P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 30-12-15, 09:59 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - January 2nd, 2016

Since 2002


































"Theresa May wants to see your Internet history, so we thought it was only fair to ask for hers." – Jon Stone


"The plan now is to do my best to pick up the pieces." – Kevin Hofman






































January 2nd, 2016




Bollywood and U.S. Media Giants Try to Induce Indians to Pay for Video
Vindu Goel

As the morning rain dripped in the garden outside, the yoga teacher Aparajita Jamwal got down on one knee, stretching the other leg behind her in a lunge known as the equestrian pose.

“Imagine you’re a horse — you have a lovely mane flowing behind you — looking up towards the ceiling,” Ms. Jamwal urged in a soothing voice. “Take two more breaths here.” As she slid her body into a plank pose, the director yelled, “Cut!” and everyone took a five-minute break.

Rajshri Entertainment, the creator of this low-budget yoga instructional video, is one of the oldest players in India’s film industry, known as Bollywood.

While Rajshri still makes and distributes movies at the cinema, it also produces 200 minutes of web-only video a day. The company says that the future lies in such straight-to-digital content, which it offers free to consumers on YouTube and similar services, paid for by advertising.

The 13-part series starring Ms. Jamwal, a brand development consultant who teaches yoga on the side, will be released in January on the Mind Body Soul channel that Rajshri has on YouTube.

Unlike in the United States — where tens of millions of people pay to subscribe to streaming services like Netflix and customers routinely buy digital movies and shows on iTunes and Amazon.com — free video is the norm in India. That makes it difficult for content creators and networks to profit from streaming and download services.

Although about a dozen local and foreign companies hope to persuade Indians to pay for online video, changing current habits will be difficult.

In India, piracy is pervasive, Internet connection speeds are pokey, and thousands of full-length movies and TV episodes are legally available for free. Cable and satellite TV subscriptions cost just $2 or $3 a month, which makes paying just 50 cents for a movie seem expensive.

Even if someone wants to buy a show, most people lack credit cards, and there is no established alternative for digital purchases. And roughly half of mobile viewing is done on pay-per-megabyte data plans from cellphone companies, which adds an extra cost to video viewing.

“The Indian consumer is just not willing to pay for content,” said Rajjat A. Barjatya, Rajshri’s chief executive, in an interview at the studio’s Mumbai offices a few days before the August yoga shoot.

Mr. Barjatya said his company still brought in cinema revenue from the first few days of a film’s release, but Rajshri increasingly relies on ads sold around its library of 100,000 online videos, which include children’s cartoons, religious videos and behind-the-scenes interviews with movie stars.

Despite the challenges of making money in India’s video market, several American companies have decided they need to be there.

In February, 21st Century Fox, which owns many of India’s most popular television channels through its Star India unit, began offering free online access to delayed sports broadcasts and hundreds of movies and TV shows through a website and mobile app called Hotstar.

About 35 million people have downloaded the app, and the average user spends about 30 minutes a day on it, the company said.

Amazon, which is competing aggressively in India’s online retail market, intends to offer a version of its Prime service in the country soon, bundling unlimited shipping and video streaming together for one flat fee.

Next year, Netflix plans to extend its service to India as part of a broader global expansion.

All of them will have to contend with Google’s YouTube, the dominant online video service, which has operated in India since 2007 and has set consumer expectations for video here.

Early on, YouTube persuaded Bollywood studios and TV networks to put material on the service free.

In India, “there are no reruns of old shows,” explained Gautam Anand, YouTube’s director of content and partnerships for Asia, in a video interview from Singapore. “We convinced them there was value in a lot of that content that was just sitting there, and if they made it available, people would watch it.”

Some Indian YouTube channels now have millions of followers, and the company says the total number of hours watched has been growing 80 percent annually. YouTube recently began allowing Indians to download and store clips for later viewing.

YouTube shares the revenue from advertising around the clips, giving content creators a way to earn a bit of money, although ad rates are low — from about $1 to $4 per 1,000 viewers reached, or roughly one-tenth the rate in the United States.

YouTube has also trained Indian viewers to believe that video should be free, making it difficult for anyone else to charge a fee.

Eros International, one of Bollywood’s most prolific studios, was among the first to challenge the YouTube model. In 2014, it introduced a streaming service called Eros Now, which offers access to Eros-owned films as well as licensed content.

With an extensive free tier of videos, supported by ads, the company says that Eros Now has attracted about 30 million registered users. But Eros has been tinkering with premium options — including original, made-for-streaming dramas that will begin streaming in January — that it hopes will attract a paying audience in India and abroad.

For an extra 50 to 100 rupees a month, or about 75 cents to $1.50, customers in India can access more videos and watch high-definition, ad-free streams. (Overseas subscribers have to pay $8 a month for the premium version.) In December, Eros will also begin allowing paid subscribers to download videos for later viewing.

“The Indian consumer is willing to pay for more than we give them credit for,” said Jyoti Deshpande, chief executive of Eros, in a recent interview at the company’s Mumbai offices.

Ms. Deshpande said Eros expected that within five to seven years, at least half of the company’s revenues will come from streaming.

“We think this is a game-changer for us,” she said. “Think of these next three years as a land grab.”

The strategy is not without risks for the company, whose stock is traded on the New York Stock Exchange. Last month, an anonymous analyst on the investment site Seeking Alpha questioned the company’s accounting practices and prospects, sending its shares plunging.

In an email, Ms. Deshpande said the drop was a result of “panic and fear mongering.”

“Business has never been stronger,” she wrote.

Like Eros Now, Star India figures that its exclusive, local-language content and broadcasts of popular sports like cricket will eventually attract paying users to its streaming service.

Right now, however, Hotstar is entirely free. Although about 100 advertisers help pay the bills, most of the company’s Indian revenue comes from its Star television channels, so it can afford to be patient, said Sanjay Gupta, the chief operating officer of Star India.

“We are building the habit of viewers to start consuming content on our platform,” he said.

Getting access to exclusive, Indian-language video has been a hurdle for the retailer Amazon, which has spent months studying how to offer its Prime service in India, its largest market after the United States, with an estimated 50 million customers.

Amazon has also struggled to figure out how to deliver quality video at the low connection speeds prevalent in India.

“In the absence of high-bandwidth connections, it becomes difficult to provide a good customer experience,” said a person with knowledge of Amazon’s India plans, who spoke on condition of anonymity.

The retailer is considering several solutions to the bandwidth problem and intends to introduce the Prime service within the next few months, this person said.

Meenu Handa, an Amazon spokeswoman, declined to comment on the company’s plans.

Ultimately, it will be a long time before streaming video in India becomes a significant business for anyone, predicted Colin Sebastian, an Internet analyst with Robert W. Baird & Co., who has studied the Indian market.

“The amount of money to be made is very small,” Mr. Sebastian said.
http://www.nytimes.com/2015/12/28/te...for-video.html





The Pirate Book
Marie Lechner

Preamble

The Pirate Book by Nicolas Maigret and Maria Roszkowska is both a visual essay and anthology, written in the wake of the Jolly Roger’s infamous skull and crossbones and compiled during its journey across the four corners of the world. In this book, the authors invite us to shift our perspective on piracy itself. This polyphonic work constitutes an attempt at probing the ambiguity inherent to piracy and at re-evaluating the issues related to it. The Pirate Book, moreover, signifies a departure from the one-sided approach adopted by the cultural industries which consists in designating the figure of the pirate as public enemy number 1. Intellectual property was, in fact, called into existence in order to ward off those that Cicero, in his time, called “the common enemy of all.” At the outset, intellectual property’s purpose was to protect authorship and promote innovation; however, it eventually hindered technological progress and encouraged cultural products, which had hitherto belonged to the public domain, to be snatched away from it.
This book arises from a previous installation-performance by Nicolas Maigret, The Pirate Cinema, where the artist visualizes the covert exchange of films in real time at dazzling speed under the cover of worldwide peer-to-peer networks. The advent of the Internet and its users’ unbridled file sharing capability on peer-to-peer networks has resulted in an unprecedented proliferation of illegal downloading since the 1990s. This situation also very quickly led to online piracy being singled out as the primary cause of the crises affecting the music and film industries, whereas certain other voices deemed piracy to be the scapegoat of the cultural sector that had not managed to properly negotiate the transformations it underwent following the onset of the digital era.

Piracy as Experimentation

The term piracy more generally designated the unauthorized usage or reproduction of copyright or patent-protected material. This is almost a far cry from the word’s original etymology. “The word piracy derives from a distant Indo-European root meaning a trial or attempt, or (presumably by extension) an experience or experiment,” writes Adrian Johns in Piracy: The Intellectual Property Wars from Gutenberg to Gates  in which he highlights the fact that “It is an irony of history that in the distant past it meant something so close to the creativity to which it is now reckoned antithetical.” The Pirate Book endeavours to gain an insight into this very creativity. By calling on the contributions of artists, researchers, militants and bootleggers, this book brings together a large variety of anecdotes and accounts of local and specific experiences from Brazil, Cuba, Mexico, China, India, and Mali, all of which foreground the lived, personal and perceived aspects of such experiences. Despite the legal arsenal that has unfurled as well as the economic and political restrictions in place, The Pirate Book provides an illustration of the vitality of pirate (or peer-ate) culture. A culture that arose from necessity rather than convenience. A culture that has devised ingenious strategies to circumvent the armoury in place in order to share, distribute, and appropriate cultural content and thereby corroborate Adrian Johns’ view that “piracy has been an engine of social, technological, and intellectual innovations as often as it has been their adversary.” The author of Piracy believes that “the history of piracy is the history of modernity.”

Steal This Book

The concept of intellectual piracy is inherited from the English Revolution (1660 – 80) and, more specifically, from the book trade. The Pirate Book is, as its name suggests, a book. An e-book, to be precise; a format that at the time of publication is currently very popular due to the development of tablets and readers. The increase in illegally available content that is concomitant with the growth of the e-book sector has raised fears that this sector will be doomed to the same fate as the film and music industries. By way of example, Michel Houellebecq’s latest blockbuster novel Soumission was pirated two weeks prior to its release. This marked the first incident of its kind in France. The arrival of the first printing press in England in the 1470s brought about the reinforcement of intellectual property rights regarding books. More specifically, this was achieved by way of monopolies granted by the Crown to the guild of printers and booksellers that was in charge of regulating and punishing those who illegally reprinted books. In 1710, the London guild obtained the Statute of Anne, the first law to recognize author’s rights, but also to limit copyright (which until then had been unlimited under the guild) to 14 years, with a possible extension if the author was still alive. The Pirate Book places side by side the Statute of Anne with the Digital Millennium Copyright Act (DMCA), the American copyright law of 1998 that aimed at curbing the new threats posed by the generalisation of the Internet. The Pirate Book revisits some of the milestones of this history of piracy, by juxtaposing and comparing an image from the past with its contemporary counterpart. Such is the case with the musical score of Stephen Adams’ Victorian ballad, The Holy City, that became the most “pirated” song of its time towards the end of the 19th century and is presented opposite the album, Nothing Was the Same, by the Canadian rapper Drake that became the most pirated album of the 21st century (it was illegally downloaded more than ten millions times). Despite being the nation that ostensibly spearheads the war on piracy, the United States was at its inception a “pirate nation” given its refusal to observe the rights of foreign authors. In the absence of international copyright treaties, the first American governments actively encouraged the piracy of the classics of British literature in order to promote literacy. The grievances of authors such as Charles Dickens fell upon deaf ears, that is until American literature itself came into its own and authors such as Mark Twain convinced the government to reinforce copyright legislation.

Piracy, Access, and Production Infrastructure

The article “Piracy, Creativity and Infrastructure: Rethinking Access to Culture,” in which the Indian legal expert Lawrence Liang situates the issue of the piracy of cultural artefacts in emerging economies, also rejects the narrow view of piracy as a solely illicit activity and goes on to depict it as an infrastructure providing access to culture. The abundantly illustrated stories brought together in The Pirate Book all inform this notion by inviting the reader to shift perspective. As described by the researcher and legal expert Pedro Mizukami, the emergence of bootlegged video rentals and consoles in Brazil was directly linked to the country’s industrial policies of the 1980s which aimed at closing the Brazilian market to imports in order to stimulate the growth of local productions, some of which were exorbitantly priced. Cuba’s isolation by the US embargo since 1962 and its ensuing inability to procure basic resources provided a fertile ground for audio-visual piracy on the part, among others, of the government itself in order to supply its official television channels with content as well as to provide its universities with books, as highlighted by the designer and artist Ernesto Oroza. Despite being poorly equipped, Cubans are able to get their hands on the latest action films, TV series, or music video thanks to a weekly, underground compilation of digital content called El Paquete Semanal that is downloaded by the rare Cubans who own a computer (around 5% of the population has Internet access) and sold on a hard drive that can be plugged directly into a TV. The downloaders of Fankélé Diarra Street in Bamako, who are the subject of Michaël Zumstein’s photographs, employ the same system of streetwise savvy. They exchange the latest music releases on their cell phones via Bluetooth, thus forming an ad hoc “African iTunes” where you can pick up the files offline in the street. This small-timer operation is also a must for local musicians to raise their profile.

From Copy to Creation, the Shanzhai Culture

Liang claims that piracy makes cultural products otherwise inaccessible to most of the population available to the greatest number of users, but also offers the possibility of an “infrastructure for cultural production.” The case of the parallel film industry based in Malegaon is literally a textbook case. The Indian researcher Ishita Tiwary tackles the case study of this small backwater of central India that has arisen thanks to an infrastructure created by media piracy and the proliferation of video rentals. Using the same mode of operation as Nollywood in Nigeria, people seize the opportunities provided by cheap technology in order to make “remakes of Bollywood successes” by adapting the content to the realities of the target audience’s lives. Servile replication, one of the objections often levelled at piracy, then gives way to “creative transformation” according to Lawrence Liang’s own terms. Another noteworthy example is the Chinese village of Dafen that is notorious for its painters who specialize in producing copies of well-known paintings. Dafen has now become home to a market for Chinese artists selling original works, which just goes to show how “A quasi-industrial process of copying masters has led to the emergence of a local scene.” This same process is aptly described by Clément Renaud, a researcher and artist, who took an interest in Shanzhai culture (literally meaning “mountain stronghold”), the flourishing counterfeiting economy of China, a country whose non-observance of copyright law is decried worldwide. “When you have no resources, no proper education system and no mentors at your disposal, then you just learn from your surroundings: you copy, you paste, you reproduce, you modify, you struggle – and you eventually improve,” resumes Clément Renaud by noting the rapid versatility and resourcefulness of these small-scale Chinese companies when faced with the demands of the global market. These “pirates [work] secretly (…) in remote factories, they have built a vast system for cooperation and competition. They shared plans, news, retro-engineering results and blueprints on instant messaging groups,” observes the researcher for whom this form of collaboration is reminiscent of open-source systems.

Warez Culture & Freeware

Computer-based piracy was originally a means of distributing, testing, and getting to grips with technologies amongst a small group of users. It was indeed not too dissimilar from the type of group activity that brought into existence the free software movement. It was a commonplace occurrence to supply your friends and colleagues with a copy of software. Clubs formed and began to learn the basics of computer programming by decoding software programmes to the great displeasure of the then infant IT industry, as attested by Bill Gates’ infamous letter of 1976 that The Pirate Book has exhumed and which denounces amateur IT practitioners for sharing the BASIC programme created by his fledgling company Altair. IT manufacturers made a concerted effort to shift the original meaning of the word hacker (which until that time had been associated with a positive form of DIY) that was then conflated with cracker which translates as “pirate.” The view underpinning this semantic shift was later adopted by the cultural industries with regards to P2P users, and is analysed by Vincent Mabillot. This privatisation of the code and the creation of software protection mechanisms led users to rebel by cracking digital locks and by fostering anti-corporate ideas in the name of free access. At a time when commercial software and IT net-works gained momentum and complexity, a more or less independently instituted division of labour emerged among specialised pirates who belonged to what is termed The Scene. The Scene is the source of most pirated content that is made publicly available and then disseminated via IRC, P2P, and other file sharing services used by the general public. The Scene comprises, amongst others, small autonomous groups of pirates who compete to be the first to secure and release the pirated version of digital content. The Pirate Book sheds light on the modus operandi and iconography of this Warez culture (the term designates the illicit activities of disseminating copyright protected digital content) from which the content consumed online in the most well connected countries originates and which is subsequently resold at heavily discounted prices at stalls across the globe.

Torrent Poisoning:

What the Fuck do You Think You’re Doing?

In the context of this continual game of hide and seek, the cultural industries have proven to be surprisingly creative in the strategies they employ to combat piracy as substantiated by the documents on display in this book: from educational flyers to intimidation, from hologram stickers to game alterations, from false TV signal detectors (mysterious vans equipped with weird and wonderful antenna that are supposed to strike fear in the hearts of those who have not paid their TV licence) to show trials such as the 2009 high-profile case of the Swedish founders of the emblematic peer-to-peer platform, The Pirate Bay. Pirate or “privateer” tactics are even employed by certain corporations. These tactics include torrent poisoning which consists in sharing data that has been corrupted or files with misleading names on purpose. In this particular case, the reader is at liberty to copy the texts of this book and do with them as he/she pleases. The book’s authors (editors?) have opted for copyleft, a popular alternative to copyright. The term copyleft was brought into popular usage by Richard Stallman who founded the freeware movement and refers to an authorization to use, alter and share the work provided that the authorization itself remains untouched. Pirates’ challenging and transgression of the conventions of intellectual property have become a form of resistance to the ever increasing surveillance of users of digital technologies by corporate and state interests. In doing so, pirates have opened the way to new “perspectives of counter-societies that work along different lines.”

The Pirate Book makes its own particular contribution to this debate by painting a different picture, one embedded in the geographic realities of piracy, of these frequently scorned practices. In the same way that piracy itself is difficult to pinpoint, this book endeavours to capture the breadth of the phenomenon through images and accounts garnered online. It combines the global and the hyper local, states of being on and offline, anecdotes and immersion, poetic references, and technical decryption, thereby eschewing conventional categories used to classify publications. The Pirate Book is indeed neither an artist book, nor an academic dissertation, nor an archive, nor a forecast study. It is a blend of all of the latter and forms a prolific guide that can be read as much as it can be looked at. By focusing on situations, objects, documents, and individuals, this work enables us to envision the potential for future cross-purpose practices that could emerge in a networked society.
http://thepiratebook.net/preamble/





Pirate Bay's Suspended Domain Names Spell Trouble for File-Sharing Sites

In their fight against torrent sites, anti-piracy groups are pushing for new rules governing domain names.
Kashann Kilson

Earlier in December, file-sharing site the Pirate Bay went down due to a problem regarding the registration of the thepiratebay.org domain — a seemingly innocuous hitch. But then, a week later, thepiratebay.com and several other of the site’s domain properties, including piratebrowser.com, piratebrowser.net, and piratebrowser.org — which link to the Pirate Bay’s TOR-based anti-censorship tool — also went down, suspended for similar violations of ICANN registration policy. And though thepiratebay.org was quickly restored after a transfer from EuroDNS to a new registrar, the other domains remain suspended.

Not to worry: The Pirate Bay — if we accept that it hasn’t become an FBI honeypot — still operates under a number of different domain names, and is still very easily accessible by users; even the TOR-based software can be accessed through the perhaps less-than-sleek IP address. That being said, there is the potential that ICANN’s new verification process, paired with the organization’s push to end WHOIS privacy registration, could seriously disrupt the Pirate Bay and similar file-sharing and streaming media sites. Yet that process should concern more above-board sites, as well.

Here’s why. Tasked with coordinating the internet’s global domain name systems, ICANN is in effect a non-profit corporation that regulates all thing domain-related. Since 2003, the Whois Data Reminder Policy has required registrars to send all registration information to owners for a yearly review to assure the registrant’s information is current and accurate. Under the new ICANN verification procedure adopted in January of 2014, all domain owners have to go through a yearly verification process that generally entails clicking a link.

It’s likely that the Pirate Bay’s domain problems were more a matter of the domains’ registered owner, Pirate Bay co-founder Fredrik Neij, failing to respond to the verification request emails in a prompt fashion. While the verification process seems simple enough, in fairness, ICANN verification emails look sketchy as hell, like “Dear Sir or Madam, please click this link to receive $4,000,000 from your mysterious Nigerian prince benefactor”-level sketchy. Whether he no longer had access to the email account listed on the account, refused to respond to the super sketchy email that likely landed in his spam folder, or simply didn’t get around to responding, per ICANN rules, the registrar is required to suspend the domain if the email has gone unanswered within 15 days.

Furthermore, part of the new guidelines mean that even basic transactions, like renewing domain registration or transferring to a different domain registrar, could entail a more thorough verification process, which according to the ICANN website may include “contacting you by phone, email or postal mail. Registrars must suspend or delete domain names that are not timely verified.”

What should be worrying to owners of file-sharing sites, as well as anyone else worried about online privacy issues, is ICANN’s push to remove WHOIS privacy registration. Currently, domain registrars can offer a paid service designed to hide a domain owner’s personal information in the WHOIS database (there are certain caveats for national domain names like .ca, .eu, and .us). However, ICANN, predictably backed by U.S. entertainment companies trying to stem the sharing of copyrighted content, is looking to end such protections.

Generally, any domain owner offering their name, address, phone number, and email address to the whole of the interwebs is a bad look. At best, it leaves the registrant open for all manners of spam; at worst it leaves them exposed to potential harassment, threats, or worse. But let’s play this tape out specifically for anyone who owns a file-sharing site. To register the domain name in the first place, you have to provide a name, physical address, email address, and phone number. Without privacy protection, all of that information becomes public the minute you make the purchase.

While registrars are notorious for giving up registration information if a government agency or court sneezes at them, they do offer some protection from civil investigation. A registrar is by no means bulletproof, but ideally it will force movie studios and record labels to jump through a few extra hoops before they can sick the dogs on you. Of course, smart money says if there is no privacy protection, and anyone making a buck facilitating the shady side of the internet should use fake details. For all intents and purposes, your snatchyourfilesliketheyremine.com domain could be registered to Seymour Butts of 1313 Mockingbird Lane, because as long as you had access to the registrar account, you could facilitate administration of the domain.

Now, any domain transaction can potentially be conditional on a verification process that includes an email, phone call, or even requiring the user to fax the registrar a copy of a valid photo ID and proof of address. If you don’t have a spare driver’s license with the name Seymour Butts on it, or have a utility bill that proves Mr. Butts does indeed reside at 1313 Mockingbird Lane, you get locked out of your registrar’s account, and your domain name gets suspended indefinitely.

The Pirate Bay domains still being suspended could very well just be an oversight, but there is a chance that Neij who … has moved around a bit in the past couple years, could be having a hard time verifying ownership. It appears that all the Pirate Bay domains are still registered to an address in Sweden, though it’s no secret Neij no longer resides in his home country.

Depending on the country, it’s not that hard to take down a potentially criminal website — in the UK, streaming websites are simply blocked, Swedish courts have already seized two Pirate Bay domains (https://www.rt.com/news/260161-swede...t-pirate-bay/), Russia’s about to start blocking 15 torrent sites, and the F.B.I. certainly has no problem seizing and shutting down file-sharing sites. Yet, the never ending cycle of shutting down offending websites, has been fairly ineffective in stemming the pirating of copyrighted content.

Yet while domain names aren’t mandatory for a website, file-sharing sites only work well if enough people know how to find them. Making the personal information of those registering new domains publicly visible may potentially deter the purchase of new domains used for file sharing sites. Ensuring that websites have to rotate domains like musical chairs will make existing websites harder to access, especially for less technically savvy users.

If (and it is still a big “if”) ICANN goes through with ending WHOIS privacy, it may put a small dent in online piracy. However, it puts all domain owners of any site at real and unnecessary risk.
https://www.inverse.com/article/9596...-sharing-sites





This Piracy Group Promises to Leak 40 of Hollywood’s Top Movies in a Row
Nicholas Deleon

A movie piracy release group called Hive-CM8 says it’s planning to leak no fewer than 40 top Hollywood movies over the next few weeks.

Several of the highest-profile films of the year, including recent releases like Will Smith drama Concussion, Creed, Joy, and Steve Jobs, are among the films already available to download on various piracy sites.

“Will do them all one after another, 9th hot title,” reads the documentation accompanying the most recently leaked film, Spotlight, which was leaked overnight on Thursday, according to a search of the Usenet indexing site NZBIndex.nl. (Usenet, which predates the web, is kind of like a giant message board, but with the ability to easily and quickly share large files.) The leaked movies are all high-quality DVD screeners, which are copies of a film sent to people like journalists and other movie industry professionals for evaluation purposes.

Given the existence of invite-only BitTorrent sites, Megaupload-like online storage lockers, private IRC channels, and the aforementioned Usenet, there’s no real way to determine exactly how many times a movie has been illegally downloaded, but one anti-piracy firm called Excipio estimates The Hateful Eight had been downloaded more than 1.3 million times within its first 24 hours of availability.

The release group Hive-CM8, whose slogan appears to be “doing it right the first time,” has been around for at least five years, with versions of films like The Social Network, The Hobbit, 12 Years a Slave, and Interstellar all having been leaked by the group.
https://motherboard.vice.com/read/th...ovies-in-a-row





Social Media Led Police Straight to Movie Pirates

Enforcement officials at the UK's Federation Against Copyright Theft found pirates' details on Facebook.
Daniel Cooper

How can law enforcement agencies track down some of the world's most (in)famous pirates? The same way that we find out how our school frenemies are doing: stalking them on social media. TorrentFreak has investigated the recent convictions of three of the UK's biggest file-sharers to learn how exactly they were caught. It turns out that copyright enforcement officials are doing the same sort of armchair-sleuthing that we all do, only that they've got a hotline straight to the police.

For instance, 22-year-old Reece Baker was more commonly known by his online alias, Baker92. According to the report, his fatal mistake was to include a shout-out to his "baby momzie Ria" in an NFO (info) file. Officials at the UK's Federation Against Copyright Theft guessed that Baker92 was a surname/year of birth combination. They then searched Equifax's credit-rating database to find anyone born in 1992 with that surname and, potentially, a child with a woman named Ria.

Similarly, 24-year-old Sahil Rafiq posted torrents under a wide variety of usernames, including memory100, hail_alpha and sohail20. Unfortunately, the sohail20 identity was also used on the customer support website for an online retailer. Rafiq had posted a question concerning his laptop, but signed the piece "Kind Regards, Sahil Rafiq." With his real name, authorities took very little time in finding his Facebook profile and, from there, were able to alert the police.

Facebook was also the petard by which 40-year-old Graeme 'Reidy' Reid was hoisted, since he used the same anonymous e-mail account on his profile as he did his piracy. FACT bods simply searched for his Hushmail address and his Facebook page popped up -- where he'd obligingly listed his occupation as "encoder." We've not checked, but presumably bank robbers are going to start making similarly honest alternations to their social media pages in the near future.

As much as FACT would like you to think twice about sharing illegally-obtained material around the web, there's another moral here. After all, if enforcement officers were able to find these people with a few well-chosen Google searches, then perhaps the secret is to not be so forthcoming with your personal information.
http://www.engadget.com/2015/12/28/f...s-on-facebook/





Book Publisher has No Idea how Google Works but Pretty Sure it Could End Piracy if it Tried
Tim Cushing

Here's the stupidest thing on piracy you're going to read today. Or this month. Maybe even this whole holiday season. Rudy Shur, of Square One Publishers, has a problem with piracy, which he thinks is actually a problem with Google.

After being contacted by Google Play with an offer to join the team, Shur took it upon himself to fire off an angry email in response. That would have been fine, but he somehow convinced Publisher's Weekly to print both the letter and some additional commentary. Presumably, his position at a publishing house outweighed Publisher Weekly's better judgment, because everything about his email/commentary is not just wrong, but breathtakingly so.

After turning down the offer to join Google Play (Shur's previous participation hadn't really shown it to be an advantageous relationship), Shur decided to play internet detective. Starting with this paragraph, Shur's arguments head downhill… then off a cliff… then burst into flames… then the flaming wreckage slides down another hill and off another cliff. (h/t The Digital Reader)

[W]e did discover, however, was that Google has no problem allowing other e-book websites to illegally offer a number of our e-book titles, either free or at reduced rates, to anyone on the Internet.

There's a huge difference between "allowing" and "things that happen concurrently with Google's existence." Shur cannot recognize this difference, which is why he's so shocked Google won't immediately fix it.

When we alerted Google, all we got back was an email telling us that Google has no responsibility and that it is up to us to contact these sites to tell them to stop giving away or selling our titles.

Yep, it's called the DMCA process. It's been in all the papers. DMCA notices are issued to websites hosting the pirated material. Google also delists search results in response to DMCA notices. What never happens is Google arbitrarily delisting sites just because someone notices piracy exists. Google is also not "The Internet" and lacks the power to shut down websites it doesn't own. It is not Google's job to police the web for infringement, no more than it's Yahoo's or Microsoft's.

Undeterred by this illogical conundrum, Shur heads into the "inadvertently comic analogy" territory previously reserved for Thomas Friedman.

Let me ask you something. If a store sells knockoff designer handbags, why is it okay for police to come in, confiscate the illegal merchandise, and arrest and fine the store owners? It’s because the store is profiting from the sales of these illegal goods, in the same way Google can increase its advertising rates because these illegal sites increase the number of users it attracts.

No, it's because the store is selling infringing goods. The store has infringing goods on the premises. It's not because the store is "profiting." It's because of what it's doing and what the store contains. A better analogy would be to point out that cops can't raid a business directory company just because it prints out pages that might contain names and addresses of stores selling illicit goods.

The fact that Google advertises on its own search results pages is beside the point. Ads will be served whether or not "pirate sites" show up in the search results. The ads are not tied to illegal activity. Whether or not some ads are "more profitable" (even if Shur's postulation is true) doesn't matter.

And that's not even the worst part of that paragraph. Shur actually is trying to claim that piracy attracts more people to Google's search engine. Normally, people (misguided people) try to argue that Google directs people to pirate sites. Shur reverses this theory and comes out looking even worse than many who share his viewpoint that Google should be in charge of stamping out infringement.

So far, Shur has been unable to be even technically correct. Now, he attempts to be morally correct.

As a long-time publisher, I’ve been reasonably successful in this business; I also have always attempted to do everything right. That approach has allowed me to work with such companies and groups as Macy’s, the National Science Foundation, Corning Inc., and the U.S. Military Academy at West Point, to mention just a few. If Google wants to really work with Square One, I would first ask Google to do the right thing as well. But based on the fact that it would rather hide behind the doctrine of noncensorship, Google doing the right thing doesn’t seem likely.

Whatever. Taking the moral high ground is a terrible way to make a point. It's a way to make a point badly, but it's only going to resonate with those who sincerely believe companies are morally obligated to do whatever any aggrieved party feels they should. It's a non-starter, and it only serves to highlight the weakness of the surrounding arguments.

That's the original flaming wreckage -- all included in Shur's email to Google. What follows is Shur's successful attempt to shove his burning, demolished credibility off another cliff.

I wonder how the good people at Google would feel if one of their patented parts or products were to be knocked off and either given away free or incorporated into a cheaper copycat item. Judging from the Wikipedia entry “Google Litigation,” it seems that the company has no problem going after those it has judged as infringing its patents. I wonder if any of the companies it has sued thought of initially responding to Google by sending the following email:

Since we have nothing to do with the actual infringement of your product, we share no responsibility in making it available to the public. Rather, we advise you to take the matter up with the engineering firm that makes the offending part. In the meantime, we will continue to sell the product until the firm stops offering it to us.


To make this analogy work… well, actually you can't. You just cannot make this work.

All the litigation Shur "cites" (with a Wikipedia reference and no link) is defensive litigation. Very little of it has to do with patents. Google isn't filing lawsuits alleging IP infringement. Google is almost always the defendant, especially in patent cases.

So, Shur's analogy is completely dismantled by the very reference he cites in support of it. even before he tries extending it with his "what if" scenario. Even if we play by Shur's rules, the analogy still doesn't hold. The scenario here -- when applied to Shur's "why won't Google shut down pirate sites" argument -- plays out like this:

Google sues YellowPages.com because a company listed in its pages is infringing on its patents. YP gets itself dismissed from the lawsuit by pointing out that it has nothing to do with the alleged infringement. That's Shur's situation applied to his stupid analogy. And it puts him right back at square one, with Google telling him to contact the sites hosting infringing material, rather than Google, if he wants the content taken down.

This makes his attempt to pound the message home that much more pathetic.

Unfortunately for the publishing industry, under Google’s sense of fairness, copyright protection is not equal to patent protection.

Or, more accurately, a whole bunch of people think Google owes them something, especially when IP is involved. Shur thinks Google owes him a piracy-free ebook environment. In support of his theory, he has all these analogies that only make sense to others with the same mindset -- people who believe Google owns the internet and should always be policing it from pirated goods. (Or terrorist content, people saying mean things, etc.)

And finally, A CALL TO ARMS!

It is highly doubtful that the email response I sent to the Google representative is going to make Google rethink its policies, but if enough of us raise our voices loud enough, maybe someone at Google will sit up and take notice.

No offense, Shur, but maybe let someone else -- someone who actually understands the things they're talking about -- lead the charge. You can't win if you don't even know what game you're playing.
https://www.techdirt.com/articles/20...it-tried.shtml





5 Years and $7 Later, U.S. Returns a Seized Hip-Hop Site
Ben Sisario

In the early hours of Thanksgiving Day in 2010, all the music at OnSmash.com, a popular hip-hop blog, disappeared. In place of its usual feed of videos, song links and industry gossip, the site displayed a seizure notice from the federal government, a result of a raid of dozens of websites suspected of trafficking in counterfeit goods and pirated content.

The site stayed that way for nearly five years. But a few weeks ago, after lobbying the government for its return and paying a $7 fee, Kevin Hofman — a rank-and-file record label employee who ran OnSmash, first as a hobby and later as a full-time job — finally got it back, with little explanation and without ever being formally charged with any wrongdoing.

What happened was just one confusing chapter in the long history of conflict between the entertainment industry and the Internet.

At its peak, OnSmash was part of a network of blogs on the leading edge of online music promotion, stirring up fans with fresh material that, Mr. Hofman said, was more often than not supplied directly by artists and record labels hungry for the exposure. The site’s popularity and influence earned it laudatory notice in Vibe magazine and approval from rap stars like Kanye West and Rick Ross.

“There was never a plan to undermine the music business,” Mr. Hofman, 40, said in a recent interview at a diner in Midtown Manhattan. “The music business was something that I was always either an employee of or actively trying to support. That’s why the whole seizure was so devastating to me.”

The government contended that OnSmash and a handful of other sites were circulating unauthorized material at the expense of the major record labels. An affidavit by a federal agent, released as part of a seizure warrant for the site’s web domains, specified numerous “pirated” songs found on the sites. As part of the investigation, the agent had confirmed with the Recording Industry Association of America, the labels’ trade group, that the songs were used without permission.

Yet that characterization was quickly disputed, and the takedowns — handled by the Immigration and Customs Enforcement unit of the Department of Homeland Security — became the focus of a wider debate over the policing of the Internet.

The seizures, which also claimed the hip-hop sites Dajaz1.com and RapGodFathers.com, came shortly after the music industry abandoned its unpopular strategy of suing individual listeners over piracy, which remains a concern in the industry over the effect on sales. Soon came the large-scale lobbying wars over the Stop Online Piracy Act and the Protect I.P. Act — two failed bills in Congress that pitted Hollywood against Silicon Valley — as well as the continuing prosecution of Kim Dotcom and the file-sharing site Megaupload.

“The Internet is still locked in a battle royal with Hollywood and its allies,” said Peter Eckersley, chief computer scientist for the Electronic Frontier Foundation, an advocacy group that is supported by technology companies and often squares off against the entertainment business over copyright issues.

In the face of all this, the fate of a handful of music blogs largely faded into the background. But for Mr. Hofman and others, the episode has had lasting consequences. After OnSmash was seized, Mr. Hofman started FreeOnSmash.com as a replacement, but its traffic and advertising revenue were a fraction of what he had once had. Even worse, Mr. Hofman said, was the “black cloud” of suspicion that surrounded him in the industry.

“When I went to album release parties,” he said, “people looked at me like they had seen a ghost.” Corporate sponsorship of live events, once an important part of the site’s business, also dried up, he added.

Suing for the return of OnSmash would have been expensive and risky, so Mr. Hofman pursued an “offer in compromise” with the government — submitting a petition for the site’s return, and paying what the government determined to be its appraised value: $7.
In March 2012, Craig Trainor, Mr. Hofman’s lawyer, submitted a 66-page memorandum of law outlining their case. Rather than a rogue site that hurt music labels, Mr. Trainor argued, OnSmash was “an indispensable forum for hip-hop fans, a marketing vehicle for record labels and artists, and a generator of protected speech.” He also noted that Dajaz1.com had been returned to its owner after about a year.

The OnSmash case dragged on for another three and a half years until October, when — with a five-year statute of limitations on the seizure looming — the government notified Mr. Trainor that OnSmash would be returned. Paperwork with his web host took another month or so, Mr. Hofman said, and he finally got the site back in November.

When asked about the return of OnSmash and another site, Torrent-Finder.com, which was seized in the 2010 raid and also returned to its operator this fall, Matthew Bourke, a spokesman for the National Intellectual Property Rights Coordination Center of Immigration and Customs Enforcement, said that after working with the Justice Department, “it was determined there was not enough evidence to seize the websites.”

Jonathan Lamy, a spokesman for the recording industry association, said he welcomed the return of the sites, as long as they played by the rules. “If the managers of some of these sites now seek to have the domain name returned because they wish to become legitimate operators, that’s a success,” he said. In recent months, the music industry has successfully shut down unlicensed sites like Aurous, Sharebeast and RockDizMusic.

Mr. Hofman, whose day job is managing digital accounts for musicians, has already restarted OnSmash, but he said he was aware of the challenges he would face. The site has lost most of its momentum, and blogs — once at the forefront of online music promotion — have largely been superseded by social media. He noted one advantage: By embedding links from sites like SoundCloud and YouTube, where artists and labels post songs directly, there is no more gray area concerning the source of the music.

“The plan now,” Mr. Hofman said, “is to do my best to pick up the pieces.”
http://www.nytimes.com/2016/01/02/bu...-hop-site.html





Music from Cellphones
Christopher Kirkley

Introduction

It all started when I was traveling and working in West Africa. My project was to collect and document local music with my field recorder. One day while riding on a bus I noticed that I was listening to three different songs playing on three different phones, and this went on for the entire ten-hour bus ride. I made some field recordings of it, and I think it was my first documentation of this type of practice. It got me thinking that I could start recording music from people’s cellphones. So I started talking to people about their phones. After that, I remember another moment that stood out. I met some people showing me their new phones with all these different recordings that they had made on them, and it was sort of wild when I realized I had access to so much documentation. One guy was a Touareg , and he had his own cellphone that could do basically all that my field recorder does. This gave me the idea that maybe I could start collecting and documenting data from cell phones.

Music From Cellphones

All these exchanges lie between what we usually call piracy, meaning recordings of songs that are copyrighted, that have been recorded in actual studio, etc., and on the other side, songs that are just handmade recordings of spontaneous concerts… You encounter basically three tiers: the first one is copyrighted music, like Western or European music or even popular West African music, like Nigerian or Malian pop music, that was made in a studio and released on a CD. You can find the actual studio albums of some big African stars like Nahawa Doumbia. The second tier is home studio productions. Artists that don’t have access to big studios record at home, in DIY studios, with cheap computers. Often these artists don’t have any intention of ever selling the music. Sometimes, it’s made just for the sake of making music. The third tier would be actual cellphone recordings. For example, when a musician/Touareg is playing his guitar, several people hold their phone over him and start recording. They’re little souvenirs that people make for themselves, but they also form a part of this collection. Sometimes they might be a recording by the artist who sits down and wants to try out a new song, but the majority are social recordings. Music was the first thing people started sharing on their phones, but it’s also videos, jpegs, pngs, image files, etc.

Social Function

Cellphone data sharing is an element of social life in Western Africa. I think that there’s a relatively slower pace of life here: one of the biggest places where I saw a lot of exchanges happening was while sitting around drinking tea. Drinking tea is a huge part of social life in West Africa, and it takes a while. At some point, when people are sitting silently and just passing time together, they start playing around with their phones and playing a song or passing the phone around and sharing pictures. They’d say, “Hey, let me see your phone,” and then they would flick through the photos or look through songs. Everyone is just showing off their collections of whatever. This is not really done in the Occident, where it mainly happens through social media.
How It Works

In Africa it’s okay to play music in the public space. You can walk down the street while playing a song on your phone. People don’t get told to turn off their phones; it’s a loud and noisy environment. And when someone is walking by playing a song, you can also stop that person and ask for that song. So, in this environment of constant music being played, you’re also being advertised music all the time. You hear it and you can just take it, whenever you want, just by asking someone. I’ve done it plenty of times with total strangers. The sharing is primarily done through Bluetooth, where you pair the devices and you send media from one phone to another.

Downloaders

The individual files are shared from person to person with Bluetooth. The other form of transfer is made with MP3 downloaders (people, not software), cellphone vendors who also sell bulk MP3s. So if you get a new cellphone or a new memory card and you want to load it up with music, you wouldn’t go to your friends and transfer file by file. It would take a lot of time. Instead, you just go to someone who can fill up entire gigabytes from their computer. There’s no real MP3 market. People just understand that wherever there’s a cellphone being sold, there are MP3s. All these places are interlinked. It revolved around cellphones vendors having computers and being able to unlock phones. They also started to collect music, so every time somebody would bring a phone in, they’d copy all the data off the memory card before they had to reformat it. So they started this massive collection, and then they understood that “well, I can also sell these songs.” You can just go into a shop, ask for hip-hop or whatever and buy it; they sell them as bulk of MP3s. A lot of cellphone vendors started hooking up speakers to their computers and just playing music constantly, so everyone knows that that’s where you go to buy music.
http://thepiratebook.net/music-from-cellphones/





Apple May Turn Streaming Music Quality Up to 11
Nicholas Deleon

Apple may use high-resolution audio to differentiate Apple Music from the rest of the pack.

Following the conclusion of the Portable Audio Festival this weekend in Japan, Japanese Mac blog Macotara reports that the Cupertino, California company is developing a high-resolution streaming audio format for Apple Music that’s penciled in to debut in 2016.

The format would be able to stream up to 96kHz/24-bit music—well beyond the 44.1kHz/16-bit of a CD, and well beyond what you’ll find on rival streaming music services like Spotify and Google Play Music (but not Tidal).

Longtime Apple watchers will know that the company does, in fact, have experience with high-resolution audio. In 2004, alongside iTunes 4.5, Apple debuted Apple Lossless, a high-resolution audio format that compressed sound files to roughly half of their original size without degrading the quality. (To give you a better idea of just how far back in computing history we’re talking, the iTunes Music Store, as it was then called, had just turned one year old.) The Apple Lossless file format is still around—it was even open sourced in 2011—but the files are not sold on iTunes, and you have to dig into iTunes’ settings to rip your CDs into the format.

While streaming obviates the need for much on-board storage, users would still have to contend with larger data consumption than they’re currently used to—unless “zero-rating” schemes like T-Mobile’s Music Freedom, in which data from select apps (including Apple Music) are not counted against your data cap, are adopted by wireless carriers across the board. And that’s if the FCC even allows those arrangements to continue.

Whether or not the human ear can even appreciate the difference between high-resolution audio formats and their lossy cousins is a debate that continues to this very day.
https://motherboard.vice.com/read/ap...ality-up-to-11





Apple to Pay Italy 318 Million Euros, Sign Tax Deal: Source
Emilio Parodi and Agnieszka Flak

U.S. tech giant Apple will pay Italy's tax office 318 million euros ($348 million) to settle a dispute and sign an accord next year on how to manage its tax liabilities from 2015, a source with direct knowledge of the matter said on Wednesday.

Italian prosecutors have been investigating allegations that Apple failed to pay corporate taxes to the tune of 879 million euros, sources told Reuters earlier this year.

"Apple will pay the tax agency 318 million euros and will sign an accord for fiscal years 2015 onwards early next year," the source said.

The tax office earlier confirmed a report in La Repubblica that it had reached a deal with the iPhone maker but declined to say how much the U.S. company had agreed to pay.

The source said that while the judicial probe, which also regards three Apple managers, remained open for now, the settlement with the tax agency would likely have a positive impact on the investigation.

Apple could not immediately be reached for comment.

Apple is one of several companies, including Google and Amazon, to become the target of tax inquiries in Europe.

In Italy, tax authorities have pledged to crack down on domestic and multinational companies in moves that could help shore up stretched public finances.

The probe launched against Apple claimed that by having profits generated in Italy and booked by its Irish subsidiary, the company reduced its taxable income base and saved just under 900 million euros in the 2008-2013 period, sources said previously.

(Editing by Paola Arosio and Mark Potter)
http://www.reuters.com/article/us-it...0UD13K20151230





Recently Bought a Windows Computer? Microsoft Probably Has Your Encryption Key
Micah Lee

One of the excellent features of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key – which can be used to unlock your encrypted disk – to Microsoft’s servers, probably without your knowledge and without an option to opt-out.

During the “crypto wars” of the nineties, the National Security Agency developed an encryption backdoor technology – endorsed and promoted by the Clinton administration – called the Clipper chip, which they hoped telecom companies would use to sell backdoored crypto phones. Essentially, every phone with a Clipper chip would come with an encryption key, but the government would also get a copy of that key – this is known as key escrow – with the promise to only use it in response to a valid warrant. But due to public outcry and the availability of encryption tools like PGP, which the government didn’t control, the Clipper chip program ceased to be relevant by 1996. (Today, most phone calls still aren’t encrypted. You can use the free, open source, backdoorless Signal app to make encrypted calls.)

The fact that new Windows devices require users to backup their recovery key on Microsoft’s servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts (you can skip to the bottom of this article to learn how) – something that people never had the option to do with the Clipper chip system. But they can only delete it after they’ve already uploaded it to the cloud.

“The gold standard in disk encryption is end-to-end encryption, where only you can unlock your disk. This is what most companies use, and it seems to work well,” says Matthew Green, professor of cryptography at Johns Hopkins University. “There are certainly cases where it’s helpful to have a backup of your key or password. In those cases you might opt in to have a company store that information. But handing your keys to a company like Microsoft fundamentally changes the security properties of a disk encryption system.”

As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it. Or Microsoft itself could get hacked, or could have hired a rogue employee with access to user data. Or a law enforcement or spy agency could send Microsoft a request for all data in your account, which would legally compel them to hand over your recovery key, which they could do even if the first thing you do after setting up your computer is delete it.

As Green puts it, “Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees.”

Of course, keeping a backup of your recovery key in your Microsoft account is genuinely useful for probably the majority of Windows users, which is why Microsoft designed the encryption scheme, known as “device encryption,” this way. If something goes wrong and your encrypted Windows computer breaks, you’re going to need this recovery key to gain access to any of your files. Microsoft would rather give their customers crippled disk encryption than risk their data.

“When a device goes into recovery mode, and the user doesn’t have access to the recovery key, the data on the drive will become permanently inaccessible. Based on the possibility of this outcome and a broad survey of customer feedback we chose to automatically backup the user recovery key,” a Microsoft spokesperson told me. “The recovery key requires physical access to the user device and is not useful without it.”

After you finish setting up your Windows computer, you can login to your Microsoft account and delete the recovery key. Is this secure enough? “If Microsoft doesn’t keep backups, maybe,” says Green. “But it’s hard to guarantee that. And for people who aren’t aware of the risk, opt-out seems risky.”

This policy is in stark contract to Microsoft’s major competitor, Apple. New Macs also ship with built-in and default disk encryption: a technology known as FileVault. Like Microsoft, Apple lets you store a backup of your recovery key in your iCloud account. But in Apple’s case, it’s an option. When you set up a Mac for the first time, you can uncheck a box if you don’t want to send your key to Apple’s servers.

This policy is also in contrast to Microsoft’s premium disk encryption product called BitLocker, which isn’t the same thing as what Microsoft refers to as device encryption. When you turn on BitLocker you’re forced to make a backup of your recovery key, but you get three options: Save it in your Microsoft account, save it to a USB stick, or print it.

To fully understand the different disk encryption features that Windows offers, you need to know some Microsoft jargon. Windows comes in different editions: Home (the cheapest), Pro, and Enterprise (more expensive). Windows Home includes device encryption, which started to become available during Windows 8, and requires your computer to have a tamper-resistant chip that stores encryption keys, something all new PCs come with. Pro and Enterprise both include device encryption, and they also include BitLocker, which started to become available during Windows Vista, but only for the premium editions. Under the hood, device encryption and BitLocker are the same thing. The difference is there’s only one way to use device encryption, but BitLocker is configurable.

If you’re using a recent version of Windows, and your computer has the encryption chip, and if you have a Microsoft account, your disk will automatically get encrypted, and your recovery key will get sent to Microsoft. If you login to Windows using your company’s or university’s Windows domain, then your recovery key will get sent to a server controlled by your company or university instead of Microsoft – but still, you can’t prevent device encryption from sending your recovery key. If you choose to not use a Microsoft or a domain account at all and instead create a “local only” account, then you don’t get disk encryption.

BitLocker, on the other hand, gives you more control. When you turn on BitLocker you get the choice to store your recovery key locally, among other options. But if you buy a new Windows device, even if it supports BitLocker, you’ll be using device encryption when you first set it up, and you’ll automatically send your recovery key to Microsoft.

In short, there is no way to prevent a new Windows device from uploading your recovery key the first time you log in to to your Microsoft account, even if you have a Pro or Enterprise edition of Windows. And this is worse than just Microsoft choosing an insecure default option. Windows Home users don’t get the choice to not upload their recovery key at all. And while Windows Pro and Enterprise users do get the choice (because they can use BitLocker), they can’t exercise that choice until after they’ve already uploaded their recovery key to Microsoft’s servers.

How to delete your recovery key from your Microsoft account

Go to this website and log in to your Microsoft account – this will be the same username and password that you use to log in to your Windows device. Once you’re in, it will show you a list of recovery keys backed up to your account.

If any of your Windows devices are listed, this means that Microsoft, or anyone that manages to access data in your Microsoft account, is technically able to unlock your encrypted disk, without your consent, as long as they physically have your computer. You can go ahead and delete your recovery key on this page – but you may want to back it up locally first, for example by writing it down on a piece of paper that you keep somewhere safe.

If you don’t see any recovery keys, then you either don’t have an encrypted disk, or Microsoft doesn’t have a copy of your recovery key. This might be the case if you’re using BitLocker and didn’t upload your recovery key when you first turned it on.

When you delete your recovery key from your account on this website, Microsoft promises that it gets deleted immediately, and that copies stored on their backup drives get deleted shortly thereafter as well. “The recovery key password is deleted right away from the customer’s online profile. As the drives that are used for failover and backup are sync’d up with the latest data the keys are removed,” a Microsoft spokesperson assured me.

If you have sensitive data that’s stored on your laptop, in some cases it might be safer to completely stop using your old encryption key and generate a new one that you never send to Microsoft. This way you can be entirely sure that the copy that used to be on Microsoft’s server hasn’t already been compromised.

Generate a new encryption key without giving a copy to Microsoft

In order to generate a new disk encryption key, this time without giving a copy to Microsoft, you need decrypt your whole hard disk and then re-encrypt it, but this time in such a way that you’ll actually get asked how you want to backup your recover key.
This is only possible if you have Windows Pro or Enterprise. Unfortunately, the only thing you can do if you have the Home edition is upgrade to a more expensive edition or use non-Microsoft disk encryption software, such as BestCrypt, which you have to pay for. You may also be able to get open source encryption software like VeraCrypt working, but sadly the open source options for full disk encryption in Windows don’t currently work well with modern PC hardware (as touched on here).

Go to Start, type “bitlocker”, and click “Manage BitLocker” to open BitLocker Drive Encryption settings.

From here, click “Turn off BitLocker.” It will warn you that your disk will get decrypted and that it may take some time. Go ahead and continue. You can use your computer while it’s decrypting.

After your disk is finished decrypting, you need to turn BitLocker back on. Back in the BitLocker Drive Encryption settings, click “Turn on BitLocker”.

It will check to see if your computer supports BitLocker, and then it will ask you how you want to backup your recovery key. It sure would be nice if it asked you this when you first set up your computer.

If you choose to save it to a file, it will make you save it onto a disk that you’re not currently encrypting, such as a USB stick. Or you can choose to print it, and keep a hard copy. You must choose one of them to continue, but make sure you don’t choose “Save to your Microsoft account.”

On the next page it will ask you if you want to encrypt used disk space only (faster) or encrypt your entire disk including empty space (slower). If you want to be on the safe side, choose the latter. Then on the next page it will ask you if you wish to run the BitLocker system check, which you should probably do.

Finally, it will make you reboot your computer.

When you boot back up your hard disk will be encrypting in the background. At this point you can check your Microsoft account again to see if Windows uploaded your recovery key – it shouldn’t have.

Now just wait for your disk to finish encrypting. Congratulations: Your disk is encrypted and Microsoft no longer has the ability to unlock it.
https://theintercept.com/2015/12/28/...ncryption-key/





Inside North Korea's Totalitarian Operating System
Joseph Cox

The goal of a totalitarian regime is to control everything in a country: information, resources, and power. In the 21st century, that even includes omnipotence over the code that the country's computers use.

Enter RedStar OS: North Korea's own Linux based operating system, designed to monitor its users and remain resilient to any attempts to modify or otherwise exert control over it. On Sunday at Chaos Communication Congress, a security, art, and politics conference held annually in Hamburg, Germany, researchers Niklaus Schiess and Florian Grunow presented their in-depth investigation of the third version of the operating system.

Schiess and Grunow wanted to document the inner workings of RedStar because its use of freely available software, and in particular Linux, goes against the principles of the open source movement.

“They are using something that is supposed to support free-speech,” Grunow said.

As for what it actually looks like, “it's a fully featured desktop system,” Schiess told Motherboard. Under the hood, RedStar is based on Fedora 11, an iteration of the popular Linux distribution which was released in 2009, and works with a kernel—basically the heart of an operating system—from 2011. It comes with everything a user might need, including word processing and music creation software, and a modified Firefox browser. These applications, the desktop environment, and the underlying structure of the file system attempts to mimic that of Mac OSX.

But that is where the similarities with other operating systems end, and RedStar's totalitarian bent begins. RedStar enforces its dominance by rigorously monitoring any changes that a user might make, reacting accordingly, as well as creating “watermarks” on the files on any USB stick inserted into it.

In short, whenever a USB storage device containing documents, photos or videos is inserted into a RedStar computer, the operating system takes the current hard-disk's serial number, encrypts that number, and then writes that encrypted serial into the file, marking it.

The purpose “is to track who actually has this file, who created this file, and who opened this file,” Schiess said. That watermarking feature has been reported previously by the researchers, and others have published analyses of RedStar after versions of it have leaked or found their way out of the country. But Schiess and Grunow's newly presented dive into RedStar goes further, and is the most comprehensive picture of the OS yet.

RedStar “is highly customized,” Schiess said. “They've also added a lot of features to improve the security of the system.”

Those include a pre-installed firewall, extra protections of some of the system's core files, and a small program which constantly crawls the computer to check for any changes made to those files.

This program calls up a list of MD5 hashes—basically cryptographic fingerprints of files—and “as soon as this daemon sees that one of these files has been changed, it immediately reboots the system,” Schiess said. However, depending on the circumstances, the computer can sometimes get locked into an infinite cycle of booting and rebooting.

RedStar also even has its own anti-virus system, complete with a graphical user interface, which gets its updates from a server, unsurprisingly, located in North Korea.

All of these changes likely aren't designed to protect the system from an outside attacker, say a foreign nation attempting to remotely hack into North Korea's computer systems, but from RedStar's own users, the researchers said.

Indeed, it's clear that RedStar was not designed to be used outside the country, because the operating system's internet browser points to internal, North Korean IP addresses, as does the anti-virus update server, which can't be accessed from the outside world. (There is also a server version of RedStar however, that is used to run two public facing, North Korean websites). The applications are likely made by ten different developers: the researchers found the internal email addresses of different coders within the operating system's changelog.

The insular nature of the operating system, and the country, is further reflected in RedStar's custom crypto, which takes established encryption algorithms such as AES, and puts a new twist on them. It's unclear whether this was done because RedStar's developers feared these forms of encryption had been backdoored, meaning that an adversary could take advantage of them and access sensitive data, or whether they thought they could make some genuine improvements to the cryptography being used.

Regardless, “It shows they didn't even want to rely on foreign crypto,” Grunow said.

“They completely control every aspect of this system,” Grunow said.
https://motherboard.vice.com/read/in...erating-system





China Passes Antiterrorism Law That Critics Fear May Overreach
Chris Buckley

China’s legislature approved an antiterrorism law on Sunday after months of international controversy, including criticism from human rights groups, business lobbies and President Obama.

Critics had said that the draft version of the law used a recklessly broad definition of terrorism, gave the government new censorship powers and authorized state access to sensitive commercial data.

The government argued that the measures were needed to prevent terrorist attacks. Opponents countered that the new powers could be abused to monitor peaceful citizens and steal technological secrets.

In the end, the approved law published by state media dropped demands in the draft version that would have required Internet companies and other technology suppliers to hand over encryption codes and other sensitive data for official vetting before they went into use.

But the law still requires that companies hand over technical information and help with decryption when the police or state security agents demand it for investigating or preventing terrorist cases.

Telecommunication and Internet service providers “shall provide technical interfaces, decryption and other technical support and assistance to public security and state security agencies when they are following the law to avert and investigate terrorist activities,” says the law.

“Not only in China, but also in many places internationally, growing numbers of terrorists are using the Internet to promote and incite terrorism, and are using the Internet to organize, plan and carry out terrorist acts,” an official, Li Shouwei, said at a news conference in Beijing.

The approval by the legislature, which is controlled by the Communist Party, came as Beijing has become increasingly jittery about antigovernment violence, especially in the ethnically divided region of Xinjiang in western China, where members of the Uighur minority have been at growing odds with the authorities.

Chinese leaders have ordered security forces to be on alert against a possible terrorist attack of the kind that devastated Paris in November.

Over the weekend, the shopping neighborhood of Sanlitun in Beijing was under reinforced guard by People’s Armed Police troops after several foreign embassies, including that of the United States, warned that there were heightened security risks there around Christmas.

In addition, the Chinese Ministry of Foreign Affairs said on Saturday that it would expel a French journalist, Ursula Gauthier, for a report that suggested the Chinese government’s unyielding policies were stoking violence by Uighurs in Xinjiang.

Uighurs are a Turkic ethnic minority, largely Sunni Muslim, who have become ever more discontented with controls on their religion and culture and with an influx into Xinjiang of ethnic Han migrants. The government says that violent acts by disaffected Uighurs have been inspired and instigated by international extremist groups, but critics say the conflict arises from homegrown disaffection.

In March of last year, Uighur assailants used knives to slash to death 29 people at a train station in Kunming, a city in southwest China. Last month, the government in Xinjiang said Chinese security forces had killed 28 people who were accused of orchestrating an attack on a coal mine that killed 16 people.

Human rights groups have warned that the law will give even more intrusive powers to the Chinese government, which already has broad, virtually unchecked authority to monitor and detain citizens and to demand information from companies and Internet services.

“While the Chinese authorities do have a legitimate duty in safeguarding their citizens from violent attacks, passing this law will have some negative repercussions for human rights,” said William Nee, a researcher on China for Amnesty International who is based in Hong Kong, via email.

“Essentially, this law could give the authorities even more tools in censoring unwelcome information and crafting their own narrative in how the ‘war on terror’ is being waged,” Mr. Nee said.

International companies that use encrypted technology in China had been worried by provisions in the draft law that would have required them to hand over code and other information so that the authorities could monitor users. The law could affect multinational companies like Cisco, IBM and Apple, all of which have big stakes in China.

“These companies have been dealing with this increased, let’s call it oversight, for the last two or three years,” said Scott D. Livingston, a lawyer who works for Simone IP Services, a consulting firm in Hong Kong, and who has followed the discussions over the law. With the antiterrorism law, Mr. Livingston said, “from the government’s perspective, you have a stronger basis to request this access.”

In January, foreign business groups wrote to President Xi Jinping to voice collective unease about China’s Internet policies, including the draft legislation, which could have required handing over sensitive data and commercial secrets.

In an interview with Reuters in early March, Mr. Obama criticized the proposed legislation and similar initiatives by the Chinese government, and warned that technology companies would not go along with the intrusive demands laid out in the draft law.

A few days before the antiterrorism law passed, Hong Lei, a spokesman for China’s Ministry of Foreign Affairs, said at a regular news briefing that criticism from the Obama administration was unfounded.

Mr. Li, the criminal law expert with the National People’s Congress, insisted that the new law was no reason for multinationals to be alarmed. “These rules will not affect the ordinary business activities of the firms concerned,” he said.
http://www.nytimes.com/2015/12/28/wo...overreach.html





U.S. Spy Net on Israel Snares Congress

National Security Agency’s targeting of Israeli leaders also swept up the content of private conversations with U.S. lawmakers
Adam Entous and Danny Yadron

President Barack Obama announced two years ago he would curtail eavesdropping on friendly heads of state after the world learned the reach of long-secret U.S. surveillance programs.

But behind the scenes, the White House decided to keep certain allies under close watch, current and former U.S. officials said. Topping the list was Israeli Prime Minister Benjamin Netanyahu.

The U.S., pursuing a nuclear arms agreement with Iran at the time, captured communications between Mr. Netanyahu and his aides that inflamed mistrust between the two countries and planted a political minefield at home when Mr. Netanyahu later took his campaign against the deal to Capitol Hill.

The National Security Agency’s targeting of Israeli leaders and officials also swept up the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups. That raised fears—an “Oh-s— moment,” one senior U.S. official said—that the executive branch would be accused of spying on Congress.

White House officials believed the intercepted information could be valuable to counter Mr. Netanyahu’s campaign. They also recognized that asking for it was politically risky. So, wary of a paper trail stemming from a request, the White House let the NSA decide what to share and what to withhold, officials said. “We didn’t say, ‘Do it,’ ” a senior U.S. official said. “We didn’t say, ‘Don’t do it.’ ”

Stepped-up NSA eavesdropping revealed to the White House how Mr. Netanyahu and his advisers had leaked details of the U.S.-Iran negotiations—learned through Israeli spying operations—to undermine the talks; coordinated talking points with Jewish-American groups against the deal; and asked undecided lawmakers what it would take to win their votes, according to current and former officials familiar with the intercepts.

Before former NSA contractor Edward Snowden exposed much of the agency’s spying operations in 2013, there was little worry in the administration about the monitoring of friendly heads of state because it was such a closely held secret. After the revelations and a White House review, Mr. Obama announced in a January 2014 speech he would curb such eavesdropping.

In closed-door debate, the Obama administration weighed which allied leaders belonged on a so-called protected list, shielding them from NSA snooping. French President François Hollande, German Chancellor Angela Merkel and other North Atlantic Treaty Organization leaders made the list, but the administration permitted the NSA to target the leaders’ top advisers, current and former U.S. officials said. Other allies were excluded from the protected list, including Recep Tayyip Erdogan, president of NATO ally Turkey, which allowed the NSA to spy on their communications at the discretion of top officials.

Privately, Mr. Obama maintained the monitoring of Mr. Netanyahu on the grounds that it served a “compelling national security purpose,” according to current and former U.S. officials. Mr. Obama mentioned the exception in his speech but kept secret the leaders it would apply to.

Israeli, German and French government officials declined to comment on NSA activities. Turkish officials didn’t respond to requests Tuesday for comment. The Office of the Director of National Intelligence and the NSA declined to comment on communications provided to the White House.

This account, stretching over two terms of the Obama administration, is based on interviews with more than two dozen current and former U.S. intelligence and administration officials and reveals for the first time the extent of American spying on the Israeli prime minister.

Taking office

After Mr. Obama’s 2008 presidential election, U.S. intelligence officials gave his national-security team a one-page questionnaire on priorities. Included on the form was a box directing intelligence agencies to focus on “leadership intentions,” a category that relies on electronic spying to monitor world leaders.

The NSA was so proficient at monitoring heads of state that it was common for the agency to deliver a visiting leader’s talking points to the president in advance. “Who’s going to look at that box and say, ‘No, I don’t want to know what world leaders are saying,’ ” a former Obama administration official said.

In early intelligence briefings, Mr. Obama and his top advisers were told what U.S. spy agencies thought of world leaders, including Mr. Netanyahu, who at the time headed the opposition Likud party.

Michael Hayden, who led the NSA and the Central Intelligence Agency during the George W. Bush administration, described the intelligence relationship between the U.S. and Israel as “the most combustible mixture of intimacy and caution that we have.”

The NSA helped Israel expand its electronic spy apparatus—known as signals intelligence—in the late 1970s. The arrangement gave Israel access to the communications of its regional enemies, information shared with the U.S. Israel’s spy chiefs later suspected the NSA was tapping into their systems.

When Mr. Obama took office, the NSA and its Israeli counterpart, Unit 8200, worked together against shared threats, including a campaign to sabotage centrifuges for Iran’s nuclear program. At the same time, the U.S. and Israeli intelligence agencies targeted one another, stoking tensions.

“Intelligence professionals have a saying: There are no friendly intelligence services,” said Mike Rogers, former Republican chairman of the House Intelligence Committee.

Early in the Obama presidency, for example, Unit 8200 gave the NSA a hacking tool the NSA later discovered also told Israel how the Americans used it. It wasn’t the only time the NSA caught Unit 8200 poking around restricted U.S. networks. Israel would say intrusions were accidental, one former U.S. official said, and the NSA would respond, “Don’t worry. We make mistakes, too.”

In 2011 and 2012, the aims of Messrs. Netanyahu and Obama diverged over Iran. Mr. Netanyahu prepared for a possible strike against an Iranian nuclear facility, as Mr. Obama pursued secret talks with Tehran without telling Israel.

Convinced Mr. Netanyahu would attack Iran without warning the White House, U.S. spy agencies ramped up their surveillance, with the assent of Democratic and Republican lawmakers serving on congressional intelligence committees.

By 2013, U.S. intelligence agencies determined Mr. Netanyahu wasn’t going to strike Iran. But they had another reason to keep watch. The White House wanted to know if Israel had learned of the secret negotiations. U.S. officials feared Iran would bolt the talks and pursue an atomic bomb if news leaked.

The NSA had, in some cases, spent decades placing electronic implants in networks around the world to collect phone calls, text messages and emails. Removing them or turning them off in the wake of the Snowden revelations would make it difficult, if not impossible, to re-establish access in the future, U.S. intelligence officials warned the White House.

Instead of removing the implants, Mr. Obama decided to shut off the NSA’s monitoring of phone numbers and email addresses of certain allied leaders—a move that could be reversed by the president or his successor.

There was little debate over Israel. “Going dark on Bibi? Of course we wouldn’t do that,” a senior U.S. official said, using Mr. Netanyahu’s nickname.

One tool was a cyber implant in Israeli networks that gave the NSA access to communications within the Israeli prime minister’s office.

Given the appetite for information about Mr. Netanyahu’s intentions during the U.S.-Iran negotiations, the NSA tried to send updates to U.S. policy makers quickly, often in less than six hours after a notable communication was intercepted, a former official said.

Emerging deal

NSA intercepts convinced the White House last year that Israel was spying on negotiations under way in Europe. Israeli officials later denied targeting U.S. negotiators, saying they had won access to U.S. positions by spying only on the Iranians.

By late 2014, White House officials knew Mr. Netanyahu wanted to block the emerging nuclear deal but didn’t know how.

On Jan. 8, John Boehner, then the Republican House Speaker, and incoming Republican Senate Majority Leader Mitch McConnell agreed on a plan. They would invite Mr. Netanyahu to deliver a speech to a joint session of Congress. A day later, Mr. Boehner called Ron Dermer, the Israeli ambassador, to get Mr. Netanyahu’s agreement.

Despite NSA surveillance, Obama administration officials said they were caught off guard when Mr. Boehner announced the invitation on Jan. 21.

Soon after, Israel’s lobbying campaign against the deal went into full swing on Capitol Hill, and it didn’t take long for administration and intelligence officials to realize the NSA was sweeping up the content of conversations with lawmakers.

The message to the NSA from the White House amounted to: “You decide” what to deliver, a former intelligence official said.

NSA rules governing intercepted communications “to, from or about” Americans date back to the Cold War and require obscuring the identities of U.S. individuals and U.S. corporations. An American is identified only as a “U.S. person” in intelligence reports; a U.S. corporation is identified only as a “U.S. organization.” Senior U.S. officials can ask for names if needed to understand the intelligence information.

The rules were tightened in the early 1990s to require that intelligence agencies inform congressional committees when a lawmaker’s name was revealed to the executive branch in summaries of intercepted communications.

A 2011 NSA directive said direct communications between foreign intelligence targets and members of Congress should be destroyed when they are intercepted. But the NSA director can issue a waiver if he determines the communications contain “significant foreign intelligence.”

The NSA has leeway to collect and disseminate intercepted communications involving U.S. lawmakers if, for example, foreign ambassadors send messages to their foreign ministries that recount their private meetings or phone calls with members of Congress, current and former officials said.

“Either way, we got the same information,” a former official said, citing detailed reports prepared by the Israelis after exchanges with lawmakers.

During Israel’s lobbying campaign in the months before the deal cleared Congress in September, the NSA removed the names of lawmakers from intelligence reports and weeded out personal information. The agency kept out “trash talk,” officials said, such as personal attacks on the executive branch.

Administration and intelligence officials said the White House didn’t ask the NSA to identify any lawmakers during this period.

“From what I can tell, we haven’t had a problem with how incidental collection has been handled concerning lawmakers,” said Rep. Adam Schiff, a California Democrat and the ranking member of the House Permanent Select Committee on Intelligence. He declined to comment on any specific communications between lawmakers and Israel.

The NSA reports allowed administration officials to peer inside Israeli efforts to turn Congress against the deal. Mr. Dermer was described as coaching unnamed U.S. organizations—which officials could tell from the context were Jewish-American groups—on lines of argument to use with lawmakers, and Israeli officials were reported pressing lawmakers to oppose the deal.

“These allegations are total nonsense,” said a spokesman for the Embassy of Israel in Washington.

A U.S. intelligence official familiar with the intercepts said Israel’s pitch to undecided lawmakers often included such questions as: “How can we get your vote? What’s it going to take?”

NSA intelligence reports helped the White House figure out which Israeli government officials had leaked information from confidential U.S. briefings. When confronted by the U.S., Israel denied passing on the briefing materials.

The agency’s goal was “to give us an accurate illustrative picture of what [the Israelis] were doing,” a senior U.S. official said.

Just before Mr. Netanyahu’s address to Congress in March, the NSA swept up Israeli messages that raised alarms at the White House: Mr. Netanyahu’s office wanted details from Israeli intelligence officials about the latest U.S. positions in the Iran talks, U.S. officials said.

A day before the speech, Secretary of State John Kerry made an unusual disclosure. Speaking to reporters in Switzerland, Mr. Kerry said he was concerned Mr. Netanyahu would divulge “selective details of the ongoing negotiations.”

The State Department said Mr. Kerry was responding to Israeli media reports that Mr. Netanyahu wanted to use his speech to make sure U.S. lawmakers knew the terms of the Iran deal.

Intelligence officials said the media reports allowed the U.S. to put Mr. Netanyahu on notice without revealing they already knew his thinking. The prime minister mentioned no secrets during his speech to Congress.

In the final months of the campaign, NSA intercepts yielded few surprises. Officials said the information reaffirmed what they heard directly from lawmakers and Israeli officials opposed to Mr. Netanyahu’s campaign—that the prime minister was focused on building opposition among Democratic lawmakers.

The NSA intercepts, however, revealed one surprise. Mr. Netanyahu and some of his allies voiced confidence they could win enough votes.
http://www.wsj.com/article_email/u-s...MTI0OTgyNjk4Wj





Meet the Shadowy Tech Brokers that Deliver Your Data to the NSA

These so-called "trusted third-parties" may be the most important tech companies you've never heard of. ZDNet reveals how these companies work as middlemen or "brokers" of customer data between ISPs and phone companies, and the U.S. government.
Zack Whittaker

Picture two federal agents knocking at your door, ready to serve you a top secret order from the U.S. government, demanding that you hand over every shred of data you own — from usernames and passwords, phone records, emails, and social networking and credit card data.

You can't tell anyone, and your only viable option is to comply.

For some U.S. Internet service providers (ISP) and phone companies, this scenario happens — and often. Just one ISP hit by a broad-ranging warrant has the potential to affect the privacy of millions of Americans.

But when one Atlanta, Georgia-based Internet provider was served a top-secret data request, there wasn't a suited-and-booted federal agent in sight.

Why? Because the order was served on a so-called "trusted third-party," which handles the request, served fresh from the secretive Washington D.C.-based Foreign Intelligence Surveillance (FISA) Court. With permission from their ISP customers, these third-parties discreetly wiretap their networks at the behest of law enforcement agencies, like the Federal Bureau of Investigation (FBI), and even intelligence agencies like the National Security Agency (NSA).

By implementing these government data requests with precision and accuracy, trusted third-parties — like Neustar, Subsentio, and Yaana — can turn reasonable profits for their services.

Little is known about these types of companies, which act as outsourced data brokers between small and major U.S. ISPs and phone companies, and the federal government. Under the 1994 law, the Communications Assistance for Law Enforcement Act (CALEA), any company considered a "communications provider" has to allow government agencies access when a valid court order is served. No matter how big or small, even companies whose legal and financial resources are limited do not escape federal wiretapping laws.

On a typical day, these trusted third-parties can handle anything from subpoenas to search warrants and court orders, demanding the transfer of a person's data to law enforcement. They are also cleared to work with classified and highly secretive FISA warrants. A single FISA order can be wide enough to force a company to turn over its entire store of customer data.

For Cbeyond, a Nasdaq stock exchange-listed ISP based in Atlanta, Georgia, data requests can be put almost entirely out of mind. The company generates more than $450 million in revenue each year and serves more than 50,000 business customers — primarily small to medium-sized companies — in more than a dozen U.S. states.

The ISP's legal resources are razor thin, according to an executive at the company, who did not want to be named for the story. As a result, the company does not always directly handle government data requests.

The company outsources a good portion of its legal and compliance responsibilities to Neustar, which bought its way into the wiretapping business following its 2005 acquisition of compliance firm, Fiducianet.

Cbeyond can receive as many as five to ten subpoenas per week. These data requests are regularly forwarded to Neustar, which acts as the ISP's "custodian of records." They are validated, and — more often than not — data is handed over to the requesting law enforcement agency.

But on the rare occasion Cbeyond receives a top-secret FISA warrant — two per year on average, according to a senior staffer, who has direct knowledge of the matter, Neustar pulls the data from the ISPs networks and hands it to the requesting government agency.

These warrants can allow the FBI or the NSA to collect an unknown but potentially limitless amount of data on millions of Americans and foreigners.

"Hidden, but not visible"

Created by its namesake law, the Foreign Intelligence Surveillance Act in 1978, the FISA Court issues more than a thousand classified warrants a year for Americans' data. One former NSA analyst likened it to a "kangaroo court with a rubber stamp," as it keeps very few records, of which many are kept in the utmost secrecy and away from public scrutiny.

Only documents leaked by former U.S. intelligence contractor Edward Snowden have helped lift the lid on the shadowy world of these secret so-called FISA warrants. Signed off by the court, these warrants give the FBI and the NSA wide-ranging access to American data, in spite of Fourth Amendment protections designed to protect against overreaching domestic government surveillance.

The first classified document leaked by the former U.S. government contractor showed how the Obama administration forced Verizon to turn over its entire store of metadata on a rolling basis to the NSA.

FISA warrants are designed to be issued on individuals, or customers who store data belonging to those people who, according to the Office of the Director of National Intelligence, "are or may be" engaged in espionage, sabotage, terrorism (or aiding a terrorist), or take orders from a foreign government.

When these secretive FISA orders are issued, there is little indication to Cbeyond, or any other local or major ISP or phone company, what the requested data may be used for. It could be for a terrorism case, or it could be a small part of an undisclosed NSA program. That also poses a problem for the companies wanting to fight back — and some companies have found the process notoriously difficult — not least because it requires an attorney with top-secret security clearance.

One of those attorneys, who declined to be named for the story because the person holds top-secret security clearance, explained that although hundreds of lawyers have the same clearance — including those serving terror suspects in Guantanamo Bay — very few have been in front of the FISA Court to defend their clients. These clearance-holding lawyers have been in high demand over the past year representing major Silicon Valley companies implicated in the NSA's surveillance programs.

For the majority of smaller companies (as well as larger ones, who have refused to comment on challenging such warrants), complying with data demands may be their only option. The vast majority, however, do not have the resources to handle such requests.

"If they don't have an internal lawyer [reviewing FISA warrants], they could use a third-party service. That third-party can't provide legal advice, but it can create a system for reviewing the data, pulling, and processing the data," the security clearance-holding attorney said.

Enter the trusted third-party, which facilitates the data request between the two.

Neustar's business is wide-ranging. Many industry insiders know it as a phone number portability company and the owner of top-level domain names. But its dedicated — and widely-unknown — legal and compliance division, dubbed "fiduciary" services, handles subpoenas and warrants on behalf of their customers, provides technical assistance in the lawful interception of data, and the services to carry out the surveillance demanded by the court or law enforcement agency.

"It's not hidden, but not visible," according to a former Neustar executive who worked in the division and who declined to be named, because the customers whose activities the division supports are ones that customers "don't publicize very much." These services are stigmatized particularly in the wake of the Snowden disclosures. The person said that ordinary people do not want to know that their data is up for grabs.

BuzzFeed in 2012 profiled Neustar in some depth, disclosing the scope of its legal intercept unit. The piece led the company to disclose for the first time transparency figures (more on that later).

Neustar works primarily for small to medium-sized businesses. The company said two years ago that it serves about 400 of the "thousands" of U.S. phone companies — including smaller firms like Cbeyond and Grande Communications, but also larger firms like Bright House Networks, and also Cricket, which disclosed its relationship with Neustar to Congress in May 2012 — to handle and respond to the court orders they receive. Neustar does not always act as the first go-to point for its customers.

The fiduciary division can also be held on reserve as an "overflow" in cases where its larger corporate giants may be inundated with more demands for data than usual, the former Neustar executive said.

To the degree that the company performs overflow functions for companies such as Verizon, Neustar chief privacy officer and deputy general counsel Becky Burr explained, it is "only non-criminal information," such as civil subpoenas, often generated in bitter divorce and custody disputes.

Neustar data request figures

Neustar came under fire in 2012 for withholding from the public any details on wiretap or data requests it receives on behalf of its clients.

The company disclosed, for the second time, to ZDNet its latest transparency figures. Burr said the company has seen a spike in lawful intercept requests since the five-year period ending 2011, thanks to the new business of a larger customer in 2011, which is not named as it was divulged off the record.

These lawful requests are authorized by a court, and can mandate a company to hand over the contents of emails and phone calls — including the time, date, and duration of calls, and the phone numbers themselves, though not the contents of the calls made.
Out of the 2,278 data requests Neustar processed in 2012, about 77 percent came from that one unnamed customer, and accounted for about 76 percent of all Neustar's processed requests in 2013.

While the division also processes civil requests, and in rare cases handles emergency responses from law enforcement agencies — such as the immediate threat to property or life — it nonetheless handles a significant portion of its customers' criminal requests.

Neustar's figures show a spike in warrants since its first transparency report. The figures show that civil requests make up the bulk of Neustar's fiduciary business, but criminal requests — including court orders and search warrants — make up about one-third of the overall requests.

As per reporting rules set out by the U.S. Department of Justice on disclosing FISA requests and National Security Letters (NSLs), which can be used to compel an ISP or phone company while gagging them from disclosing the fact, the last six-months worth of data is not available. Any requests prior to the six-month reporting rule are disclosed only a numerical range.

Although the range spans from zero, we know from Cbeyond's case that at least one FISA warrant has been served.

The scope of other existing FISA orders are also shrouded in secrecy, along with the process by which these secret court orders are served on companies. Although U.S. residents are afforded legal protections to limit domestic government surveillance, the Obama administration has come under intense scrutiny for using secret interpretations of surveillance law to acquire Americans' data.

The process by which FISA warrants are served on companies or individuals isn't widely unknown, due to the restrictions on whom recipients can talk to.

In reality, it may not involve federal agents showing up at your door at all. It may be as routine as a phone call from an ISP's third-party provider. That's when the wiretapping can begin.

"Of what worth is our permission?"

Neustar will typically inform the ISP by phone that a warrant has been received. According to the former Neustar executive, the smaller the carrier, the greater chance Neustar's staff will see such orders first — though, not in every case.

Despite their secrecy, what is known is that FISA warrants are generally targeted and individualized, but they can also be broad and wide-ranging. While the contents of the FISA warrant are classified, it will state the legal authority under which a wiretap can be placed.

When it's the latter case, the law says multiple warrants can be served each year on a rolling basis to maintain fresh oversight by judges, or to form a new legal basis to acquire more data.

Companies like Neustar, Subsentio, and Yaana have staff with security clearance, allowing them to see, review, and execute the warrant.

If an order is not valid, or it has deficiencies such as inappropriate language, the third-party's legal experts may outright reject the order — regardless of the type of order issued by the law enforcement agency.

"Every action Neustar took as an outsourced partner was really governed by the carriers' policies and procedures," the former Neustar executive explained. If an ISP or phone company was particularly conscious of its customers' civil liberties, Neustar can adopt strict guidelines to meet those criteria. That said, if a customer is less than willing to uphold the rights — or was unable to pay to have the order challenged in court — Neustar may near-automatically accept each government data request.

The ISP remains informed along the way, and will be the final arbiter on whether or not a data request will be accepted or rejected — regardless of its policies in directing Neustar how to act.

Neustar, like other trusted third-parties, are granted full technical access to the network of its ISP customer, either by way of the company's own wiretap equipment or technology provided by the trusted third-party. Then, Neustar will formally request permission from the ISP's general counsel to execute the warrant. As often is the case, no information about the FISA request is given to the company.

"Of what worth is our permission when we don't even know what we're being asked to give access to?" a senior staffer at Cbeyond admitted.

Neustar can in many cases execute the warrant from anywhere within the U.S., keeping within the bounds of the country's surveillance law. But when a wiretap device is needed, they are not hard to come by. Most networking equipment makers sell devices that can be used to collect data, or used to inspect data — so-called deep-packet inspection devices, which can also be used to prevent piracy, the spread of malware, and website access, all at the Internet provider level.

Once a FISA warrant is issued, so-called "tasking" orders, which contain selectors — like a phone number or an email address — are often sent electronically to the ISP. These tell the ISP or phone company, or third-parties like Neustar, exactly where to wiretap and what data to collect to hand back to the requesting authority.

By acting as middlemen, companies like Neustar, Subsentio, and Yaana often liaise with the targeted ISP or phone company, and the law enforcement agency to act as a channel in which intercepted data can flow.

For Cbeyond, the process is relatively straightforward — it's out of sight and (almost) out of mind. But, that's not the case for every ISP or phone company. Each company's infrastructure has unique requirements.

FISA requests also come at a cost on two fronts for the ISP. Neustar's services are held on retainer, with additional costs for each warrant.

Although financial arrangements were not disclosed between Cbeyond and Neustar, the ISP's limited annual revenue and legal resources are a driving factor behind why it has not so far challenged a FISA warrant. But, Neustar will also work with U.S. law enforcement agencies to recover costs, which they are entitled to do under the law, for data requests.

Other companies work on a case-by-case basis, or charge a little more each year instead of taking on a retainer fee.

"Maybe we should be thinking about civil liberties more"

Data requests can be refused — it's not often that it happens, but it does. For the third-party companies, their obligations are with their client and not the law enforcement agency.

But there are limits. If the ISP or phone company decides to fight a warrant, the third-party can stand back and wash its hands of it.

Burr said Neustar "has and will" reject subpoenas that are inadequate for one reason or another. But should its clients choose to fight a FISA warrant or court order it believes to be overbroad, Neustar will not join the battle in court.

Other trusted third-parties take a similar approach.

"We're out of the picture," said Marcus Thomas, chief technology officer at Subsentio, another trusted third-party company, founded in 2004, and based out of Littleton, Colorado.

The company has "well over 100 customers," and mostly focused on wireless carriers and cloud providers, Thomas said on the phone. Thomas is no stranger to this field. As a former FBI assistant director, he was responsible for the bureau's lawful interception operations. He retired in 2011.

Thomas said that Subsentio, unlike Neustar, is not a formal "custodian of records," but it interacts with both parties to ensure the correct records and the right amount of data is transferred from the company to the law enforcement agency. The company typically handles pen registers for real-time recording of phone numbers made from a particular line, full-content wiretap orders, and FISA warrants.

Subsentio provides more than simply the legal vetting procedures for determining whether a lawful intercept can go ahead. It's not unusual for Subsentio to provide the actual wiretap device itself, should its customer need one.

"If they choose not to implement it, they don't authorize use to implement it," Thomas said.

Yaana operates under a similar regime. Founded in 2007 and based in the heart of Silicon Valley, it has "dozens" of companies out of the thousands of U.S.-based ISP and phone companies. The firm also serves companies operating with a foreign presence, and supports warrants from a number of European states. Yaana's focus is compliance in the cloud, which — according to executive vice president for regulatory affairs and standards Tony Rutkowski — the vast majority of technology companies were "slowly but surely" moving towards.

Like Neustar, Yaana acts as legal agent to its corporate customers, Rutkowski said. Thanks to its in-house "rules-based reasoning engine," law enforcement requests can be triaged and cleared, which are then accepted or rejected by on-call staff. For subpoenas, the system is straightforward and near-autonomous. For court orders under seal — of which many are — these require the direct approval from the ISP or phone provider.

"If they haven't seen it, we won't approve it," Yaana's chief technology officer David Grootwassink explained on the phone.

However, when handling FISA warrants, there "isn't a lot of wiggle room" except to ensure that they are valid, Grootwassink said. The FISA warrant requires the approval of the ISP or phone provider to decide whether it will comply or not. Should a company wish to fight the order, the company will not step in to fight on behalf of or alongside its ISP or phone provider client.

"It's the provider's problem," Rutkowski said. "The nice part about the trusted third-party business is that just from a liability standpoint, we don't want to be left holding the bag here." Grootwassink agreed. "We provide the gears. We don't get involved in fights between the governments and our clients."

Except, according to the numerous people spoken to for this article, many of the customers to these trusted third-party firms may not have the legal expertise or resources in the first place to develop policies that are fitting for the Internet and phone customers they serve.

Because Neustar, Subsentio, and Yaana act on behalf of their clients' best wishes, their clients themselves may be the weakest link in the privacy chain. Many of the companies outsourcing their services to a trusted third-party may not have strong policies designed to first and foremost protect the civil liberties of their customers.

These policies dictate how the trusted third-party will respond to requests ahead of time, without having to face getting dragged into the minutia of each case.

Although some ISPs have wanted to fight tooth and nail, they have not had the money to hire a top-secret cleared attorney to argue their case. Instead, they have invoked their interpretation of the First Amendment — the right to free speech — to disclose that they have received a FISA warrant , despite the secrecy and gagging clauses that come with them.

Others, like Cbeyond, "haven't examined simply saying 'no' and challenging them," said the person with direct knowledge of the warrants served on the ISP.

"What we're doing is what the rest of the American public is doing," the person said. "We're trusting in some way that these [warrants] are being handled in a responsible fashion."

Because of its business clientele, higher management was "not thinking about civil liberties issues," noting that the company near-automatically approved all requests.

"We don't have a department designed to resist unwarranted government intrusions or to even figure out if they're unwarranted or not," the person said.

The onus of responsibility is with business customers it serves, Cbeyond believes — which the people argued that they likely themselves still do not have the resources to deal with such warrants. The ISP is instead focused on fighting "incessant and unrelenting regulatory attacks" from its larger corporate rivals, one of the people said.

For the end customers or ISPs and phone companies, they are not made aware that their data is being collected. In many cases, a company's chief executive is kept out of the loop.

U.S. surveillance law restricts who can be told about classified data requests. Although the law does not preclude a company's chief executive from knowing, Cbeyond's chief executive Jim Geiger said on the phone he would not be informed of the receipt of any FISA warrants, nor would he know about all of the subpoenas the company gets.

"It's a wide burden for a chief executive's involvement of things that would suck time and energy that aren't necessary," he said.

"We are not a regulated industry"

Cbeyond's approach means Neustar will accept almost every government data request it receives on behalf of the ISP — so long as they pass Neustar's own internal legal review.

In the relationship between ISPs and phone companies and these trusted third-parties, there are few — if any — sticking points. The ISPs devolve a portion of their responsibilities to the third-party, which generates a tidy sum for their services, and the law enforcement agencies receive the data they request.

But despite this data handover process, there remains little regulation or oversight of the trusted third-party industry.

Staff members at these companies hold U.S. security clearance and are therefore legally allowed to handle and remotely execute FISA warrants and directives. They fall within the realm of rules, protocols and laws that the U.S. intelligence community abides by.

But the vast majority of their work goes unsupervised by the government.

"Even though its sounds like [trusted third-parties] are regulated or licensed… the [legal] functions weren't fully outsourced," the former Neustar executive said. "You didn't as a carrier turn over your responsibilities to someone who's licensed to do those responsibilities. You hired competent staff on an outsourced basis to do your work, and it's all governed by the policies of the carrier."

"Everything was just an extension of the [carrier's] work center," they said. "Neustar wasn't doing anything other than work for [its] carriers."

Neustar says it reviews, validates, and keeps audit trails for its customers. Subsentio and Yaana also audit their activities for their customers' benefit in order to make sure the companies are not conducting activities beyond their purview.

Thomas said trusted third-parties are "not a regulated industry" and that there is no external party reviewing such work. He said that the company does not undergo any audits that would examine how they do their jobs.

"We sort-of determine our own communication and security requirements," Thomas said. The only exception is classified work, which he said is "reviewed" periodically by the company.

The only oversight, per se, is from the public. In the wake of the Snowden leaks, many companies have bowed to public pressure and released government data request figures. Cbeyond does not currently have a transparency report, and Geiger said the company has no plans to publish one any time soon. But a company's size is no excuse for some. Like one Utah-based ISP XMission, which has a staff just shy of 50 employees and one attorney, the company regularly updates its transparency pages — even on one occasion disclosing it had received and fulfilled an FISA warrant for one individual's data.

Cbeyond's business clientele were a driving reason behind Birch Communications' bid to acquire the ISP for $323 million, which closed on July 21. Birch is now said to comply with subpoenas and warrants in-house, ending the long-standing relationship with Neustar.

In June, one month before the deal closed, not knowing what changes the new regime would bring, the senior staffer at the ISP ended the conversation to go back to work.

"We're not thinking about civil liberties issues. Maybe we should have been thinking about it more."
http://www.zdnet.com/article/meet-th...ta-to-the-nsa/





Facewatch and CISA Point to a Ravenous, Crowdsourced Surveillance State

New software is making it easier than ever to spy on our neighbors, but those databases are rife with potential for abuse
John Knefel

Two recent developments in surveillance will make it harder than ever to maintain digital and physical privacy. They could also signal a new stage of cooperation between governments, corporations, and private citizens as partners in spying. In short, don’t read this if you get paranoid easily.

On Friday, President Barack Obama signed into law a massive spending bill that includes new spying powers for the government and corporations. Attached to the must-pass budget legislation was the Cybersecurity Information Sharing Act, which allows tech companies to pass user information to the federal government under the guise of preventing cyber attacks.

Critics say the law won’t do anything to secure vulnerable networks, but will drastically expand the government’s surveillance powers. For one, CISA gives seven agencies – including the NSA – broad access to personal information collected by online companies without requiring a warrant. The bill had previously failed on its own, but once House Speaker Paul Ryan announced CISA would be included in the trillion-dollar omnibus bill its passage was all but guaranteed.

Because of last-minute addition of #CISA, Congress members “are not even going to know what they’re passing." https://t.co/UaeD5Gqv8E
— The Intercept (@the_intercept) December 18, 2015

“CISA is the new Patriot Act,” Evan Greer, Fight for the Future’s campaign director, said in a statement. “It’s a bill that was born out of a climate of fear and passed quickly and quietly using a broken and nontransparent process.”

We are already living in the “golden age of surveillance,” according to Peter Swire, who served on Obama’s Review Group on Intelligence and Communications Technology. With CISA on the books, that’s truer than ever.

But it’s not just Big Brother who’s spying.

A company in the UK called Facewatch has developed a way to crowdsource a watchlist that allows shop owners and restaurant managers in Britain to share CCTV footage to identify shoplifters or others deemed undesirable. In what was probably an inevitable if unsettling development, users can now integrate the software with facial recognition technology. In theory, that means that if a thief who stole from Store A shows up at Store B, Store B’s manager will get an automatic alert and take whatever action he or she chooses.

The reality may be shadier. As others have noted, there’s a strong whiff of Minority Report-style pre-crime at play here. You don’t need to be convicted of a crime, or even accused, for someone to tag you as a Facewatch “person of interest.” Or maybe you shoplifted years ago — perhaps even committed a violent crime — but did your time. Will a database with a long memory prevent you from buying a sweater?

'Facewatch' security cams give store owners a taste of what it's like to be big brother https://t.co/edV1PuQy0B pic.twitter.com/l07ZescnuS
— Popular Mechanics (@PopMech) December 19, 2015

I’ve covered this topic before, though in a slightly different way. A company called FST Biometrics offers a product that combines facial recognition with full-body identifiers – like height, shape, and gait – to improve the software’s accuracy. In one promotional video, they tout the program’s ability to alert store managers when a VIP customer enters their store.

Facewatch takes an old idea – neighborhood watch programs – and combines it with the most powerful surveillance technology ever created. The company’s website makes clear that its roughly 10,000 clients work closely with police and prosecutors in investigating and preventing crime.

Crowdsourcing isn’t limited to faces, either. Anyone with a computer, an internet-enabled camera, and a few spare minutes can set up an automated license plate reader, courtesy of OpenALPR. “Every time someone drives past one of your cameras, OpenALPR records it to a database,” the company’s website reads. “With a simple search, you can see the full history of a vehicle as it drives through your property.”

One of the company’s two founders told ArsTechnica earlier this year that part of his motivation for developing the software was to eliminate the government’s monopoly on LPRs. “I’m a big privacy advocate as well — now you’ve got LPR just in the hands of the government, which isn’t a good thing,” he told Ars. “This brings costs down.” The post also quotes several privacy advocates who say that for now, at least, creating open-source license plate databases is perfectly legal. But as the article asks: “How long until a license plate reader data blackmail-style website appears?”

CISA, the "Son of Patriot Act", passed the House. No warrants, all data. Don't lobby. Don't vote. Don't whine. Don't plead. ENCRYPT.
— AndreasMAntonopoulos (@aantonop) December 18, 2015

Any watchlist that doesn’t have due process protections creates problems, whether that list is maintained by a government or private actors. Governments, in theory, provide at least some recourse to being blacklisted, through the court system. In the U.S., some people wrongly put on the government’s No Fly List have successfully sued to be removed, but thousands remain on it with no way to get off. How many people are in Facewatch’s database without their knowledge, and with no recourse whatsoever?

Laws like CISA will continue to break down barriers between privately collected data and governments who will seek to exploit it in the name of cybersecurity or terrorism prevention. With leading GOP presidential candidate Donald Trump floating the idea of creating a database of American Muslims, limitless surveillance powers should make everybody a little bit paranoid.
https://www.inverse.com/article/9430...eillance-state





Theresa May Wants to See Your Internet History, So We Thought It was Only Fair to Ask for Hers

The Home Office is keeping Ms May's list of visited websites a secret
Jon Stone

The Home Office has refused to make Theresa May’s internet browsing history public under freedom of information rules, arguing that a request to do so is “vexatious”.

The Independent requested the Home Secretary’s work browsing history for the last week of October under the Freedom of Information Act.

Under the new Investigatory Powers Bill announced by Ms May the internet browsing history of everyone in the UK will have to be stored for a year and police and security services will be able to access the list of visited websites without any warrant.

The Home Secretary described such information, which her department refused to release in relation to her, as “the modern equivalent of an itemised phone bill". Itemised phone bills have previously been released under the Freedom of Information Act.

The Freedom of Information Act is in theory supposed to allow for information held by government bodies to be disclosed, subject to certain conditions.

On 4 November the Independent invoked the Act to ask the Home Office to disclose “‘the web browser history of all web browsers on the Home Secretary Theresa May's GSI network account for the week beginning Monday 26 October”.

The only reason given by officials against disclosure of Ms May’s browsing history was that the request for transparency was a “scattergun” approach conducted “without any idea of what might be revealed”.

If the Department had agreed to the request, it would have shown a list of websites visited on the Home Secretary’s computer account for a week.

“We have considered your request and we believe it to be vexatious. Section 14(1) of the Act provides that the Home Office is not obliged to comply with a request for information of this nature,” officials said in a response.

“We have decided that your request is vexatious because it places an unreasonable burden on the department, because it has adopted a scattergun approach and seems solely designed for the purpose of ‘fishing’ for information without any idea of what might be revealed.”

Officials were told in the request that they could exclude any information related to security matters – so that this could not be used as an excuse to deny disclosure.

The Home Office did not reply to the request within the legal deadline, but eventually provided a response refusing to release the information.

While the Government is widening its own powers to access the information of citizens, it is watering down the public’s right to access the Government’s information.

The Government has launched a review into the Freedom of Information Act, with suggestions that the transparency law could be watered down to give ministers more space to act in secret.

Commenting on the new Government spying bill in November, Shami Chakrabarti, director of civil rights campaign Liberty, said:

“After all the talk of climbdowns and safeguards, this long-awaited Bill constitutes a breath-taking attack on the internet security of every man, woman and child in our country.

“We must now look to Parliament to step in where ministers have failed and strike a better balance between privacy and surveillance.”

At the launch of the Investigatory Powers Bill in Parliament, Ms May said: “There should be no area of cyberspace which is a haven for those who seek to harm us to plot, poison minds and peddle hatred under the radar.

“But I am also clear that the exercise and scope of investigatory powers should be clearly set out and subject to stringent safeguards and robust oversight, including ‘double-lock’ authorisation for the most intrusive capabilities.

“This bill will establish world-leading oversight to govern an investigatory powers regime which is more open and transparent than anywhere else in the world.”
http://www.independent.co.uk/news/uk...-a6785591.html





Spying on Congress and Israel: NSA Cheerleaders Discover Value of Privacy Only When their Own is Violated
Glenn Greenwald

The Wall Street Journal reported yesterday that the NSA under President Obama targeted Israeli Prime Minister Benjamin Netanyahu and his top aides for surveillance. In the process, the agency ended up eavesdropping on “the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups” about how to sabotage the Iran Deal. All sorts of people who spent many years cheering for and defending the NSA and its programs of mass surveillance are suddenly indignant now that they know the eavesdropping included them and their American and Israeli friends rather than just ordinary people.

The long-time GOP chairman of the House Intelligence Committee and unyielding NSA defender Pete Hoekstra last night was truly indignant to learn of this surveillance:

WSJ report that NSA spied on Congress and Israel communications very disturbing. Actually outrageous. Maybe unprecedented abuse of power.

— Pete Hoekstra (@petehoekstra) December 30, 2015

NSA and Obama officials need to be investigated and prosecuted if any truth to WSJ reports. NSA loses all credibility. Scary.

— Pete Hoekstra (@petehoekstra) December 30, 2015


In January 2014, I debated Rep. Hoekstra about NSA spying and he could not have been more mocking and dismissive of the privacy concerns I was invoking. “Spying is a matter of fact,” he scoffed. As Andrew Krietz, the journalist who covered that debate, reported, Hoekstra “laughs at foreign governments who are shocked they’ve been spied on because they, too, gather information” — referring to anger from German and Brazilian leaders. As TechDirt noted, “Hoekstra attacked a bill called the RESTORE Act, that would have granted a tiny bit more oversight over situations where (you guessed it) the NSA was collecting information on Americans.”

But all that, of course, was before Hoekstra knew that he and his Israeli friends were swept up in the spying of which he was so fond. Now that he knows that it is his privacy and those of his comrades that has been invaded, he is no longer cavalier about it. In fact, he’s so furious that this long-time NSA cheerleader is actually calling for the criminal prosecution of the NSA and Obama officials for the crime of spying on him and his friends.

This pattern — whereby political officials who are vehement supporters of the Surveillance State transform overnight into crusading privacy advocates once they learn that they themselves have been spied on — is one that has repeated itself over and over. It has been seen many times as part of the Snowden revelations, but also well before that.

In 2005, the New York Times revealed that the Bush administration ordered the NSA to spy on the telephone calls of Americans without the warrants required by law, and the paper ultimately won the Pulitzer Prize for doing so. The politician who did more than anyone to suffocate that scandal and ensure there were no consequences was then-Congresswoman Jane Harman, the ranking Democratic member on the House Intelligence Committee.

In the wake of that NSA scandal, Harman went on every TV show she could find and categorically defended Bush’s warrantless NSA program as “both legal and necessary,” as well as “essential to U.S. national security.” Worse, she railed against the “despicable” whistleblower (Thomas Tamm) who disclosed this crime and even suggested that the newspaper that reported it should have been criminally investigated (but not, of course, the lawbreaking government officials who ordered the spying). Because she was the leading House Democrat on the issue of the NSA, her steadfast support for the Bush/Cheney secret warrantless surveillance program and the NSA generally created the impression that support for this program was bipartisan.

But in 2009 — a mere four years later — Jane Harman did a 180-degree reversal. That’s because it was revealed that her own private conversations had been eavesdropped on by the NSA. Specifically, CQ’s Jeff Stein reported that an NSA wiretap caught Harman “telling a suspected Israeli agent that she would lobby the Justice Department to reduce espionage charges against two officials of American Israeli Public Affairs Committee (AIPAC) in exchange for the agent’s agreement to lobby Nancy Pelosi to name Harman chair of the House Intelligence Committee.” Harman vehemently denied that she sought this quid pro quo, but she was so furious that she herself(rather than just ordinary citizens) had been eavesdropped on by the NSA that — just like Pete Hoekstra did yesterday — she transformed overnight into an aggressive and eloquent defender of privacy rights, and demanded investigations of the spying agency that for so long she had defended:

I call it an abuse of power in the letter I wrote [Attorney General Eric Holder] this morning. … I’m just very disappointed that my country — I’m an American citizen just like you are — could have permitted what I think is a gross abuse of power in recent years. I’m one member of Congress who may be caught up in it, and I have a bully pulpit and I can fight back. I’m thinking about others who have no bully pulpit, who may not be aware, as I was not, that someone is listening in on their conversations, and they’re innocent Americans.

The stalwart defender of NSA spying learned that her own conversations had been monitored and she instantly began sounding like an ACLU lawyer, or Edward Snowden. Isn’t that amazing?

The same thing happened when Dianne Feinstein — one of the few members of Congress who could compete with Hoekstra and Harman for the title of Most Subservient Defender of the Intelligence Community (“I can honestly say I don’t know a bigger booster of the CIA than Senator Feinstein,” said her colleague Sen. Martin Heinrich) — learned in 2014 that she and her torture-investigating Senate Committee had been spied on by the CIA. Feinstein — who, until then, had never met an NSA mass surveillance program she didn’t adore — was utterly filled with rage over this discovery, arguing that “the CIA’s search of the staff’s computers might well have violated … the Fourth Amendment.” The Fourth Amendment! She further pronounced that she had “grave concerns” that the CIA snooping may also have “violated the separation of powers principles embodied in the United States Constitution.”

During the Snowden reporting, it was common to see foreign governments react with indifference — until they learned that they themselves, rather than just their unnotable subjects, were subject to spying. The first reports we did in both Germany and Brazil were about mass surveillance aimed at hundreds of millions of innocent people in those countries’ populations, and both the Merkel and Rousseff governments reacted with the most cursory, vacant objections: It was obvious they really couldn’t have cared less. But when both leaders discovered that they had been personally targeted, that was when real outrage poured forth, and serious damage to diplomatic relations with the U.S. was inflicted.

So now, with yesterday’s WSJ report, we witness the tawdry spectacle of large numbers of people who for years were fine with, responsible for, and even giddy about NSA mass surveillance suddenly objecting. Now they’ve learned that they themselves, or the officials of the foreign country they most love, have been caught up in this surveillance dragnet, and they can hardly contain their indignation. Overnight, privacy is of the highest value because now it’s their privacy, rather than just yours, that is invaded.
https://theintercept.com/2015/12/30/...n-is-violated/





Rubio Outraged by Spying on Israel’s Government, OK with Mass Surveillance of Americans
Zaid Jilani

On Wednesday, the Wall Street Journal revealed that the Obama administration had spied on the Israeli government and, in the process, roped in communications the Netanyahu administration had with members of the U.S. Congress.

This news sparked a denunciation by Florida senator and Republican presidential candidate Marco Rubio. “Obviously people read this report, they have a right to be concerned this morning about it,” said Rubio on Fox News Wednesday morning. “They have a right to be concerned about the fact that while some leaders around the world are no longer being targeted, one of our strongest allies in the Middle East — Israel — is. I actually think it might be worse than what some people might think, but this is an issue that we’ll keep a close eye on, and the role that I have in the intelligence committee.”

Rubio’s newfound objection to surveillance appears to be limited to spying on the Israeli government. The senator has been a long-time defender of the NSA’s mass surveillance. “There is no evidence that these programs have been systematically abused,” he said in 2014, decrying what he described as “paranoia” around surveillance programs.

The previous year, he defended spying on foreign government officials, saying that “everybody spies on everybody, it’s just a fact.” In the most recent presidential debate, he accused rivals, like Ted Cruz, of endangering U.S. security by supporting modest reforms to the surveillance regime.

One reason Rubio may be carving out a special objection to spying on the Israeli government is that he is competing in the so-called Adelson primary — a contest for the financial backing of the pro-Israel casino magnate who spent $150 million during the 2012 election.

Already, Rubio has locked in the support of Paul Singer, a billionaire hedge funder who has invested tens of millions of dollars in promoting pro-Israel causes. Singer hosted a fundraising event for Rubio in New York City earlier this month.

As of the time of publication, the Rubio campaign did not respond to a request for comment.
https://theintercept.com/2015/12/31/...-of-americans/





Tech Companies Face Criminal Charges if they Notify Users of UK Government Spying
Rob Thubron

Last week, it was reported that Yahoo had become the latest company that promised to alert users who it suspected were being spied on by state-sponsored actors. Twitter, Facebook and Google had previously assured their users that they would also warn them of any potential government spying. The UK, it seems, isn’t happy about this, and is pushing through a bill that will see the bosses of any company that warns its members that British agencies are monitoring them face up to two years in prison.

Specifically, UK ministers want to make it a criminal offence for tech firms to warn users of requests for access to their communication data made by security organizations such as MI5, MI6 and GCHQ (the Government Communications Headquarters).

A June report by David Anderson QC, the independent reviewer of terrorism legislation, revealed that Twitter’s policy requires it to notify its users of requests to access their data “unless persuaded not to do so, typically by a court order.” But a note to the bill would make this illegal.

The note says it “will ensure that a communication service provider does not notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so.”

The controversial Investigatory Powers Bill, nicknamed the snooper’s charter, was unveiled by home secretary Theresa May in November. Part of the proposed legislation would require tech firms to store users’ data for up to twelve months, including a record of every internet site visited, and allow government agencies unfettered access to the data. While the bill is being put forward as a deterrent against terrorism, online monitoring at this level has been banned in the US, Canada, and every other European nation.

The bill could also allow the UK government to demand that companies weaken the encryption on messaging services such as WhatsApp and iMessage to enable agencies to evesdrop on conversations, a proposal that Apple is strongly against. “We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat,” Apple said. “In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers.”
http://www.techspot.com/news/63292-t...y-notify.html?





Lawrence Lessig: Technology Will Create New Models for Privacy Regulation
Steve Rosenbush

The latest chapter of Lawrence Lessig’s career ended in November, when the Harvard Law School professor concluded his bid for the Democratic Party’s presidential nomination. That effort centered on his campaign to reform Congressional politics. Prior to that, Prof. Lessig’s scholarship, teaching and activism focused on technology policy and the Internet. He has argued for greater sharing of creative content, the easing of restrictions in areas such as copyright, and the concept of Net Neutrality. Prof. Lessig, who founded the Center for Internet and Society at Stanford Law School, is the author of numerous books on technology, including “Code: and Other Laws of Cyberspace,” and “The Future of Ideas: the Fate of the Commons in a Connected World.”

CIO Journal asked Prof. Lessig for his thoughts on how technology policy, which is at multiple critical junctures around the world, can and should evolve. Privacy, surveillance, and international governance of the Internet and telecommunications networks will approach milestones in 2016, with implications for business and beyond. Edited highlights of the conversation are below.

There’s no consensus about how the use of personal information should be governed, in the U.S. or globally. What do you think the best international framework for regulating the use of data should be?

What is happening in the technology space will really change in the next three to five years. At MIT, the Enigma group basically makes it possible to use and maintain data without holding data. I am able to ping the server and it processes nothing beyond the data that I need to know … it will make sense for people to no longer hold data, accept in a very narrow sense.

[editor’s note–Enigma is a decentralized cloud platform, based on blockchain technology, that its founders say guarantees privacy in an environment of multi-party computation. “Private data is stored, shared and analyzed without ever being fully revealed to any party,” according to the Enigma website. Enigma was created by MIT graduate students Guy Zyskind and Oz Nathan, under the advisement of MIT Professor and data scientist Alex “Sandy” Pentland, who spoke at the 2015 WSJ CIO Network. For more on the business applications of the blockchain online ledger, [uel=http://blogs.wsj.com/cio/2015/12/22/blockchain-real-estate-industry-could-see-benefits-in-2016/]read this[/url].]

The average cost per user of a data breach is now $240 … think of businesses looking at that cost and saying “What if I can find a way to not hold that data, but the value of that data?” When we do that, our concept of privacy will be different. Our concept so far is that we should give people control over copies of data. In the future, we will not worry about copies of data, but using data. The paradigm of required use will develop once we have really simple ways to hold data. If I were king, I would say it’s too early. Let’s muddle through the next few years. The costs are costly, but the current model of privacy will not make sense going forward.

If I ping a service, and it tells me someone is over 18, I don’t need to hold that fact. … The level of security I have to apply … [is not] the same [that] would be required if I was holding all of this data on my servers. This will radically change the burden of security that people will have.

I think the market will move strongly in that direction. Let the bank keep the money you have. You hold it once in awhile when you want to use it. That is the analogy here.

… I don’t hold data on how old you are, but I could of course capture that data once I ping the server. Then the law needs to control the actual uses of the data, make it possible for systems to insist on single-use purposes.

That … is what the future of privacy regulation looks like. I think the future will be one where I will be able to block (certain) data on a driver from being passed through to an insurance company.

You do see clear judgments about how certain kinds of DNA testing data is allowed to be used. Same thing with HIV testing. That is becoming the general form of privacy regulation, but only once we have a different infrastructure for accessing and using data. The endgame is one instance, it seems to me.

The Snowden revelations triggered a lot of conversation about what the limits of mass government surveillance ought to be. Do you think that any further tightening of those limits is likely, or in order?

I don’t see the political will to really do anything about that. The Snowden revelations advanced hope that there would be this really excited response that would get government to impose really strict regulations. There was some posturing made, and it seemed like we were heading in that direction, but I don’t think we are going there. The NSA won’t be free to do everything, but especially now, we are not going to back away from the war on terror, no matter how idiotic this way of conducting this war is.

Now that the Safe Harbor agreement governing the exchange of data between the U.S. and Europe has been struck down by European courts, do you foresee a sustained push to rein in U.S. Internet businesses in Europe?

I am skeptical. They are going to make it seem that they are protecting privacy, but when push comes to shove, if certain services are not available to you because of privacy restrictions, you back out of restrictions. This is where I think new architecture is going to be so important.

Where I can protect privacy at very low cost, people will want to protect privacy. In the broadest sense, people want to do stuff with the Internet. If privacy weakens their ability to do stuff, people opt out of privacy protection.

When regulators think about regulating the Internet, they can regulate in the old-fashioned way, or in a way that is more aware of or responsive to the architecture or the tech infrastructure. With Safe Harbor, I think we will see how regulators think about how regulations are integrated into software code, think about code as law, not just what rules are uttered.

It is really a generational effect. People in law school learned this way of thinking 10 years ago, and they are coming into their place in the regulatory space

Do you think that the concept of Net Neutrality, which advanced during the Obama administration, will survive coming challenges?

The thing that people will resist … the slogan says regulation should be more technology neutral. I am not sure I ever heard a more idiotic statement in my life. There is no neutrality here, just different modes …

My book, the “Future of Ideas, 2001,” … lays out the basic structure of thinking about what became known as network neutrality. I think regulation should focus on the business model, and not technology.

I don’t think the law should say here is what services can do and not do, because the technology is so (fast-changing) the law could never catch up. But that (we want) to avoid are certain kinds of business models, a prison of bits, where services leverage control over access to content and profit from that control over content. You could achieve that by regulating the kinds of contracts these businesses engage in … you avoid these tying arrangements. What the Internet companies ought to think about is what is the cheapest, fastest way to provide Internet service, not is there a way I can get 10% of the latest HBO hit.

The platform of today is not the operating system. It is data. Data providers don’t necessarily have to be broken up, but you have got to understand the market’s externalities.

You have said that the ability to address any sort of policy challenge will be hampered until Congress is reformed. If you couldn’t sustain a campaign on that issue, what is the prospect for reform?

The Congressional issue …. doesn’t play a prominent role. It should play a bigger role. Trump triggered lots of potential on this when he said he owned everybody. It made the issue cross-partisan. Before, it seemed a partisan issue. I thought that was a real opportunity. People don’t need to be told that money corrupts the system. They get it. Tell them how it could be solved. It could be solved tomorrow without making a constitutional amendment.

The problem in our government is not a corrupt president. It is a corrupted Congress. (Until) Congress is making decisions without worrying about the money, it doesn’t matter who the president is. …

Small dollar (campaign) funding of elections improves the (Congressional political process) overnight. It’s the thing we could do tomorrow.

It would be an enormous improvement. …

That is the essential thing for me. I am waiting and watching.
http://blogs.wsj.com/cio/2015/12/30/...SJD_NeedToKnow





The Crypto Warrior

Matt Blaze understands why politicians want a ‘back door’ into your devices—and why it will never work.
David Perera

In the constant battle to keep information secure, consumers have a powerful weapon on their side: strong encryption, which locks their data into unbreakably coded form, allowing people to transfer account information, personal data and messages without fear of being hacked. It also lets them store it safely—for example, on smartphones, which are effectively becoming wallets for our most sensitive information and thoughts.

But it’s not just law-abiding citizens who take advantage of newly ubiquitous encryption. It’s also criminals, who need to communicate without being overheard. Government agencies call it the “going dark” problem: An encrypted message essentially vanishes from their view. Law enforcement wants a federally mandated “back door,” a way to lawfully break encryption and read messages.

There lies one of the biggest emerging conflicts in the cyber realm. The shorthand is the “Crypto Wars,” and it drives much of the debate over cybersecurity policy. Should tech companies and the public be encouraged to encode their information as securely as possible to guard against theft? Or should the government be given tools to snoop, even if it severely weakens the protections of encryption?

By early this fall the most recent round of the encryption debate appeared to settle in favor of consumers and technologists: The White House announced it wouldn’t back any legislative proposal forcing companies to backdoor encryption. Officials also said the government wouldn’t pressure the tech industry to insert back doors into their products.

Then came the Nov. 13 Paris attacks, which reignited the debate. Though it’s not clear that the plotters used encryption to hide their tracks, it highlighted the potential risks. “[T]echnology exists today that allows terrorists and criminals to communicate in the shadows, using encryption that makes it impossible for law enforcement or national security authorities to do everything they can to protect Americans,” Sen. Chuck Grassley (R-Iowa) asserted in the days afterward.

For perspective, POLITICO turned to computer scientist Matt Blaze, a computer science professor at the University of Pennsylvania who—back in the early 1990s, when telephone encryption was the technology of the moment—discovered a serious programming flaw in the backdoor system that was supposed to let the National Security Agency listen in on Americans’ phone calls. His discovery effectively ended the program.

Since then Blaze has emerged as a leading researcher of cryptography and an important voice on encryption policy, and has come to believe that the entire debate misses something crucial: that today it’s impossible to build a back door that doesn’t also let in malicious hackers, so ultimately it’s time for law enforcement to broaden its perspective on encryption.

David Perera: Why has encryption become so central in the cybersecurity debate?

Matt Blaze: The first thing we need to talk about is that the security of computers and the Internet is a horrible and dangerous mess. Every week we hear about breaches of databases of Social Security numbers and financial information and health records, and about critical infrastructure being insecure.

In the early 1990s, Matt Blaze discovered a serious programming flaw in the backdoor system that was supposed to let the National Security Agency listen in on Americans' phone calls. His discovery effectively ended the program.

Maybe I should be more reluctant to admit this than I am, but computer science doesn't know how to build complex systems that work reliably. This has been a well-understood problem since the very beginning of programmable computers. As we build systems that are more and more complex, we make more and more subtle but very high-impact mistakes. As we use computers for more things and as we build more complex systems, this problem of unreliability and insecurity is actually getting worse, with no real sign of abating anytime soon.

We basically have only two real tried and true techniques that can help counter this. One of them is to make systems as simple as we can, and there are limits to that because we can only simplify things so much.

The other is the use of encryption. What encryption lets us do is say, "Yes, the Internet is insecure." Bad guys are able to compromise computers everywhere, but we're able to tolerate that because if they do intercept our messages, they can't do any harm with it.

DP: Is this just computers?

MB: Telephone handsets are particularly in need of built-in security. We have almost every aspect of our personal and work lives reflected on them and we lose them all the time. We leave them in taxis. We leave them on airplanes. The consequences of one of these devices falling into the wrong hands are very, very serious.

DP: How is it any less secure for individuals if Apple or Google hold onto a copy of the decrypting key, and when law enforcement serves a warrant, they decrypt the data?

MB: It's not quite that simple. In order for any smartphone manufacturer to decrypt the data on your phone, it has to hold onto a secret that lets it get that access. And that secret or that database of secrets becomes an extremely valuable and useful target for intelligence agencies.

So just as the local police department might want to decrypt a phone of a criminal suspect, so would the Chinese or the Russian or the Iranian intelligence agencies like to be able to do exactly the same thing.

If it were possible to hold onto this sort of database and really be assured that only good guys get access to it, we might have a different discussion than we're having. Unfortunately, we don't know how to build systems that work that way. We don't know how to do this without creating a big target and a big vulnerability.

DP: There are federal officials who say they believe a technological solution can be found—something that keeps our devices secure while allowing law enforcement to get access when they need it. You're saying there's absolutely none?

MB: I appreciate their faith in my field, but I don't share it. The people working in my field also are quite skeptical of our ability to do this. It ultimately boils down to the problem of building complex systems that are reliable and that work, and that problem has long predated the problem of access to encryption keys.

DP: If the encryption discussion is that straightforward, why is this still an issue?

MB: From a policymaker's point of view, [the back door] must look like a perfect solution. "We'll hold onto a separate copy of the keys, and we'll try to keep them really, really safe so that only in an emergency and if it's authorized by a court will we bring out those keys and use them." And, from a policy point of view, when you describe it that way, who could be against that?

It's only after you get down into the technical weeds—and they are admittedly rather weedy —that it becomes clear that this is much harder than it seems and not something we're going to be able to solve.

DP: Why does law enforcement—the FBI, U.S. attorneys, the New York County D.A.'s office—why do they care about this?

MB: It may be true that encryption makes certain investigations of crime more difficult. It can close down certain investigative techniques or make it harder to get access to certain kinds of electronic evidence.

But it also prevents crime by making our computers, our infrastructure, our medical records, our financial records, more robust against criminals. It prevents crime. On balance, the use of encryption, just like the use of good locks on doors, has the net effect of preventing a lot more crime than it might assist.

The perspective that law enforcement is presenting seems to be a very narrow one that's focused very, very heavily on investigations of past crimes rather than on preventing future crimes. It's very important for policymakers to take that broader view because they're the ones who are trusted to look at the big picture.

DP: Is there anything about the “going dark” debate you think is dissimulation?

MB: There's been a certain amount of opportunism in the wake of the Paris attacks, when there was almost a reflexive assumption that, "Oh, if only we didn't have strong encryption out there, these attacks could have been prevented." But, as more evidence has come out— and we don't know all the facts yet—we're seeing very little to support the idea that the Paris attackers were making any kind of use of encryption.

DP: This is not your first rodeo on this subject.

MB: No. And I fear it might not be my last.

DP: Can you describe what you did in the early '90s with the Clipper Chip?

MB: So, in 1993, in what was probably the first salvo of the first Crypto War, there was concern coming from the National Security Agency and the FBI that encryption would soon be incorporated into lots of communications devices, and that that would cause wiretaps to go dark. There was not that much commercial use of encryption at that point. Encryption, particularly for communications traffic, was mostly something done by the government.

AT&T, which was ironically my employer at the time, had just introduced a product in 1992 called the TSD 3600. It was a fairly clunky and very expensive telephone encryption device that you could buy and plug in between your telephone handset and the base of your phone. You could push a little button and it would digitize and encrypt your conversation. In fact, it was very similar to a device that was used by the Defense Department called STU III for classified calls.

It was very expensive. I think they were something like $1,400 each, and you'd have to buy at least two of them for them to be useful. It had a fairly limited market, but I think, perhaps reasonably, the government understood that if this was successful, things like it would get smaller and cheaper.

So AT&T released this product, and the government kind of panicked. They very quickly got the National Security Agency to design a replacement called the "Clipper Chip," for the encryption chip built into the device. What the Clipper Chip would do was perform very similar encryption to the original product but also send a copy of the key to the government. They persuaded AT&T to recall the phones that they had already sold and replace their product with one that incorporated the Clipper Chip in it.

This was pretty controversial. It was framed as a privacy versus national security debate, but I think for reasons that we've talked about, that wasn’t a complete framing of the issue.

I had just started working at Bell Labs at the time, and I got a hold of some Clipper Chip devices, and I decided to try to understand how they work. I did a little bit of reverse engineering of the protocols it used and the interfaces on the chip, and I discovered that some of the obvious things that a person might do to try to prevent the government key from being transmitted.

DP: You found a way to defeat the Clipper Chip.

MB: Clipper took a relatively simple problem, encryption between two phones, and turned it into a much more complex problem, encryption between two phones but that can be decrypted by the government under certain conditions and, by making the problem that complicated, that made it very easy for subtle flaws to slip by unnoticed. I think it demonstrated that this problem is not just a tough public policy problem, but it's also a tough technical problem.

DP: Any predictions? Does this debate ever end?

MB: Well, I think it's interesting because the 1990s ended with the government pretty much giving up. There was a recognition that encryption was important. In 2000, the government considerably loosened the export controls on encryption technology and really went about actively encouraging the use of encryption rather than discouraging it.

When the September 11th attacks happened, only about a year later, the crypto community was holding its breath because here was a time when we just had an absolutely horrific terrorist attack on U.S. soil, and if the NSA and the FBI were unhappy with anything, Congress was ready to pass any law they wanted. The PATRIOT Act got pushed through very, very quickly with bipartisan support and very, very little debate, yet it didn't include anything about encryption. That’s an encouraging sign because, ultimately, cooler heads prevailed, and there was a recognition that this technology is really critical for national security and for the U.S. economy.

If we try to prohibit encryption or discourage it or make it more difficult to use, we're going to suffer the consequences that will be far reaching and very difficult to reverse, and we seem to have realized that in the wake of the September 11th attacks. To the extent there is any reason to be hopeful, perhaps that's where we'll end up here.
http://www.politico.com/agenda/story...ryption-000334





Yahoo to Notify Users if Government is Trying to Get into their Account

Yahoo has followed the footsteps of Facebook and Twitter and has announced they will also alert its users regarding state-sponsored attacks — So if any user is found to have been targeted by state-sponsored hackers they will receive an alert from Yahoo.

Though, the company did not disclose how it will be identifying state-sponsored attacks but users should gear up for these alerts as official blog post from Yahoo stated:

“We’re committed to protecting the security and safety of our users and we strive to detect and prevent unauthorized access to user accounts by third parties. As (a) part of this effort, Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored hacker”.

If you receive such alerts, Yahoo recommends employing two-step verification to your account.

Furthermore, the company suggested users to employ strong password for their account and also monitor sign-in notifications vigilantly because even if the hackers squeeze through they can be denied from new sign-in notifications.

But, notifications about state-sponsored attack won’t mean a user’s account is compromised, in a disclaimer Yahoo stated:

“Rather, we strongly suspect that you may have been a target of an attack, and want to encourage you to take steps to secure your online presence,” the company stated.

Lastly, any account compromise doesn’t mean hack of Yahoo’s internal system.

“So how do we know if an attack is state-sponsored? In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks,” according to Yahoo’s blog post.

Digitalmunition recommends users to go for a strong and unique password for each account you are using online. Don’t forget to change your password on a monthly basis.
http://www.digitalmunition.me/2015/1...their-account/





U.S. Says its Internet Speeds Triple in Three-and-a-Half Years
David Shepardson

U.S. Internet connection speeds have tripled over 3-1/2 years to keep up with consumer demands for streaming video and downloading content but the United States still lags many other countries.

The Federal Communications Commission (FCC) said in a report on Wednesday average download connection speeds had increased to nearly 31 megabits per second (Mbps) in September 2014 from about 10 Mbps in March 2011.

Rising Internet speeds have been driven by consumer demands for growing amounts of bandwidth to watch movies, play video games and download data.

The industry is ramping up efforts to boost speeds. Google Inc is offering up to 1,000 Mbps in nine cities, while AT&T is offering the same speed in 20 cities and plans to add 36 metro areas next year.

Comcast Corp said last week it is testing its own 1,000 Mbps service in Philadelphia and by the end of 2016 will offer the service in some other areas.

The FCC says video accounts for more than 60 percent of U.S. Internet traffic, a figure that may rise to 80 percent by 2019.

Still, the United States only ranks 25 out of 39 nations in 2013, according to the FCC. It said the United States was behind many countries including France, Canada, Germany and Japan -- but ahead of Brazil, Chile, Mexico, and Israel. The fastest was Luxembourg with average download speeds of 47.32 Mbps.

The report said that among major providers, Cablevision Systems Corp. led with average download speeds of 60 Mbps, followed by Verizon Communications Inc and Charter Communications Inc each with around 50 Mbps. Cox Communications Inc followed at 40 Mbps, while Comcast was about 35 Mbps.

In January, the FCC redefined benchmark broadband speeds to 25 Mbps for downloads, up from the 4 Mbps set in 2010.

"Advances in network technology are yielding significant improvements in broadband speeds and quality," FCC Chairman Tom Wheeler said in a statement. "Faster, better broadband will unleash new innovations and new services to improve the lives of the American people."

The report, Wheeler said, holds Internet providers "accountable."

Among U.S. states, New Jersey had the fastest average Internet download speeds at 57 Mbps, while Idaho had the lowest at about 14 Mbps, just above Ohio and Arkansas.

The FCC measures Internet performance with monitoring boxes in more than 5,000 volunteer homes. The FCC says download speeds are now much closer to advertised than in 2011.

(Reporting by David Shepardson; Editing by Sandra Maler)
http://uk.reuters.com/article/us-int...0UD19820151230





After a Decade of Waiting for Verizon, Town Builds Itself Gigabit Fiber for $75 Per Month
Karl Bode

Like many broadband black holes, Western Massachusetts has spent years asking regional duopolies for broadband. Towns like Leverett, Mass. literally took to hanging signs around town begging Verizon to install even the slowest DSL. Of course Verizon not only refused to install Western Massachusetts, they froze deployment of effectively all FiOS fiber upgrades, leaving a large number of towns and cities (including Boston, Baltimore, Alexandria, Buffalo) without next-gen broadband -- or in some cases broadband at all.

But, unlike many areas, Western Massachusetts decided to do something about it. In 2012 Leverett voters approved borrowing $3.6 million -- or roughly $1,900 per resident -- to deliver fiber to 800 premises. The initiative would be part of the Massachusetts Broadband Institute's MassBroadband 123 "middle mile" network, a stimulus-funded project that spent the last few years running 1,200 miles of fiber-optic network connecting 123 communties. That project feeds the town of Leverett's new, community owned ISP LeverettNet, giving a town that once didn't have DSL gigabit speeds for $75 a month:

"LeverettNet currently charges $24.95 per month for an internet-only, 1 gigabit per second connection. There’s also a $49.95 monthly cost to cover the maintenance for the Leverett Municipal Light Plant (LMLP), the governmental entity that builds and operates the town’s fiber infrastructure, bringing the cost to about $75 for internet-only subscribers, a cut above Google Fiber’s $70 monthly price for its 1 gigabit service.

However, the Leverett Broadband Committee notes that the LMLP maintenance costs are divided between the number of subscribers, and could be lowered as more households subscribe, meaning it could one day reach a price that’s equal to or less than Google Fiber."
And while most incumbent ISPs are abusing the lack of competition to raise rates in January, Leverettnet (alongside Crocker Communications, which helps run the ISP business itself) has announced it's dropping the cost of broadband and phone services starting next month. Uptake rate has been phenomenal, with eighty-one percent of households signing up for service. And what's more, despite all of the hand-wringing on some fronts (read: AT&T, Verizon, Comcast) about community broadband being an irresponsible fiscal nightmare, locals will actually see lower taxes than expected:

"The median residence will also see a lower-than-anticipated impact on property taxes, with $219 per year for the financing bond to build the network, much lower than the original estimate of close to $300 per year. The light plant, along with Holyoke Gas and Electric, which provides network operation and maintenance, and Crocker Communications of Greenfield, providing the high-speed Internet and phone service, collaborated to review the finances and usage and determined that the adjustments could be made."

Granted in twenty states, your town or city wouldn't be able to do this, since incumbent providers have quite literally paid state legislatures to write laws banning this kind of effort, even if incumbent ISPs have refused to service the area. This is also the sort of thing Presidential candidates like Marco Rubio hope to put an end to, without offering an alternative solution for broadband coverage gaps. But as Leverettnet shows, there's an obvious role for private/public partnerships in shoring up broadband coverage gaps -- especially in areas incumbent providers couldn't care less about.
https://www.techdirt.com/articles/20...er-month.shtml





Google is Getting Serious About its Plan to Wire the US with Superfast Internet
Matt Rosoff

Google is making some big moves involving Google Fiber, its plan to bring fast fiber-optic internet connections to the US.

Most recently, the company hired Gabriel Stricker into a new role running policy and communications for the group.

Google Fiber, led by former Qualcomm executive Dennis Kish, launched in 2010 in Kansas City, Kansas, and has since expanded to a handful of other small cities, including Austin, Nashville, and Salt Lake City. But earlier this month, Google announced plans to expand to LA and Chicago — the second- and third-largest US cities, respectively.

Google Fiber is technically no longer part of Google but was spun off into a separate company within Alphabet, the new larger holding company that includes Google's core online, advertising, and Android businesses — still called Google — plus newer "moonshot" projects like self-driving cars.

The fact that Alphabet sees the need for a dedicated policy and communications person suggests that it's turning Fiber from an experiment — and a way to spur internet providers to offer faster access — into a serious business.

Google's capital expenditures increased dramatically between 2013 and 2014 — they've since leveled off — and while new Alphabet CFO Ruth Porat said that most of its capex was spent on the core Google businesses, she also said that capex will increase further as the company begins to expand into new areas: "In particular in Access and Energy, which contains our Fiber business among other efforts."

In fact, it's possible that part of the reason for the new Alphabet structure was to explain this rising capex as an investment in a new business rather than a simple expansion of its data centers.

Google and Comcast also hold different positions on policies like net neutrality.

Google, as one of the biggest web-content providers, has a natural business desire for all internet traffic to be treated the same way, and not to allow service providers to charge extra money to make certain content flow faster.

Comcast has said that it basically agrees with the current policy, but has held firm against changes to the law that would force Comcast and other internet providers to be regulated like telephone carriers.

Stricker was one of the leaders of Google's communications group back in its fast-growth days, and Nicholas Carlson's "Marissa Mayer and the Fight to Save Yahoo" credited Stricker with helping Google shine the spotlight on Mayer back when they were both at the company.

Stricker left Google in 2012 to head up Twitter's communications policy, but left earlier this year when cofounder Jack Dorsey reclaimed the CEO reins.

Below is Stricker's tweet announcing the news. He had no further comment.

Gabriel Stricker
‎@gabrielstricker

Thrilled: starting 1/4/16 I'll be leading Policy & Comms for @googlefiber in its quest to make the Web better and faster for all.
#alphabet
3:12 PM - 29 Dec 2015

http://www.techinsider.io/google-fib...olicy-2015-12?





Iran's Blogfather: Facebook, Instagram and Twitter are Killing the Web

Hossein Derakhshan was imprisoned by the regime for his blogging. On his release, he found the internet stripped of its power to change the world and instead serving up a stream of pointless social trivia

Late in 2014, I was abruptly pardoned and freed from Evin prison in northern Tehran. In November 2008, I had been sentenced to nearly 20 years in jail, mostly over my web activities, and thought I would end up spending most of my life in those cells. So the moment, when it came, was unexpected. I was sharing a cup of tea when the voice of the floor announcer – another prisoner – filled all the rooms and corridors: “Dear fellow inmates, the bird of luck has once again sat on one fellow inmate’s shoulders. Mr Hossein Derakhshan, as of this moment, you are free.”

Outside, everything felt new: the chill autumn breeze, the traffic noise from a nearby bridge, the smell, the colours of the city I had lived in most of my life. Around me, I noticed a very different Tehran from the one I had been used to. An influx of new, shamelessly luxurious condos had replaced the charming little houses I was familiar with. New roads, new highways, hordes of invasive SUVs. Large billboards with advertisements for Swiss-made watches and Korean TVs. Women in colourful scarves and manteaus, men with dyed hair and beards, and hundreds of charming cafes with hip western music and female staff. They were the kind of changes that creep up on people; the kind you only really notice once normal life gets taken away from you.

Two weeks later, I began writing again. Some friends agreed to let me start a blog as part of their arts magazine. I called it Ketabkhan – it means book-reader in Persian.

Six years was a long time to be in jail, but it is an entire era online. Writing on the internet had not changed, but reading – or, at least, getting things read – had altered dramatically. I’d been told how essential social networks had become, so I tried to post a link to one of my stories on Facebook. It turned out Facebook didn’t care much. It ended up looking like a boring classified ad. No description. No image. Nothing. It got three likes. Three! That was it.

It became clear to me, right there, that things had changed. I was not equipped to play on this new turf — all my investment and effort had burned up. I was devastated.

Blogs were gold and bloggers were rock stars back in 2008 when I was arrested. At that point, and despite the fact the state was blocking access to my blog from inside Iran, I had an audience of around 20,000 people every day. People used to carefully read my posts and leave lots of relevant comments, even those who hated my guts. I could empower or embarrass anyone I wanted. I felt like a monarch.

The iPhone was a little over a year old, but smartphones were still mostly used to make phone calls and send short messages, handle emails, and surf the web. There were no real apps, certainly not how we think of them today. There was no Instagram, no SnapChat, WhatsApp. Instead, there was the web, and on the web, there were blogs: the best place to find alternative thoughts, news and analysis. They were my life.

It had all started with 9/11. I was in Toronto, and my father had just arrived from Tehran for a visit. We were having breakfast when the second plane hit the World Trade Center. I was puzzled and confused and, looking for insights and explanations, I came across blogs. Once I read a few, I thought: this is it, I should start one, and encourage all Iranians to start blogging as well. So, using Notepad on Windows, I started experimenting. Soon I was writing on hoder.com, using Blogger’s publishing platform before Google bought it.

Then, on 5 November 2001, I published a step-by-step guide on how to start a blog. That sparked something that was later called a blogging revolution: soon, hundreds and thousands of Iranians made it one of the top five nations by the number of blogs. I used to keep a list of all blogs in Persian and, for a while, I was the first person any new blogger in Iran would contact, so they could get on the list. That’s why they called me “the blogfather” in my mid-20s – it was a silly nickname, but at least it hinted at how much I cared.

The Iranian blogosphere was a diverse crowd – from exiled authors and journalists, female diarists, and technology experts, to local journalists, politicians, clerics, and war veterans . But you can never have too much diversity. I encouraged conservatives inside Iran to join and share their thoughts. I had left the country in late 2000 to experience living in the west, and was scared that I was missing all the rapidly emerging trends at home. But reading Iranian blogs in Toronto was the closest experience I could have to sitting in a shared taxi in Tehran and listening to collective conversations between the talkative driver and random passengers.

There’s a story in the Qur’an that I thought about a lot during my first eight months in solitary confinement. In it, a group of persecuted Christians find refuge in a cave. They, and a dog they have with them, fall into a deep sleep and wake up under the impression that they have taken a nap: in fact, it’s 300 years later. One version of the story tells of how one of them goes out to buy food – and I can only imagine how hungry they must have been after 300 years – and discovers that his money is obsolete now, a museum item. That’s when he realises how long they have been absent.

The hyperlink was my currency six years ago. It represented the open, interconnected spirit of the world wide web – a vision that started with its inventor, Tim Berners-Lee. The hyperlink was a way to abandon centralisation – all the links, lines and hierarchies – and replace them with something more distributed, a system of nodes and networks. Since I got out of jail, though, I’ve realised how much the hyperlink has been devalued, almost made obsolete.

Nearly every social network now treats a link as just the same as it treats any other object – the same as a photo, or a piece of text. You’re encouraged to post one single hyperlink and expose it to a quasi-democratic process of liking and plussing and hearting. But links are not objects, they are relations between objects. This objectivisation has stripped hyperlinks of their immense powers.

At the same time, these social networks tend to treat native text and pictures – things that are directly posted to them – with a lot more respect. One photographer friend explained to me how the images he uploads directly to Facebook receive many more likes than when he uploads them elsewhere and shares the link on Facebook.

Some networks, like Twitter, treat hyperlinks a little better. Others are far more paranoid. Instagram – owned by Facebook – doesn’t allow its audiences to leave whatsoever. You can put up a web address alongside your photos, but it won’t go anywhere. Lots of people start their daily online routine in these cul-de-sacs of social media, and their journeys end there. Many don’t even realise they are using the internet’s infrastructure when they like an Instagram photograph or leave a comment on a friend’s Facebook video. It’s just an app.

But hyperlinks aren’t just the skeleton of the web: they are its eyes, a path to its soul. And a blind webpage, one without hyperlinks, can’t look or gaze at another webpage – and this has serious consequences for the dynamics of power on the web.

More or less all theorists have thought of gaze in relation to power, and mostly in a negative sense: the gazer strips the gazed and turns her into a powerless object, devoid of intelligence or agency. But in the world of webpages, gaze functions differently: it is more empowering. When a powerful website – say Google or Facebook – gazes at, or links to, another webpage, it doesn’t just connect it , it brings it into existence; gives it life. Without this empowering gaze, your web page doesn’t breathe. No matter how many links you have placed in a webpage, unless somebody is looking at it, it is actually both dead and blind, and therefore incapable of transferring power to any outside web page.

Apps like Instagram are blind, or almost blind. Their gaze goes inwards, reluctant to transfer any of their vast powers to others, leading them into quiet deaths. The consequence is that web pages outside social media are dying.

Even before I went to jail, though, the power of hyperlinks was being curbed. Its biggest enemy was a philosophy that combined two of the most dominant, and most overrated, values of our times: newness and popularity. (Isn’t this embodied these days by the real-world dominance of young celebrities?) That philosophy is the stream. The stream now dominates the way people receive information on the web. Fewer users are directly checking dedicated webpages, instead getting fed by a never-ending flow of information that’s picked for them by complex and secretive algorithms.

The stream means you don’t need to open so many websites any more. You don’t need numerous tabs. You don’t even need a web browser. You open the Facebook app on your smartphone and dive in. The mountain has come to you. Algorithms have picked everything for you. According to what you or your friends have read or seen before, they predict what you might like to see. It feels great not to waste time in finding interesting things on so many websites. But what are we exchanging for efficiency?

In many apps, the votes we cast – the likes, the plusses, the stars, the hearts – are actually more related to cute avatars and celebrity status than to the substance of what’s posted. A most brilliant paragraph by some ordinary-looking person can be left outside the stream, while the silly ramblings of a celebrity gain instant internet presence. And not only do the algorithms behind the stream equate newness and popularity with importance, they also tend to show us more of what we have already liked. These services carefully scan our behaviour and delicately tailor our news feeds with posts, pictures and videos that they think we would most likely want to see.

Popularity is not wrong in and of itself, but it has its own perils. In a free-market economy, low-quality goods with the wrong prices are doomed to failure. Nobody gets upset when a quiet Hackney cafe with bad lattes and rude servers goes out of business. But political or religious opinions are not the same as material goods or services. They won’t disappear if they are unpopular or even wrong. In fact, history has proven that most big ideas (and many bad ones) have been quite unpopular for a long time, and their marginal status has only strengthened them. Minority views are radicalised when they can’t be heard or engaged with. That’s how Isis is recruiting and growing. The stream suppresses other types of unconventional ideas too, with its reliance on our habits.

Today the stream is digital media’s dominant form of organising information. It’s in every social network and mobile application. Since I gained my freedom, everywhere I turn I see the stream. I guess it won’t be too long before we see news websites organise their entire content based on the same principles. The prominence of the stream today doesn’t just make vast chunks of the internet biased against quality – it also means a deep betrayal to the diversity that the world wide web had originally envisioned.

The centralisation of information also worries me because it makes it easier for things to disappear. After my arrest, my hosting service closed my account, because I wasn’t able to pay its monthly fee. But at least I had a backup of all my posts in a database on my own web server. But what if my account on Facebook or Twitter is shut down for any reason? Those services themselves may not die any time soon, but it is not too difficult to imagine a day when many American services shut down the accounts of anyone from Iran, as a result of the current regime of sanctions. If that happened, I might be able to download my posts in some of them, and let’s assume the backup can be easily imported into another platform. But what about the unique web address for my social network profile? Would I be able to claim it back later, after somebody else has possessed it?

But the scariest outcome of the centralisation of information in the age of social networks is something else: it is making us all much less powerful in relation to governments and corporations. Surveillance is increasingly imposed on civilised lives, and it gets worse as time goes by. The only way to stay outside of this vast apparatus of surveillance might be to go into a cave and sleep, even if you can’t make it 300 years.

Ironically enough, states that cooperate with Facebook and Twitter know much more about their citizens than those, like Iran, where the state has a tight grip on the internet but does not have legal access to social media companies. What is more frightening than being merely watched, though, is being controlled. When Facebook can know us better than our parents with only 150 likes, and better than our spouses with 300 likes, the world appears quite predictable, both for governments and for businesses. And predictability means control.

Middle-class Iranians, like most people in the world, are obsessed with new trends. Since 2014 the hype is all about Instagram. There’s less and less text on social networks, and more and more video, more and more images, still or moving, to watch. Are we witnessing a decline of reading on the web in favour of watching and listening? The web started out by imitating books and for many years, it was heavily dominated by text, by hypertext. Search engines such as Google put huge value on these things, and entire companies – entire monopolies – were built off the back of them. But as the number of image scanners and digital photos and video cameras grows exponentially, this seems to be changing. Search tools are starting to add advanced image recognition algorithms; advertising money is flowing there.

The stream, mobile applications, and moving images all show a departure from a books-internet toward a television-internet. We seem to have gone from a non-linear mode of communication – nodes and networks and links – toward one that is linear, passive, programmed and inward-looking.

When I log on to Facebook, my personal television starts. All I need to do is to scroll: New profile pictures by friends, short bits of opinion on current affairs, links to new stories with short captions, advertising, and of course self-playing videos. I occasionally click on the like or share button, read peoples’ comments or leave one, or open an article. But I remain inside Facebook, and it continues to broadcast what I might like. This is not the web I knew when I went to jail. This is not the future of the web. This future is television.

Soon the internet will be a collection of mobile apps rather than of websites. And the money these apps generate will be out of monthly subscription, instead of advertising – something like cable television with its various theme-based packages, and its primetime. (Already if you want to post anything to a social network, you have to do it early morning or late night, when most people are using the app.)

Sometimes I think maybe I’m becoming too strict as I age. Maybe this is all a natural evolution of a technology. But I can’t close my eyes to what’s happening: a loss of intellectual power and diversity. In the past, the web was powerful and serious enough to land me in jail. Today it feels like little more than entertainment. So much that even Iran doesn’t take some – Instagram, for instance – serious enough to block.

I miss when people took time to be exposed to opinions other than their own, and bothered to read more than a paragraph or 140 characters. I miss the days when I could write something on my own blog, publish on my own domain, without taking an equal time to promote it on numerous social networks; when nobody cared about likes and reshares, and best time to post.

That’s the web I remember before jail. That’s the web we have to save.
http://www.theguardian.com/technolog...illing-the-web





Hard Disk Drives with HAMR Technology Set to Arrive in 2018
Anton Shilov

While many client devices use solid-state storage technologies nowadays, hard disk drives (HDDs) are still used by hundreds of millions of people and across virtually all datacenters worldwide. Heat-assisted magnetic recording (HAMR) technology promises to increase capacities of HDDs significantly in the coming years. Unfortunately, mass production of actual hard drives featuring HAMR has been delayed for a number of times already and now it turns out that the first HAMR-based HDDs are due in 2018.

Storage Demands Are Increasing

Analysts from International Data Corp. and Western Digital Corp. estimate that data storage capacity shipped by the industry in 2020 will total approximately 2900 exabytes (1EB = 1 million TB), up from around 1000EB in 2015. Demand for storage will be driven by various factors, including Big Data, Internet-of-Things, user-generated content, enterprise storage, personal storage and so on. Samsung Electronics believes that the NAND flash industry will produce 253EB of flash memory in 2020, up from 84EB in 2015. Various types of solid-state storage will account for less than 10% of the storage market in terms of bytes shipped, whereas hard drives, tape and some other technologies will account for over 90%, if the estimates by IDC, Samsung and Western Digital are correct.

In a bid to meet demand for increased storage needs in the coming years, the industry will need to expand production of NAND flash memory as well as to increase capacities of hard disk drives. Modern HDDs based on perpendicular magnetic recording (PMR) and shingled magnetic recording (SMR) platters have areal density of around ~0.95 Terabit per square inch (Tb/in²) and can store up to 10TB of data (on seven 1.43TB platters). Technologies like two-dimensional magnetic recording (TDMR) can potentially increase areal density of HDD disks by 5 to 10 per cent, which is significant. Moreover, Showa Denko K.K. (SDK), the world’s largest independent maker of hard drive platters, has outlined plans to mass produce ninth-generation PMR HDD media with areal density of up to 1.3Tb/in² next year.

HAMR: The Key to Next-Gen HDDs

Companies like Seagate Technology and Western Digital believe that to hit areal densities beyond 1.5Tb/in², HAMR technology along with higher anisotropy media will be required because of supermagnetic limit (physical “pitches” on optical media become so tiny that it will not be possible to produce a powerful enough magnetic field in the HDD space to write data into them).

Certain principles of heat-assisted magnetic recording were patented back in 1954, even before IBM demonstrated the very first commercial hard disk drive. Heat-assisted magnetic recording technology briefly heats magnetic recording media with a special laser close to Curie point (the temperature at which ferromagnetic materials lose their permanent magnetic properties) to reduce its coercivity while writing data on it. HAMR HDDs will feature a new architecture, require new media, completely redesigned read/write heads with a laser as well as a special near-field optical transducer (NFT) and a number of other components not used or mass produced today.

According to Seagate, its HAMR heads heat media to approximately 450°C using a laser with 810nm wavelength and 20mW power. The company does not disclose any details about its HAMR recording heads because they are the most crucial part of the next-generation hard drives. HDD makers, independent producers of recording heads, universities and various other parties have researched HAMR heads for years. NFT is a very important components of any HAMR head. It has to deliver the right amount of energy into a spot diameter of 30nm or smaller. NFT also has to be durable and reliable, which is something that many researchers are working on.

This month Showa Denko disclosed its roadmap for next-generation hard drive media. While such plans tend to change as products get closer to mass production, at present SDK expects its first 2.5” platters for HAMR drives to feature 1.2TB – 1.5TB capacity (areal density of 1.5Tb/in² – 1.95Tb/in²). By the end of the decade, capacity of 2.5” disks for HDDs is projected to increase to 2TB. Showa Denko’s forecasts clearly show the benefits of HAMR technology and its potential.

In Development for Years

Manufacturers of hard disk drives, heads and HDD media have been working on technologies to enable HAMR-based HDDs for well over ten years now, as soon as they realized that at some point HAMR technology would be required to build hard drives with higher capacities.

Starting from mid-2000s, various manufacturers of HDDs have demonstrated prototype HDDs that used HAMR technology for a number of times. For example, Western Digital showcased a 2.5” hard drive that used HAMR tech back in late 2013. In mid-2015, Seagate displayed a NAS powered by multiple drives featuring heat-assisted magnetic recording.

Numerous demonstrations of HAMR-based HDDs in action prove that the technology actually works. Over the years, producers of hard drives, platters and recording heads have revealed various possible timeframes for commercial availability of drives with HAMR technology. Their predictions were not accurate. At present, there are still reliability issues with the technology, according to Seagate. In the recent months both Seagate and Showa Denko indicated that HAMR drives would be delayed again.

Still Not Ready for Commercial Products

Seagate plans to ship prototypes of its HAMR-based drives to select customers in late 2016 or early 2017. The drives will be intended mostly for test purposes. They will help Seagate and the company's clients to understand how reliable the HAMR-powered HDDs are in actual datacenters, whether they are compatible with existing infrastructure and how fast they are in real-world applications. Evaluation will take a long time and chances that Seagate starts volume shipments of hard disk drives with HAMR technology in 2017 are low.

Last week Showa Denko also said that its platters for hard disk drives that use heat-assisted magnetic recording technology would be delayed to 2018.

“As for new generation technologies, HAMR or TAMR, the start of mass production will be [slightly] delayed to 2018,” said Hideo Ichikawa, president of Showa Denko. The official mid-term business plan of the company reads that the new-generation media "will be launched in or after 2018".

While it is evident that HAMR-powered hard drives are not ready for prime time, producers of HDDs do not reveal the nature of the issues. Seagate indicated earlier this year that HAMR-based drives were not stable enough, but did not elaborate.
Higher-Capacity HDDs Are Incoming

Even though HAMR seems to be at least two years away, hard drive makers will continue to increase capacities of their flagship drives going forward.

SDK promises to start volume production of its ninth-generation perpendicular magnetic recording platters next year. So far, the company has announced that the ninth-gen PMR disks for 2.5” HDDs will feature 1TB capacity. Eventually the tech could be applied to 3.5” platters to increase their capacity up to around 2TB.

Earlier this year Seagate introduced its 2TB hard disk drive in 2.5” form-factor that is just 7mm thick. The drive is based on two 1TB platters, which feature leading-edge 1.3Tb/in² areal density. The same technology will inevitably be used for 3.5” HDDs, enabling Seagate to introduce enterprise-class hard drives with over 10TB capacity in the coming years.

Western Digital Corp. builds high-capacity platters in-house. While exact plans of the company are unclear, its HGST division has consistently offered the world’s highest-capacity hard drives for several years in a row now.

Overall, while HAMR faces another delay, leading producers of hard disk drives will be able to expand capacities of their HDDs using PMR and SMR platters in the coming years.
http://www.anandtech.com/show/9866/h...arrive-in-2018





At C.D.C., a Debate Behind Recommendations on Cellphone Risk
Danny Hakim

When the Centers for Disease Control and Prevention published new guidelines 18 months ago regarding the radiation risk from cellphones, it used unusually bold language on the topic for the American health agency: “We recommend caution in cellphone use.”

The agency’s website previously had said that any risks “likely are comparable to other lifestyle choices we make every day.”

Within weeks, though, the C.D.C. reversed course. It no longer recommended caution, and deleted a passage specifically addressing potential risks for children.

Mainstream scientific consensus holds that there is little to no evidence that cellphone signals raise the risk of brain cancer or other health problems; rather, behaviors like texting while driving are seen as the real health concerns. Nevertheless, more than 500 pages of internal records obtained by The New York Times, along with interviews with former agency officials, reveal a debate and some disagreement among scientists and health agencies about what guidance to give as the use of mobile devices skyrockets.

Although the initial C.D.C. changes, which were released in June 2014, had been three years in the making, officials quickly realized they had taken a step they were not prepared for. Health officials and advocates began asking if the new language represented a policy change. One state official raised the question of potential liabilities for allowing cellphones in schools.

C.D.C. officials began debating how to back away from their recommendation of caution, internal emails show. One official proposed saying instead that other countries — “specifically the United Kingdom and Canadian governments” — recommended caution. Others suggested pointing to determinations by agencies in Finland, Israel and Austria. Ultimately, though, no other country was mentioned.

Bernadette Burden, a C.D.C. spokeswoman, said in a statement that the original changes made in June 2014 stemmed from “a C.D.C.-wide effort to make health information for the public easier to understand” but led to confusion that the agency was making a new policy statement.

“To correct that misperception and to confirm that C.D.C. had not changed its policy or recommendations, C.D.C. posted a clarification statement,” she said, adding that the cellphone industry did not weigh in before changes were made.

Christopher J. Portier, former director of the National Center for Environmental Health, the C.D.C. division that made the changes, disagreed with the decision to pull back the revised version. “I would not have removed it,” he said in an interview. “I would have been in support of a recommendation that parents look carefully at whether their children need cellphones or not.”

Mr. Portier, who led the center when the revision process was initiated, said he believed parents should have been presented “with enough information to say caution isn’t ill advised, because we really don’t know, and there are enough indicators to say we should be cautious.”

Mr. Portier also served on the International Agency for Research of Cancer, a branch of the World Health Organization that in May 2011 called low-frequency radiation from cellphones and other devices a possible carcinogen, a designation that has also been used for coffee and pickled vegetables. He said the I.A.R.C. declaration led him to seek a review of the C.D.C. guidelines.

Mr. Portier’s view is not shared by many other experts. While sporadic claims about cellphones and cancer go back several decades, most American organizations echo the Federal Communications Commission, which says radio-frequency energy is not “effectively linked” with “any known health problems.”

Radiation released by nuclear bombs is obviously harmful. Known as ionizing radiation, it is powerful enough to remove electrons from atoms. By contrast, radio-frequency energy is a form of non-ionizing radiation given off by cellular and portable phones, Wi-Fi routers, baby monitors and countless other devices.

John D. Boice Jr., president of the National Council on Radiation Protection and Measurements, said his own research had found “no evidence for associations with brain tumors or any other cancers.”

The European Environment Agency, like some others in Europe, strikes a more cautious tone than American agencies. “Scientific opinion is split on the issue — many different studies have reached different conclusions based on the same evidence,” the European agency says. It advocates “a precautionary approach to policy making in this area.”

Regarding children, the European agency says, “There is sufficient evidence of risk to advise people, especially children, not to place the handset against their heads.”

Given the state of the research, the industry has rejected health concerns. When Berkeley, Calif., passed an ordinance last spring requiring retailers to warn customers that radiation emitted by cellphones could be hazardous, CTIA-The Wireless Association, an industry trade group, sued. It called the ordinance “scientifically baseless and alarmist,” adding that the federal government had determined that “cellphones approved for sale in the United States, however worn, are safe for everyone.” The lawsuit is pending.

The study cited most often is Interphone, a multination review published by the I.A.R.C. in 2010. CTIA, in a statement, noted that Interphone found “over all, no increase in risk.” But Interphone did find “some indications of an increased risk of glioma,” a type of brain tumor, among the heaviest 10 percent of cellphone users, though “the researchers concluded that biases and errors limit the strength of these conclusions and prevent a causal interpretation.”

Dr. Elisabeth Cardis, Interphone’s principal investigator, said in an interview, “I can’t say for sure there’s an effect, but I can’t say for sure there’s no effect.”

However, the usage rates studied were far lower than those seen now, she said. The median call time in the study was two to two and a half hours per month. A Nielsen study in 2014 found that Americans used smartphones more than 34 hours a month, on average, though more often for games or social media than for communications.

Dr. Cardis is now conducting a large government-funded study in Europe of the potential risks of cellphone use among children. Nevertheless, she uses a mobile phone herself, as do her children — though she said it was prudent to use headsets or speakerphone, or to text, instead of holding the device next to your ear.

“If there’s a risk, it’s likely to be greater for exposures at younger ages,” she said, “simply because the skull is thinner and the ears are thinner in children than in adults. Basically your phone is closer to your brain.”

The C.D.C.’s internal email traffic shows a lengthy revision process for the agency’s recommendations. After the announcement by the I.A.R.C. in 2011, one agency official wrote that there was “outdated information on our current website.” Some changes were made within days, though they did not mention the I.A.R.C. determination.

That would take another three years. It coincided with the C.D.C.’s effort to use clearer language on its website, a bureaucratic process that led to tension between the communications staff and the agency’s Radiation Studies Branch.

One draft of the new language was tested on a focus group in 2013, prompting complaints that the “material did not provide any concrete answers.” Another draft was criticized by an outside expert for including “statements that are scientifically incorrect,” an agency official wrote.

One official proposed posting three different versions of the guidelines on the website, a step rejected by another as confusing.

The vetting process for the revised guidelines posted in June 2014 included an outside expert, James M. Smith, the former head of the Radiation Studies Branch. “I certainly had no intention of suggesting a policy change, since there was no overriding science to justify that,” Mr. Smith said. In retrospect, he said, “it was just a bad choice of words.”

The new guidelines were not noticed until several weeks after they were first posted. The change aroused alarm within the agency, and concerns from some outside experts. An official from the Vermont Health Department forwarded a letter he had received asking about the state’s legal liability for allowing wireless technology in public schools and libraries.

Within the C.D.C., officials began to retreat from the language. In emails, Robert C. Whitcomb Jr., head of the Radiation Studies Branch, began assuring colleagues at other agencies and universities that the new guidelines were “not an official policy.”

Another C.D.C. official called it “a teachable moment,” while a third said she had “an incredible guilt complex” for her role in the guidelines published in June 2014.

Mr. Portier, who left the C.D.C. in 2013, sees it differently. “I would have been happy with the original revision,” he said.

Today, the agency’s guidelines include a sidebar explanation noting that they were changed, and then changed again. “During this process, revisions were introduced which inadvertently led some visitors to the web page to believe that a change in position had occurred.”

“Some organizations recommend caution in cellphone use,” the agency’s guidelines now say. But the C.D.C. is not one of them.
http://www.nytimes.com/2016/01/02/te...hone-risk.html





App Makers Reach Out to the Teenager on Mobile
Conor Dougherty

Over the past decade, advertisers have spent untold millions trying to turn Talia Kocar and her peers in the millennial generation into loyal customers. But on a recent afternoon in Santa Monica, Calif., in a kind of consumer torch-passing, Ms. Kocar, 25, watched a focus group of teenagers drink free Snapple and suck Doritos powder off their thumbs while answering questions about their smartphones.

Ms. Kocar works on Wishbone, a social networking application full of breezy polls about pop culture, prom dresses and other fixtures of teenage life. Users — most of them girls — post side-by-side pictures that compare rappers (Lil Wayne or Tyga?), celebrities (Kim Kardashian or Beyoncé?) and the like.

Like most social media apps, Wishbone users achieve status by amassing friends who vote with a thumb tap. There is a bonus, however, which is that twice a day, Ms. Kocar and her team send a “Daily Dozen” of the best and most popular polls to every Wishbone user. This is somewhat like being named “funniest” or “most clever” in a yearbook: Featured polls are guaranteed a lot of votes, and votes, similar to likes on Facebook, are the coin of Wishbone’s realm.

Ms. Kocar said her first attempts at market research began with trips to Starbucks stores and nail salons, where she would find Wishbone users and ask them what they did and did not like about the app. She got lots of information, but wanted more. Hence, the focus group.

Teenagers being teenagers, the room was full of angst and contradictions. They love Instagram, the photo-sharing app, but are terrified their posts will be ignored or mocked. They feel less pressure on Snapchat, the disappearing-message service, but say Snapchat can be annoying because disappearing messages make it hard to follow a continuing conversation. They do not like advertisements but also do not like to pay for things.

At one point a questioner asked the group when they were least likely to be online. “When I’m in the shower,” a girl responded.

Nobody laughed, because it was barely an exaggeration. About three-quarters of United States teenagers have access to a mobile phone, according to a recent survey by the Pew Research Center. Most go online daily and about a quarter of them use the Internet “almost constantly.”

Those numbers have created a growing advertising market and fortunes for apps like Snapchat and Instagram, which is owned by Facebook. This year companies are projected to spend $30 billion on in-app advertising in the United States, roughly double what they spent in 2014, according to eMarketer, a research company.

But even though these services all have the same core functions — find friends, post pictures, send messages — teenagers juggle them constantly, developing arcane customs for what to post where and ditching one app for another the moment it becomes uncool.

That churn leaves an opening for upstarts like Wishbone, which is about a year old and already has about three million monthly users. Since July it has ranked among the top 30 most-downloaded social media apps in Apple’s App Store, according to App Annie, a data and analytics company. But staying there will be tough. Mobile apps are a hit or miss business in which a handful of top players get most of the users and money.

Hoping to get their app in that elite few, people like Ms. Kocar pore through data and turn to focus groups for insight on how to get new users to sign up and old users to stay. Their efforts are a window into how teenage lives are documented on mobile screens.

“They have immediate social validation or lack of validation at the touch of a button,” said Michael Jones, chief executive of Science Inc., which owns Wishbone. “So if you thought that the immediate gratification generation was two generations ago, you haven’t even seen what immediate gratification looks like until you start spending time with, like, a teen on a phone.”

A Daily Rotation of Apps

One hot afternoon last summer, Leila Khan and Lucy Nemerov, two eighth graders from Palo Alto, Calif., cruised their local mall, scoring free samples at See’s Candies and dropping into Brandy Melville to look at clothes, but not buy. Lucy is an avid Wishbone user, but the app is just one among several that she and her friends rotate through each day.

To manage their identities in and obligations to this world in their pockets, they adhere to rules that have somehow been absorbed and adopted by their peers. For instance, that afternoon, since nothing particularly special happened, Lucy posted a few videos to Snapchat — including a clip of me interviewing her — but nothing on Instagram.

Why the distinction? Because Instagram is special, Leila explained. On Snapchat, where messages disappear, you can be less selective because there is a lower bar for quality. On Instagram, you have to be careful not to clog your friends’ feeds with a barrage of low-quality pictures that might annoy them.

They also regularly delete their Instagram photos so that their profiles never have more than a handful at a time. For comparison, I’m a medium-level Instagram user and have several hundred. They reacted to this information as if it were the smell of warm garbage.

“I have zero right now,” Lucy said.

“Yeah, ’cause I’m like, ‘Oh wait, I look stupid in this one,’ ” Leila said.

Some of Leila’s rules for Instagram include never posting more than one photo a week, avoiding photo filters (too fake) and hashtags (too desperate). She tries to find a timely occasion to post — such as National Watermelon Day — and is so concerned about having the right caption that she keeps a running list of ideas on her iPhone. Neither girl had any such rules for Facebook, because they hardly use it.

App makers fear this kind of juggling the way TV networks fear DVRs. Each time someone leaves one app for another, there is a chance that user will never come back. And since apps make money only when users are plugged in and absorbing ads, the number of monthly users is less important than how many users they get each day — and how long they stay.

Social media apps and messaging services — Wishbone included — tend to get an outsize portion of their ad revenue from a handful of mobile game makers and other app download ads. But Wishbone is making the not-terribly-crazy bet that as people spend more time with their phones and advertisers become comfortable with the medium, more brands and money will follow.

For now big advertisers remain focused on the millennial generation, who, at about 18 to 35 years old, are old enough to buy cars, homes and other big-ticket items. But an early wave is starting to think about the next group, said Erna Alfred Liousas, an analyst at Forrester Research, who said the firm had a number of financial services and media companies ask for studies on the under-17 group.

As with coffee and newspapers, the key to a successful app is to make it a daily habit. Which is why in early September, Mr. Jones of Science sat in a cinder block room staring at a computer screen full of data. He was with Benoit Vatere, head of Science’s mobile group, and Peter Pham, the company’s chief business officer, discussing the best time to send push notifications alerting Wishbone users to new polls.

Push notifications — those incessant reminders that make your phone light up and ding — are the infantry of app warfare, cracking the attention span to remind users that someone on the Internet might be talking about them. All summer Wishbone had been sending out alerts four times a day, but the three men were thinking about adding more and, now that students were back in class, trying to recalibrate around the school day.

“Can we have a friends feed at noon?” Mr. Jones asked Mr. Vatere. “It would be great to do ‘Your friends have updated.’ ”

“And you talk about it while you’re at school,” Mr. Pham added.

Every generation has its thing, and the last two have been marked by digital technology. One of the big dividing lines between Generation X and millennials was that millennials grew up with the Internet. A big difference between millennials and the next group — the postmillennials — has been smartphones.

Economic and cultural changes have an even larger influence, argues Neil Howe, an author and historian who is credited with coining the term “millennial generation.” The Great Recession and its aftermath are likely to make the postmillennial generation more risk-averse, he said. At the same time, today’s kids have absorbed lots of parental advice about online safety and bullying.

“There’s a whole new curriculum being pushed by Gen X parents and one thing it emphasizes above all is emotional intelligence and being very sensitive to the needs of others,” Mr. Howe said.

In surveys, his consulting company, LifeCourse Associates, has found that teenagers are extremely anxious about being criticized on social media and are more conscious than their parents of when an app makes them feel bad — or at least aren’t bashful about saying so.

During the recent focus group at Science, one girl said she showed Instagram ideas to at least three people before posting. Another said she deleted any post that did not garner enough likes. “I post and I just delete, because I don’t want to have, like, never mind,” she said, too ashamed to announce the precise number of likes out loud.

Wishbone sees those anxieties as an opportunity. The app doesn’t ask users to take pictures in which they look “sooo beautiful!!!!,” nor does it require having parents who vacation in Instagram-perfect locales. Users just make funny polls to talk about celebrities, makeup and bands. It is about your tastes, not your identity.

Rajada Victor, a 14-year-old ninth grader who lives in Los Angeles, was seated near the girl who was ashamed of her paltry likes. In a follow-up interview, she said she had grown exhausted by the frenzy for online status but was a regular on Wishbone, which she checks all the time: in class, while walking to school, on weekends.

“I like the fact that you don’t have to look a certain type of way to post,” she said. “People don’t comment rudely or anything — you’re just comparing stuff.”

Mr. Vatere can see this in the data: Wishbone users frequently describe themselves by their interests — they might like Taylor Swift, for instance — but rarely post personal photos. The app also employs an “everyone gets a trophy” philosophy by having Ms. Kocar and her editorial team choose many different polls, not just the most popular ones, for the coveted Daily Dozen of posts that all Wishbone users vote on.

“You want to create an environment where it doesn’t feel like only 1 percent of the people win,” said Eric Kuhn, Science’s head of product. “And we’ve heard that with other platforms, like as soon as you’re clearly not in that top 1 percent, you don’t want to use the app anymore.”
Some Facts and a Hunch

Mr. Jones, a 40-year-old Gen Xer, has tracked youth culture since the grunge ’90s, when he started a magazine called Elixir as a University of Oregon sophomore. This was back when teenagers went to bookstores in search of small-circulation “zines.”

He spent the next two decades tracking the migration of media to the web, to social platforms to mobile phones. Elixir became a website and, as Mr. Jones got more interested in the web than publishing, he started a software company called Userplane that was bought by AOL.

Later Mr. Jones was the chief executive of MySpace, where his job was to try to blunt the ascendance of a new competitor called Facebook. This did not go well.

He founded Science four years ago with Mr. Pham. He calls it a “start-up studio” that helps entrepreneurs turn their ideas into businesses. Wishbone is part of Science’s mobile group — which includes several other apps — but Mr. Jones is so enamored with social media that he decided to run the group and Wishbone himself. The Science offices are just a few blocks from the beach in Santa Monica and have requisite start-up touches like exposed ceilings, copious whiteboards and employees who toil quietly while wearing Beats headphones.

Science has raised about $40 million in venture capital, most of it from Hearst Ventures. After the MySpace debacle, Mr. Jones said he initially steered clear of social media and focused on building online commerce businesses such as Dollar Shave Club, a razor subscription service, and DogVacay, a dog-boarding version of Airbnb, the online home-rental service.

“Coming out of MySpace I was like, ahhh, this is so hard — social ads is tough,” he said. “Let’s just take a pause.”

As social media moved to mobile phones, Mr. Jones figured there would be a chance to get back in. Wishbone came out of a few facts and a hunch. The facts are that people spend several hours a day on their phones, and that teenagers favor apps in which everyone gets to create content and be part of the show.

The hunch was that a polling app would do well. Mr. Jones knew from his AOL days that polling was among the most addictive of online features. And since successful mobile apps reward repetitive behavior, he figured polling would translate well to smartphones.

If Wishbone were almost anything besides an app, three million users would be a huge success. But apps are a brutal business, where a few gigantic hits like Facebook and YouTube make most of the money. American smartphone owners use about 27 apps per month, but spend about 80 percent of their time in five, according to a recent study by Activate, a consulting firm.

And even the winners can’t rest for long. Facebook, the biggest social network, has tried to defend its top position by buying or trying to buy rival apps as they break through. Facebook tried to buy Snapchat, but was spurned.

Four years ago the company spent $1 billion to buy Instagram, which at the time had a dozen employees and about 30 million monthly users. Today Instagram has more than 400 million, about a quarter of Facebook’s users.

Wishbone is a long way from that top tier, which is why employees show up to meetings with laptops full of statistics about what teenagers are doing. And it is why they spend time running focus groups.

Right around Thanksgiving, Mr. Jones, Mr. Pham and Mr. Vatere started rethinking their strategy for sending out push notifications. All through the summer and fall they had been limiting the number of daily alerts on the assumption that, like them, Wishbone users would be annoyed if they were interrupted by too many pings and dings. And, as one might expect when three fathers make an assumption about teenage girls, they could not have been more wrong.

“We talked to them and they’d be like, ‘Why am I not getting notified when people vote on my stuff?’ ” Mr. Jones said. “And we’d be like, ‘Well, we wouldn’t want to do that ’cause we might send you, like, 50 notifications that you got 50 of your friends to vote on your card.’ They’re like, ‘But that’s what I want.’ ”

“In fact,” Mr. Jones said, “they would even kind of subtly infer that if they didn’t get at least 50, it was kind of like a bad day.”

The same way Gen X measured its worth in answering machine messages, the mobile-minded teenager sees each like and mention as reassurance of an active social life. And when your phone is the default security blanket for enduring the awkwardness of walking a high school hallway, it feels nice to have a bunch of digital hellos ready with a swipe.

So just before Thanksgiving weekend, Wishbone opened the fire hose, sending out notifications for everything — every vote, every mention, everything that has to do with a user on the app. A week later they found several key metrics, like voting, had almost doubled.

One might ask if teenagers need another distraction. In a recent survey by Common Sense Media, a nonprofit research group, half of teenagers said they watched TV while doing their homework, while 60 percent said they texted and three-quarters said they listened to music.

Those in the Wishbone focus group said they loved getting notifications but acknowledged getting lost in their phones. One girl said that it had come to the point that the only way she could finish her homework was to put her phone in another room.

“Sometimes it’s fun ’cause it’s like people are thinking about you and are like, ‘I want to show this to Jada,’ ” said Rajada Victor, the ninth grader in Los Angeles, who goes by Jada. But, she also said, she tries not to become caught up in worrying about social media.

“I’m focusing on my grades and all that stuff,” she said.

And that’s the thing about teenagers: They grow up.
http://www.nytimes.com/2016/01/03/bu...on-mobile.html





Video Game Violence: The Military and Game Developers Can't Both Be Right

An ethicist explains why the debate over on-screen homicide is more complicated and worthwhile than we might think.
Brock Wilbur

The debate over violence and video games is in its petulant teens. In a sense, the conversation is just a re-skinned hash of the Black Sabbath and Dungeons & Dragons debates of the late 1980s and 1990s. The key difference is that metal and dice games aren’t used by the government to train soldiers. Video games are — now more than ever. Does this imply a link between anti-social impulses and joystick excellence? Absolutely, and trying to square that with the developers’ tautological argument that violence is violence and games are games is only getting harder.

Thanks largely to unmanned drones, the line between video games and warfare has gotten a lot blurrier. Battle is conducted on screens by men and women who are both divorced — and extremely not — from the reality of conflict. This is what fascinates Prof. Robert Sparrow of Australia’s Monash University, an ethicist who set out to reconcile the video game industry’s claims of innocence with the history of battle simulators and gamified war. His research was far reaching and profound, but he couldn’t manage the trick.

Professor Sparrow spoke to Inverse about why dismissing the connection between video games and violence is intellectually lazy and why that’s bad news for both warriors and gamers.

I’d love to start today by discussing an earlier paper of yours called War Without Virtue where you look at the idea of military ethics in the age of war as a desk job. Tell me about the “Good Warrior”.

The conception called the Warrior Virtues or Martial Virtues that gets into “role morality”: the idea that certain people— doctors, lawyers, soldiers— have both special moral privileges (soldiers are allowed to shoot people) but also special responsibilities moral obligations. An American woman named Shannon French has sort of pioneered this as an approach to military ethics— how important it is that members of the armed services need to understand what they’re doing is moral and worthwhile because that’s crucial to their ability to reintegrate to reality. When you come home you need to be able to be able to think of yourself as a good person. Soldiers have an easier time going back to being citizens if they’ve acted in accordance with their own moral code as reinforced by those around them.

There’s a lot of questions around this now because of the operators of remote drone aircraft and a bigger debate about whether they should receive medals and awards for service that are equivalent to combat medals. Some say “well, you’re not really going to war” but we see these operators burdened by guilt and an inability to reconcile actions against a moral code and it isn’t reflected consistently by those around them. How do we understand the ethics or what these people are doing? Is it brave? Do they act with honor? What does it mean to demonstrate mercy through a video screen?

You’re saying that the military has a hard time understanding whether drone fighters are technically fighters?

Moral courage can haunt you but there’s also a perceived disconnect with the idea of unmanned drone pilots and “physical courage,” which is a central concept in the role of being a warrior. So I’m fascinated by the role of those media screens in the transmission of the moral reality of warfare.

Here’s the issue: We don’t treat drone pilots on the same way because what they’re doing is easy to criticize. It’s the gamification of warfare; “video game warfare” as critics call it. But we do reward and honor the pilots of manned aircraft like B-52 bombers. Drone pilots make the case that the pilots of manned aircraft fly very high over their targets, and drop payloads on a set of GPS coordinates. That’s warfare that everyone understands and these pilots understand their place within the warrior code. But drone operators use their technology to spy on targets and observe them for long periods of time. They learn who these people are and follow them through their daily life, and when the time comes to execute them they watch these people bleed out, and then take note of who comes to mourn the body and bury them. That’s obviously a much more personal, emotionally invested experience than dropping bombs on a set of map coordinates. Now you have these drone operators experiencing PTSD and guilt and being met with accusations that what they do isn’t “real heroism” and I think you can see the problems.

So you came to video games via an interest in military application and the disconnect that screens provide to warfare?

I wasn’t much of a gamer— I actually developed repetitive stress injuries from typing so that was problem. I got around that by starting to play more games on my phone. Also, by including my colleague Brendan Keogh on the paper, because he’s more at home in the world of games.

I wasn’t playing Call of Duty for fun when I got into this. My interest was originally the role of video imagery and then the literature on video simulation. I wanted to get past the media effects of representation, which you’re well aware of. There’s a debate about whether books lead people to kill each other, so I’m not trying to prove that videogames have the same effect. It’s about the causal power of any particular medium. It’s particularly clear with video games, where there’s some panic and there’s literature on the panic and games study literature that says it doesn’t really affect people. So when you tried to write in that area you can get trapped there.

What I wanted to say is, let’s put that aside. There is a lot of money being poured into video games being used by the military to train people, and to recruit people. On the most basic level, if something is being used as both a genuine training tool for military purposes and as entertainment, does that seem problematic? Some of these games for the military are even designed to increase your respect for human life, but if it can be successful in changing you in that way, doesn’t that imply you can be changed in negative ways too?

Wait, so you’re saying that either the military is well aware that games have the power to change people or that they’re lying to themselves at great cost?

No, I’m trying to make readers make a choice. I am opposed to the claims of the inertness of games. I tried to under commit as to who is right here, because I think there are cases to be made on both sides about the effectiveness of what is going on here, but on the most basic level you cannot claim that video games, or any medium, exists without impacting a person. In simplest terms, if you keep playing a video game you will get better at that video game. That proves that video games do change you. So what do we want to do with that information?

Me, personally, I think advertising works. If that works then games can shape behavior. It seems likely. There are gun manufacturers who are paying to have their guns placed in video games because they think it is marketing for people to buy their gun in the real world. If they didn’t think this was an effective marketing tool, with real world implications, why would they waste their time or money on it?

So if games are being used to train people, and games affect gamers, we have to re-examine what we’re being taught?

I wanted to raise the possibility that the military is just engaged in PR. And if it is just a recruitment tool—and if you can recruit using it— then you can reshape the behavior. You don’t want to conclude that everyone who plays games is going to turn into a monster, but you aren’t the same person after playing three months of Call of Duty as you would be having never played it — that’s equally implausible. I do not want to be arguing that games shape behavior. Either they do or they don’t. We need to look again at what recreation gaming is teaching us, and the paper is designed to force people to reconcile the claims about the utility of military gaming and the claims about the inertness of entertainment gaming.

Where is your work heading with this, since you seem to have an overarching interest in the media disconnect of warfare?

The paper is part of a larger project about virtual worlds. If you approach ethics through the lens of “what kind of person would do that” or “what does that show about me when I do that” — this virtue-ethical lens— one of the questions I’m interested in is could a gentle person cheer when the bombs go off in the video game? Who sits down at the controller to take part in this? Does a Buddhist or Pacifist play shooters, and when they do, what does that say? It’s a question of character that’s a central concern.

Some of the games you’ve pointed me towards in the realm of military produced training include claims that they are making soldiers more culturally aware and respectful of human life.

One way to make that argument about character is to show that the game can indeed change you. If it works this game wants to say it can make you less racist. Can a game make you less racist? Could you be racist in a video game space? If you play a game but make the choice to only shoot the characters that are African Americans or if the game itself had a racialized set of targeting systems… I would think that was racist. Maybe that’s you or maybe that’s the game but by most definitions that clearly displays an element of racism. The impact of games is often measured by, “Is there impact on your future actions” but also, what do you demonstrate about yourself when you exist in these spaces? If I only want to shoot people with blue hair or if I only want to shoot women — does that display sexism? Can the game change that?

In The Gamer’s Dilemma by Morgan Luck he counterposes CGI child rape games to first person shooters. If someone were playing a child rape game, most people would feel profoundly uneasy. What would your partner say if you were raping children? Not real children, but you were raping digital children and then you came down to dinner and said “Sorry, I just had to finish with that child rape.” That’s horrific. But there are lots of people who come down to dinner and say “Sorry, I just had to finish the level where I blew up all those people,” and no one has the same reaction to that. If you don’t believe the games will affect you— why do we think you’ll become a pedophile if you’re playing a child rape game? This is about representation in our attitudes towards sexual and physical violence.

Your paper looks a lot of the ways we might explain the disconnect between what is entertainment and what is designed to train us. Is there any way to tell or is it all about intention?

I don’t think there’s going to be easy mapping of training versus entertainment. The gamification movement is about making training entertaining, right? One of the first uses uses of military applications in gaming was a Marine training Doom mod and they were running small unit tactics in game.

You can look at the intention of the designer. A common problem in media ethics is that things get taken out of context. People take things produced for one purpose and make a different use — either more entertaining or more actively educational. Then there’s the intention of the person playing. You can be playing a training game for fun. One of the things thats fascinating about the medium is how the power changes at levels of representation — killing someone can be shown on screen as their body fading to gray or a penguin hopping up and down with coins popping out or exaggerated viscera can spray the walls. It makes this question about the relationship between world and image so fascinating. People do have a pretty clear notion of what defines violent or sexist games — but when you push it’s hard to pin down. Whether what you’re representing is war in Iraq or war in Imagine-istan.

Your paper also gets into the idea that maybe games aren’t effective training tools for what they claim, but I think that ignores some basic concepts like “teamwork” which I feel like I can develop around a game of Mario or something simple like that. It seems like it must be hard to prove or debunk some of these general training concepts and positives that the military wants to assert.

There’s a real and basic sense that the games can teach skills because you get better at the games. Can you take that same skill and apply it to a real world activity and get the same increase in performance? If you were training manual dexterity and had the right controller you could get this out of Mario Brothers— but you might not able to be to transform into a great violinist or surgeon just from proper button mapping.

The Player-Subject is brought up as an idea of ethical transference— how it becomes difficult to measure any of these changes because of what the player has to project into this space.

There are two way to evaluate what’s happening in the game ethically — the impact on the real you in the future. That’s not controversial— what’s controversial is can they make you different morally. We need to be clear— it’s not the medium alone, it is also the content. Presumably they can also make you a nicer person. It is highly unlikely to only make people more violent— there’s an entire spectrum of effects. The other sense of ethical measurement is to evaluate the behavior in-game independent of future— is the game a racist game? Is a game called Jew Killer existing independently of its future effect on their behavior. You think you’re playing this to avoid going postal, but we don’t usually think we’re more likely to do this thing in the real world.

Oh, I see what you’re saying. That moment where someone says “I need to blow some people up as stress relief because my job was hard today.” No one says that because they think they need the game to prevent them from becoming a murderer?

Stress relief is fascinating because it pre-supposes that the games do change your behavior: ‘I feel like going out to shoot up a school, oh thank God that Grand Theft Auto was here to stop me!’ If a game can relax you, it can wind you up. But what does it say about that kind of person who has come to enjoy the fantasy of killing people?

It’s a test case for the consequences. If piloting a drone can induce people with PTSD why isn’t it happening to people with Call of Duty.

Are people coming away with PTSD from video games?

That’s why drones are so fascinating in this perspective. I was writing about the ethics of robotics and autonomous weapons, and as drones took over I got into the robot war action. It’s one of the first things you hear in any debate about drones — they are video game warfare and they make killing too easy — so thinking about how they are like and unlike video games says a lot. Ender’s Game, the reactionary sci-fi book, that character finds out he’s been fighting a war but he didn’t know because of the screen between him and the world. And that’s what drone pilots are up against now. Some of them are having to deal with the repercussions of taking human life, but because they never stood there and looked down on a body they don’t know if they’ve ever really killed someone or if this is a thought experiment.

You brought up the empathy of drone pilots. Can we display empathy through a digital screen?

There’s an old book about TV called Four Arguments For Elimination of Television. The argument he makes in one chapter is about the limits of television for environmental activists. How do you get people to care about a swamp by putting advertisements on TV? It’s easy to show gleaming results and it’s so hard to show the value of a complicated ecosystem that has a rhythm and physical presence that you can’t get across on a small screen. This is about the limitations of the medium for conveying the moral reality of what’s presented. What’s the relationship between the drone pilot and the person they’re observing or the moral relativism? How much of that can be transmitted via video feed? If it can, then why isn’t it being transmitted by a game in which you play a drone pilot? It’s not just an empirical question; it’s important in having a moral relationship. It’s a hard question and that’s why I’m interested in it.
https://www.inverse.com/article/9498...-both-be-right

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

December 26th, December 19th, December 12th, December 5th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Old 02-01-16, 01:13 PM   #2
Bright Eyes
Global Security Octopus
 
Bright Eyes's Avatar
 
Join Date: Apr 2000
Location: In the 1960s
Posts: 621
Default

Thanks for this.
__________________
Hippopotomonstrosesquippedaliophobia is the fear of long words.

This is the Century of the Insane.
Bright Eyes is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 03:23 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)