P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 13-03-13, 07:44 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - March 16th, '13

Since 2002


































"It's going to be the most lucrative thing ever because you get paid forever." – Tom McAlevey


































March 16th, 2013




Sweden Music Sales Rocking Despite File Sharing

Despite being home to a vibrant community of file-sharing activists, Sweden is at the forefront of a global recovery in music sales driven by streaming music services such as Spotify, industry observers say.
Sapa-AFP

Legal downloading sites like Apple's iTunes Store were once thought to be a panacea for the global music industry, providing an alternative to illegal download sites like Sweden's Pirate Bay.

But if the high-tech Scandinavian nation is anything to go by, music downloads could soon be as obsolete as CDs or vinyl records. iTunes' success has been modest here, with the vast majority of consumers preferring to stream songs rather than owning them on a hard drive.

Last year was the best year for music sales in Sweden since 2005, with 63 percent of revenue coming from digital sources, according to data from the Swedish Recording Industry Association (GLF). Out of that, 90 percent came from streaming services.

"Norway and Sweden are similar in that a large part of music revenue comes from streaming, and in that both countries have seen strong growth," said Ludwig Werner, managing director of the Swedish chapter of IFPI (the International Federation of the Phonographic Industry).

Other countries, including Europe's largest economy Germany, still derive most of their music sales from CDs, he noted.

With income still lagging the heydays of the early noughties, when file-sharing began eating into results, Werner said it was too early to tell if the music industry was out of the woods.

Last year's sales of 943 million kronor (113 million euros or $148 million) in Sweden was up 13.8 percent from the previous year, but well below the 1.55 billion registered in 2002.

The Swedish turnaround has been driven by two events: In 2009, the "Ipred" law came into effect, giving copyright holders the right to require service providers to reveal details of users who share files, paving the way for legal action.

Also contributing to a rise in legal music sales was Spotify, the digital media juggernaut launched by Swedes Daniel Ek and Martin Lorentzon in 2008.

The streaming music service still counts Sweden as one of its most successful markets.

"We do see a similar trend (for sales) across the Nordics, but primarily for Sweden and Norway where the penetration for streaming services is very high," spokeswoman Marine Elgrichi said.

According to the company, the 120 euros a paying Spotify user spends on music per year is twice that of a user who downloads songs.

Asked about the criticism levied at the digital music service for how it compensates artists, Elgrichi said it pays 70 percent of revenues back to record labels and collecting societies, who then pay the artists.

Last spring, Spotify had paid out a total of $250 million. At the beginning of this year that amount had doubled to half a billion dollars.

"To double that figure in under a year shows the huge strides we're making," Elgrichi said.

Tom McAlevey, founder of Radical.FM, a Swedish music streaming start-up modelled on US-based Pandora Internet radio, said streaming music services would create "the most lucrative era the music industry has ever been in."

According to his own calculations, between 100 and 200 plays on Spotify earns a record company the same amount of money it would make from a download.

"After that it's just pure profit. No one's buying anything a second time on iTunes," he said.

"It's going to be the most lucrative thing ever because you get paid forever," he argued. Artists' criticism of streaming services like Spotify was beginning to subside as they were "starting to understand the math," he said.

The rise of streaming music is already affecting how record labels operate.

With more people discovering new artists through shared playlists and "tailored" radio stations like Pandora that predict what kind of music the listener wants to hear, there's less need for costly advertising campaigns to promote the performer.

"Previously most of our marketing activities were tied to paying for exposure," said Robert Litsen, an executive at Swedish-based Cosmos Music Group.

Promotional campaigns for a singer or a band were now more focused on "what you communicate" rather than "how much you're willing to pay," he added.

Others believe it could shift the industry's economic cycle away from the traditional spike in CD sales before Christmas.

"With less focus on the Christmas market, we can spread out the releases of albums at different times, when artists have more of a chance to stand out," the managing director of Universal Music Sweden, Per Sundin, said in a recent report from IFPI.

Prior to the controversial Ipred law, Sweden was at the forefront of file-sharing activism, and in 2006 fans of the website Pirate Bay formed the Pirate Party to campaign for copyright reform.

But party leader Anna Troberg said she didn't think the crackdown on file-sharers was behind the music industry's newfound success.

"I think it's because they've finally begun using new technology to their advantage, rather than trying to fight it," she said.

Spotify was a good alternative for "chart music" but finding the sort of niche acts she listened to herself was harder, she noted.
http://www.timeslive.co.za/entertain...e-file-sharing





EFF To Represent Bloggers Against Copyright Troll

Prenda Law Firm attempts to silence critics DieTrollDie and FightCopyrightTrolls

The Electronic Frontier Foundation (EFF) is joining with attorney Charles Lee Mudd Jr. to represent two blogs caught up in a bizarre lawsuit filed by Paul Duffy and Prenda Law LLC, Duffy's copyright troll law firm.

Copyright trolls try to make money by suing Internet users under various copyright laws. Their tactics include targeting large groups of anonymous "John Doe" defendants for downloading files on BitTorrent, seeking their identities, and exploiting the massive damages in copyright law in order to pressure defendants into settling quickly.

Duffy and his firm's tactics are frequent subjects of criticism on FightCopyrightTrolls (fightcopyrighttrolls.com) and DieTrollDie (dietrolldie.com), two watchdog blogs maintained by anonymous authors.

Late last month, Duffy and Prenda Law filed two separate defamation lawsuits in Illinois state court, which have since been removed to federal courts in the Northern and Southern districts of Illinois. The complaints claim the bloggers and their commenters defamed Duffy and his firm, despite the free speech protections guaranteed by the First Amendment.

"These lawsuits are a blatant attempt to abuse the legal process to punish critics," said EFF Staff Attorney Mitch Stoltz.

Immediately after filing the suits, Duffy served a subpoena on Automattic Inc., the company that owns the Wordpress blogging platform. The subpoena seeks the IP addresses of everyone who ever visited the two websites, threatening the privacy of the bloggers and their readers. On Friday, Automattic rejected the subpoena in a letter to Duffy, calling it "legally deficient and objectionable" and a violation of the First Amendment right to speak anonymously.

"Not only is the subpoena improper under the First Amendment, it fails to comply with the simple rules for pre-trial discovery," EFF Staff Attorney Nate Cardozo added.

Automattic has stated unequivocally that it will not turn over any information until the bloggers' challenge to the lawsuit has played out in court. In order to protect this right to anonymity, EFF and the Mudd Law Office will not publicly release the names of their clients in this suit.

"Critics of the copyright troll business model have the right to speak anonymously without their identities being exposed to the trolls," said Kurt Opsahl, EFF Senior Staff Attorney. "These sweeping subpoenas create a chilling effect among those who have spoken out against Prenda."

Notorious copyright troll John Steele previously filed a similar lawsuit against the two blogs but dropped the suit last week without explanation.
https://www.eff.org/press/releases/e...opyright-troll





Surprise Hit Was a Shock for Artists Heard on It
James C. McKinley Jr.

Hector Delgado gave up being a reggaetón artist five years ago to become an evangelical preacher in Puerto Rico. So it was something of a surprise when his former manager, Javier Gómez, called him three weeks ago and said his voice could be clearly heard on “Harlem Shake,” a song that had gone viral on the Internet and then climbed to the top of the pop chart.

He wasn’t alone. Jayson Musson, a rapper from Philadelphia, received an excited call from another member of the former rap collective Plastic Little, who told him that his voice could be heard on the hit song as well, yelling out the key phrase “Do the Harlem Shake!”

Neither gave permission to the song’s producer and writer, Harry Bauer Rodrigues, who records under the name Baauer, to use snippets of their records, they said. “It’s almost like they came on my land and built a house,” Mr. Delgado said.

Both Mr. Musson and Mr. Delgado are seeking compensation from Mad Decent Records, which put out the single last year. The label and Mr. Rodrigues declined to comment. But the tale of how an obscure dance track containing possible copyright violations rose to the top of pop charts illustrates not only the free-for-all nature of underground dance music but also the power of an Internet fad to create a sudden hit outside the major-label system.

Obtaining licenses to use samples has become standard practice in the music industry, and in most cases a license is needed from both the music publisher and the record label that made the master recording. Courts have held that even a short sample entitles the sampled artist to royalties; the amount is negotiable.

But small labels, like Mad Decent, sometimes lack the resources to have lawyers vet releases and instead rely on producers to make sure recordings are free of copyright problems. These labels frequently have little to do with the production of the tracks, especially in electronic dance music.

“You don’t have the same checks and balances that you would if it were done by a corporation with a legal department,” said David Israelite, the president and chief executive of the National Music Publishers Association.

“Harlem Shake” has been at the top of the Billboard 100 pop chart for three weeks and as of Friday had sold 816,000 digital downloads, according to Nielsen SoundScan. It benefited from a recent change in Billboard’s methodology to include YouTube views along with radio airplay and singles sales in its ranking.

The song was released last May on Jeffrees, a sublabel of Mad Decent that lets producers release dance tracks without signing a contract giving the label exclusive rights to the song, label executives told Billboard magazine. The label initially offered “Harlem Shake” as a free download, then began charging for it in June as part of EP.

But sales of the song did not shoot up until last month, when it became the soundtrack for a YouTube dance craze. The fad involved people posting wacky videos of themselves dancing convulsively in absurd costumes to the first 30 seconds of the track, which begins with Mr. Delgado, whose stage name was Hector El Father, singing, “Con los terroristas” (“With the terrorists”). Mr. Musson sings “Do the Harlem shake” 15 seconds into the track, a cue for the dancers to thrash around wildly.

As thousands of people uploaded videos, demand for the original track spiraled, and Baauer became an overnight star, appearing on the cover of Billboard.

The track has roots in Philadelphia’s dance and hip-hop scene, where Mr. Rodrigues, 23, of Brooklyn, has worked as a disc jockey under the name Cap’n Harry. Mr. Rodrigues told The Daily Beast that he found the recording of Mr. Delgado online. “The dude in the beginning I got off the Internet, I don’t even know where,” he said.

The sample can be traced back to Mr. Delgado’s 2006 single “Maldades” from the album “The Bad Boy,” released on Machete records, on which it was a refrain. He used it on other songs as well. “It’s like a trademark of Hector’s,” Mr. Gómez, the former manager, said.

In 2010 two Philadelphia disc jockeys — Skinny Friedman and DJ Apt One — borrowed the recording of the line to spice up a remix of another dance track by Gregor Salto called “Con Alegría,” which they released on their own Young Robots label on the album “Moombhaton de Acero.” They also included the snippet on a 2011 collection of beats for disc jockeys, “T&A Breaks 3: Moombahton Loops and Samples.”

Mr. Delgado has yet to take legal action against the Philadelphia producers, whose remix was not a hit, Mr. Gómez said.

The recording of Mr. Musson’s exhortation to “do the Harlem Shake” comes from “Miller Time,” a 2001 rap by the Philadelphia group Plastic Little. In an e-mail Mr. Musson, who lives in New York and works under the name Hennessy Youngman, said he found out that Mr. Baauer had used his vocal line in late February, when a former member of the group, Kurt Hunte, pointed it out.

Mr. Musson said he called Mr. Rodrigues and thanked him for “doing something useful with our annoying music” Still, he said that he was negotiating with Mad Decent over compensation and that, though no agreement had been reached, the discussions had been friendly.

“Mad Decent have been more than cooperative during this,” he added in an e-mail. He declined to give details. Mr. Gómez said the founder of Mad Decent, the disc jockey Thomas Pentz, who records under the name Diplo, telephoned Mr. Delgado and his former manager, last month. Mr. Gómez said Mr. Pentz had told Mr. Delgado that he was unaware the single contained the vocal line from “The Bad Boy” when the single was released. Mr. Pentz declined a request to be interviewed.

Since that call, Mr. Gómez said, lawyers for Machete Music, which is owned by Universal Music Group, have been negotiating with Mad Decent over payment for the sample.

“Hector will get what he deserves,” he said. “We can turn around and stop that song. That’s a clear breaking of intellectual property rights.”
https://www.nytimes.com/2013/03/11/a...d-samples.html





Pirate Bay Founders Case Rejected by Human Rights Court
Ernesto

The European Court of Human Rights has rejected an application to hear the cases of Peter Sunde and Fredrik Neij, two of the co-founders of The Pirate Bay. In its decision the Court recognizes that the Swedish verdict against the pair interferes with their right to freedom of expression, but adds that this was necessary in order to protect rightsholders’ right to be protected from copyright infringement.

Last year Sweden’s Supreme Court announced its decision not to grant leave to appeal in the long-running criminal case against the founders of The Pirate Bay.

This meant that the previously determined jail sentences and fines handed out to Peter Sunde, Fredrik Neij, Gottfrid Svartholm and Carl Lundström would stand.

Sunde and Neij weren’t prepared to accept this decision and the pair decided to take their case to the European Court of Human Rights (EHCR).

After almost a year the EHCR handed down its decision today, and it was not the news the Pirate Bay founders wanted to hear. The European Court refused to take on the case after concluding that the Swedish courts had already made the right decisions.

The EHCR recognizes that the Swedish verdict interferes with the right to freedom of expression, but ruled that this was necessary to protect the rights of copyright holders.

In its decision the Court also considered the fact that The Pirate Bay did not remove torrents linking to copyrighted material when they were asked to.

“The Court held that sharing, or allowing others to share files of this kind on the Internet, even copyright-protected material and for profit-making purposes, was covered by the right to ‘receive and impart information’ under Article 10 (freedom of expression),” the decision reads.

“However, the Court considered that the domestic courts had rightly balanced the competing interests at stake – i.e. the right of the applicants to receive and impart information and the necessity to protect copyright – when convicting the applicants and therefore rejected their application as manifestly ill-founded.”

So, in this case the Pirate Bay founders’ right to freedom of expression is trumped by rightsholders’ right to be protected from copyright infringement. It appears that the Court didn’t look at any of the personal circumstances regarding the involvement of the pair.

“Therefore, the Court concluded that the interference with the right to freedom of expression of Mr Neij and Mr Sunde Kolmisoppi had been necessary in a democratic society and that their application had therefore to be rejected as manifestly ill-founded,” the decision ends.

The rejection means that most legal options are exhausted for the Pirate Bay founders. However, Peter Sunde told TorrentFreak that not all doors are closed yet.
http://torrentfreak.com/pirate-bay-f...-court-130313/





Fourth File Sharing Decision Undefended
Chris Keall

The Ministry of Justice filled in a gap this afternoon, providing NBR Online with the fourth file sharing decision.

The case's signature feature is that the un-named TelstraClear customer in question did not challenge any of the three-strikes notices, nor defend themselves at the subsequent Copyright Tribunal hearing.

So we don't know if he or she was directly involved, or if someone else was using their connection - or indeed almost any hard facts circumstances around the alleged offending.

The defendant's failure to respond ensured they got dinged under section 122N - aka the presumption of guilt provision under the file sharing law.

The TelstraClear customer used a BitTorrent client to share two songs, both by EMI artists - Beyonce and ColdPlay.

He or she was ordered to pay $457.16 in damages - another modest total, at least in relation to the $15,000 maximum allowed by the Act.

Tribunal members have so far rejected the "multiplier effect" argument put forward by Rianz (the Recording Industry Association of NZ), which argues file sharing software is also used to upload songs, compounding the damage to rights holders.
http://www.nbr.co.nz/article/fourth-...nded-ck-137270





Manifestly Unjust? Fifth File Sharing Decision Involves Soldier Serving in Afghanistan
Rick Shera

A few things to note from the most recent decision of the Copyright Tribunal in Rianz v CAL2012-E000609 [2013] NZCOP 5 , issued on 7 March 2013 (read it here).

The case involved a soldier who submitted he was overseas serving in Afghanistan when the infringements took place (one involving the song S&M by Rihanna and two infringements of the same song, "I like it like that" by Hot Chelle Ray).

The soldier accepted responsibility noting that he was unable to determine who had used his account to infringe.

First, in respect of the tracks themselves. New Zealand is a party to Berne and should therefore accord overseas rights holders the same protection as is accorded to New Zealand ones. However, Rianz (the Recording Industry Association of NZ) does have a choice as to whose rights it prioritises.

It is strange therefore that it uses resources derived primarily from New Zealand music sales to protect major international rights holders, particularly when it justified the need for the "skynet" legislation by reference to the damage being done to New Zealand artists.

The other odd thing is that if memory serves this is the second or third time the same song has been the subject of two separate infringement notices in the same proceeding. It is hard to know why this should be the case other than Mark Monitor (DeTecNet) taking the easy course by noting the account holder IP address and re-visiting it a month later to see if the same song is being shared. Rianz and NZFACT have submitted that there are hundreds of thousands of infringements being detected each month so the odds of randomly achieving this result must be low.

From a legal perspective though, could it not be argued that the lost sale for which the Tribunal awards compensation is only of one song? After all, it is not as if the account holder would buy the same song twice. At 2 x $1.79 vs 1 x $1.79 maybe not worth arguing over.

Next point - RIANZ again fails in its attempt to persuade the Tribunal that higher compensation should be awarded on the basis that the songs are available for upload to numerous peers in the P2P swarm. Interesting to note the Tribunal is already starting to rely on precedent by quoting from a previous decision on this point (issued by a different Tribunal member).

Finally, and I think of most interest, while the Tribunal refers in passing to manifest unjustness under section 122O(5) of the Copyright Act 1994 (see para [16] of the decision), it does not then consider the issue at all. Section 122O(5) states:

... the Tribunal may decline to make the order required by [subsection (1)] if, in the circumstances of the case, the Tribunal is satisfied that making the order would be manifestly unjust to the account holder.

This section overrides the other provisions of the Act and regulations setting out factors the Tribunal must take into account in setting an award. So, it was open to the Tribunal to decide in these circumstances - soldier overseas, no way of knowing who infringed and therefore no ability to recover any award, admitted responsibility - that to make an award was manifestly unjust. Remember that it is unjustness to the account holder (the soldier in this instance) that is relevant not any unjustness to or cost incurred by the copyright owner. Difficult for the Tribunal though without any argument on the point being presented by the Respondent.

I have said before that trying to show manifest unjustness will be extremely hard, especially given the presumption of guilt in section 122N and the fact that an account holder is liable for all actions taken using its account. I think this case underlines that. I find it hard now to imagine any circumstance that will invoke this protection for an account holder.

Rick Shera is a partner at Lowndes Jordan, where he has clients on both sides of the copyright debate, and is one of several lawyers advising Kim Dotcom's new file sharing service Mega. He posts at Lojo.co.nz.

(The fourth file sharing decision has not been made public. NBR has requested a copy from the Ministry of Justice - CK.)

http://www.nbr.co.nz/article/manifes...stan-ck-137181





Appeals Court Rejects Record Label’s Effort to Neuter DMCA Safe Harbor

Ninth Circuit ruling gives user-generated content sites more breathing room.
Timothy B. Lee

A federal appeals court has rejected a major record label's effort to undermine the legal safe harbor provided to user-generated content sites by the Digital Millennium Copyright Act. Under that 1998 legislation, sites like YouTube and Flickr are immune from copyright liability as long as they promptly respond to takedown requests by copyright holders. The safe harbor has become a foundation of the Internet economy, allowing entrepreneurs to build new user-generated content sites without worrying about being held responsible for their users' infringing uploads.

Unsurprisingly, major copyright holders hate the exemption, and they've waged a decade-long fight to weaken it. In 2007, UMG Recordings sued the video site Veoh, making arguments that, if accepted, would effectively neuter the safe harbor's protection for user-generated content sites. The courts have been weighing UMG and Veoh's arguments for the last six years.

Thursday's ruling by the United States Court of Appeals for the Ninth Circuit was a victory for Veoh, decisively rejecting UMG's key arguments. The ruling preserves the broad protections of the safe harbor, but it will be cold comfort to Veoh's founders. Thanks in part to the costs of litigation, the firm was forced to declare bankruptcy in 2010, and is now a shell of its former self.

Dredging the safe harbor

UMG offered several arguments that, if accepted by the court, would have dramatically weakened the DMCA safe harbor. First, the company said the safe harbor only applied to bare-bones Web-storage services. The company argued that because Veoh automatically transcoded users' videos into different formats and made them available for streaming, it went beyond the confines of the safe harbor, which is only available to sites that store files "at the direction of a user."

The Ninth Circuit rejected this narrow reading. "The reason one has a website is so that others may view it," the court ruled. "These access activities define Web hosting – if the Web host only stored information for a single user, it would be more aptly described as an online back-up service."

A service provider is ineligible for the safe harbor if it has "actual knowledge" of infringing activity on its site but does nothing to remove the infringing material. UMG argued that Veoh's decision to have a "music" section on its site without licensing music from any major music publishers was a tacit invitation for users to upload infringing content. But the Ninth Circuit disagreed. "Merely hosting a category of copyrightable content, such as music videos, with the general knowledge that one’s services could be used to share infringing material, is insufficient to meet the actual knowledge" standard, the court held.

The upshot of the Ninth Circuit's ruling is that as long as a user-generated content site complies with the procedures specified in the DMCA, including promptly responding to takedown requests, it doesn't need to worry about liability if users upload infringing material without its knowledge. A site is not required to actively look for infringing material, or to implement filtering technologies to prevent it from being posted in the first place.

Unfortunately, even if a company is in the clear legally, major content companies can still try to destroy it with protracted litigation. The Veoh decision will make that tactic a little bit harder by giving future defendants a clear precedent to cite. But abusive litigation tactics like UMG's may continue to be a problem.

The ruling represents a victory for the Electronic Frontier Foundation, which filed a brief supporting Veoh in the case. EFF's Parker Higgins called the ruling a "big win for safe harbors" in a Thursday blog post.
http://arstechnica.com/tech-policy/2...a-safe-harbor/





White House Petition Against CISPA Gets Over The 100,000 Signature Threshold
Mike Masnick

Yet another White House petition has made it over the 100,000 signature mark, which is necessary to get a response. This one is asking the White House not to support CISPA, arguing that the terms are too broad, and the possibility of abuse is simply too high. To date, the White House has actually been rather cool on CISPA, preferring an approach that actually does include some privacy protections (but, also one that has a few more mandates for companies). Just last week, DHS boss Janet Napolitano gave a speech in which she suggested that CISPA did not do enough to protect privacy -- and made it even more clear during Q&A, in which she said of CISPA:

"There were no privacy protections built within it and it resided almost all of the cyber information monitoring responsibilities within the NSA, which of course is part of the military."

Of course, some of this is a turf battle. CISPA gives more power to the Defense Department (which the NSA is a part of). The approach favored by the White House gives more power to Homeland Security.

Either way, this would make it easy for the White House to quickly come out in support of the petition, but still say that "something needs to be done" on cybersecurity -- but exactly what that is still fairly murky. There have been a number of rumors that CISPA supporters have been "negotiating" with the White House, and that could mean tradeoffs that allow a bad bill to get through. This is something that needs to be watched carefully.
https://www.techdirt.com/articles/20...hreshold.shtml





Obama Discusses Computer Security With Corporate Chiefs
Michael D. Shear and Nicole Perlroth

President Obama met with an invited group of 13 chief executives at the White House on Wednesday to discuss growing concerns about cybersecurity and enlist them to get behind his proposed legislation to combat the threat of computer warfare and corporate espionage.

Among those present were Rex Tillerson of Exxon Mobil, Randall Stephenson of AT&T, Wesley Bush of Northrop Grumman, Brian Moynihan of Bank of America, and Jamie Dimon of JPMorgan Chase, which had been attacked by foreign hackers as recently as Tuesday.

White House officials said the meeting in the White House Situation Room was designed as a “two-way” information exchange. Aides said Mr. Obama wanted to hear directly from industry leaders about how vulnerable their companies were to computer attacks. The president also wanted to discuss efforts the government is taking to address threats.

“He has seen as various corporations and business leaders have gone public with their concerns about cybersecurity and the effects of breaches of cybersecurity on their operations,” said Jay Carney, the White House press secretary.

In recent weeks, Apple, Twitter, Facebook, The Washington Post, The Wall Street Journal and The New York Times have all stepped forward to say that their computer systems had been attacked. And since September, online banking sites of several American banks have been intermittently pulled offline by attacks that officials say originated in Iran.

But the president is also looking to drum up public support as he makes a renewed push for legislation that would give the administration new technological tools and broader authority in the battle against computer attacks by foreign governments. The president’s previous bill was killed by a Republican filibuster last year after intensive lobbying by the United States Chamber of Commerce and other business groups, which argued that the legislation would prove onerous.

“He also wants to convey to them how seriously he takes this issue and what he believes the right steps are moving forward,” Mr. Carney said. “And he certainly hopes that out of this meeting and the many others he has on this topic, that we will build the kind of consensus necessary to compel Congress to take appropriate action.”

The meeting Wednesday, which also included chief executives from American Electric Power, Xerox, Marathon Oil, Honeywell, United Parcel Service, ITT Exelis, Siemens and Frontier Communications, was just the latest step in the administration’s campaign to persuade Congress to pass a computer security bill.

In recent months, several senior administration officials — including Janet Napolitano, the secretary of homeland security; Robert S. Mueller III, the director of the Federal Bureau of Investigation; and Gen. Martin E. Dempsey, the chairman of the Joint Chiefs of Staff — have provided closed-door briefings to members of Congress about the threat.

As a stopgap measure, the president signed an executive order last month that promotes increased the sharing of information between the government and private companies.

The president has also been making his case directly to the public in speeches and media appearances in recent months. In his State of the Union speech, Mr. Obama spent more time on the topic of computer attacks than he did on North Korea and Iran combined.

In an interview on ABC News broadcast on Wednesday, Mr. Obama was careful to avoid saying that the United States is engaged in a computer war with China. He said officials need to “be careful with war analogies” in discussions about the topics.

But the president said that billions of dollars are lost when industrial secrets are stolen online. And he said that some of the attacks on the nation’s private and public computer networks are sponsored by foreign governments.

“Our companies are put into competitive disadvantage. You know, there are disruptions to our systems that, you know, involve everything from our financial systems to some of our infrastructure,” Mr. Obama said. “And this is why I’ve taken some very aggressive executive actions. But we need Congress to act.”

He said that the government is limited in what it can do to confront China and other sponsors of computer attacks. And he said the government needs the authority to require that critical infrastructure in the country is hardened against such attacks.

“There are ways that we can harden our critical infrastructure, our financial sector,” Mr. Obama said. “And the only thing that’s holding us back from doing that right now is we haven’t gotten the legislative authority out of Congress. They need to get this done.”
http://bits.blogs.nytimes.com/2013/0...porate-chiefs/





EXCLUSIVE - U.S. to Let Spy Agencies Scour Americans' Finances
Emily Flitter and Stella Dawson and Mark Hosenball

The Obama administration is drawing up plans to give all U.S. spy agencies full access to a massive database that contains financial data on American citizens and others who bank in the country, according to a Treasury Department document seen by Reuters.

The proposed plan represents a major step by U.S. intelligence agencies to spot and track down terrorist networks and crime syndicates by bringing together financial databanks, criminal records and military intelligence. The plan, which legal experts say is permissible under U.S. law, is nonetheless likely to trigger intense criticism from privacy advocates.

Financial institutions that operate in the United States are required by law to file reports of "suspicious customer activity," such as large money transfers or unusually structured bank accounts, to Treasury's Financial Crimes Enforcement Network (FinCEN).

The Federal Bureau of Investigation already has full access to the database. However, intelligence agencies, such as the Central Intelligence Agency and the National Security Agency, currently have to make case-by-case requests for information to FinCEN.

The Treasury plan would give spy agencies the ability to analyze more raw financial data than they have ever had before, helping them look for patterns that could reveal attack plots or criminal schemes.

The planning document, dated March 4, shows that the proposal is still in its early stages of development, and it is not known when implementation might begin.

Financial institutions file more than 15 million "suspicious activity reports" every year, according to Treasury. Banks, for instance, are required to report all personal cash transactions exceeding $10,000, as well as suspected incidents of money laundering, loan fraud, computer hacking or counterfeiting.

"For these reports to be of value in detecting money laundering, they must be accessible to law enforcement, counter-terrorism agencies, financial regulators, and the intelligence community," said the Treasury planning document.

A Treasury spokesperson said U.S. law permits FinCEN to share information with intelligence agencies to help detect and thwart threats to national security, provided they adhere to safeguards outlined in the Bank Secrecy Act. "Law enforcement and intelligence community members with access to this information are bound by these safeguards," the spokesperson said in a statement.

Some privacy watchdogs expressed concern about the plan when Reuters outlined it to them.

A move like the FinCEN proposal "raises concerns as to whether people could find their information in a file as a potential terrorist suspect without having the appropriate predicate for that and find themselves potentially falsely accused," said Sharon Bradford Franklin, senior counsel for the Rule of Law Program at the Constitution Project, a non-profit watchdog group.

Despite these concerns, legal experts emphasize that this sharing of data is permissible under U.S. law. Specifically, banks' suspicious activity reporting requirements are dictated by a combination of the Bank Secrecy Act and the USA PATRIOT Act, which offer some privacy safeguards.

National security experts also maintain that a robust system for sharing criminal, financial and intelligence data among agencies will improve their ability to identify those who plan attacks on the United States.

"It's a war on money, war on corruption, on politically exposed persons, anti-money laundering, organized crime," said Amit Kumar, who advised the United Nations on Taliban sanctions and is a fellow at the Democratic think tank Center for National Policy

SUSPICIOUS ACTIVITY

The Treasury document outlines a proposal to link the FinCEN database with a computer network used by U.S. defense and law enforcement agencies to share classified information called the Joint Worldwide Intelligence Communications System.

The plan calls for the Office of the Director of National Intelligence - set up after 9/11 to foster greater collaboration among intelligence agencies - to work with Treasury. The Director of National Intelligence declined to comment.

More than 25,000 financial firms - including banks, securities dealers, casinos, and money and wire transfer agencies - routinely file "suspicious activity reports" to FinCEN. The requirements for filing are so strict that banks often over-report, so they cannot be accused of failing to disclose activity that later proves questionable. This over-reporting raises the possibility that the financial details of ordinary citizens could wind up in the hands of spy agencies.

Stephen Vladeck, a professor at American University's Washington College of Law, said privacy advocates have already been pushing back against the increased data-sharing activities between government agencies that followed the September 11 attacks.

"One of the real pushes from the civil liberties community has been to move away from collection restrictions on the front end and put more limits on what the government can do once it has the information," he said.

(Reporting by Emily Flitter in New York, Stella Dawson and Mark Hosenball in Washington; Editing by Tiffany Wu and Leslie Gevirtz)
http://www.reuters.com/article/2013/...92C0EH20130313





SXSW: Al Gore Talks Surveillance Culture, Spider Goats

Al Gore’s SXSW discussion touched on everything from high-speed trading to apps that delete conversations.
Nick Kolakowski

Former vice president Al Gore sat down with Wall Street Journal columnist Walt Mossberg at this year’s SXSW conference to talk about the future—specifically, what Gore sees as the dangers and opportunities awaiting the planet for the next few years.

One aspect of those dangers, as delineated in Gore’s new book “The Future: Six Drivers of Global Change,” comes from the use of sophisticated algorithms to trade financial commodities at superhuman speeds. “The high-speed trading is one detail that I think should be regulated much more tightly, and regulators in several countries are moving to do that,” he told Mossberg. “They’re into milliseconds now.” A millisecond of high-speed trades, he added, has a value of untold millions of dollars.

Nonetheless, that type of lighting-fast trading has become increasingly ubiquitous on Wall Street over the past few years. After all, why let a human being make a big bet on a single stock when a machine can digest massive quantities of financial data and make tons of money off millisecond trades? But the software behind those speedy transactions has been blamed for some bizarre market activity over the past few years, including “Flash Crash” in May 2010.

Super-fast algorithms are part of what Gore sees as a radical change in how human beings interact with their computer systems—loaded with opportunity, but also fraught with potential dangers.

In a similar vein, Gore also suggested (both onstage, and evidently in his new book) that the relationships between political entities, the military, and the citizenry are undergoing dramatic change—a cause for much potential trouble, if it leads to social instability. The flow of money into the U.S. political system, he argued, and the need by politicians to fundraise has led to special interests gaining undue power.

“Our democracy has been hacked,” Gore told his audience, referring to the U.S. Constitution as “our operating system.” While there’s never been a “golden age” of American Democracy, he added, the perils emerging today are new. “If a Congressman or Senator has to spend five hours a day begging special interests or rich people for money,” he said, they’ll be more concerned about how what they’re saying will appeal to those interests—rather than their constituents.

Gore also drilled down into what he referred to as the “stalker economy.” The rise of apps such as SnapChat, which allows smartphone users to control how long friends can view messages, is emblematic of people reaching the “gag point” with pervasive recording and surveillance by government and business.

“The government is about to complete this two-billion-dollar facility in Utah that can sweep up everything” from phone calls to emails, he lamented. “And the Supreme Court just ruled you can’t sue…”

Gore also railed against genetic engineering, including Spider Goats, which are goats with spliced spider DNA that allows them to secrete spider silk along with their milk. The goats breed, extending that trait to future generations. Gore sees such things as a case of science run amok, alternately creepy and scary.

Gore’s book touches on numerous other issues confronting the Earth, including the climate change that has become his pet cause over the past decade. Sounding much more like a firebrand than during his politician days, Gore made it clear to the SXSW audience that he intends on speaking about all those issues for quite some time to come.
https://slashdot.org/topic/bi/sxsw-a...-spider-goats/





The Internet is a Surveillance State
Bruce Schneier

I'm going to start with three data points.

One: Some of the Chinese military hackers who were implicated in a broad set of attacks against the U.S. government and corporations were identified because they accessed Facebook from the same network infrastructure they used to carry out their attacks.

Two: Hector Monsegur, one of the leaders of the LulzSac hacker movement, was identified and arrested last year by the FBI. Although he practiced good computer security and used an anonymous relay service to protect his identity, he slipped up.

And three: Paula Broadwell,who had an affair with CIA director David Petraeus, similarly took extensive precautions to hide her identity. She never logged in to her anonymous e-mail service from her home network. Instead, she used hotel and other public networks when she e-mailed him. The FBI correlated hotel registration data from several different hotels -- and hers was the common name.

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period.

Increasingly, what we do on the Internet is being combined with other data about us. Unmasking Broadwell's identity involved correlating her Internet activity with her hotel stays. Everything we do now involves computers, and computers produce data as a natural by-product. Everything is now being saved and correlated, and many big-data companies make money by building up intimate profiles of our lives from a variety of sources.

Facebook, for example, correlates your online behavior with your purchasing habits offline. And there's more. There's location data from your cell phone, there's a record of your movements from closed-circuit TVs.

This is ubiquitous surveillance: All of us being watched, all the time, and that data being stored forever. This is what a surveillance state looks like, and it's efficient beyond the wildest dreams of George Orwell.

Sure, we can take measures to prevent this. We can limit what we search on Google from our iPhones, and instead use computer web browsers that allow us to delete cookies. We can use an alias on Facebook. We can turn our cell phones off and spend cash. But increasingly, none of it matters.

There are simply too many ways to be tracked. The Internet, e-mail, cell phones, web browsers, social networking sites, search engines: these have become necessities, and it's fanciful to expect people to simply refuse to use them just because they don't like the spying, especially since the full extent of such spying is deliberately hidden from us and there are few alternatives being marketed by companies that don't spy.

This isn't something the free market can fix. We consumers have no choice in the matter. All the major companies that provide us with Internet services are interested in tracking us. Visit a website and it will almost certainly know who you are; there are lots of ways to be tracked without cookies. Cellphone companies routinely undo the web's privacy protection. One experiment at Carnegie Mellon took real-time videos of students on campus and was able to identify one-third of them by comparing their photos with publicly available tagged Facebook photos.

Maintaining privacy on the Internet is nearly impossible. If you forget even once to enable your protections, or click on the wrong link, or type the wrong thing, and you've permanently attached your name to whatever anonymous service you're using. Monsegur slipped up once, and the FBI got him. If the director of the CIA can't maintain his privacy on the Internet, we've got no hope.

In today's world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect -- occasionally demanding that they collect more and save it longer -- to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they're not going to give up their positions of power, despite what the people want.

Fixing this requires strong government will, but they're just as punch-drunk on data as the corporations. Slap-on-the-wrist fines notwithstanding, no one is agitating for better privacy laws.

So, we're done. Welcome to a world where Google knows exactly what sort of porn you all like, and more about your interests than your spouse does. Welcome to a world where your cell phone company knows exactly where you are all the time. Welcome to the end of private conversations, because increasingly your conversations are conducted by e-mail, text, or social networking sites.

And welcome to a world where all of this, and everything else that you do or is done on a computer, is saved, correlated, studied, passed around from company to company without your knowledge or consent; and where the government accesses it at will without a warrant.

Welcome to an Internet without privacy, and we've ended up here with hardly a fight.
http://www.cnn.com/2013/03/16/opinio...nce/index.html





Google Concedes That Drive-by Prying Violated Privacy
David Streitfeld

Google on Tuesday acknowledged to state officials that it had violated people’s privacy during its Street View mapping project when it casually scooped up passwords, e-mail and other personal information from unsuspecting computer users.

In agreeing to settle a case brought by 38 states involving the project, the search company for the first time is required to aggressively police its own employees on privacy issues and to explicitly tell the public how to fend off privacy violations like this one.

While the settlement also included a tiny — for Google — fine of $7 million, privacy advocates and Google critics characterized the overall agreement as a breakthrough for a company they say has become a serial violator of privacy.

Complaints have led to multiple enforcement actions in recent years and a spate of worldwide investigations into the way the mapping project also collected the personal data of private computer users.

“Google puts innovation ahead of everything and resists asking permission,” said Scott Cleland, a consultant for Google’s competitors and a consumer watchdog whose blog maintains a close watch on Google’s privacy issues. “But the states are throwing down a marker that they are watching and there is a line the company shouldn’t cross.”

The agreement paves the way for a major privacy battle over Google Glass, the heavily promoted wearable computer in the form of glasses, Mr. Cleland said. “If you use Google Glass to record a couple whispering to each other in Starbucks, have you violated their privacy?” he asked. “Well, 38 states just said they have a problem with the unauthorized collection of people’s data.”

George Jepsen, the Connecticut attorney general who led the states’ investigation, said that he was hopeful the settlement would produce a new Google.

“This is the industry giant,” he said. “It is committing to change its corporate culture to encourage sensitivity to issues of personal data privacy.”

The applause was not universal, however. Consumer Watchdog, another privacy monitor and frequent Google critic, said that “asking Google to educate consumers about privacy is like asking the fox to teach the chickens how to ensure the security of their coop.”

Niki Fenwick, a Google spokeswoman, said on Tuesday that “we work hard to get privacy right at Google, but in this case we didn’t, which is why we quickly tightened up our systems to address the issue.”

Last summer, the Federal Trade Commission fined Google $22.5 million for bypassing privacy settings in the Safari browser, the largest civil penalty ever levied by the F.T.C. In 2011, Google agreed to be audited for 20 years by the F.T.C. after it admitted to using deceptive tactics when starting its Buzz social network. That agreement included several rather vague privacy provisions.

The new settlement, which requires Google to set up a privacy program within six months, is more specific. Among its requirements, Google must hold an annual privacy week event for employees. It also must make privacy certification programs available to select employees, provide refresher training for its lawyers overseeing new products and train its employees who deal with privacy matters.

Several provisions involve outreach. Google must create a video for YouTube explaining how people can easily encrypt their data on their wireless networks and run a daily online ad promoting it for two years. It must run educational ads in the biggest newspapers in the 38 participating states, which besides Connecticut also include New York, New Jersey, Massachusetts, California, Ohio and Texas.

“There are minimum benchmarks Google has to meet,” said Matthew Fitzsimmons, an assistant Connecticut attorney general who negotiated with the company. “This will impact how Google rolls out products and services in the future.”

Marc Rotenberg of the Electronic Privacy Information Center said the agreement was “a significant privacy decision by the state attorneys general,” adding that “it shows the ongoing importance of the states’ A.G.’s in protecting the privacy rights of Internet users.”

The Street View case arose out of Google’s deployment of special vehicles to photograph the houses and offices lining the world’s avenues and boulevards and lanes. For several years, the company also secretly collected personal information — e-mail, medical and financial records, passwords — as it cruised by. It was data-scooping from millions of unencrypted wireless networks.

A worldwide uproar and investigations in at least a dozen countries ensued. An Australian regulator, Stephen Conroy, called it “probably the single greatest breach in the history of privacy.” Google initially denied any data had been collected from unknowing individuals, then sought to play down what data had been collected and fought with regulators who wanted to examine it. Google said the data had been destroyed, although it turned out some had not been. Some data was purged, but Google is holding the rest until several private lawsuits are resolved.

The company blamed a rogue engineer for the operation. But the Federal Communications Commission said the engineer had worked with others and had tried to tell his superiors what he was doing. He was less a rogue than simply unsupervised, the agency said. The F.C.C. last spring fined Google $25,000 for obstructing its investigation.

In the last several years, Google has repeatedly said it was strengthening its privacy monitoring, adding layers of oversight and controls. For the states, however, those assurances were not quite enough.

“We obviously thought there was more they could do,” said Mr. Fitzsimmons, the assistant Connecticut attorney general. An executive committee of attorneys general will monitor Google for compliance. The $7 million fine is pocket change for Google, which has a net income of about $32 million a day.

“It is the public opprobrium, not the money, that counts in these cases,” said David Vladeck, a professor of law at Georgetown University who formerly directed the F.T.C.’s Bureau of Consumer Protection. “And I think people were rightly unhappy with Google’s collecting the information in the first place and then Google’s lame explanation.”

Regulators in Germany pursued Google aggressively in the case, but closed their investigation in November without bringing charges. That seemed to end the matter until this week. Few outside observers expected the states’ efforts to amount to much.

The inquiry began in June 2010. Richard Blumenthal, then Connecticut’s attorney general, said his office would lead a multistate investigation into what he called “Google’s deeply disturbing invasion of personal privacy.” In December 2010, Mr. Blumenthal — about to become Connecticut’s junior senator — issued a civil investigative demand, equivalent to a subpoena, to get the data. Google never provided it. “That issue was resolved by their admission they had gathered the kinds of data we had alleged they were gathering,” said Mr. Jepsen, the attorney general.

In any case, he said, “what mattered was Google admitted they weren’t just taking pictures.”

Kevin O’Brien contributed reporting from Berlin.
https://www.nytimes.com/2013/03/13/t...cy-breach.html





Facebook Users Unwittingly Revealing Intimate Secrets, Study Finds

Personal information including sexuality and drug use can be correctly inferred from public 'like' updates, according to study
Josh Halliday

Facebook users are unwittingly revealing intimate secrets – including their sexual orientation, drug use and political beliefs – using only public "like" updates, according to a study of online privacy.

The research into 58,000 Facebook users in the US found that sensitive personal characteristics about people can be accurately inferred from information in the public domain.

Researchers were able to accurately infer a Facebook user's race, IQ, sexuality, substance use, personality or political views using only a record of the subjects and items they had "liked" on Facebook – even if users had chosen not to reveal that information.

The study will reopen the debate about privacy in the digital age and raise fresh concerns about what information people share online.

Michal Kosinski, one of the academics behind the study, said he believed Facebook users would be "spooked" by the findings and called for regulatory intervention by politicians.

"The important point is that, on one hand, it is good that people's behaviour is predictable because it means Facebook can suggest very good stories on your news feed," said Kosinski, the lead Cambridge University analyst who worked with Microsoft Research on the study, published in the Proceedings of the National Academy of Sciences (PNAS) journal.

"But what is shocking is that you can use the same data to predict your political views or your sexual orientation. This is something most people don't realise you can do."

He warned that certain information – such as sexuality or religious views – could pose threats to internet users' safety if it got into the wrong hands. "Everyone carries around their Facebook 'likes', their browsing history and their search history, trusting corporations that it will be used to predict their movies or music tastes," Kosinski said.

"But if you ask about governments, I am not sure people would like them to predict things like religion or sexuality, especially in less peaceful or illiberal countries."

The researchers used computer software to predict personality traits, but said the same information could be collected by anyone with training in data analysis. They were able to draw "surprisingly accurate" findings about people by aggregating swaths of seemingly innocuous "likes", such as TV shows and movies.

They said they were able to predict whether men were homosexual with 88% accuracy by their likes of Facebook pages such as "Human Rights Campaign" and "Wicked the Musical" – even if those users had not explicitly shared their sexuality on the site. Fewer than 5% of the homosexual participants in the study clicked obvious Likes, such as "Gay Marriage", researchers said.

Computer software inferred with 88% accuracy whether a male Facebook user was homosexual or heterosexual – even if that person chose not to explicitly reveal that information. It had a 75% accuracy rate for predicting drug use among Facebook users, analysing only public "like" updates. The findings will reignite concerns over how much private companies and governments know about internet users through their online habits.

"I hope internet users will change their ways and choose products and services that respect their privacy," said Kosinski. "Companies like Microsoft and Facebook depend on users willing to use their service – but this is limited when it comes to Facebook because 1 billion people use it."

Online sites such as Facebook should be forced by regulation to inform users that deeply private information may be gleaned about them using the same technology that recommends films and music, he added.

The findings come shortly after Facebook announced a partnership with four of the world's biggest data brokers aimed at improving targeted advertising on the site. The move means Facebook can target ads to its users based on their online and offline activity, including their location and high street shopping habits.

Facebook declined to comment.
http://www.guardian.co.uk/technology...timate-secrets





Tie My Netflix Account to Facebook? No Thanks
John Paul Titlow

Netflix's long-delayed integration with Facebook is here. This week, the company will roll out the option to customers in the U.S., where the archaic Video Privacy Act was recently amended to permit this type of feature. The integration is not as annoying as it could be, but I'm going to sit this one out.

First, the upside: It's great that Netflix was able to get an outdated law changed to remove an illogical stumbling block to innovation. If only it was always so easy. And in theory, I see why showing me my friends' recently-viewed movies could have some value. On a basic level, this feature makes sense.

Netflix also deserves some credit for limiting the integration so that it doesn't barf my entire viewing history onto Facebook by default. I have to explicitly tell Netflix that I'd like to be that obnoxious. Instead, it uses Facebook's social graph to help recommend shows and movies within Netflix itself.

But do we need more frictionless sharing?

Here's something nobody ever says: "I really love the way I can see everything my friends are listening to on Spotify via Facebook." They might say, "My friend posted a YouTube video of this awesome new song" or "I noticed everybody was posting about this new album, so I checked it out." There are a few problems with this model.

I Don't Want To Share Everything

Not every detail is worthy of sharing, because not every detail is important. If I watch five minutes of a movie to see if I like it, it shouldn't get the same social vote as my all-time favorites.

Netflix has much more valuable data than simply "John Paul watched Arrested Development." It knows about my historical viewing habits, informed in part by ratings and preferences I've explicitly declared. That's much more insightful than whether or not I clicked the play button. Hopefully these signals will find their way into Netflix's social integration in time (if they're not lurking under the hood already).

Sometimes we like to indulge in things that we wouldn't necessarily tell the world about, just like I might occasionally blast "This is How We Do It" by Montell Jordan on Spotify in the middle of my workday when nobody's around. (Now you know). On Netflix, you'll be able to opt out of sharing on a video-by-video basis, which is smart.

But I still think sharing should be an opt-in experience, not an opt-out one. Something should be important enough for me to *want* to share it and then willingly expend the effort required to do so. I shouldn't have to stop before playing each video and think, "Wait, do I want to *not* share this?" If we have to think a thought like that, we're probably sharing way too much.

I'm Not The Only One Who Uses My Netflix Account

Chances are, you're not the only person watching TV shows and movies on your Netflix account. I know I'm not. If my roommate is binging on Keeping Up With the Kardashians, do you really want me to auto-recommend shows to you?

A roommate is one thing, but what about an entire family? As Techcrunch's Sarah Perez writes, anybody who connected to her via Facebook and Netflix is going to see a lot of Dora the Explorer, Tinker Bell and Sesame Street, because that's what her young daughter likes to watch. The more crowded your household is, the less useful this data becomes.

Thankfully, Netflix is working on personalized profiles to help solve this problem, but they're not ready yet. Until that feature launches, this one is going to be decidedly imperfect.

I Already Know What My Friends Like, Because We Talk To Each Other

With or without Facebook, television and movies are already an inherently social type of content: We watch them with friends and family and we talk about them in social gatherings. I already know what my friends like, because we're human beings who, despite heroin-grade addictions to technology, still talk to each other face-to-face.

Seriously, I feel like I have a pretty good idea of the shows and movies that people I know like, with or without an algorithm. It's entirely possible Netflix could dig up some gem via Facebook's social graph, but if it's worth watching, I'm sure I'll come across it eventually. Besides, I don't know about your queue, but mine is perpetually overloaded.

Doesn't Facebook Already Know Enough About Us?

Companies like Facebook already know so much about us. Do we really need to funnel more data about our lives onto their servers?

I realize this is just an inevitable feature of our digital world and that I should suck it up. And usually, I do. Google knows even more about me than Facebook. I willingly hand over all that data, but it's getting to the point where if divulging a new set of data about myself to some company isn't going to add a significant and obvious value to my life, I'm going to skip it.

Of course, I'm already surrendering this information to Netflix by using their service in the first place. But my relationship with them is clear: I pay $8 per month and I get to stream whatever content they're offering. They use data about me to improve the experience, and I happily keep shelling out that money.

With Facebook, it's less clear. I joined without much thought eight years ago, am vaguely addicted to it and constantly wonder how much value I'm really getting out of the service. It weirds me out sometimes. I think about quitting.

It's also still forging its business model. It won't rely on subscription fees, but instead will find a way to turn that data about me into dollars. That's fine, in theory, but I don't know exactly how they'll do it or if I trust them in general.
http://readwrite.com/2013/03/13/tie-...book-no-thanks





Financial Info On Celebs, Officials Leaked Online
Anthony McCartney and Tami Abdollah

Authorities and celebrities were grappling with how to respond to a website that posted what appears to be private financial information about top government officials and stars such as Jay-Z and Mel Gibson.

The Justice Department said Monday the FBI was investigating how the Social Security number, address and a credit report of FBI Director Robert Mueller ended up on the site. The site also posted the same information about Los Angeles Police Chief Charlie Beck, and the department said it was investigating the matter.

In addition to Jay-Z and Gibson, other targeted stars included Beyonce, Ashton Kutcher, Kim Kardashian and Paris Hilton. Info posted about Vice President Joe Biden and former Secretary of State Hillary Clinton did not include credit reports but included addresses and other sensitive information.

Social Security numbers posted on Jay-Z, Gibson and others matched records in public databases.

The site, which bears an Internet suffix originally assigned to the Soviet Union, expanded throughout the day Monday to add entries on Britney Spears, former vice presidential candidate Sarah Palin and others.

The site did not state how the information was obtained or why the people targeted on the site were selected, describing the records only as "secret files." A Twitter profile linked to the site and created after its existence was first reported by celebrity website TMZ included an anti-police message in Russian.

Several of the purported credit reports appear to have been generated last week.

Representatives of those targeted either declined to comment on the accuracy of the information that was posted, or they did not return messages seeking comment.

Los Angeles police Cmdr. Andrew Smith said the LAPD was investigating the posting of Beck's information and would also investigate the posting of info on any celebrities who live in the city and request an inquiry.

He said confidential information on top police officials has been posted online at least twice before.

"People get mad at us, go on the Internet and try to find information about us, and post it all on one site," Smith said.

"The best word I can use to describe it is creepy," he said about the practice known as doxxing. "It's a creepy thing to do."

Frank Preciado, assistant officer in charge at the LAPD online section, said the postings are also illegal. He said the information was likely taken from what is supposed to be a secure database of city employees.

Several of the pages featured unflattering pictures of the celebrities or government officials whose information was posted.

The site's page on Beck includes a taunting reference to former officer Christopher Dorner, who apparently committed suicide after he killed four people during a multi-day rampage. Beck's page included the message "(hash)YouCantCornerTheDorner" and an image of a woman protesting police corruption.

While government officials often have to disclose details on their finances — and celebrity divorces sometimes feature public financial data — the information posted online exceeds those disclosures.

Social Security numbers are rarely included in public records anymore because they can be used for identity theft.
http://www.newstimes.com/business/te...ne-4346020.php





Reporters Without Borders Slams Five Nations for Spying On Media, Activists

Reporters Without Borders named five countries that regularly spy on journalists and dissidents, a practice the group contends is made possible with advanced technology from private companies.

The Paris-based group, which is an international advocate for press freedom, labeled Syria, China, Iran, Bahrain and Vietnam as "enemies of the internet" in a new report for their alleged increased online surveillance.

The group timed the release of its report with the World Day Against Cyber Censorship, and said that around 180 people are imprisoned worldwide for delivering news online.

"Surveillance in these countries targets dissidents and has grown in recent months," RSF said. "Cyberattacks and intrusions, including the use of malware against dissidents and their networks, are on the increase."

RSF charged the surveillance is made possible through equipment supplied by technology companies, including Gamma International, Trovicor, Hacking Team, Amesys and Blue Coat Systems. The companies should know their products could be misused if sold to certain countries, RSF said.

And if their products were sold by an intermediary, "their failure to keep track of the exports of their own software means they did not care if their technology was misused and did not care about the vulnerability of those who defend human rights," RSF said.

The group called for the introduction of controls around the export of surveillance tools. It praised the U.S. and European Union for banning the export of spying software to Iran and Syria, but said there should be a more harmonized approach.

RSF said the types of products the companies produce fall into two categories: equipment used for large-scale monitoring of Internet activity and spyware, used for targeting individuals.

Efforts to reach some of the companies were not immediately successful. Blue Coat, based in the U.S., has been repeatedly criticized since the company admitted in late 2011 that some of its Web-filtering products ended up in Syria despite a U.S. embargo.

RSF sent a set of questions to Blue Coat on March 7 regarding its sales policies. Blue Coat provided its answers to RSF to IDG News Service, saying it is conducting a review this year of its procedures "to review what further steps we can take to limit misuse of our products."

"We do not design our products, or condone their use, to suppress human rights," the company told RSF.

Gamma International, based in the U.K. and Germany, develops an interception tool intended for law enforcement called FinFisher. Gamma contested findings last year from researchers that FinFisher had been sold to Bahrain's government to target activists.

Trovicor, based in Munich, Germany, and Hacking Team, based in Milan, Italy, both make interception-related software. Amesys of France was found to have sold its EAGLE software, which analyzes Web traffic, to Libya during the Gaddafi regime, RSF said in its report.

RSF said that in general spying software can access hard disks, recover passwords and access messages on instant-messaging platforms as well as monitor VOIP (voice over Internet protocol) conversations.

The tools have legitimate purposes for fighting cybercrime, but when used by authoritarian regimes "can be turned into formidable censorship and surveillance weapons against human rights defenders and independent news providers."

"The lack of legislation and oversight of trade in these 'digital weapons' allows authoritarian governments to identify critical journalists and citizen journalists and go after them," RSF said.

RSF has published an "online survival kit" with tools and tips for activists and journalists to better safeguard their privacy.

Even RSF itself has proved a target. In January, the group's website was hacked and rigged to attack the computers of people visiting the site. Hackers often target websites that attract a particular type of visitor.
https://www.pcworld.com/article/2030...activists.html





Federal Judge Finds National Security Letters Unconstitutional, Bans Them
Kim Zetter

Ultra-secret national security letters that come with a gag order on the recipient are an unconstitutional impingement on free speech, a federal judge in California ruled in a decision released Friday.

U.S. District Judge Susan Illston ordered the government to stop issuing so-called NSLs across the board, in a stunning defeat for the Obama administration’s surveillance practices. She also ordered the government to cease enforcing the gag provision in any other cases. However, she stayed her order for 90 days to give the government a chance to appeal to the Ninth Circuit Court of Appeals.

“We are very pleased that the Court recognized the fatal constitutional shortcomings of the NSL statute,” said Matt Zimmerman, senior staff attorney for the Electronic Frontier Foundation, which filed a challenge to NSLs on behalf of an unknown telecom that received an NSL in 2011. “The government’s gags have truncated the public debate on these controversial surveillance tools. Our client looks forward to the day when it can publicly discuss its experience.”

The telecommunications company received the ultra-secret demand letter in 2011 from the FBI seeking information about a customer or customers. The company took the extraordinary and rare step of challenging the underlying authority of the National Security Letter, as well as the legitimacy of the gag order that came with it.

Both challenges are allowed under a federal law that governs NSLs, a power greatly expanded under the Patriot Act that allows the government to get detailed information on Americans’ finances and communications without oversight from a judge. The FBI has issued hundreds of thousands of NSLs over the years and has been reprimanded for abusing them — though almost none of the requests have been challenged by the recipients.

After the telecom challenged the NSL, the Justice Department took its own extraordinary measure and sued the company, arguing in court documents that the company was violating the law by challenging its authority.

The move stunned EFF at the time.

“It’s a huge deal to say you are in violation of federal law having to do with a national security investigation,” Zimmerman told Wired last year. “That is extraordinarily aggressive from my standpoint. They’re saying you are violating the law by challenging our authority here.”

The case is a significant challenge to the government and its efforts to obtain documents in a manner that the EFF says violates the First Amendment rights of free speech and association.

In her ruling, Judge Illston agreed, saying that the NSL nondisclosure provisions “significantly infringe on speech regarding controversial government powers.”

She noted that the telecom had been “adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate” on the government’s use of the letters.

She also said that the review process for challenging an order violated the separation of powers. Because these provisions cannot be separated from the rest of the statute, Illston ruled that the entire statute was unconstitutional.

Illston found that although the government made a strong argument for prohibiting the recipients of NSLs from disclosing to the target of an investigation or the public the specific information being sought by an NSL, the government did not provide compelling argument that the mere fact of disclosing that an NSL was received harmed national security interests.

A blanket prohibition on disclosure, she found, was overly broad and “creates too large a danger that speech is being unnecessarily restricted.” She noted that 97 percent of the more than 200,000 NSLs that have been issued by the government were issued with nondisclosure orders.

Number of NSLs Issued by FBI

2003 39,346
2004 56,507
2005 47,221
2006 49,425
2007 16,804
2008 24,744
2009 14,788
2010 24,287
2011 16,511

(Source: DoJ reports)

She also noted that since the gag order on NSL’s is indefinite — unless a recipient files a petition with the court asking it to modify or set aside the nondisclosure order — it amount to a “permanent ban on speech absent the rare recipient who has the resources and motivation to hire counsel and affirmatively seek review by a district court.”

It’s only the second time that such a serious and fundamental challenge to NSLs has arisen. The first occurred around an NSL that was sent in 2005 to Library Connection, a consolidated back office system for several libraries in Connecticut. The gag order was challenged and found to be unconstitutional because it was a blanket order and was automatic. As a result of that case, the government revised the statute to allow recipients to challenge the gag order. Illston found that unconstitutional as well in her ruling this week because of restrictions around how they could challenge the NSL.

In 2004, another case also challenged a separate aspect of the NSL. This one involved a small ISP owner named Nicholas Merrill, who challenged an NSL seeking info on an organization that was using his network. He asserted that customer records were constitutionally protected information.

But that issue never got a chance to play out in court before the government dropped its demand for documents.

With this new case, civil libertarians are getting a second opportunity to fight NSLs head-on in court.

NSLs are written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more.

NSLs are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL. An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the Special Agent in Charge of their office. The FBI has to merely assert that the information is “relevant” to an investigation into international terrorism or clandestine intelligence activities.

The lack of court oversight raises the possibility for extensive abuse of NSLs under the cover of secrecy, which the gag order only exacerbates. In 2007 a Justice Department Inspector General audit found that the FBI had indeed abused its authority and misused NSLs on many occasions. After 9/11, for example, the FBI paid multimillion-dollar contracts to AT&T and Verizon requiring the companies to station employees inside the FBI and to give these employees access to the telecom databases so they could immediately service FBI requests for telephone records. The IG found that the employees let FBI agents illegally look at customer records without paperwork and even wrote NSLs for the FBI.

Before Merrill filed his challenge to NSLs in 2004, ISPs and other companies that wanted to challenge NSLs had to file suit in secret in court – a burden that many were unwilling or unable to assume. But after he challenged the one he received, a court found that the never-ending, hard-to-challenge gag orders were unconstitutional, leading Congress to amend the law to allow recipients to challenge NSLs more easily as well as gag orders.

Now companies can simply notify the FBI in writing that they oppose the gag order, leaving the burden on the FBI to prove in court that disclosure of an NSL would harm a national security case. The case also led to changes in Justice Department procedures. Since Feb. 2009, NSLs must include express notification to recipients that they have a right to challenge the built-in gag order that prevents them from disclosing to anyone that the government is seeking customer records.

Few recipients, however, have ever used this right to challenge the letters or gag orders.

The FBI has sent out nearly 300,000 NSLs since 2000, about 50,000 of which have been sent out since the new policy for challenging NSL gag orders went into effect. Last year alone, the FBI sent out 16,511 NSLs requesting information pertaining to 7,201 U.S. persons, a technical term that includes citizens and legal aliens.

But in a 2010 letter from Attorney General Eric Holder to Senator Patrick Leahy (D-Vermont), Holder said that there had “been only four challenges,” and those involved challenges to the gag order, not to the fundamental legality of NSLs. At least one other challenge was filed earlier this year in a secret case revealed by Wired. But the party in that case challenged only the gag order, not the underlying authority of the NSL.

When recipients have challenged NSLs, the proceedings have occurred mostly in secret, with court documents either sealed or redacted heavily to cover the name of the recipient and other identifying details about the case.

The latest case is remarkable then for a number of reasons, among them the fact that a telecom challenged the NSL in the first place, and that EFF got the government to agree to release some of the documents to the public, though the telecom was not identified in them. The Wall Street Journal, however, used details left in the court records, and narrowed the likely plaintiffs down to one, a small San-Francisco-based telecom named Credo. The company’s CEO, Michael Kieschnick, didn’t confirm or deny that his company is the unidentified recipient of the NSL.

The case began sometime in 2011, when Credo or another telecom received the NSL from the FBI.

EFF filed a challenge on behalf of the telecom (.pdf) in May that year on First Amendment grounds, asserting first that the gag order amounted to unconstitutional prior restraint and, second, that the NSL statute itself “violates the anonymous speech and associational rights of Americans” by forcing companies to hand over data about their customers.

Instead of responding directly to that challenge and filing a motion to compel compliance in the way the Justice Department has responded to past challenges, government attorneys instead filed a lawsuit against the telecom, arguing that by refusing to comply with the NSL and hand over the information it was requesting, the telecom was violating the law, since it was “interfer[ing] with the United States’ vindication of its sovereign interests in law enforcement, counterintelligence, and protecting national security.”

They did this, even though courts have allowed recipients who challenge an NSL to withhold government-requested data until the court compels them to hand it over. The Justice Department argued in its lawsuit that recipients cannot use their legal right to challenge an individual NSL to contest the fundamental NSL law itself.

After heated negotiations with EFF, the Justice Department agreed to stay the civil suit and let the telecom’s challenge play out in court. The Justice Department subsequently filed a motion to compel in the challenge case, but has never dropped the civil suit.

The redacted documents don’t indicate the exact information the government was seeking from the telecom, and EFF won’t disclose the details. But by way of general explanation, Zimmerman said that the NSL statute allows the government to compel an ISP or web site to hand over information about someone who posted anonymously to a message board or to compel a phone company to hand over “calling circle” information, that is, information about who has communicated with someone by phone.

An FBI agent could give a telecom a name or a phone number, for example, and ask for the numbers and identities of anyone who has communicated with that person. “They’re asking for association information – who do you hang out with, who do you communicate with, [in order] to get information about previously unknown people.

“That’s the fatal flaw with this [law],” Zimmerman told Wired last year. “Once the FBI is able to do this snooping, to find out who Americans are communicating with and associating with, there’s no remedy that makes them whole after the fact. So there needs to be some process in place so the court has the ability ahead of time to step in [on behalf of Americans].”
http://www.wired.com/threatlevel/201...onstitutional/





Danger Lurks in Growing New Internet Nationalism

Cyber-espionage is old news. What’s new is the rhetoric, which is reaching a fever pitch right now.
Bruce Schneier

For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments the Internet is fostering an awful lot of nationalism right now. We’ve started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones.

I see this as an effect of all the cyberwar saber-rattling that’s going on right now. The major nations of the world are in the early years of a cyberwar arms race, and we’re all being hurt by the collateral damage.

Our nationalist worries have recently been fueled by a media frenzy surrounding attacks from China. These attacks aren’t new—cyber-security experts have been writing about them for at least a decade, and the popular media reported about similar attacks in 2009 and again in 2010—and the current allegations aren’t even very different than what came before. This isn’t to say that the Chinese attacks aren’t serious. The country’s espionage campaign is sophisticated, and ongoing. And because they’re in the news, people are understandably worried about them.

But it’s not just China. International espionage works in both directions, and I’m sure we are giving just as good as we’re getting. China is certainly worried about the U.S. Cyber Command’s recent announcement that it was expanding from 900 people to almost 5,000, and the NSA’s massive new data center in Utah. The U.S. even admits that it can spy on non–U.S. citizens freely.

The fact is that governments and militaries have discovered the Internet; everyone is spying on everyone else, and countries are ratcheting up offensive actions against other countries.

At the same time, many nations are demanding more control over the Internet within their own borders. They reserve the right to spy and censor, and to limit the ability of others to do the same. This idea is now being called the “cyber sovereignty movement,” and gained traction at the International Telecommunications Union meeting last December in Dubai. One analyst called that meeting the “Internet Yalta,” where the Internet split between liberal-democratic and authoritarian countries. I don’t think he’s exaggerating.

Not that this is new, either. Remember 2001, when the governments of the UAE, Saudi Arabia, and India demanded that RIM give them the ability to spy on BlackBerry PDAs within their borders? Or last year, when Syria used the Internet to surveil its dissidents? Information technology is a surprisingly powerful tool for oppression: not just surveillance, but censorship and propaganda as well. And countries are getting better at using that tool.

But remember: none of this is cyberwar. It’s all espionage, something that’s been going on between countries ever since countries were invented. What moves public opinion is less the facts and more the rhetoric, and the rhetoric of war is what we’re hearing.

The result of all this saber-rattling is a severe loss of trust, not just amongst nation-states but between people and nation-states. We know we’re nothing more than pawns in this game, and we figure we’ll be better off sticking with our own country.

Unfortunately, both the reality and the rhetoric play right into the hands of the military and corporate interests that are behind the cyberwar arms race in the first place. There is an enormous amount of power at stake here: not only power within governments and militaries, but power and profit amongst the corporations that supply the tools and infrastructure for cyber-attack and cyber-defense. The more we believe we are “at war” and believe the jingoistic rhetoric, the more willing we are to give up our privacy, freedoms, and control over how the Internet is run.

Arms races are fueled by two things: ignorance and fear. We don’t know the capabilities of the other side, and we fear that they are more capable than we are. So we spend more, just in case. The other side, of course, does the same. That spending will result in more cyber weapons for attack and more cyber-surveillance for defense. It will result in move government control over the protocols of the Internet, and less free-market innovation over the same. At its worst, we might be about to enter an information-age Cold War: one with more than two “superpowers.” Aside from this being a bad future for the Internet, this is inherently destabilizing. It’s just too easy for this amount of antagonistic power and advanced weaponry to get used: for a mistaken attribution to be reacted to with a counterattack, for a misunderstanding to become a cause for offensive action, or for a minor skirmish to escalate into a full-fledged cyberwar.

Nationalism is rife on the Internet, and it’s getting worse. We need to damp down the rhetoric and—more importantly—stop believing the propaganda from those who profit from this Internet nationalism. Those who are beating the drums of cyberwar don’t have the best interests of society, or the Internet, at heart.
http://www.technologyreview.com/view...t-nationalism/





Iran Blocks Use of Tool to Get Around Internet Filter
Yeganeh Torbati

Iranian authorities have blocked the use of most "virtual private networks", a tool that many Iranians use to get around an extensive government Internet filter, Iranian media quoted an official as saying on Sunday.

A widespread government Internet filter prevents Iranians from accessing many sites on the official grounds they are offensive or criminal.

Many Iranians evade the filter through use of VPN software, which provides encrypted links directly to private networks based abroad, and can allow a computer to behave as if it is based in another country.

But authorities have now blocked "illegal" VPN access, an Iranian legislator told the Mehr news agency on Sunday. Iranian web users confirmed that VPNs were blocked.

"Within the last few days illegal VPN ports in the country have been blocked," said Ramezanali Sobhani-Fard, the head of parliament's information and communications technology committee, according to Mehr. "Only legal and registered VPNs can from now on be used."

Iran is holding a presidential election in June, its first since 2009, when a disputed result led to the worst unrest since the 1979 Islamic revolution.

Protesters used services like Facebook to communicate during those "Green Movement" demonstrations, and the government has taken steps to curb access to the Internet in the last few months, apparently determined to prevent a repeat this time.

An internet user named Mohamad from the Iranian city of Isfahan confirmed that VPNs had been blocked.

"VPNs are cut off. They've shut all the ports," he said in a Facebook message, adding that he was using another form of software to access the service without a VPN. He said Skype and Viber, internet services used to make telephone calls, had also been blocked.

In January, Mehdi Akhavan Behabadi, secretary of Iran's Supreme Cyberspace Council, told Mehr that Internet users would soon be able to purchase registered VPN connections and that other VPNs were illegal. Financial institutions and other organizations might need to use VPNs for security reasons, which would be a legal use, Behabadi said.

The government's move to block VPN access may also have inadvertently cut off access to widely used sites such as Yahoo and Google, Sobhani-Fard told Mehr on Sunday, adding that parliament would study the issue more this week.

Amin Sabeti, a UK-based researcher on Iranian media and the web, said foreign companies such as airlines and banks had had problems using VPNs in Iran.

Through government-registered VPNs, Sabeti said, authorities could be able to monitor traffic more easily.

DETERIORATE

Millions of Iranians experienced disruption to email and Internet access ahead of parliamentary elections last year.

"As the June election approaches ... Iran's Internet connectivity, and the accessibility of uncensored information, continues to deteriorate," said a report on Iran's Internet infrastructure published in March by the UK-based group Small Media, which researches Internet use in Iran.

"Prominent Persian-language websites and other online services have been filtered one by one, and communications with external platforms is becoming progressively more difficult."

Iranian authorities banned Google's email service for a week last year but reopened access after complaints from officials. They have also announced plans to switch citizens onto a domestic Internet network which would be largely isolated from the World Wide Web.

(Reporting By Yeganeh Torbati; Editing by Peter Graff)
http://www.reuters.com/article/2013/...9290CV20130310





Users Flock to Japan Student's Firewall-Busting Thesis Project

'VPN Gate,' designed by PhD student Daiyuu Nobori to circumvent government firewalls, has drawn 77,000 users in less than a week
Jay Alabaster

If you're not sure about the purpose behind Daiyuu Nobori's online thesis project, perhaps the large picture of the collapse of the Berlin Wall will help.

Nobori created VPN Gate to help individuals in countries that restrict Internet use to beat government firewalls. The service encourages members of the public to set up VPN (virtual private network) servers and offer free connections to individual users, aiming to make the technology more accessible.

"Today's VPN software is very complex. They are not easy to use. Some VPN services around the world are expensive for people in other parts of the world," Nobori said in an interview with IDG News Service.

His service maintains a public, real-time list of freely available VPN servers for users to choose from. It also offers downloadable server software to run the VPN, and a client that greatly simplifies the process of finding and connecting to one of the free servers, for the less technically inclined.

The 28 year-old doctoral student at Tsukuba University, about 30 miles northeast of Tokyo, wasn't sure what the reaction would be when he launched last Friday. He did little to advertise it outside of the home page and a few mentions on tech forums.

Five days later, the service has drawn 77,000 users and served nearly 4 terabytes of data.

"There are a lot of users from around the world, so I'm very happy," he said, but "the large amount of data transfer charges are a problem. This is coming from my credit card."

Nobori had originally planned to host the service on his university's servers, but they have been down recently so he switched it to the Windows Azure cloud platform. He has spent about $9,000 keeping it up so far, and will move it back to the university as soon as he can. He also operates his own VPN company, income from which has helped with expenses.

The service is based on "SoftEther," open-source VPN software he built. He says most of it will be released as open source in the next few months. He said he plans to keep certain small portions related to custom protocols private, for security reasons.

He was motivated to create VPN Gate when he learned about the firewalls imposed on people living in Middle East countries such as Egypt and Libya. The Web page is currently offered in English, Chinese and his native Japanese, but he says that is more based on the number of language speakers worldwide than any political feelings about a particular country.

"I'm an engineer, I don't have any interest in politics," he said. "If people somewhere want to study and can't use services like Wikipedia or Google, this is a big problem. Wikipedia has political articles, but also articles about science and other topics."

The service's public access logs show that the vast majority of connections are coming from China. He had friends at his university help him translate his materials into Chinese, but they asked that he not credit them by name for fear of repercussions.

Nobori said that while few people in countries like Japan feel threatened by government firewalls, he remains concerned. In Japan, police have publicized a plan to block access to a genre of sites that give advice on how to kill yourself, to cut down on the country's high suicide rate.

"It is probably acceptable to block the suicide sites, but you don't know what happens next. There is always a chance it will expand."
http://www.itworld.com/networking/34...thesis-project





Australia Central Bank Targeted by Hackers

Australia's central bank has been targeted by sophisticated hackers seeking sensitive information which included Group of 20 negotiations, but a bank spokesperson said nothing was stolen.

The Reserve Bank of Australia (RBA) would not comment on a media report that the malware computer virus used in the attack was Chinese in origin.

Hacking attacks on governments and corporations have become routine, with suspicion falling on China as the source of much of the activity. Beijing has repeatedly denied accusations it is behind the attacks, saying it too is a victim of hacking, particularly from the United States.

Documents released under the Freedom of Information Act showed Australia's central bank was the subject of a malicious email attack on November 16 and 17 in 2011, using a virus that was undetectable by the bank's anti-virus software.

An email titled "Strategic Planning FY2012" was sent to several RBA staff up to department heads and was opened by six of them, potentially compromising their workstations. The email purported to come from a senior staff member at the bank and came from a "possibly legitimate" external account.

The emails contained a compressed zip file with an executable malware application, though the Bank would not identify the virus used.

Fortunately all of the six workstations affected did not have local administrator rights, which prevented the virus from spreading. The servers were considered comprised and removed from the network on November 17.

"The email had managed to bypass the existing security controls in place for malicious emails by being well written, targeted to specific bank staff and utilized an embedded hyperlink to the virus payload which differs from the usual attack whereby the virus is attached directly to the email," according the RBA's report of the incident.

"Bank assets could have been potentially compromised, leading to service disruption, information loss and reputation," the report noted.

The RBA took the issue up with the providers of its anti-virus software to update its defenses, including scanning for hyperlinks in emails and automatically blocking them.

As well as the attempted hacking, the RBA documents also listed a range of potentially embarrassing incidents from lost laptops and Blackberry's, to sensitive documents emailed out by mistake.

In one incident, a folder containing confidential information was left on the rear of an office car by a distracted staff member. On driving off, the staff were advised by a passing motorist that papers had scattered across the road.

After a hour of searching most of the papers were recovered though some were thought lost in a stormwater drain, "resulting in moderate reputational risk to the Bank", the reports showed.

(Reporting by Wayne Cole; Editing by Michael Perry)
http://www.reuters.com/article/2013/...92A00S20130311





Doctor 'Used Silicone Fingers' to Sign In for Colleagues
BBC

A Brazilian doctor faces charges of fraud after being caught on camera using silicone fingers to sign in for work for absent colleagues, police say.

Thaune Nunes Ferreira, 29, was arrested on Sunday for using prosthetic fingers to fool the biometric employee attendance device used at the hospital where she works near Sao Paulo.

She is accused of covering up the absence of six colleagues.

Her lawyer says she was forced into the fraud as she faced losing her job.

The local public prosecutor's office opened an investigation on Monday.

The doctor was arrested by the local police following a two-week investigation in the town of Ferraz de Vasconcelos, and was released on Sunday.

Police said she had six silicone fingers with her at the time of her arrest, three of which have already been identified as bearing the fingerprints of co-workers.
Map

The town's mayor, Acir Fillo, has also asked five employees of the medical service said to have been involved to step aside, while the local council has launched a public inquiry into the matter.

Brazil's ministry of health has said it will launch an inquiry of its own into the local hospital.

Mr Fillo says that the police investigation showed that some 300 public employees in the town, whom he described as ''an army of ghosts'', had been receiving pay without going to work.

A council spokesman has told BBC Brasil that among those believed to be those "ghost employees" - as Brazilians call informally those who receive regular wages without actually showing up for work - are public workers in the areas of health, education and security.
http://www.bbc.co.uk/news/world-latin-america-21756709





U.S. Demands China Block Cyberattacks and Agree to Rules
Mark Landler and David E. Sanger

The White House demanded Monday that the Chinese government stop the widespread theft of data from American computer networks and agree to “acceptable norms of behavior in cyberspace.”

The demand, made in a speech by President Obama’s national security adviser, Tom Donilon, was the first public confrontation with China over cyberespionage and came two days after its foreign minister, Yang Jiechi, rejected a growing body of evidence that his country’s military was involved in cyberattacks on American corporations and some government agencies.

The White House, Mr. Donilon said, is seeking three things from Beijing: public recognition of the urgency of the problem; a commitment to crack down on hackers in China; and an agreement to take part in a dialogue to establish global standards.

“Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyberintrusions emanating from China on an unprecedented scale,” Mr. Donilon said in a wide-ranging address to the Asia Society in New York.

“The international community,” he added, “cannot tolerate such activity from any country.”

In Beijing, a spokeswoman for the Chinese Foreign Ministry, Hua Chunying, did not directly say whether the government is willing to negotiate over the proposals spelled out by Mr. Donilon. But at a daily news briefing Tuesday she repeated the government’s position that it opposes Internet attacks and wants “constructive dialogue” with the United States and other countries about cybersecurity issues.

Until now, the White House has steered clear of mentioning China by name when discussing cybercrime, though Mr. Obama and other officials have raised it privately with Chinese counterparts. In his State of the Union address, he said, “We know foreign countries and companies swipe our corporate secrets.”

But as evidence has emerged suggesting the People’s Liberation Army is linked to hacking, the China connection has become harder for the administration not to confront head-on. The New York Times three weeks ago published evidence tying one of the most active of the Chinese groups to a neighborhood in Shanghai that is headquarters to a major cyberunit of the People’s Liberation Army. That account, based in large part on unclassified work done by Mandiant, a security firm, echoed the findings of intelligence agencies that have been tracking the Chinese attackers.

American officials say raising the issue with the Chinese is a delicate balancing act at a time when the United States is seeking China’s cooperation in containing North Korea’s nuclear and missile programs, and joining in sanctions on Iran. Yet they have been expressing their concerns about cyberattacks with Chinese officials for years. Starting in 2010, they invited P.L.A. officials to discuss the issue — a process that has only just started — and last November, Mr. Obama broached the subject at a summit meeting with Prime Minister Wen Jiabao, a senior administration official said.

Since then, the official said, there has been a “perfect storm” of media coverage and protests from the corporate world. Still, he said, Mr. Donilon chose not to mention the P.L.A. in his speech because he did not want to engage in finger-pointing.

“What we are hoping to do,” another senior official said, “is force the Chinese civilian leadership to realize that the P.L.A. is interfering with their foreign policy.”

The Chinese have insisted that they are the victims of cyberattacks, not the perpetrators. On Saturday, the Chinese foreign minister, Yang Jiechi, issued his own call for “rules and cooperation” on cybersecurity and said reports of Chinese military involvement in cyberattacks were “built on shaky ground.”

“Anyone who tries to fabricate or piece together a sensational story to serve a political motive will not be able to blacken the name of others nor whitewash themselves,” Mr. Yang told reporters at the National People’s Congress, which was preparing to ratify the ascension ofXi Jinpingto the Chinese presidency.

Mr. Donilon said the threats to cybersecurity had moved to the forefront of American concerns with China, noting that he was not “talking about ordinary cybercrime or hacking.”

That distinction, a senior administration official said, was meant to separate the theft of intellectual property by Chinese state entities from small-scale hacking by individuals, or the use of cyberweapons by a state to protect its national security. But the distinction between cyberattacks aimed at intellectual property theft and those aimed at disabling a military threat is largely made by Western officials devising legal arguments, not one the Chinese have embraced.

Even as he emphasized the need for international rules to guide cyberactivity, Mr. Donilon made no reference to the billions of dollars the American military and intelligence agencies are spending to develop an arsenal of offensive cyberweapons — to be used against military targets, officials insist, not economic ones. The most famous of these operations was the covert cyberattack mounted by the United States and Israel to disable the centrifuges that Iran uses to enrich uranium at its site in Natanz.

Mr. Donilon sketched out a vigorous agenda in Asia, insisting the United States would keep pursuing its “strategic pivot” toward the region, despite cuts in military spending. He announced that the Treasury Department would impose sanctions on a North Korean bank specializing in foreign-exchange transactions — ratcheting up the pressure on the North Korean government on the day that Pyongyang announced it would no longer abide by the 1953 armistice that halted the Korean War.

With fears about North Korea’s increased nuclear and missile capabilities causing considerable anxiety in Seoul and Tokyo, Mr. Donilon restated a “declaratory policy” that was first formulated by President George W. Bush after the North’s first nuclear test, in 2006. He warned that the United States would reserve the option to retaliate against the North, not just if it used nuclear weapons but if it allowed the “transfer of nuclear weapons or nuclear materials to other states or nonstate entities.”

That formulation did not appear to cover, however, the transfer of technology to build nuclear facilities, as North Korea did in Syria. That reactor was destroyed by Israel in 2007.

“It’s understandable that the people of South Korea would be concerned about the threat they face from the North,” Mr. Donilon said, apparently alluding to talk in the South of building the country’s own nuclear arsenal, a move the United States halted decades ago. Mr. Donilon added that the United States had assets in place “to insure that South Korea’s defense is provided for.”

Chris Buckley contributed reporting from Hong Kong.
https://www.nytimes.com/2013/03/12/w...ber-rules.html





The Hackers Are Winning
Dan Rowinski

After almost two decades online, I have never been more paranoid about my security, identity and theft.

Since the start of 2013, the following has happened:

• My Twitter password was compromised.

• So was the password on my Evernote account.

• My Yahoo email (which I hardly use anymore) was hacked and sent spam to everybody in my contacts.

• And, the kicker of them all, my debit card was compromised while I was traveling in Manhattan.

That's just my personal journey for the first two and a half months of the year. I am not alone. Millions of Internet users have been affected by security breaches so far in 2013. Even the big companies of the Internet have seen breaches. Apple, Facebook and Microsoft have all admitted to being penetrated in one form or another. High profile Twitter accounts have been hacked, like those of Burger King and Jeep.

It's time to admit it. The hackers are winning.

Are They, Really?

Assaying blame for hacks is a difficult endeavor. On one hand, people say we need to rebuild the Internet to make it more secure by default. Their theory is that the Web is, by its very nature, a hodge-podge mix of vulnerable nodes and standards that is aging and easy to exploit. This is largely true. Hackers hoard zero-day vulnerabilities like squirrels preparing for winter, and a motivated hacker can basically bust through anything.

On the other, many security experts argue that security starts with the individual. If you get hacked, you are basically at fault for violating basic security protocols -- for instance, by failing to change your passwords or by clicking on suspicious links.

“There’s no simple answer to this question,” Catalin Cosoi of antivirus company BitDefender wrote in an email to ReadWrite. He continued:

Hackers, scammers and malware writers have two main advantages: they have access to a lot of money (either by sponsorship or classic fraud) and they don’t have to obey any software practice (their “software” doesn’t have to be properly tested, it can have bugs, doesn’t have to work on any operating system and it really doesn’t matter if it crashes a few machines). However, no one wants to complicate their lives more than needed or pay more that it actually makes, so if the hack gets very complicated, they will simply move to someone else.

Reactive Measures & The Myth Of The Impenetrable Fortress

Antivirus companies like Bitdefender are, by their own admission, highly reactive. They wait for a new virus to show itself on the Internet and then create a way to inoculate against it. This reactive approach has been going on for almost 20 years and it is increasingly becoming an untenable model.

“It works the same way human medicine responds to illness: once you identified the stream or the behavior, you can create vaccine for it,” Cosoi said. “But we can’t find a cure for an illness that doesn’t currently exist –- at least not without significant costs. What we can do, though, is find ways to boost the immune system to make it less prone to future infections. In the security industry, we call this raising the cost of the attack.”

Spammers and malicious hackers have the stereotype of being inherently lazy. Like any stereotype, this is both true and false.

When it comes to getting people’s money, most spammers prefer the path of least resistance. This leads to the quantity-over-quality approaches such as hacking Yahoo email accounts and spamming every contact from the user’s address book. The easy route is to just get one person on the hook and then spread the virus through them, multiplying the scale of the attack with each successful infection.

When Cosoi talks about “raising the cost of the attack,” he means that if it was harder to perform these types of attacks, they would slow to a trickle. The fact that they are so easy for spammers means they will continue.

On the other hand, it is nearly impossible to keep a motivated hacker from getting something he or she really wants. These types of black hats are fewer and further in between but are infinitely more dangerous than your average spam-net. They usually don't target average users. Instead, they target the enterprise behind the user, which can lead to widespread breaches that affect everybody.

As security researcher Graham Cluley at Sophos put it to me via email:

Regular Joe User isn't being targeted, and don't have to follow any different rules than the ones they should have been following for some years now to deal with the approximately 100,000 new unique samples of malware we see each day.

Is It Your Fault?

Some in the security industry think that breaches (both enterprise and individual) are inherently preventable. Just be smart and you’ll be fine, right?

“The sky is not falling,” said Cluley. “Burger King, Jeep and others who have had their Twitter accounts hacked have probably fallen victim because of human weakness. Chances are that they followed poor password practices, like using the same password in multiple places or choosing a password that was easy to crack.”

I can half believe that sentiment. It's very easy to imagine some intern manning the Burger King Twitter account might have a poor password or has been clicking on linkbait spam. That doesn't negate the fact that Twitter itself was hacked, exposing the passwords of some of its more popular and influential users.

I'm highly aware of suspicious links and attempts to spearphish me (a tactic where a specialized message with a poisoned link is sent to an individual as opposed to spammed to the masses). I don't click on links that might be malware.

Caution Only Gets You So Far

And yet, my caution hasn't protected me. For instance, I was not spammed or phished on Yahoo. I hardly use the account and only became aware of the hack when my Yahoo email started spamming my Google email (oh, the irony). This hack was on the Yahoo side, not the fault of an individual. Same goes for my password compromises on Evernote and Twitter.

Unless I'm completely missing something, these breaches were not my fault. I was a victim caught in a larger game of cat-and-mouse between the hackers, security companies and susceptible enterprises.

“There are no shortage of attackers with the necessary skill, motivation and financial resources to break into a given enterprise and steal data,” said Michael Sutton VP of security research at Zscaler, a company that focuses on detecting breaches. “When companies such as Twitter, Apple and Facebook, with sophisticated security teams and more than adequate means to attract the very best talent cannot stop every attack, we must accept that the goal of building an impenetrable fortress is unachievable.”

Security Starts With The Individual (Who Can Still Be A Victim)

Researchers like Cluley have long advocated that security starts and ends with the individual.

“The takeaway from all these security stories is that each of us has a part to play in the fight against the bad guys -- whether it's on our home computers (ensuring they don't get hijacked into a botnet) or in the workplace,” Cluley said. “Report suspicious activity, think before clicking on unsolicited attachments or links, keep your OS, your PDF reader, your anti-virus up-to-date with the latest security patches.”

The argument is a sound one and similar to how entities like the World Health Organization have gone about fighting outbreaks of epidemic disease: educate people to take care of themselves. Sometimes though, it doesn't matter how much you know or how assiduously you take care of yourself -- you are going to get sick (or hacked) and there is nothing you can do about it.

So, are the hackers winning? When people still do everything right and still become victims, you tell me.
http://readwrite.com/2013/03/14/the-hackers-are-winning





The World Has No Room For Cowards
Brian Krebs

It’s not often that one has the opportunity to be the target of a cyber and kinetic attack at the same time. But that is exactly what’s happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home.

Well, as one gamer enthusiast who follows me on Twitter remarked, I guess I’ve now “unlocked that level.”

Things began to get interesting early Thursday afternoon, when a technician from Prolexic, a company which protects Web sites (including KrebsOnSecurity.com) from denial-of-service attacks, forwarded a strange letter they’d received earlier in the day that appeared to have been sent from the FBI. The letter, a copy of which is reprinted in its entirety here, falsely stated that my site was hosting illegal content, profiting from cybercriminal activity, and that it should be shut down. Prolexic considered it a hoax, but forwarded it anyway. I similarly had no doubt it was a fake, and a short phone call to the FBI confirmed that fact.

Around the same time, my site came under a series of denial-of-service attacks, briefly knocking it offline. While Prolexic technicians worked to filter the attack traffic, I got busy tidying up the house (since we were expecting company for dinner). I heard the phone ring up in the office while I was downstairs vacuuming the living room and made a mental note to check my voicemail later. Vacuuming the rug near the front door, I noticed that some clear plastic tape I’d used to secure an extension cord for some outdoor lights was still straddling the threshold of the front door.

When I opened the door to peel the rest of the tape off, I heard someone yell, “Don’t move! Put your hands in the air.” Glancing up from my squat, I saw a Fairfax County Police officer leaning over the trunk of a squad car, both arms extended and pointing a handgun at me. As I very slowly turned my head to the left, I observed about a half-dozen other squad cars, lights flashing, and more officers pointing firearms in my direction, including a shotgun and a semi-automatic rifle. I was instructed to face the house, back down my front steps and walk backwards into the adjoining parking area, after which point I was handcuffed and walked up to the top of the street.

I informed the responding officers that this was a hoax, and that I’d even warned them in advance of this possibility. In August 2012, I filed a report with Fairfax County Police after receiving non-specific threats. The threats came directly after I wrote about a service called absoboot.com (now at booter.tw), which is a service that can be hired to knock Web sites offline.

One of the reasons that I opted to file the report was because I knew some of the young hackers who frequented the forum on which this service was advertised had discussed SWATting someone as a way of exacting revenge or merely having fun at the target’s expense. To my surprise, the officer who took my report said he had never heard of the phenomenon, but promised to read up on it.

One of the officers asked if it was okay to enter my house, and I said sure. Then an officer who was dressed more like a supervisor approached me and asked if I was the guy who had filed a police report about this eventuality about six months earlier. When I responded in the affirmative, he spoke into his handheld radio, and the police began stowing their rifles and the cuffs were removed from my wrists. He explained that they’d tried to call me on the phone number that had called them (my mobile), but that there was no answer. He apologized for the inconvenience, and said they were only doing their jobs. I told him no hard feelings. He told me that the problem of SWATting started on the West Coast and has been slowly making its way east.

The cop that took the report from me after the incident said someone had called 911 using a Caller ID number that matched my mobile phone number; the caller claimed to be me, reporting that Russians had broken into the home and shot my wife. Obviously, this was not the case, and nobody was harmed during the SWATing.

It’s difficult to believe the phony FBI letter that Prolexic received, the denial-of-service attack, and the SWATting were somehow the work of different individuals upset over something I’ve written. The letter to Prolexic made no fewer than five references to a story I published earlier this week about sssdob.ru, a site advertised in the cybercrime underground that sells access to Social Security numbers and credit reports. That story was prompted by news media attention to exposed.su, a site that has been posting what appear to be Social Security numbers, previous addresses and other information on highly public figures, including First Lady Michelle Obama and the director of the FBI.

Interestingly, there are strong indications that booter.tw – the same DDoS-for-hire site that prompted my report to the police in August 2012 — may have been involved in the denial-of-service attack on my site yesterday. For some bone-headed reason, the entire customer database file for booter.tw appears to be available for download if you happen to the know the link to the archive. A search through that record shows that on Thursday afternoon Eastern Time, someone paid booter.tw to launch a series of denial-of-service attacks against my Web site. The account that paid for the attack used the nickname “Starfall,” using the email address “starfall@gmail.com.”

Update, Mar. 16, 8:09 a.m. ET: It seems that I and several other folks who looked at the SQL file from booter.tw made the same mistake in misreading the table: The account that ordered the DDoS against KrebsOnSecurity.com was not Starfall but instead one that used the nickname “countonme,” and the email address “countonme@gmail.com.”

Thursday morning, Dan Goodin, a good friend and colleague at Ars Technica, published a story about my ordeal after a late night phone interview. Shortly thereafter, Ars Technica found itself on the receiving end of a nearly identical attack that was launched against my site on Thursday. Turns out, the records at booter.tw show clearly that a customer named “countonme” using that same Gmail address also paid for an attack on Arstechnica.com, beginning at approximately 11:54 a.m. ET. A snippet of the logs from booter.tw showing the attack on Ars Technica.com (a.k.a. ‘http://50.31.151.33‘ in the logs) is here.

According to Eric Bangeman, Ars Technica’s managing editor, their site was indeed attacked starting earlier this morning with a denial-of-service flood that briefly knocked the site offline.

“We’ve been up and down all morning, and the [content management system] was basically inaccessible for 2 hours,” Bangeman said, adding that he wasn’t aware of an attack of similar size that knocked the site offline. “If it did, it wasn’t enough to be registering in my memory, and I’ve been around for 10 years.”

I have seen many young hackers discussing SWATing attacks as equivalent to calling in a bomb threat to get out of taking exams in high school or college. Unfortunately, calling in a bomb threat is nowhere near as dangerous as sending a SWAT team or some equivalent force to raid someone’s residence. This type of individual prank puts peoples’ lives at risk, wastes huge amounts of taxpayer dollars, and draws otherwise scarce resources away from real emergencies. What’s more, there are a lot of folks who will confront armed force with armed force, all with the intention of self-defense.

The local police departments of the United States are ill-equipped to do much to stop these sorts of attacks. I would like to see federal recognition of a task force or some kind of concerted response to these potentially deadly pranks. Hopefully, authorities can drive the message home that perpetrating these hoaxes on another will bring severe penalties. Who knows: Perhaps some of the data uncovered in this blog post and in future posts here will result in the legal SWATing of those responsible.

This is a fast-moving and ongoing story. I will most likely update this post or file a follow-up sometime in the next 24-48 hours as more details and events unfold. Thanks to all those readers who’ve expressed concern for my safety and well-being via emails, Twitter and the blog: Your support and encouragement means a great deal. And a special note of thanks to security expert Lance James for his assistance in poring over the booter.tw logs.
https://krebsonsecurity.com/2013/03/...m-for-cowards/





Meet the Men Who Spy On Women Through Their Webcams

The Remote Administration Tool is the revolver of the Internet's Wild West.
Nate Anderson

The woman is visible from thousands of miles away on a hacker's computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman's screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman's computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A young man steps into the webcam frame. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked men appears in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."

"I think someone hacked into our computer," says the young man.

Far away, the hacker opens his "Fun Manager" control panel, which provides a host of tools for messing with his RAT victims. He can hide their Windows "Start" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he settles for popping open the remote computer's optical drive.

Even over the webcam, the sound of shock is clear. "Stay right here," says the woman.

"Whoa!... the DVD thing just opened," says the young man.

The hacker sends the pair a message that reads "achoo!" and the young man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop's going to go kaboom next."

The video freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren't hard to find. They're on YouTube, along with thousands of other videos showing RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims. But, of course, the kinds of people who watch others through their own webcams aren't likely to limit themselves to these sorts of mere hijinks—not when computers store and webcams record far more intimate material.

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than 23 million total posts). The poster was referencing a 134+ page thread filled with the images of female "slaves" surreptitiously snapped by hackers using the women's own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these slaves venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have nearly complete control over the computers they infect; they can (and do) browse people's private pictures in search of erotic images to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising.

"I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG image files] that are 'hidden' unless u dig and dig and dig," wrote one poster. "A lot of times the slave will download pics from their phone or digital camera and I watch on the remote desktop to see where they save em to and that's usually where you'll find the jackpot!"

Women who have this done to them, especially when the spying escalates into blackmail, report feeling paranoia. One woman targeted by the California "sextortionist" Luis Mijangos wouldn't leave her dorm room for a week after Mijangos turned her laptop into a sophisticated bugging device. Mijangos began taunting her with information gleaned from offline conversations.

For many ratters, though, the spying remains little more than a game. It might be an odd hobby, but it's apparently no big deal to invade someone's machine, rifle through the personal files, and watch them silently from behind their own screens. "Most of my slaves are boring," wrote one aspiring ratter. "Wish I could get some more girls with webcams. It makes it more exciting when you can literally spy on someone. Even if they aren't getting undressed!"

One poster said he had already archived 200GB of webcam material from his slaves. "Mostly I pick up the best bits (funny parts, the 'good' [sexual] stuff) and categorize them (name, address, passwords etc.), just for funsake," he wrote. "For me I don't have the feeling of doing something perverted, it's more or less a game, cat and mouse game, with all the bonuses included. The weirdest thing is, when I see the person you've been spying on in real life, I've had that a couple of times, it just makes me giggle, especially if it's someone with an uber-weird-nasty habit."

By finding their way to forums filled with other ratters, these men—and they appear to be almost exclusively men—gain community validation for their actions. "lol I have some good news for u guys we will all die sometime, really glad to know that there are other people like me who do this shit," one poster wrote. "Always thought it was some kind of wierd sick fetish because i enjoy messing with my girl slaves."

As another poster put it in a thread called ☆ ShowCase ☆ Girl Slaves On Your RAT, "We are all going to hell for this..." But he followed it with a smiley face.

Welcome to the weird world of the ratters. They operate quite openly online, sharing the best techniques for picking up new female slaves (and avoiding that most unwanted of creatures, "old perverted men") in public forums. Even when their activities trip a victim's webcam light and the unsettled victim reaches forward to put a piece of tape over the webcam, the basic attitude is humorous—Ha! You got us! On to the next slave!

And there are plenty of slaves.

How it’s done

RAT tools aren't new; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Sir Dystic, called BackOrifice a tool designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft's Swiss cheese approach to security." Compared to today's tools, BackOrifice was primitive. It could handle the basics, though: logging keystrokes, restarting the target machine, transferring files between computers, and snapping screenshots of the target computer.

Today, a cottage industry exists to build sophisticated RAT tools with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is currently "FUD"—fully undetectable.

Building an army of slaves isn't particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female slaves by spreading Sims 3 with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I've been able to message random hot girls on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."

For those who can't even manage this on their own, RAT experts hawk their slave-infecting expertise in e-books such as Rusty_v's Spreading Guide v 7.0, a 22-page tome that goes for $14.95 (and which claims to be the best-selling book on Hack Forums). "Ever faced a situation where you have FUD server but cannot get victims?" goes the sales pitch. "Or maybe you're getting a lot less installs compared to the amount of work you are putting in?" Followers of Rusty_v's methods are told they can pick up 500-3,000 slaves per day. The book is "noob friendly" and features "many screenshots."

And if even this handholding isn't enough, more successful ratters sometimes rent out slaves they have already infected. In other cases, they simply hand them off to others in a "Free Girl Slave Giveaway."

Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire slaves. Once infected, all the common RAT software provides a control panel view in which one can see all current slaves, their locations, and the status of their machines. With a few clicks, the operator can start watching the screen or webcam of any slave currently online.

The process is now simple enough that some ratters engage in it without knowing how RATs really work or even how vulnerable they are to being caught. Back in 2010, one Hack Forums member entered the RAT subforum worried about going to jail. He had hacked a Danish family's computer in order to get a child's Steam account credentials, but the Danish kid realized that something was wrong and called in his mother and older brother. The hacker included a picture of all three of them looking down at the computer, the younger kid crying, the mother stern.

"They told me they would call the cops, etc and im going to jail?!" said the hacker. "WHAT DO I DO!? DO I GIVE THEM THE SHIT BACK OR UNINSTALL THEM FROM MY RAT!?"

Then, a few minutes later, when the hacker saw the mother with a phone in her hand, he returned to say, "im shaking irl [in real life]... I hope I won't get caught... hes mom & dad was at the phone calling the cops, while him & his brother was MAD crying, i already laughed for 30mins+ until it got serious about his mom & dad."

"LOL, don't worry you ain't going to jail," another member responded.

This is probably true; few such ratters are ever found.

That pesky light

One of the biggest problems ratters face is the increasing prevalence of webcam lights that indicate when the camera is in use. Entire threads are devoted to bypassing the lights, which routinely worry RAT victims and often lead to the loss of slaves.

"Unfortunately she asked her boyfriend why the light on her cam kept coming on," one RAT controller wrote. "And he knew, she never came back :)"

Another described testing DarkComet on a male slave and activating the man's webcam. "A man came up and saw that his webcam was on, he then put the middle finger up to me lmao [laughing my ass off]," wrote the hacker. "I then went to remote desktop and he had lots of pr0nz [pornography] up, but he was also freaking out and scanning his computer with two different anti-virus [programs]. It was pretty funny, but he actually managed to remove the infected server from his PC, he used some 'ad-ware' software which managed to remove it."

Others trade pictures of victims taking action to secure their computers. "ive had this girl since i started ratting but she has a light on her cam," wrote one RAT user, "shame coz shes really pretty with her hair down. see her busting me lol."

To combat detection, the RAT controllers have devised various workarounds. One involves compiling lists of laptop models which don't have webcam lights and then taking special pains to verify the make and model of slave laptops to see if they are on the list.

"You may need to do some remote desktop action when you're pretty certain they're not looking and find an OEM tag in system properties but the surest way is to look for OEM bloatware like wireless utilities and such," wrote one RAT users. "Once you figure that out, if it's an Acer, you're golden. Some other laptops are good too and using specs and some other information you can often determine a model."

Others rely on a little bit of social engineering. "The first time I use a slaves cam tho I send a fake message saying something like the cams software is updating and the light may come on and go off periodicially ," wrote a RAT user, "but obviously in a more windows-like way of saying it!"

But no solution has been foolproof—and not for lack of a market. As one eager user wrote, "If someone release[s] soft[ware] which will disable the led cam light he will be the richest man in HF [Hack Forums]!!!"
A young woman covers her webcam as someone watches her with a RAT.

“Damn morals”

RAT forum denizens aren't wholly lacking in moral reflection, though most is of a peculiar kind. "Imagine your sister is being posted right here, how would you feel?" wrote one poster, which sounds like an exhortation to stop ratting. But the poster immediately concluded that the only real rule is not to hack "nice gurls." And even if one does hack "nice gurls," just "dont post them online, Keep em for yourself."

Posters do show up once in a while to rage against the fairly shocking privacy violations casually shared in these forums. "Everyone who is spying on girls does deserve the jail!" one wrote. "Most of you have no girlfriend or are perverts or are 12 years old. Man get older and don't do this.... I hope all of you die... It is the worst thing a Hacker could do ! THE WORST ! Learn something more complictaed then Ratting."

But to the regulars this is just the talk of "some jelous peeps out there who probably cant find any girls to take there servers. its nothing compared to people stealing accounts and shit like that and its doing no harm as long as there not aware of it what the problem? if you dont like dont look."

The actual moral discussions in the forums tend to accept ratting as a bit of legitimate fun, but one that may have its own rules of "fair play." These rules are few, however, and even bringing them up irritates those who just want to see pictures of female slaves. "Here is not an ethical forum... and everyone does what he wants," wrote one poster. More often, the concerns are simply pragmatic ones about jail, lawsuits, and retaliation. Consider the following bizarre exchange:

POSTER 1:

Can't wait to get my RAT setup, some pretty hot chicks in here ;) Also, do you all think it would be wrong to RAT chicks you know? I know some VERY hot ones that would be easy as shit to infect. Damn morals.

POSTER 2:

well the moral part is one thing
but infecting a known person can be a risk
if they found out you infected them, you can loose the friendship, be marked as a pervert in your friendships and even worse she could sue you
i did it once and found some lucky things (so i want to du it again like the perv am i ^^ )
I rat one of the hottest classmate i had and was lucky
i found some topless pics and even some blowjob picture ;)
too bad the girl died by an illness :'(
i'm sad for 2 reasons
first i liked her, she was not a best friend, but a classmate i often speak with...
second, i did not get all the stuff she had, her damn internet was slow like hell .... i get about a dozen pictures from her external harddrive (well hidden)
i saw her online in the RAT a couple of times, but never with the external harddrive and i never found something on her desktop...
Then i never saw her online again, i throught : shit i loose her, need to find a way to install a new FUD version ...
but about 2-3 month later i learned she died by a illness :(

Other ratters have a soft spot for certain scenarios. Taking over other people's computers might not be bad, spying on them might be OK, but making young children cry might cross a line. "Give him back his account," wrote one poster in reference to the Danish kid who had his Steam account hacked (see above). "Christ the kid is in tears."

But morals generally take a back seat to mockery. One popular thread, running for more than a year, with 59 pages of comments, asks people to "Post your ugly slaves here." One of the most popular responses involves people caught picking their noses.

All Most information is good information

Regardless of legality—and online forums are strongly protected by Section 230 of the Communications Decency Act for all manner of offensive user-posted material—why would anyone want to host such content? I put the question to Jesse LaBrocca, the Las Vegas-based creator and operator of Hack Forums.

He responded with a strong defense of the idea that information should be open to all and he pointed to the Wikipedia entry on keyloggers to illustrate his point. "It's a fair amount of information including functions in Windows you would hook into to use a keylogger," he told me by e-mail. "At what point does Wikipedia and the Internet community decide it's too much information? And is there actually such a thing as 'too much information?'"

Possibly not, but my question wasn't about the existence of a forum devoted to RATs or to technical discussion about them. It was about the fact that the RAT subforum is filled with posts in which people explicitly show that they have illegally invaded other people's computers, that they are spying on them—sometimes while naked—and that they buy, sell, and trade slaves openly.

"My personal morals and ethics I try not to ram down the throats of members," LaBrocca responded when I followed up. "No doubt I've seen and read some very appalling posts over the years. Things I would never participate in or encourage. But I'm not the moral compass for complete strangers and I won't put myself into that position."

And yet he has, with remarkable specificity. Hack Forums is one of the largest public hacker-focused sites anywhere. (Serious criminals, of course, prefer private forums that require vetting to enter—which is one reason that law enforcement creates such sites when it wants to catch them.) It has its own 18-point code of behavior that prohibits even discussion of remarkably specific "blackhat hacking activities" like phishing, eBay partnerships, e-mail dumps, credit card fraud, identity theft, conversations about two specific botnets (Zeus and SpyEye), extortion, the "deepweb" (sites available only through services like Tor), keygens, warez, the sale of Apple products—even unauthorized movie torrents.

But the list is quite idiosyncratic. Hack Forums warns that members are often hack targets themselves, "whether by an outsider or a rogue member." A member who hacks another member will be "warned or banned" from the site. On the other hand, members who sell botnet access or who buy slaves or who "need an e-mail account hacked" can apparently remain in good standing.

Which brought me back to my original question. The site enforces all sorts of behavior codes, so why is apparently illegal and invasive conduct—not simply "information" or "discussion"—accepted? LaBrocca politely declined to respond further. Instead, he pointed me to a site statement announcing, "We don't explain the logic behind each forbidden activity, but it's somewhere between morality, ethics, and legality for each one."

Too often, he said, those with questions about the site "find a thread you don't like and use it to throw the site under the bus. I can give you countless examples how HF has positively changed people's lives."

RATs can be entirely legitimate. Security companies have used them to help find and retrieve stolen laptops, for instance, and no one objects to similar remote login software such as LogMeIn. The developers behind RAT software generally describe their products as nothing more than tools which can be used for good and ill. And yet some tools have features that make them look a lot like they're built with lawlessness in mind.

Adam Kujawa, a researcher at security firm MalwareBytes, compiled a list last summer of everything that popular RAT DarkComet could do. It included:

• Find out all system information, including hardware being used and the exact version of your operating system, including security patches
• Control all the processes currently running on your system
• View and modify your registry
• Modify your Hosts file
• Control your computer from a remote shell
• Modify your startup processes and services, including adding a few of its own
• Execute various types of scripts on your system
• Modify/View/Steal your files
• Put files of its own on your system
• Steal your stored password
• Listen to your microphone
• Log your keystrokes (duh)
• Scan your network
• View your network shares
• Mess with your MSN Messenger / Steal your contacts / Add new contacts!
• Steal from your clipboard (things you’ve copied)
• Control your printer
• Lock/Restart/Shutdown your computer
• Update the implant with a new address to beacon to or new functionality
• Watch your webcam
• Use your computer in a denial of service (DOS) attack

And that's not all. DarkComet includes a "Fun Manager" that can perform all sorts of tricks on the target system, including:

• Hiding the Desktop—Hiding all the icons and making it impossible to right click on the desktop.
• Hide the Clock—Self Explanatory
• Hide Task Icons—In the little box on the right side of your start bar
• Hide Sys Tray Icons—Hide icons and open application buttons on the taskbar
• Hide Taskbar—Self Explanatory
• Hide the Start Button—Only works in Win XP
• Disable the Start Button (XP Only)—Gray out the start button, disabling it.
• Disable TaskMgr—Disables the Windows Task Manager (When you hit Ctrl+Alt+Del)
• Open/Close CD Tray—Self Explanatory

Even that isn't all. The RAT can also activate Microsoft's text-to-speech software on the remote system so that it reads strings of text out loud—an effective startle tactic. It can open a chat window. And it can play notes from a piano or a specific frequency for as long as desired. (As Kujawa notes, "The purpose of this feature [as far as I can tell] is just to annoy people.")

Does such software cross the line into illegality? Perhaps. In June 2012, the FBI arrested Michael "xVisceral" Hogue at his home in Tucson, Arizona and charged him with selling "malware that allows cybercriminals to take over and control, remotely, the operations of an infected computer." Hogue had created Blackshades, which the government described as "a sophisticated piece of malware."

Blackshades went beyond DarkComet in its support for features that were likely to result in illegality, such as the "File Hijacker" that could encrypt a victim's key files and then pop up a "ransomware" message demanding payment into a remote bank account in order to free the files. (A note attached to this feature said: "However, one thing to put in mind: This feature was made for educational purposes only.")

In June 2010, Hogue allegedly joined a private "carder" website catering to online criminals dealing in the theft, sale, and malicious use of credit card numbers. The site was actually a honeypot run by the FBI, however; the government says that Hogue sought admin approval to sell Blackshades there and ended up chatting with an FBI Special Agent. According to the complaint against Hogue, he then showed the FBI his personal RAT dashboard. An agent described the moment this way:

When I logged into the Blackshades Net service (that is, the interface that is a component of the RAT), I was able to see the names of nine computers that had been infected with the malware component of the RAT. Those computers were located in Germany, the United States, Denmark, Poland, and Canada. (The FBI has taken steps to identify and locate these victims.) By clicking on the name of an infected computer, I was presented with a menu of options including the ability to initiate key logging on the infected computer—that is, I was able to remotely turn on a service that would record every keystroke of the user of the infected computer. So, for instance, if the victim visited a banking website and entered his or her username and password, the key logging program could record that information, which could then be used to access the victim's bank account.

In further MSN chats with the FBI, the person alleged to be Hogue answered a question about whether the Blackshades software would automatically conduct key logging or whether it had to be initiated manually. "It auto does, and you can download from all at once, or scan for keywords or digits," came the reply. "And if it detects a credit card is being entered, it can send screenshots to FTP and you can scan for digits that are 16 in a row :P"
A man awakened by the sounds of "screaming" porn a ratter has played through his computer.

This isn't the sort of thing that legitimate security firms generally tell potential clients, and the description of the software on the Blackshades website didn't help matters. It advertised the program's ability to "automatically map your ports, seed your torrent for you, and spread through AIM, MSN, ICQ, and USB devices." The software, sold for $50 per copy, does not appear to have netted its creator that much cash. According to a court filing from January 2013, the government is seeking forfeiture of only about $40,000 from Hogue. (The Blackshades software remains available for sale, the codebase apparently administered by at least one other person. The sales site currently suggests that Blackshades be used by those who have "ever questioned what your spouse, kids or employees have been doing on the computer" or anyone who want to know, "Are your employees mailing your business data to your competitors?")

A few weeks after Hogue's arrest, another prominent RAT author announced his retirement from such work. Jean-Pierre Lesueur shut down DarkComet with a message blaming his users. "I have devoted years with a nonprofit philosophy for you to enjoy without asking anything in return other than respect of the rules, unfortunately some of you couldn't respect the terms," he wrote. "Why did I take such a decision? Like it was said above because of the misuse of the tool, and unlike so many of you seem to believe, I can be held responsible of your actions, and if there is something I will not tolerate it is having to pay the consequences for your mistakes and I will not cover for you." He then added, "Without mentioning what happened in Syria..."

The last line is a reference to the fact that the Syrian government used tools like Blackshades and DarkComet in 2012 as part of its war with Syrian rebels. The conclusion drawn by the researchers at Malwarebytes was that RAT creators had unwittingly become low-cost arms dealers to repressive regimes that couldn't afford to develop such tools themselves.

"Over the past few weeks," Malwarebytes concluded in mid-2012, "we have seen the most intricate piece of spy malware ever developed (Flame) and being used for cyber espionage purposes against the infrastructure of developed countries, and then we look at the poverty stricken government of Syria and see over-the-counter RATs being used. It is clear that even in cyber war, the more developed countries have better weapons while the poorer countries use whatever they can get their hands on."

RAT control

RATs aren't going away, despite the occasional intervention of the authorities. Too many exist, plenty of them are entirely legal, and source code is in the wild (a version of the Blackshades source leaked in 2010). Those who don't want to end up being toyed with in a YouTube video are advised to take the same precautions that apply to most malware: use a solid anti-malware program, keep your operating system updated, and make sure plugins (especially Flash and Java) aren't out of date. Don't visit dodgy forums or buy dodgy items, don't click dodgy attachments in e-mail, and don't download dodgy torrents. Such steps won't stop every attack, but they will foil many casual users looking to add a few more slaves to their collections.

If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please? I got 2 bucks lol I will give it to you :b" At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection.
http://arstechnica.com/tech-policy/2...their-webcams/





Netflix: U.S. Tops Internet Speed Index. Say What?
Nick Statt

In the world of Netflix's new "global" ISP speed index, which the streaming-video service announced Monday, the U.S. takes top honors for fastest connection thanks to Google Fiber, while speedy competitors like Sweden's Ownit and Finland's KYMP come in second and third.

Meanwhile, in the real world, the Netflix global index is really nothing of the sort. For one thing, Google Fiber, which offers service to a fraction of exactly one U.S. city, isn't exactly representative of the nation's Internet as a whole. For another, the Netflix index doesn't even include powerhouses like Korea and Japan, which routinely kick ass in global Internet-speed comparisons.

Of course, Netflix doesn't offer service in Asia, and that's your first clue that its Internet speed index has been assembled for reasons that have little to do with straightforward comparisons of global Internet speeds.

Netflix itself is relatively open about this. It describes its data as a way to "give you monthly insight into which ISPs deliver the best Netflix experience." And that's your second clue as to what Netflix is really up to here.

Netflix has long been prodding ISPs to join its Open Connect content delivery system, which it describes as a dedicated, low-cost video-file distribution system. Many big ISPs in the U.S., however, have resisted Open Connect, even when Netflix began making streams of 3D and high-definition video available only to customers of Open Connect ISPs. Of course, many ISPs offer their own video-on-demand services that effectively compete with Netflix, too.

Coincidentally or not, broadband providers Google Fiber, Cablevision and Suddenlink, all three of which have signed on to Open Connect, happen to top Netflix’s U.S. Speed Index. So it's not hard to imagine that Netflix's newfound interest in providing consumer information about ISP speeds just might have something to do with pushing its content delivery network to as many companies as possible. Especially since Netflix has been known to enlist its customers to call their ISPs for this very purpose.

Without Fiber, The U.S. Is Near The Bottom

While the speeds posted on Netflix's index are far lower than the ISPs themselves would normally claim, the streaming service explains it this way:

The average is well below the peak performance due to many factors including home Wi-Fi, the variety of devices our members use, and the variety of encodes we use to deliver the TV shows and movies we carry. Those factors cancel out when comparing across ISPs, so these relative rankings are a good indicator of the consistent performance typically experienced across all users on an ISP network.

While the U.S. does have a whopping ten ISPs that clear the 2 Mbps threshold, it still has seven providers that fall below that, with Clearwire at the bottom coming in 0.5 Mbps slower than Mexico's Axtel, which clocked in at 1.30Mbps. With 17 ISPs on Netflix's list (and a slew of smaller companies scattered all across the country), that gives us one of the most competitive ISP markets on the planet, making it a shame that we can't all get the speeds of Google Fiber, or at least in the 2 Mbps range.

Take Google Fiber out of the equation, however, and average U.S. speeds drop to 1.8 Mbps from a reasonably strong 2.3 Mbps. That's only 0.1 Mbps faster than Ireland, and 0.2 Mbps speedier than Mexico, which is last on the list. Finland and Sweden, by contrast, blow away the non-Fiber U.S. with respective speeds of 2.57 Mbps and 2.51 Mbps. Which gives you a sense of just how weak most U.S. ISPs are, even in a not-quite-global comparison.
http://readwrite.com/2013/03/12/netf...speed-say-what





Redbox Instant Launches Publicly, CEO Calls Original Content Talk Premature
Janko Roettgers

Redbox Instant is available to all after a closed beta test that netted the company tens of thousands of paying customers. CEO Shawn Strickland told us that his company won’t do original content any time soon.

Surprise! Redbox Instant by Verizon officially launched to the public Thursday, just as I had predicted in an earlier story. The launch comes after a three-month-long closed beta test that Redbox Instant CEO Shawn Strickland characterized as a great learning opportunity during a phone conversation Thursday morning. “Now we are open for business,” he added.

Redbox Instant currently offers its subscribers access to 4,600 subscription titles and four Redbox DVD rentals for $8 a month. Customers can also digitally rent or buy around 4,000 movies for a fee to augment their subscriptions with newer fare. Strickland told me that the service saw interest from “hundreds of thousands” of consumers who signed up to join the closed beta test. Tens of thousands not only joined for a free trial, but stayed around to become paying customers after their trial period ended.

So who are those Redbox Instant customers? Strickland said that the beta test confirmed the company’s belief that it was primarily catering to people who still value physical rentals. “It’s a disc plus offering,” he said, with streaming supplementing DVD rentals. That’s also reflected in the type of content the company is making available for streaming. “It clearly starts with movies,” said Strickland, adding that the focus might evolve over time.

That approach is very different from Netflix, which also started out with a movie-focused DVD service, but now invests heavily in TV content. Does that mean Netflix and Redbox are going to be complementary, as opposed to arch-enemies? My conversation with Strickland left me with the impression that he would be okay with that — as long as people are paying for his company’s service as well.

“We think that the over-the-top space will evolve very similarly to the cable and network space,” he said. Meaning: You might get your content from more than one streaming provider in the future, just like you get it from more than one cable network.

Of course, a large part of the rise of cable networks like HBO or even AMC has been the production of original content, something that has been an increasing focus of Netflix and Hulu as well. CAA agent Peter Micelli speculated a few days ago that Redbox Instant may venture into original content as well. Strickland called this kind of talk “really premature,” explaining that Redbox Instant doesn’t even have enough insights into what kind of exclusive content its subscribers could be interested in yet. But he added: “From an industry perspective, there is a clear force in that direction.”
http://gigaom.com/2013/03/14/redbox-...nch-confirmed/





“Zero TV” Households Now At 5 Million, Says Nielsen, Up From 3 Million In 2007, But Still Just 5% Of Market
Sarah Perez

Nielsen today released new data that examines trends in the “Zero TV household” – a definition which refers to those who no longer watch traditional television offered by cable or satellite providers, but who tend to stream video online, via computers, smartphones or tablets. According to the firm’s findings, there are now more than 5 million cord cutters in the U.S. this year, up from 3 million in 2007.

That’s still a very small slice of the market, Nielsen acknowledges. Today, 95 percent of U.S. viewers still watch so-called “traditional TV” in their living rooms. And even among the cord-cutting group, the TV itself isn’t obsolete. It’s a platform used for console gaming, watching DVDs and surfing the Internet. More than 75 percent of the cord-cutting group still has at least one TV set, Nielsen found.

While the “Zero TV” household could also refer to those who simply don’t watch video content at all, most (67 percent) still do watch video content. Thirty-seven percent do so on a computer, 16 percent via the Internet, 8 percent on smartphones and 6 percent on tablets.

If those numbers seem odd, remember that we’re talking about “zero TV” households here – many people are streaming video on their devices, but haven’t given up their traditional TV viewing yet to do so.

The on-demand services we have available today like Netflix and Hulu can’t yet compete with the lineup of content from traditional TV, which is partly why it still has a foothold. But that’s also why companies are beginning to work around the problem by funding their own original programming. If one day, these alternatives to traditional TV can offer a lineup of content that’s worth watching, it may be easier to drop the cable subscription entirely. That day is still off in some hazy potential future, however. Regular TV is still king for now.

But the trends among the cord-cutting group are interesting in that they could perhaps indicate the direction the market is at least slowly headed. Though most are not dropping traditional TV, the way we’re interacting with television content is changing. We’ve not only introduced more devices into the mix, we’re consuming content in new ways, as well.

These changes are no longer just limited to earlier adopters, either. On CBS News’ mainstream-friendly “Sunday Morning” TV program this weekend, contributor Luke Burbank confessed to his addiction to binge-watching episodic television, thanks to services like Netflix, Hulu and HBO Go. It’s not news to TechCrunch readers perhaps, (as many can probably relate), but seeing this sentiment shared with the older, TV-watching audience it becomes clear: Things are changing, and boy is it crazy.

In the new report, Nielsen also found that the Zero TV homes tend to be younger, with almost half under the age of 35.

The majority are non-Hispanic (85.5 percent) with 10.1 percent Asian, 9.5 percent black and 8.4 percent Hispanic filling out the mix. And, Zero TV homes are more likely to be those where the viewers live alone and have no children (80.9 percent, vs 66.7 percent for traditional TV).

Just wait till these kids grow up, though.

To some extent, this group is responding to the downturn in the economy which has coincided with the ubiquity of alternative viewing options. For 36 percent, cost was the primary reason for cutting the cord, but interestingly, “lack of interest” was a close second at 31 percent. That latter reasoning also speaks to the Internet’s and mobile’s power to disrupt TV not by offering the same service, only via streaming, but how it provides a variety of other things to do instead. There’s YouTube, social networking, video chatting, Tumblr posting, mobile gaming, and a world of news and entertainment content to consume. But doing so can mean little time left for vegging out to watch living-room TV.

Only 18 percent of the Zero TV group said they’d consider subscribing to TV services, said Nielsen.

Earlier this month, Nielsen announced that it would begin including data on these Zero TV Households in its cross-platform reports for the 2013-2014 season going forward. The news followed a leak from The Hollywood Reporter in February, which included details of Nielsen’s plans to begin analyzing viewing behaviors beyond traditional TV watching, which today also includes DVR content and on-demand programming.

The company will have hardware and software in place to measure streaming services like Netflix and Amazon, as well as over-the-top services from game consoles like the Xbox and PlayStation, the report stated. In the initial rollout, Nielsen will look at behavior taking place primarily on iPads and other tablets, but in phase two, the plan would be to track video viewing behavior from any source.

We’re not at the point where Nielsen will be reporting daily or weekly “Netflix ratings,” so to speak, but in the long run, it may not have to. That’s a metric that may no longer make sense in a day when viewers sit down and “binge watch” TV instead of making an appointment to watch a show the day or day after it airs. In fact, a recent report found that Netflix’s “House of Cards” was the service’s most-watched show of all time – and that most had watched six episodes in the first few weeks of availability. (Netflix released the entire season at once.)

But the more concerning data point – at least for those in the traditional TV industry – was tucked away in that study. Approximately 23 percent of Netflix subscribers had cancelled their cable TV or satellite subscription, the report found.
http://techcrunch.com/2013/03/11/zer...t-5-of-market/





Algorithms Get a Human Hand in Steering Web
Steve Lohr

Trading stocks, targeting ads, steering political campaigns, arranging dates, besting people on “Jeopardy” and even choosing bra sizes: computer algorithms are doing all this work and more.

But increasingly, behind the curtain there is a decidedly retro helper — a human being.

Although algorithms are growing ever more powerful, fast and precise, the computers themselves are literal-minded, and context and nuance often elude them. Capable as these machines are, they are not always up to deciphering the ambiguity of human language and the mystery of reasoning. Yet these days they are being asked to be more humanlike in what they figure out.

“For all their brilliance, computers can be thick as a brick,” said Tom M. Mitchell, a computer scientist at Carnegie Mellon University.

And so, while programming experts still write the step-by-step instructions of computer code, additional people are needed to make more subtle contributions as the work the computers do has become more involved. People evaluate, edit or correct an algorithm’s work. Or they assemble online databases of knowledge and check and verify them — creating, essentially, a crib sheet the computer can call on for a quick answer. Humans can interpret and tweak information in ways that are understandable to both computers and other humans.

Question-answering technologies like Apple’s Siri and I.B.M.’s Watson rely particularly on the emerging machine-man collaboration. Algorithms alone are not enough.

Twitter uses a far-flung army of contract workers, whom it calls judges, to interpret the meaning and context of search terms that suddenly spike in frequency on the service.

For example, when Mitt Romney talked of cutting government money for public broadcasting in a presidential debate last fall and mentioned Big Bird, messages with that phrase surged. Human judges recognized instantly that “Big Bird,” in that context and at that moment, was mainly a political comment, not a reference to “Sesame Street,” and that politics-related messages should pop up when someone searched for “Big Bird.” People can understand such references more accurately and quickly than software can, and their judgments are fed immediately into Twitter’s search algorithm.

“Humans are core to this system,” two Twitter engineers wrote in a blog post in January.

Even at Google, where algorithms and engineers reign supreme in the company’s business and culture, the human contribution to search results is increasing. Google uses human helpers in two ways. Several months ago, it began presenting summaries of information on the right side of a search page when a user typed in the name of a well-known person or place, like “Barack Obama” or “New York City.” These summaries draw from databases of knowledge like Wikipedia, the C.I.A. World Factbook and Freebase, whose parent company, Metaweb, Google acquired in 2010. These databases are edited by humans.

When Google’s algorithm detects a search term for which this distilled information is available, the search engine is trained to go fetch it rather than merely present links to Web pages.

“There has been a shift in our thinking,” said Scott Huffman, an engineering director in charge of search quality at Google. “A part of our resources are now more human curated.”

Other human helpers, known as evaluators or raters, help Google develop tweaks to its search algorithm, a powerhouse of automation, fielding 100 billion queries a month. “Our engineers evolve the algorithm, and humans help us see if a suggested change is really an improvement,” Mr. Huffman said.

Katherine Young, 23, is a Google rater — a contract worker and a college student in Macon, Ga. She is shown an ambiguous search query like “what does king hold,” presented with two sets of Google search results and asked to rate their relevance, accuracy and quality. The current search result for that imprecise phrase starts with links to Web pages saying that kings typically hold ceremonial scepters, a reasonable inference.

Her judgments, Ms. Young said, are “not completely black and white; some of it is subjective.” She added, “You try to put yourself in the shoes of the person who typed in the query.”

I.B.M.’s Watson, the powerful question-answering computer that defeated “Jeopardy” champions two years ago, is in training these days to help doctors make diagnoses. But it, too, is turning to humans for help.

To prepare for its role in assisting doctors, Watson is being fed medical texts, scientific papers and digital patient records stripped of personal identifying information. Instead of answering questions, however, Watson is asking them of clinicians at the Cleveland Clinic and medical school students. They are giving answers and correcting the computer’s mistakes, using a “Teach Watson” feature.

Watson, for example, might come across this question in a medical text: “What neurological condition contraindicates the use of bupropion?” The software may have bupropion, an antidepressant, in its database, but stumble on “contraindicates.” A human helper will confirm that the word means “do not use,” and Watson returns to its data trove to reason that the neurological condition is seizure disorder.

“We’re using medical experts to help Watson learn, make it smarter going forward,” said Eric Brown, a scientist on I.B.M.’s Watson team.

Ben Taylor, 25, is a product manager at FindTheBest, a fast-growing start-up in Santa Barbara, Calif. The company calls itself a “comparison engine” for finding and comparing more than 100 topics and products, from universities to nursing homes, smartphones to dog breeds. Its Web site went up in 2010, and the company now has 60 full-time employees.

Mr. Taylor helps design and edit the site’s education pages. He is not an engineer, but an English major who has become a self-taught expert in the arcane data found in Education Department studies and elsewhere. His research methods include talking to and e-mailing educators. He is an information sleuth.

On FindTheBest, more than 8,500 colleges can be searched quickly according to geography, programs and tuition costs, among other criteria. Go to the page for a university, and a wealth of information appears in summaries, charts and graphics — down to the gender and race breakdowns of the student body and faculty.

Mr. Taylor and his team write the summaries and design the initial charts and graphs. From hundreds of data points on college costs, for example, they select the ones most relevant to college students and their parents. But much of their information is prepared in templates and tagged with code a computer can read. So the process has become more automated, with Mr. Taylor and others essentially giving “go fetch” commands that the computer algorithm obeys.

The algorithms are getting better. But they cannot do it alone.

“You need judgment, and to be able to intuitively recognize the smaller sets of data that are most important,” Mr. Taylor said. “To do that, you need some level of human involvement.”
https://www.nytimes.com/2013/03/11/t...n-helpers.html





Apple's iPad to Fall Behind Android as Tablet War Grows
Noel Randewich

Shipments of tablets running Google Inc's Android will overtake the iPad this year for the first time, research house IDC predicted on Tuesday, as Apple Inc cedes more mobile market share to hard-charging rivals around the globe.

A growing variety of smaller and cheaper Android tablets from Google to Amazon.com Inc will catch on this year with more consumers and chip away at Apple's dominance since the first iPad launched in 2010, International Data Corp said.

iPad and iPhone shipments are expected to keep growing at enviable rates, but arch-rival Samsung Electronics and others have hurt Apple with a combination of savvy marketing, greater variety and rapid technology adoption.

On Thursday, Samsung takes the wraps off the fourth generation of its flagship Galaxy, the smartphone that helped the South Korean giant knock the iPhone off its top ranking for part of last year.

A growing perception that the company co-founded by Steve Jobs may be losing its competitive edge has weighed on its shares, which have lost more than a third of their value since hitting a high in September.

IPHONE COULD GO WAY OF BLACKBERRY?

In the latest criticism from Wall Street, Jefferies analyst Peter Misek on Tuesday compared Apple to Blackberry saying the iPhone is now on the defensive against Samsung's devices.

"Historically when handset makers fall out of favor (e.g., the Razr, Blackberry, HTC) they fall faster/further than expected," Misek said.

Now, IDC says Apple may begin losing some its lead on tablets as well, though it remains the top seller among manufacturers.

iPad shipments are expected to account for 46 percent of the tablet market in 2013, down from 51 percent last year, IDC said. Devices running Android are expected to grow their market share to 49 percent this year from 42 percent last year.

Google's Nexus 7 tablet and Amazon.com Inc's Kindle, which uses its own customization of Android, made major inroads with consumers last year. In November, Apple launched its own foray into smaller-sized tablets with the iPad mini.

"One in every two tablets shipped this quarter was below 8 inches in screen size. And in terms of shipments, we expect smaller tablets to continue growing in 2013 and beyond," IDC said in a press release.

APPLE REVS GROWTH SLOWS

Last month, Hewlett-Packard Co announced the launch of the Slate 7 tablet powered by Android, a centerpiece of that company's effort to expand from the shrinking personal market into mobile.

Apple is expected to grow its revenue by $26 billion in its fiscal year ending in September, just over half of the $48 billion increase in revenue it saw the year before, according to Thomson Reuters I/B/E/S.

A group of suppliers that depend on Apple for more than half of their business saw its sales slump 31 percent in February compared to January, according to Topeka Capital Markets analyst Brian White, who does not identify the companies in the group.

Shares of Cirrus Logic, which gets three quarters of its revenue from selling audio chips to Apple, have fallen 23 percent this year, including a 2.89 percent drop on Tuesday.

Many component suppliers to Apple, like Qualcomm and Toshiba, also do significant business with Android device manufacturers.

"The open ecosystem at Android has allowed there to be more suppliers. As a chip guy, I always want to have as many irons in the fire as possible because the ride at the top tends to only last five years," said RBC analyst Doug Freedman.

Underscoring the increasing opportunity in mobile for Apple and its competitors, IDC also raised its 2013 tablet shipment forecast to 190.9 million units, up from its previous forecast of 172.4 million units.

Last year, global tablet shipments grew to 128.3 million units, up from 72 million in 2011, according to IDC.

In the smartphone market, which reached 545 million units shipped last year, Apple has already fallen behind Samsung.

Samsung is likely to sell 290 million smartphones this year, up 35 percent from 2012, according to Strategy Analytics. Apple's smartphone sales are projected to reach 180 million this year, up 33 percent.

IDC said tablets running Microsoft's Windows 8 platform would grow their market share from 1 percent last year to 7.4 percent in 2017.

Tablets running the Windows RT operating system, which is not compatible with older software that runs on Windows, will see their market share stay below 3 percent through 2017, IDC said.

"Consumers aren't buying Windows RT's value proposition, and long term we think Microsoft and its partners would be better served by focusing their attention on improving Windows 8," IDC said.

(Editing by Andrea Ricci and Andrew Hay)
http://www.reuters.com/article/2013/...92B0MS20130312





France Refers Skype to Prosecutors
David Jolly

French regulators said on Tuesday that they had asked prosecutors to investigate Microsoft’s Skype unit over its failure to register as a telecommunications operator in accordance with local law, raising the question of what constitutes a phone company in the age of Internet-based communications.

The French regulator, known as Arcep, said in a statement that it had “on several occasions"ť asked Skype Communications, based in Luxembourg, “to declare itself an electronic communications operator,” and that the company had not acted.

A company acting as a telecommunications operator incurs certain obligations, the agency said, notably that “of routing emergency calls and putting in place a means for allowing legal wiretapping.”

Skype and other Internet phone services use a system called voice-over-Internet protocol to enable conversations and video meetings over the Net. The service, which Microsoft acquired from eBay in 2011 for $8.5 billion, claims hundreds of millions of users worldwide.

The French action comes at a tricky time for Microsoft, which has come under pressure recently from digital rights groups over how data about users collected from Skype is shared with advertisers and law enforcement agencies.

Arcep said users could make Skype calls from a computer or smartphone. “In effect,"ť the regulator said, “this service constitutes furnishing a telephone service to the public.”

French law does not require that a telecommunications operator obtain administrative authorization, Arcep said, but “only a prior declaration.” Failure to follow the law is a criminal offense, however, and Arcep said it was turning the matter over to Paris prosecutors.

A Microsoft spokeswoman in London did not immediately respond to a request for comment.
https://www.nytimes.com/2013/03/13/t...osecutors.html





The Government Might Want To Legalize Phone Unlocking, But Unfortunately It Signed Away That Right
Mike Masnick

We've written plenty about the Librarian of Congress' decision to remove the DMCA anti-circumvention exemption that applied to mobile phone unlocking, along with the White House petition that got over 100,000 votes, and the White House's quick response to say that it agreed that phone unlocking should be legal. But for reasons that are not at all clear, it seemed to think it was something that could be fixed by telco law, even though it was copyright law that got us into the mess.

Lawyer Jonathan Band, who works for the Association of Research Libraries, has put out a really excellent short legal primer on the issue, which is a highly readable 8 pages, and covers all the necessary details and background, including a few things you probably have not read elsewhere (such as how some court cases had already narrowed the old "exemption" anyway). However, the most interesting part to me is where he talks about how the White House's position is likely in violation of existing international trade agreements and almost certainly against what the administration itself, via the USTR, is proposing in the Trans Pacific Partnership (TPP) discussions:

The White House position, however, may be inconsistent with the U.S. proposal in the Trans-Pacific Partnership Agreement (TPP) and existing obligations in the KoreaU.S. Free Trade Agreement (KORUS) and other free trade agreements to which the United States is a party. This demonstrates the danger of including in international agreements rigid provisions that do not accommodate technological development.

KORUS obligates the United States and Korea to adopt provisions concerning the technological protection measures based on section 1201 of the DMCA. Furthermore, KORUS mandates that the parties "confine exceptions and limitations" to the circumvention prohibition to a specific list of exceptions that matches the specific exceptions in the DMCA. Cell phone unlocking, of course, is not on that list. KORUS does allow for administrative procedures like the DMCA's rule-making to adopt temporary exemptions, but not permanent ones. The challenge before Congress is to devise a permanent exception for cell phone unlocking that does not breach the obligations under KORUS and other similar free trade agreements.

The draft text for TPP is secret, but the U.S. proposal for the IP chapter was leaked two years ago. The leaked proposal contained KORUS's closed list of exceptions. Because TPP is currently under negotiation, there still is time to make sure that the TPP does not prevent national governments, including the United States, from amending their laws to permit the unlocking of cell phones and other wireless devices.


This is why we find international agreements like ACTA, TPP and now TAFTA so worrisome. Even when they do not directly change the law, they often lock us into bad laws such that we cannot easily fix them. This is one small example, but an important one. Hopefully, the White House and the USTR will (1) release the current negotiating text for the IP chapter on the TPP so that knowledgeable people can go through and it make sure these little "easter eggs" are not present (2) make a clear and definitive statement that it will not agree to any international agreement that would do something as ridiculous as tie Congress's hands when it comes to allowing people to unlock their mobile phones.
https://www.techdirt.com/blog/wirele...at-right.shtml





Cellphones: A Teen's Lifeline to the Internet
Camille Bautista

It's a sight that's all too common, now: teenagers never looking up, glued to their cellphones every hour of the day. Text messages may seem like the major culprit for this behavior, but a new report shows that one in four teens use cell phones as their device of choice when browsing the web.

According to a study by Pew Research Center’s Internet and American Life Project, mobile access to the Internet is pervasive among teenagers. Instead of using desktops or laptops, most rely on their phones to go online. The survey of teens ages 12 through 17 found that 78% have a cellphone, with nearly half of those being smartphones.

Compared to one in four young adults who are "cell-mostly" users, only 15% of adults rely solely on their phones.

Although teens are just as likely to have a cellphone as they are to have access to a desktop, their home computers are often shared with family members, resulting in privacy issues and limited time online. Mary Madden, senior researcher at Pew Internet Project, explains that it's much more convenient for teens to check social networks or search for videos via mobile since they sleep with their phones on or near their bed.

"Unlike many adults, teens aren’t sitting in front of a desktop or computer all day at work, so the different rhythms of daily life may be a factor influencing the different patterns of use," Madden tells Mashable.

Unsurprisingly, older teenage girls are more likely to be "cell-mostly" users (34%), and 74% of all teens say they occasionally access the Internet on phones, tablets and other mobile devices.

"In many ways, teens represent the leading edge of mobile connectivity, and the patterns of their technology use often signal future changes in the adult population," Madden says.

The findings cut across the economic board. Out of those who have Internet access, teenagers in lower socio-economic groups are just as likely — and sometimes even more likely — to use cellphones as primary access points than teens in higher-income households.

In general, smartphone ownership is up, as well, with 37% of American youth owning a smartphone compared to 23% in 2011.

But this extensive use is cause for parental concern. With their kids constantly connected to personal devices, how can parents monitor use and ensure safety? Indeed, the ability to restrict a child's exposure to specific content is much easier on shared desktops.

"Another tension point emerges around the importance of phones for managing the logistics of family life, such as many parents cannot or will not take their child’s phone away from them," Madden says.

It turns into a balancing act, she explains. Parents need to be close observers, and guide their kids' online use, but every teenager wants to maintain their own private social space.
https://mashable.com/2013/03/13/teen-cellphone/





Think the Napster Revolution Is Over? Think Again
Angela Watercutter

Shawn Fanning has been toying with the idea of releasing the Dead Sea Scrolls of the digital music revolution.

The guy who wrote the code that became Napster is talking with Alex Winter – the man responsible for the documentary film detailing his exploits with the file-sharing service – in the hotel room of Sean Parker, who co-founded Napster with him more than a decade ago. Fanning claims he’s been “joking” about releasing the code, but Winter is adamant that he follow through.

“Don’t joke!” he said. “We want to do it.”

“It might be really funny actually … it’s just been sitting around,” Fanning notes. But he’s still not sure. In fact, after all the different deals and attempts to save or squelch Napster, he can’t even remember who owns it. He thinks it’s Best Buy. Winter thinks it’s Rhapsody. (Winter is probably right.)

“It’s crazy because the source, it’s basically been sitting in an archive somewhere. It’d be amazing to just release it,” Fanning said. He thinks about it a bit more. “Man, I’d be nervous about people seeing it, it’s such a spaghetti code.”

For tech historians, it would be amazing to see the strings of code that forever changed the relationship between technology and music, but Fanning needs to mull it over. The thought lingers for a moment before Parker enters the room and the conversation begins to shift, but only slightly. Winter’s film about Napster – Downloaded – premiered at the South By Southwest Film Festival here Sunday, and it has everyone thinking about how they used to party back in 1999 (hint: there was a lot of code-writing and lawyering-up).

“I think everybody felt a sense of things weren’t quite closed – there was no formal closure,” Fanning said after nearly a half-hour of recalling the old days with Parker and Winter. “Alex trying to tell the story in the larger context really did feel like the right way to look at it.”

If there was ever a film more suited for SXSW than Downloaded, you’d be hard-pressed to find it. It examines the founding, rise, and fall of Napster, and its resonance with problems still seen in the tech world (Megaupload anyone?) means it perfectly straddles the conference’s Interactive and Film worlds. There was even a panel – including the Electronic Frontier Foundation’s John Perry Barlow – Tuesday to discuss the film, how the tech world has changed (and not changed) since Napster and what should be done to move forward.

But why should anyone listen to the founders of Napster about how to move forward? Because their story has repeated itself many times over the years and there’s a good chance it could happen again. It’s even been repeated in the companies Napster’s founders went on to start, like Spotify, where Parker had trouble convincing record labels to go along with its streaming-music-on-smartphones model. A complex feat, especially for someone who had to reopen relationships with people whose business he had seriously disrupted before.

“They were all kind of OK with it because they felt like they’d won, but really they’d lost – they won the battle but lost the war,” Parker said. “[But] the fact that four years ago that was still controversial?”

If past is prologue, here’s the prologue, as presented in Downloaded: A young man named Shawn Fanning goes online in November, 1998 under the handle “napster.” He uses IRC to solicit input on a project from teenagers known online as “Man0war” (Sean Parker), “Mars” (Ali Aydar) and “Nocarrier” (Jordan Ritter). Fanning wants to build an online community that will allow people to access the music on each others’ hard drives. He spends six months writing the code. Of course it eventually hits college campuses and becomes a massive phenomenon. His IRC buddies become his colleagues. Napster starts a digital revolution while draw the ire of the Recording Industry Association of America. The resulting legal fights lead to Napster’s eventual — inevitable? — demise, but not before it utterly remakes how we listen to music.

“I just felt like this was on of the great moments in human history – and I still do,” Barlow says in the film. “But of course great moments in human history usually have an opposition that is exactly proportional to their greatness.”

Sound familiar? It should. Swap music file-sharing for leaking diplomatic cables and you have WikiLeaks. Substitute upsetting big media companies for upsetting big media companies and you have Megaupload. But whereas we’ve already seen what happened to Napster, the dramas around WikiLeaks and Megaupload are still unfurling.

“Because it’s not political, because I’m not trying to wrap up Bradley Manning or the Arab Spring, you can just kind of hopefully listen to what these guys are saying about what their intentions were with technology and how it could be used by culture and I think those arguments are absolutely the same across the board – whether you’re [WikiLeaks founder Julian] Assange or Mark Zuckerberg, or whoever you are,” director Alex Winter told Wired before SXSW when asked about using Downloaded as an allegory for other online movements.

The other demonstration of Napster’s pertinence to our online lives now is its smaller, oft-forgotten role as a social networking service.

“This was the first time I know of, in mainstream history, where people had a social life online. And then after Napster went down, a few years later I start hearing about Friendster, and then of course Myspace and then of course Facebook and all that,” Napster’s Mac QA engineer Aaron Guadamuz notes in the film. “Everyone just thinks of it as being the file-sharing technology, but I really think it was the seed of that stuff, too.”

That may seem like a stretch, but not a very big one considering how much early social networking services traded in connecting people via music taste – see also: Parker’s eventual role in Facebook.

Despite the Napster story’s relevance to present predicaments like those facing WikiLeaks or Megaupload, Downloaded doesn’t offer solutions. Seeing where Fanning and Parker were derailed provides no answers to how other disrupters might avoid the same fate. That was intentional. Winter didn’t want to offer a solution that, he believes, his subjects are still working out.

“The future is unfolding – everybody’s in the trenches,” Winter said. “That’s what I love about these guys, they’re in the trenches working this stuff out ten years later. They didn’t go back to their corner with blood on their face and just go into the toiletries industry. Everybody’s trying to work this stuff out.”

Downloaded is a VH1 Rock Doc that will have a theatrical run before hitting cable, but Winter says that – true to his film’s mission – the ultimate destination for his movie is digital download. Which begs the question: Is he worried about piracy? Wired spoke with Winter before he even left for Austin to find out if that was plaguing him.

“This isn’t a Creative Commons movie and I’m really interested in Creative Commons and I think what the guys did with Away From Keyboard is really brilliant and fits really perfectly fits the ethos of the whole Pirate Bay movement really well and very snugly,” Winter said. “For me, with Downloaded of course it’s going to end up on torrent sites, that’s just part of the fabric of the world we live in.”
http://www.wired.com/underwire/2013/...arker-napster/

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

March 9th, March 2nd, February 23rd, February 16th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 03:25 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)