in the Kitchen of Your Mom," the online magazine contained recipes from a book assembled by talk show host Ellen DeGeneres. It took the terrorist group nearly two weeks to restore its original posting.

Kohlmann said the latest incident "once again appears to bear the telltale fingerprints of government-sponsored hackers."
http://www.msnbc.msn.com/id/43584213...news-security/





Anonymous Picks Up Where Lulzsec Leaves Off with New Hack

Anonymous has moved back into the limelight.
Nick Ross

With the notorious Lulzsec hacking group having announced its retirement yesterday, the Anonymous hacking group has stepped back into the fore.

The group Tweeted: Little teaser while we work on the actual release: Ever interested in anti-cyberterrorism training?

It has uploaded a "counter cyber-terrorism training file" to the internet. At first it was believed to come from a private security firm which was knocked offline (possibly due to excess traffic) as the story broke. However, it now appears as though the material may have come from a disc published in 2009 by America's FEMA (Federal Emergency Management Agency) Counter Terrorism Defense Initiative training program. It is unclear where the disc's information actually was obtained from.

According to the website: "Using a mobile computer lab, SENTINEL provides free cybersecurity training directly to centralized rural and metropolitan areas of critical need across the country. The training focuses on enhancing the prevention, preparedness, and response capabilities of local, state, tribal, and rural public safety jurisdictions."

Among the files are:-

Many documents and links to security and hacking resources that are freely available on the internet.

Lists of FBI bureau addresses throughout the USA.

Stock letters on how to officially request user information from Internet Service Providers and obtain warrants.

Numerous hacking and counter-hacking tools.

Assimilating Lulzsec

With Lulzsec's last action being to pledge its Twitter support over to the @AnonymousIRC account, the latter picked up 60,000 new followers in 24 hours. The account just broke 100,000 followers and is growing fast. It also Tweeted:

We can confirm that all @LulzSec members have reported aboard. #AntiSec will have full support from #Anonymous and LulzSec. Expect us, soon.

This suggests that Lulzsec is likely to have disbanded only notionally with observers saying that its high-profile antics gave the individuals involved too much attention from rival hackers and law enforcement. By merging back into the larger Anonymous collective, it will be harder for individuals to be identified.

It looks like there will be many more leaks to come with Anonymous subsequently Tweeting (in what may be a related incident):-

We found a huge chest of 40 Terabytes internal data from some $evilcompany. Unsure how to carry, as most boats would sink. :/ #AntiSec
http://www.abc.net.au/technology/art...27/3254252.htm





Citing Homeless Law, Hackers Turn Sights on Orlando
Don Van Natta Jr.

The hacker group Anonymous has declared a cyberwar against the City of Orlando, disabling Web sites for the city’s leading redevelopment organization, the local Fraternal Order of Police and the mayor’s re-election campaign.

Anonymous, a large yet loosely formed group of hackers that claimed responsibility for crashing the Web sites of MasterCard and the Church of Scientology, began attacking the Orlando-based Web sites earlier this week.

The group described its attacks as punishment for the city’s recent practice of arresting members of Orlando Food Not Bombs, an antipoverty group that provides vegan and vegetarian meals twice a week to homeless people in one of the city’s largest parks.

“Anonymous believes that people have the right to organize, that people have the right to give to the less fortunate and that people have the right to commit acts of kindness and compassion,” the group’s members said in a news release and video posted on YouTube on Thursday. “However, it appears the police and your lawmakers of Orlando do not.”

A 2006 city ordinance requires organizations to obtain permits to feed groups of 25 people or more in downtown parks. The law was passed after numerous complaints by residents and businesses owners about the twice-weekly feedings in Lake Eola Park, city officials said. The law limits any group to no more than two permits per year per park.

Since June 1, the city police have arrested 25 Orlando Food Not Bombs volunteers without permits as they provided meals to large groups of homeless people in the park. One of those arrested last week on trespassing charges was Keith McHenry, a co-founder of the first Food Not Bombs chapter in 1980 in Cambridge, Mass. He remained in the Orange County Jail on Thursday awaiting a bond hearing.

This week Anonymous offered a “cease-fire” if no volunteers were arrested during Wednesday evening’s feeding of the homeless. But the police arrested two volunteers, and on Thursday morning Anonymous disrupted the Web site Downtown Orlando, which promotes redevelopment there and is run by the city. An organization spokeswoman confirmed the attack but declined to comment, referring questions to the mayor’s office.

A spokeswoman for Mayor Buddy Dyer, whose re-election campaign site was disabled on Tuesday, called the attack on the Downtown Orlando site an “inconvenience.” She said the city would not change its policy of arresting volunteers who feed homeless people without a permit.

“We will continue to enforce the city ordinance,” said the spokeswoman, who asked not to be identified out of a concern she would become a target of Anonymous. “We must continue to focus on what our Orlando residents want and not the desires of others from outside the community.”

The attack on the Orlando Web sites was the second on a city or state government in two weeks. Last week, hackers gained access to the computer system of the Arizona Department of Public Safety and released law-enforcement records.

The Federal Bureau of Investigation and the Orlando Police Department are investigating, officials said.

Members of Orlando Food Not Bombs condemned the cyberattacks. “We have absolutely nothing to do with Anonymous or any other group that is doing this kind of thing,” said one member, Ben Markeson. “And what Anonymous is doing is a distraction from the real issue at hand.”

Mr. Markeson said the Orlando mayor and City Council members had attempted to “criminalize poverty” by passing a series of ordinances intended to “hide the homeless.”

“Mayor Dyer wants to hide the poor and the hungry people living in our community,” he said.

The mayor’s spokesman denied the allegation, saying: “Nothing could be further from the truth. The city has a strong relationship with our region’s homeless providers and will continue to dedicate resources and services that assist our homeless population.”

Anonymous has become known for prominent denial-of-service attacks on high-traffic Web sites. A denial-of-service attack takes place when an overwhelming crush of Web traffic is intentionally sent to a Web site until it is incapacitated and knocked off line.

Anonymous members rallied a call-to-arms against the city as part of a campaign it dubbed Operation Orlando. Its members promised that future arrests of volunteers helping the homeless would be met with fresh attacks. “For every arrested person,” the group said on Twitter, “Anonymous will deface or assault TEN websites in Orlando.”

Nick Bilton contributed from New York.
https://www.nytimes.com/2011/07/01/us/01orlando.html





iOS 5 Targets Longtime iPhone Jailbreak Exploit
Josh Lowensohn

The software hole involved in a popular method for jailbreaking Apple's iOS devices has reportedly been patched by the company as part of iOS 5, the free system software update that's due out later this year.

Digging through the beta version of iOS 5, which Apple made available to developers earlier this month, the iPhone Dev-Team--a group of hackers that targets Apple devices and is not to be confused with Apple's group that designs the iOS software--has discovered a change that threatens to close a loophole the group has long exploited.

"Those of you who have been jailbreaking for a while have probably heard us periodically warn you to 'save your blobs' for each firmware.... Saving your blobs for a given firmware on your specific device allows you to restore *that* device to *that* firmware even after Apple has stopped signing it," the group wrote on its blog yesterday. "That's all about to change."

The group says Apple has implemented a system that checks for a uniquely generated chunk of data each time the phone is restored. The problem there is that only Apple has the keys to unlock that code to let the phone boot up successfully. The end result is that jailbreaking methods that took advantage of that vulnerability could be endangered if that same system is employed in the final version of the software.

The iPhone-Dev Team notes that "there may still be ways to combat this" but that it's not showing its cards just yet, since it might give Apple time to make a fix ahead of a general release. "They've stepped up their game!" the group said of Apple's security efforts.

Apple's iPhone and other iOS devices continue to be hot targets for hackers. Ahead of the release of the App Store, one of the most popular reasons to jailbreak an iOS device was to be able to install third-party software. Even after the launch of the App Store, places like third-party app repository Cydia became destinations for developers who couldn't get their applications through Apple's approval process. Another popular reason was to unlock the iPhone so that it would work on other carriers, an option Apple now offers to U.S. buyers at a hefty price premium.

iOS 5 is due out this fall. Last week Apple released a second beta of the software to developers so they could use it to test their applications for compatibility with the OS and its new features. The first beta of the software was allegedly jailbroken by a member of the iPhone-Dev Team in less than 24 hours.
http://news.cnet.com/8301-27076_3-20...lbreak-exploit





Rootkit Infection Requires Windows Reinstall, Says Microsoft

New malware hides in the PC's Master Boot Record, fools cleaning attempts
Gregg Keizer

Microsoft is telling Windows users that they'll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine's boot sector.

A new variant of a Trojan Microsoft calls "Popureb" digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center (MMPC), said last week on the group's blog.

"If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state," said Feng.

A recovery disc returns Windows to its factory settings.

Malware like Popureb overwrites the hard drive's master boot record (MBR), the first sector -- sector 0 -- where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks. Because it hides on the MBR, the rootkit is effectively invisible to both the operating system and security software.

According to Feng, Popureb detects write operations aimed at the MBR -- operations designed to scrub the MBR or other disk sectors containing attack code -- and then swaps out the write operation with a read operation.

Although the operation will seem to succeed, the new data is not actually written to the disk. In other words, the cleaning process will have failed.

Feng provided links to MBR-fixing instructions for XP, Vista and Windows 7

Rootkits are often planted by attackers to hide follow-on malware, such as banking password-stealing Trojans. They're not a new phenomenon on Windows.

In early 2010, for example, Microsoft contended with a rootkit dubbed "Alureon" that infected Windows XP systems and crippled machines after a Microsoft security update.

At the time, Microsoft's advice was similar to what Feng is now offering for Popureb.

"If customers cannot confirm removal of the Alureon rootkit using their chosen anti-virus/anti-malware software, the most secure recommendation is for the owner of the system to back up important files and completely restore the system from a cleanly formatted disk," said Mike Reavey, director of the Microsoft Security Response Center (MSRC), in February 2010.

Since then, Microsoft has added a check for the Aluereon rootkit to all security updates so that when the malware is detected, the updates are not installed.
http://www.computerworld.com/s/artic...says_Microsoft





Massive Botnet 'Indestructible,' Say Researchers

4.5M-strong botnet 'most sophisticated threat today' to Windows PCs
Gregg Keizer

A new and improved botnet that has infected more than four million PCs is "practically indestructible," security researchers say.

"TDL-4," the name for both the bot Trojan that infects machines and the ensuing collection of compromised computers, is "the most sophisticated threat today," said Kaspersky Labs researcher Sergey Golovanov in a detailed analysis Monday.

"[TDL-4] is practically indestructible," Golovanov said.

Others agree.

"I wouldn't say it's perfectly indestructible, but it is pretty much indestructible," said Joe Stewart, director of malware research at Dell SecureWorks and an internationally-known botnet expert, in an interview today. "It does a very good job of maintaining itself."

Golovanov and Stewart based their judgments on a variety of TDL-4's traits, all which make it an extremely tough character to detect, delete, suppress or eradicate.

For one thing, said Golovanov, TDL-4 infects the MBR, or master boot record, of the PC with a rootkit -- malware that hides by subverting the operating system. The master boot record is the first sector -- sector 0 -- of the hard drive, where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks.

Because TDL-4 installs its rootkit on the MBR, it is invisible to both the operating system and more, importantly, security software designed to sniff out malicious code.

But that's not TDL-4's secret weapon.

What makes the botnet indestructible is the combination of its advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by command-and-control (C&C) servers.

"The way peer-to-peer is used for TDL-4 will make it extremely hard to take down this botnet," said Roel Schouwenberg, senior malware researcher at Kaspersky, in an email reply Tuesday to follow-up questions. "The TDL guys are doing their utmost not to become the next gang to lose their botnet."

Schouwenberg cited several high-profile botnet take-downs -- which have ranged from a coordinated effort that crippled Conficker last year to 2011's FBI-led take-down of Coreflood -- as the motivation for hackers to develop new ways to keep their armies of hijacked PCs in the field.

"Each time a botnet gets taken down it raises the bar for the next time," noted Schouwenberg. "The truly professional cyber criminals are watching and working on their botnets to make them more resilient against takedowns or takeovers."

TDL-4's makers created their own encryption algorithm, Kaspersky's Golovanov said in his analysis, and the botnet uses the domain names of the C&C servers as the encryption keys.

The botnet also uses the public Kad P2P network for one of its two channels for communicating between infected PCs and the C&C servers, said Kaspersky. Previously, botnets that communicated via P2P used a closed network they had created.

By using a public network, the criminals insure their botnet will survive any take-down effort.

"Any attempt to take down the regular C&Cs can effectively be circumvented by the TDL group by updating the list of C&Cs through the P2P network," said Schouwenberg. "The fact that TDL has two separate channels for communications will make any take-down very, very tough."

Kaspersky estimated that the TDL-4 botnet consists of more than 4.5 million infected Windows PCs.

TDL-4's rootkit, encryption and communication practices, as well as its ability to disable other malware, including the well-known Zeus, makes the botnet extremely durable. "TDL is a business, and its goal is to stay on PCs as long as possible," said Stewart, citing the technologies that make the botnet nearly impossible to knock offline.

Stewart wasn't shocked that the TDL-4 botnet numbers millions of machines, saying that its durability contributed to its large size.

"The 4.5 million is not surprising at all," Stewart said. "It might not have as high an infection rate as other botnets, but its longevity means that as long as they can keep infecting computers and the discovery rate is small, they'll keep growing it."

Stewart pointed out that TDL-4's counter-attacks against other malware was another reason it's so successful.

"That's so smart," he said, adding that disabling competing malware -- which likely is much easier to detect -- means it has an even better chance of remaining on the PC. If other threats cause suspicious behavior, the machine's owner may investigate, perhaps run additional security scans or install antivirus software.

TDL-4's makers use the botnet to plant additional malware on PCs, rent it out to others for that purpose and for distributed denial-of-service (DDoS) attacks, and to conduct spam and phishing campaigns. Kaspersky said TDL-4 has installed nearly 30 different malicious programs on the PCs it controls.

But it's able to remove any at will. "TDL-4 doesn't delete itself following installation of other malware," said Golovanov. "At any time [it] can ... delete malware it has downloaded."

This is one dangerous customer, Stewart concluded.

"For all intents and purposes, [TDL-4] is very tough to remove," Stewart said. "It's definitely one of the most sophisticated botnets out there."
http://www.computerworld.com/s/artic...ay_researchers





How Symantec Cracked Stuxnet
David Strom

The story behind Stuxnet, the malware targeted at an Iranian nuclear processing station, has been known in general since last fall when a team of researchers at Symantec released this document, which we covered at the time in our article here. But seeing is believing. I had a chance to attend a special briefing at Symantec's headquarters in Mountain View, Calif. where Patrick Gardner, a director in their security group, actually showed us what was involved. It was a real thrill.

Stuxnet was a very sophisticated piece of software, some 10,000 lines of code that took man-years to develop. Symantec started seeing versions of the malware up to a year before the actual attack last June, they just had no idea what they were looking at until things started to happen at the nuclear facility. They eventually reverse engineered the entire code with a team of three working full time for several months.

The software is extremely specific, targeting a particular programmable logic controller from Siemens that runs a series of 9,000 different centrifuges used in Uranium separation. The malware package ultimately destroyed about 1,000 of them, causing a considerable amount of damage and setting back the Iranian nuclear program a year or more.

The plant's computer network had what is called an "air gap" between the PCs that were used to interact with the Siemens controllers, and the ordinary business network of the plant that had an Internet connection. This means that Siemens-connected PCs had no direct Internet access themselves, which is just good security practice. So how did these PCs get infected? As it turns out, it was human error!

The authors targeted the five potential subcontractors of the plant, knowing that eventually a worker at one of them would carry their laptop into the plant and use a thumb drive to load some software onto the controller PCs. The virus used a special zero-day attack that hadn't been seen previously that changed a Windows file icon shown in Explorer so that just viewing the file would compromise the PC.

Once this happened, Stuxnet got to work. Ironically, its first task was to sit dormant and just record the controller traffic and responses for two weeks, without doing anything to disrupt the controllers or other plant operations. Once it gathered this data, it began to infect the controllers. Also, because of the way the virus was constructed, there was no way to use ordinary debugging tools in Step7 to see what code the Stuxnet authors had added to foul up things: it looked the same as the normal controller programs. That was pretty clever programming.

At the Symantec briefing, they had brought along an actual Siemens controller to show first-hand what was likely to have happened. It was a small box about the size of a loaf of bread. Connected to it was an automatic air pump, like the kind that you might carry in the trunk of your car to inflate your spare tire. The first demo showed "normal" operations, where the pump would run for three seconds to inflate a balloon. (No, we didn't get to see any nuclear materials in use; that would have been too much.) Then we ran Stuxnet, and it changed the controller to run the pump continuously, and of course the balloon exploded.

The Stuxnet authors (no one is saying definitively who they are, but you can imagine some very well-funded state-sponsored operation) had access to the exact factory layout in Iran where the controllers were located. What this means is that factory plans were stolen or compromised so the authors of the virus knew where the pumps, motors, and other equipment were located and connected to each other. This is because the software was designed for this specific layout and no other. Stuxnet wouldn't harm another plant using the same Siemens' equipment.

"There had to be some kind of data exfiltration, as well the skills needed to do the programming," said Gardner. And the programming skills were very sophisticated. There were 15 different modules to the software, and five different concealing mechanisms built-in. There were also two rootkits, one for the host PC and one on the Siemens controller itself running a special embedded OS called Step7. The virus authors also had stolen two digital certificates also from companies that were physically adjacent to each other in a Taiwan business park. Why two? Because the first one was discovered and expired before the virus could be deployed. All in all, there were six zero day infections coded into the virus. To give you an idea of this scope, Symantec found all of 14 total zero day attacks in all of 2010.

As the virus took action, it spun up and spun down the centrifuges beyond their normal operational frequencies, essentially damaging them. While this was happening, the two weeks' of controller traffic was being replayed to the plant operators, so they wouldn't suspect anything was wrong until the machines literally started breaking apart. The virus also disabled the kill switches built into the controllers, so they essentially couldn't be shut down.

What was going through my mind during this demo was: what next? The Stuxnet team wasn't going to stop with this effort. The next one may be even more chilling.

NB: I have done some consulting work for Symantec over the past few years on a variety of security-related projects.
http://www.readwriteweb.com/hack/201...ed-stuxnet.php





LulzSec Download Carried Trojan

Now if you try to get to LulzSec's downloads on The Pirate Bay, the file-sharing site has removed them for now.
Suzanne Choney

Hackers LulzSec left behind a Trojan horse in one of the files it made available for download as part of its 50-day hacking spree. And even though it warned users about the file, many have apparently downloaded it. Some security researchers believe the Trojan is not harmful. But its existence has caused some confusion.

The Pirate Bay, the file-sharing site where LulzSec posted the files, has now deleted all the files, which included the sharing of undercover plans and personal information, including email addresses and phone numbers, of Arizona law enforcement, as well as files from AOL and AT&T.

Going to the link that LulzSec had given leads to the "not found" page shown above.

"Thepiratebay does not allow files that are mislabeled, or contain virus/trojan's, or child pornography," said The Hacker News. "Being as how this torrent was extremely popular, it may have infected 100's of thousands of people already."

Those who may have downloaded the files can check virus information here, on the VirusTotal website, the site said.

Last Saturday, when LulzSec said it was disbanding, it left a P.S. at the end of its "press release" about one of the files, saying "In 'AT&T internal data.rar,' do not open 'BootableUSB/Program Files/WinRar/WinRar v3.71 exe,' as it is malware (due to AT&T using a pirated copy of WinRar)," a shareware/file compression utility.

"It turns out that the RAR file offered as a torrent download is infected with a backdoor of the 'RBOT' class of malware," wrote Kevin McAleavey on InfoSec Island, a website for IT and security professionals. "This type of malware was commonly used by the lulzsec 'hackers' to own other machines, but is a different variant of the tools they normally used to expand their botnet."

On Monday, "26 of the 42 security companies whose scanning products can be tested on the VirusTotal Web site reported that a file within LulzSec's "AT&T internal data" folder was malware, designed to give hackers remote access to the victim's computer," said Computerworld:

“But by Monday night Kaspersky Lab, McAfee and Trend Micro all reported that this was incorrect. According to Roel Schouwenberg, a researcher at Kaspersky Lab, other companies are flagging the file as a Trojan because it used pirated WinRar compression software that made the file look very similar to known malicious programs. These pirated compression programs are often used to compress malicious files and "a lot of companies are quite aggressive with these detections," he said in an interview.”

Will the removed files reappear? Hacker News believes they will: "Lulzsec's account on thepiratebay was not banned so they are cleared to upload the same torrent again without the alleged 'trojan.' "

And hacking group, Anonymous, which LulzSec allied itself with in recent weeks in the "Anti-Security," or #AntiSec effort, noted on Twitter: "We will see to get a clean torrent up ASAP."
http://technolog.msnbc.msn.com/_news...arried-trojan-





AntiSec Releases Sensitive Government And Corporate Data
Michael Ide

Newly formed hacker collective AntiSec has released a truckload of sensitive data belonging to various governments as well as entertainment companies Universal Music Group and Viacom.

AntiSec, which is comprised of members of the disbanded hacker group LulzSec and Anonymous, released a batch of files for download on file sharing platform The Pirate Bay on Tuesday.

The files leaked by the hacker group include network data belonging to the governments of Zimbabwe, Australia and Anguilla. The group also released user names and passwords belonging to the Universal Music Group website and server information on TV giant Viacom.

“This chest of booty may not be interesting for everyone, but rest assured: #AntiSec vessels are keeping lots of very valuable loot aboard; the crews are currently working hard to sort the loot in a way that even the lousy media sailboats are able to just grab it and sail away. You will be hearing very soon of us,” the group said in a message posted alongside the download package, CNET reports.

The release comes only a few days after LulzSec decided to disband the group after 50 days of hacking and sacking servers belonging to organisations including the US Senate and the CIA.
http://www.itproportal.com/2011/06/2...#ixzz1QiG832Eq





FBI Raids Iowa Woman’s Home in Lulz Security Hacker Investigation
Adrian Chen

The hacking group Lulz Security ended its 50-day reign of terror this weekend, but law enforcement's hunt for its members will go on. Last week, FBI agents raided an Iowa woman's home because of her connections to the group.

At about 11 am last Thursday, 29-year-old Laurelai Bailey heard a knock at her Davenport, Iowa home. She found around eight FBI agents swarming at her doorstep, search warrant in hand. But the agents politely "told me they weren't there to arrest me," Bailey tells us in an interview.

Instead, they had some questions about hackers Bailey had been hanging out with online. They told Bailey they were investigating a February attack against the security firm HBGary by an elite group of hackers associated with the hacktivist collective Anonymous. Those hackers would later break away from Anonymous to form Lulz Security, who attacked the FBI, PBS, and the CIA in a well-publicized spree before calling it quits this weekend amid increasing pressure and the arrest of a purported member in England.

Bailey's conversation with the feds lasted about five hours, during which she told them everything she knew. But Bailey says she knew nothing that anyone couldn't find out themselves, using leaked chat logs and Google. The feds also asked if she could infiltrate the group.

FBI Raids Iowa Woman's Home in Lulz Security Hacker Investigation"They wanted to know if I could get close to them," Bailey says. "I told them these people hate me... it wouldn't do any good." Bailey says Lulz Security hackers hold a grudge against her for leaking logs from the secret chat room in which they planned the HBGary hack—which she says she did in retaliation for them harassing some of her friends. (We later published an article based on the logs.) When the interview was over, the agents carted off a couple of her hard drives, her camera and other computer equipment.

According to Bailey, the agents who interviewed her were specifically interested in a member of Lulz Security who goes by the handle "Kayla." "Anytime I mentioned her, they seemed particularly interested," Bailey says.

Little is known for sure about Kayla: She was instrumental in the HBGary attack and was a founding member of Lulz Security. She's claimed to be a 16-year-old girl, though rumors persist that she's actually a 20-something guy from New Jersey. Others speculate Kayla is Taiwanese, or actually a sockpuppet controlled by many different people. Her purported Twitter account is made up of infuriatingly opaque status updates about going partying and going on vacation. The most recent: "right gonna go get rdy bye twitter :-)".

Bailey says Kayla is "friendly" but mysterious, limiting their exchanges mostly to public tweets.

But Bailey insists she was never a member of LulzSec, nor has she ever engaged in illegal hacking. In the chat logs she leaked, she is seen chatting freely with the hackers as the HBGary hack unfolded, offering advice, kibitzing—even giving suggestions for a logo. But she says she became close to the hackers through her involvement with Crowdleaks, a Wikileaks-focused news website. She claims she was in the room during the HBGary hack simply acting as a reporter for Crowdleaks.

Although she's not worried about getting in trouble with the law, the raid has already screwed up her life in another way. After she chatted with a friend online about the raid last week, the record of their chat was leaked in a document which portrayed her as a member of LulzSec "snitching" on her fellow hackers. The document included her real name and contact information, and the association with Lulz Security caused her to lose her job in tech support.

"They fired me… because I was apparently making the company look bad," Bailey said.

The raid of what appears to be an insignificant figure in the Lulz Security universe offers a glimpse into how the authorities are going about catching the notorious hackers. It's not just complicated computer forensics, which will likely lead to dead ends if the hackers were smart enough to cover their tracks. Everyone LulzSec hackers have come into contact with over their entire hacking careers will be swept up in the investigation. Though Bailey said she had no smoking gun to offer the feds, someone might.
http://gawker.com/5816291





RIAA: Anonymous, LulzSec Hacks Prove Need for PROTECT IP Act!
Jared Moya

Says hacktivist group’s campaign against public websites like the US Senate, CIA, and more recently, the Arizona Police Dept, prove a “lawless Internet” is not a “good thing,” and that legislation like the PROTECT IP Act that would mandate DNS filtering of “rogue sites” is needed to restore order.

Leave it to the RIAA to rehash the usual bait-and-switch tactics of old when it comes to convincing the public that its own selfish commercial interests are really for the public good.

In a posting on its site it asks that Senators don’t waver on pending legislation that would require ISPs to block copyright infringing websites. Known as DNS filtering, the measure is part of the “Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011,” or the “PROTECT IP Act.”

The RIAA says the legislation is necessary to restore order to a “lawless Internet” where hacktivist groups like LulzSec and Anonymous are able to roam free.

“And in a world where hackers set their sights on new targets every day – most recently the official United States Senate website, allegedly the CIA’s public website and Arizona’s law enforcement database – do we think a lawless Internet defended to the extreme is a good thing?” it said.

Notice how the RIAA is combining two completely different topics? The RIAA is trying to make the case for filtering the Internet on the backs of hacktivist groups that expose the security flaws or misdeeds of others.

The RIAA’s failed business model is solely to blame for its woes, and yet it’s trying to argue that more laws are the panaca. You can’t forcibly turn consumers into paying customers any more that you can dictate who their favorite artists will be. Filtering the Internet won’t fix the music industry’s refusal to give music fans what they want and where they want it.

A group of 87 prominent engineers who played critical roles in the development of the Internet have warned in the past that DNS filtering risks “fragmenting the Internet’s global domain name system (DNS),” and would “create an environment of tremendous fear and uncertainty for technological innovation, and seriously harm the credibility of the United States in its role as a steward of key Internet infrastructure. ”

The RIAA dismisses this concern and points to other countries that have already implemented DNS filtering as proof the Web has not “broken,” but I’m inclined to believe the experts in their field that it is likely to happen.

Another criticism of the PROTECT-IP Act is that DNS filtering is easily circumventable, rendering the whole process an exercise in futility.

“That’s silly,” it said. “No enforcement program, either in law enforcement or civil litigation, can ever be expected to eradicate a problem. The perfect cannot be the enemy of the good. We know that there are dedicated hardcore users will find ways around the law regardless of what legal or technological barriers are erected. But isn’t it worthwhile to make it harder to find and access illicit sites that no one defends?”

How “dedicated” or “hardcore” do you have to be to use one of the thousands of free proxy servers that exist? Easier still one can simply enter the IP address of the affected site. It’s well known that teenagers are the music industry’s best customers, and yet they’ll be the most adept at bypassing the legislation.

There’s also the pesky fact that 75% of global P2P traffic takes place outside US borders. So if the bill manages to somehow miraculously cut P2P traffic in this country by half (very unlikely) we get down to an even more meager 12.5% of the problem as a whole, making the legislation further questionable.

Filtering the Internet won’t restore order to a “lawless Internet” any more that it will magically turn people into paying customers.

Using LulzSec and Anonymous to seemingly scare Senators into enacting the PROTECT-IP Act has nothing to do with the public interest, and everything to do with the RIAA’s continued reliance on law enforcement to fix a business model ill-suited for a digital world.

Has the RIAA realized that even if P2P were magically eliminated this very moment FREE MUSIC is still plentiful on the likes of YouTube, Pandora, Last.fm, etc.?

Stay tuned.
http://www.zeropaid.com/news/94073/r...rotect-ip-act/





Time to Close the Security Theater
Art Carden

You’ve probably heard about what columnist Gene Healy calls “the TSA’s latest ritual humiliation of an innocent traveler.” Just for the record, I don’t rest any easier knowing that the TSA is keeping me safe from wheelchair-bound 95-year old leukemia patients who might be hiding bombs in their adult diapers. Naturally, people are calling for reform. Keith Olbermann, for example, called for TSA administrator John Pistole to be fired.

Some of the fury over this continues to miss the point, though. The problem isn’t that the TSA is harassing the wrong people. The problem is that the TSA is harassing anyone. The TSA is encroaching on fundamental liberties and providing no discernable benefit. I’ve written before that the TSA should be abolished. The latest outrage is just more evidence in the case against a government administration we would be better off without.

The Transportation Security Administration does not provide transportation security. It provides what security expert Bruce Schneier calls “security theater.” The effect of the all the trimmings and trappings at airport security is to give travelers the impression that the government is going about Very Serious Business. The net effect, though, is perhaps a trivial increase in safety achieved at massive costs in terms of time, treasure, and lives: it is well known that driving is more dangerous than flying. By making flying less convenient, we encourage people to drive more. Substitution away from flying and toward driving costs lives, on net.

Naturally, the TSA responds to incidents like these by saying that the agents are highly trained and that they have followed proper procedure. This indicates a signal failing for the agency: if “doing it by the book” involves touching people in ways that would be considered sexual assault in virtually any other context or telling a 90-year old breast cancer survivor to remove her bra lest it contain explosives (as happened to a friend’s grandmother), then the book needs to be shredded and rewritten. Better yet, it needs to be replaced with a competitive market for air travel in which the airports, the airways, and the airliners are in private hands.

Some might object that private firms will have incentives to cut corners on safety. It is a legitimate concern, but competitive mechanisms tend to weed this out. It is important to remember too that just because competitive markets might not provide the best of all conceivable worlds doesn’t mean that government intervention can.

I’m coming to believe that one of the most dangerous phrases in the English language is “well, it could happen.” Yes, it could. But so could…well, anything. Just because something is possible doesn’t mean it is worth worrying about. Every day, we face much greater risks than terrorism without anxiety because the probability is so small. People have claimed that terrorism represents an “existential” threat to the United States. National security expert John Mueller puts it this way:

“Until 2001, far fewer Americans were killed in any grouping of years by all forms of international terrorism than were killed by lightning, and almost none of those terrorist deaths occurred within the United States itself. Even with the September 11 attacks included in the count, the number of Americans killed by international terrorism since the late 1960s (which is when the State Department began counting) is about the same as the number of Americans killed over the same period by lightning, accident-causing deer, or severe allergic reaction to peanuts.”

This hardly suggests an existential threat, let alone a threat that justifies harassing leukemia patients and breast cancer survivors at airport security. Unfortunately, we’re going to have these problems for as long as we have a TSA. No amount of “reform” will fix it–unless, of course, that “reform” is abolition.
http://blogs.forbes.com/artcarden/20...urity-theater/





Survey: Consumers Want Government to Protect Their Privacy Online
Gautham Nagesh

Two-thirds of consumers want the government to safeguard their privacy online and 81 percent want to add their names to a Do Not Track list, according to a May poll released Tuesday by Consumers Union.

The survey's release comes just one day before a Senate Commerce Committee hearing where lawmakers will hear testimony on three data privacy bills currently in front of the Senate.

Ioana Rusu, regulatory counsel for Consumers Union, is among the scheduled witnesses and will share the poll results as part of her testimony. Others sending representatives to testify include the FTC, FCC, Sony, and HP.

“Although we live in an age of extensive sharing, very few people would agree that every piece of information they transmit should be available to everyone, for any conceivable purpose,” Rusu said.

“In fact, a May Consumer Reports poll found that over 80 percent of respondents were concerned that companies may be sharing their personal information with third parties without their permission.”

Rusu will applaud the Consumer Privacy Bill of Rights introduced by Sens. John Kerry (D-Mass.) and John McCain (R-Ariz.) while encouraging the Senators to include Chairman Jay Rockefeller's (D-W.Va.) Do Not Track legislation as part of any bill.

Rusu will emphasized the need for national data breach security and reporting standards. HP chief privacy officer Scott Taylor will also speak in favor of federal privacy legislation.

“HP recognizes that consumer trust is a precious commodity that must be protected through good stewardship and robust privacy programs," said Taylor in his prepared remarks.

"Federal legislation can establish a uniform national standard for organizational accountability and improved consumer protection. It’s a win for consumers and the industry as a whole.”
http://thehill.com/blogs/hillicon-va...privacy-online





Internet Users Won't Stop File-Sharing, Study Says
Lyla Katz

A recent survey by British Internet service provider BE Broadband shows that a majority of Internet users do not plan to stop their file-sharing activities even if the Digital Economy Act becomes law.

The BE Broadband surveyed revealed that more than 94 percent of the several hundred respondents said they do not plan on changing their file-sharing habits despite the Digital Economy Act, which seeks to punish persistent infringers through lawsuits and even possible termination of their Internet connection.

Instead, the respondents said they will take methods to hide their IP address by using VPN and proxy services.

About 4 percent said they would reduce their use of filesharing software and about 1 percent said they would stop using the software altogether.

Digital Economy Act opponents, who include free speech and human rights activists, say it puts thousands of Internet users at risk of being wrongfully accused of illegal filesharing and being disconnected by mistake.
http://newswire.xbiz.com/view.php?id=135670





BitTorrent Turns 10: Happy Birthday!
Ernesto

When Bram Cohen first revealed BitTorrent on a public message board on July 2nd 2001, he never imagined it would quickly become one of the main generators of Internet traffic. Now, exactly a decade later, BitTorrent is used by hundreds of million of people worldwide. To celebrate BitTorrent’s 10th anniversary, Bram Cohen joins us to look back at the past and ahead to the future.

“My new app, BitTorrent, is now in working order, check it out here,” Bram Cohen wrote on a Yahoo! message board on July 2, 2001.

It was the first time a working copy of the BitTorrent code had been made available to the public, but the initial response wasn’t exactly overwhelming.

“What’s BitTorrent, Bram?” was the one reply he received on the board.

Despite this underwhelming response, BitTorrent was born. In the weeks and months that followed more people started to become aware of its potential. The music-sharing community Etree was one of the first paces where its full capacity was tested in the wild.

“Early tests used losslessly compressed audio files from Etree, a fan community where people could upload self-recorded concert footage by artists who allowed recordings. That kickstarted it all. Also, Slashdot gave us some early coverage that definitely attracted the attention of engineer influencers,” Bram told TorrentFreak.

It turned out to be the start of something big, something really big. Fast forward a decade and BitTorrent is part of the daily routines of millions of people. Hundreds of petabytes of data are transferred over BitTorrent every day and this number continues to rise.

Bram Cohen on BitTorrent’s 10 year anniversary

A question Bram probably heard a few times over the years is why he came up with BitTorrent in the first place. In hindsight this may seem to be a stupid question, but the idea behind BitTorrent wasn’t so obvious in the early 2000s.

“Fundamentally, I was trying to figure out how people on the Internet could utilize all the unused upstream bandwidth to make it faster to send huge files,” Bram told TorrentFreak.

“The technology has been a success in that it works the way I had envisioned and lots of people use it. However, there are many use cases where BitTorrent could potentially be applied, and as file sizes explode, the protocol is increasingly relevant,” he adds.

Today, BitTorrent does indeed utilize much of the consumer upstream traffic that would otherwise lie unused. In fact, recent estimates show that BitTorrent accounts for more than half of all upstream traffic on the Internet in many locations, including the United States.

However, as Bram emphasizes there is also a lot of untapped potential in BitTorrent. Only recently Twitter and Facebook discovered that BitTorrent was a life saver for them, and today its helping these tech giants distribute files across their servers faster and more efficiently than any other alternative. And the opportunities don’t end there.

Aside from everything that went right, the original BitTorrent code was also improved on many times in the last decade.

“There were two changes that had a significant impact,” Bram told us. “With the first in-the-wild testing in 2001, there was no Web integration or real UI. You had to do everything manually, which was awful. The Web UI in 2002 made it easy for anyone to use.”

“The second improvement was uTP, finalized last year. Overnight, BitTorrent became good Internet citizens, simply by voluntarily de-prioritizing our protocol traffic when a network is over-congested. We don’t cause network congestion today.”

But not only on the code side was significant progress made. In 2004 Bram Cohen co-founded the BitTorrent Inc. company to turn his increasingly popular file-sharing protocol into a business. Although the company is doing well today thanks to acquiring the popular BitTorrent client uTorrent in 2006, looking back Bram things he might do things differently if he could start over now.

“If I had to do it all over again, I’d have kept the company more focused on core technologies from day one. We have a lot of smart people who have a lot of great ideas, and on occasion have become distracted. Today, I’m very focused on live streaming.”

Looking ahead, streaming is one of the new territories where BitTorrent may play a more important role in the coming years. It can save publishers tens of thousands of dollars in distribution costs and allows everyone to stream content to large audiences.
“BitTorrent may be able to play a role in creating experiences for stuff to start playing as soon as you hit a Web page, for example. Streaming is also going to play a role, outside of Live streaming, the new protocol I’m building.”

“Also, until bandwidth becomes virtually free, BitTorrent adds value to the ultimate goal of moving large files. People are now not only consuming huge files, but creating and sharing them as well. Cell phone videos, hi-res pics come to mind. Who wants to create quality content and then destroy the quality just so someone else can see it?”

Today, demand for BitTorrent is greater than ever before. Despite the numerous streaming websites and direct-download portals that were launched over the years, BitTorrent continues to expand its user base. An entire generation grew up with BitTorrent and many people can’t imagine an Internet without it, ever.

We want to congratulate Bram for his groundbreaking invention that has had a tremendous impact on the Internet in the last decade, and we eagerly look forward to the next 10 years.
http://torrentfreak.com/bittorrent-turns-10-110702/



































Until next week,

- js.



















Current Week In Review





Recent WiRs -

June 25th, June 18th, June 11th, June 4th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is online now   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - February 13th, '10 JackSpratts Peer to Peer 0 10-02-10 07:55 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 23rd, '10 JackSpratts Peer to Peer 0 20-01-10 09:04 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 07:17 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)