posted about 1 month ago on techdirt
There has been a drumbeat punctuating the past decade or so that goes something like: everything is political. It's not really true, of course, but that mantra is used by those who want to inject politics into everything as an excuse for doing so. That makes the world a much more tiresome place to exist. Unfortunately, it seems both that politics really does infect aspects of our lives it should not, as does intellectual property bullshit. Which brings us to Donald Trump and his fairly lame Game of Thrones meme he tweeted out, apparently as a warning shot of TBA foreign policy towards Iran. pic.twitter.com/nk2vKvHuaL — Donald J. Trump (@realDonaldTrump) November 2, 2018 Herr Trump tweeted this out on November 2nd and did indeed follow up with new sanctions on Iran on the fifth. The analogy, of course, doesn't really work, since the "winter" from GoT refers to the whitewalker zombies and the whole phrase is a warning about what this evil army will do when they arrive, rather than being some kind of call to arms against an evil army... but I digress. Whatever you think of the meme or Iran sanctions generally, there was very little offense to find in any of this. But there was a great deal of fun to be had by the internet in response. Folks began responding with memes of their own—”Indictments Are Coming” etc.—and even the show’s cast got involved. Sophie Turner, who plays Sansa Stark, replied“Ew,” and Maisie Williams (Arya Stark), in perhaps the best Twitter drag of the day, retweeted the president and just added “Not today.” (“Not today,” for those who don’t remember, is what Arya Stark’s swordfighting instructor, Syrio Forel, told her is what she should say to the god of death.) Pretty standard fare in our Twitter politpocaplyse through which we are all living. And, again, judging by other news cycles we're forced to endure on what feels like a weekly basis, this is pretty tame and non-offensive. Which is what makes it strange that HBO decided to pretend there was a trademark issue in any of this. How do you say trademark misuse in Dothraki? — HBO (@HBO) November 2, 2018 Despite being a fan of the show, I don't know the answer to this question. Which doesn't really matter, because it's an irrelevant question to begin with. Nothing about Trump's tweet and meme is in any way trademark misappropriation or infringement. There is no public confusion. No common marketplace. This is purely fair use. And HBO should know as much, so litigious and bullying have they been in the past -- both generally and specifically when it comes to Game of Thrones. So, HBO... just don't. It already seems like politics invades everything, and intellectual property invades everything. Combining the two? That's way worse than any army of whitewalkers. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
For the last decade the cable and broadcast industry has gone to great lengths to deny that cord cutting (dropping traditional cable for streaming alternatives, an antenna, and/or piracy) is real. First, we were told repeatedly that the phenomenon wasn't happening at all. Next, the industry acknowledged that, sure, a handful of people were ditching cable, but it didn't matter because the people doing so were losers living in their mom's basement. Then, we were told that cord cutting was real, but was only a minor phenomenon that would go away once Millennials started procreating. Of course none of these claims were true, but they helped cement a common belief among older cable and broadcast executives that the transformative shift to streaming video could be easily solved by doubling down on bad ideas. More price increases, more advertisements stuffed into every viewing minute, more hubris, and more denial. Blindness to justify the milking of a dying cash cow instead of adapting. Shockingly it's not working, with the third quarter seeing the same old story, as a significant number of customers decide to drop the bloated, expensive, traditional cable bundle: Cord cutting monitor, Q3 edition (Pay TV subscribers lost):AT&T: -346K*Comcast: -106KVerizon: -63KCharter: -66KDish: tbdAltice: tbd *added 49K for Internet TV — Aaron Pressman (@ampressman) October 26, 2018 A study this week by Morning Consult once again made the obvious point that if cable operators want to adapt to this new competitive threat, they absolutely must compete on package flexibility (giving users greater control over the channels they choose in their bundles) and price: "The poll, conducted from Oct. 18-19 among a national sample of 2,201 adults, found 65 percent of respondents said that TV bundles force consumers to pay for channels they don’t want, with 73 percent of Americans saying they would prefer to choose the exact channels included in their cable or satellite TV packages." For most people, cost was the biggest reason for cutting the cord: 63 percent said the expense of a cable subscription was a major factor in dropping it, while 53 percent said the same for ending their satellite subscription. The second most common factor for cancellations, cited by 37 percent, was the ability to access all desired content through streaming services. That cable needs to finally seriously compete on price isn't a new message; it's just that the industry doesn't want to hear it. That is largely because some of these companies (mostly cablecos) have an ace in the hole: a growing monopoly over broadband. Comcast, for example, has responded to the cord cutting threat by imposing usage caps and overage fees upon huge swaths of its barely-competitive broadband footprint to both a) raise prices on captive broadband customers, and b) use caps and overage fees to punish users for dropping their traditional cable TV packages. They get their pound of flesh one way or another, thanks to the sorry state of the broadband sector. Again, there are no good choices here if you're a cable and broadcast industry executive actually interesting in staying in the TV business, where actual competition is only just starting to heat up. Either you ignore consumer demand for a cheaper, better, and more flexible product and suddenly find yourself in a terrible hole and behind more agile competitors. Or you adapt, take an upfront financial hit, and at least get out ahead of a trend that's been obvious for the better part of the last decade. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Remote desktop apps are nothing new, but too many force you to endlessly pinch and zoom just to see what's happening on your mobile device. Parallels Access is different. Parallels' Applification technology lets you use all of your desktop applications as if they were native apps for your iOS or Android device. With a single tap, you can connect to your computer, access important files, and easily use your apps in full-screen and with intuitive touch controls. A one year subscription is on sale for $10. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Legislation arising from tragedies is almost uniformly bad. One need only look at the domestic surveillance growth industry kick started by the Patriot Act to see that fear-based legislation works out very badly for constituents. A few New York lawmakers are reacting to the horrific Tree of Life synagogue shooting in Pittsburgh, Pennsylvania with a gun control bill that makes zero sense. Expanding on criminal background checks, these legislators are hoping to give law enforcement the opportunity to dig through gun buyers' online history. Eric Adams, the president of Brooklyn Borough, and state Senator Kevin Palmer are currently writing the proposed legislation, which would give law enforcement authorities the power to check up to three years of an individual’s social media accounts and internet search history before they are allowed to buy a gun, WCBS Newsradio 880 reported. One of the main aims is to identify any hate speech shared by the users, as the politicians noted that such offensive comments are generally only discovered after mass shootings occur. The facile explanation for this ridiculous piece of legislation is this: somehow the Pittsburgh shooter might have been prevented from buying a gun because he posted anti-Semitic content to a social media platform. This premise will only make sense to those incapable of giving it more than a superficial examination. First off, gun ownership is Constitutionally-protected, whether these legislators like it or not. It doesn't make sense to abridge someone's rights over social media posts, even if the posts contain bigoted speech. That speech is also protected by the Constitution, so combining the two simply doubles the chance the law will be struck down as unconstitutional. Plenty of people engage in ignorant bigotry. Not all of them are would-be criminals. This law would treat every gun buyer as a suspected criminal who may only take advantage of their guaranteed rights by engaging in government-approved speech. That's completely the wrong way around. This Brooklyn lawmaker doesn't seem to understand this inversion even when he directly, if inadvertently, addresses it. “If the police department is reviewing a gang assault, a robbery, some type of shooting, they go and do a social media profile investigation,” the borough president pointed out. Yes. But in these cases, a criminal act has occurred and an investigation is warranted. This legislative proposal treats gun buying as a crime and people's social media history as some weird form of evidence. That's fucked up, no matter how you might feel about the Second Amendment. Lots of shitposting and venting can look dangerous if viewed solely in the context of finding a reason to deny someone a gun. Then there's the still unaddressed question of what law enforcement is supposed to do if it decides someone's social media posts are worrying enough they should be denied gun ownership. Are officers supposed to head out and arrest this person for being aggressively racist? Is that where this is headed? Are these legislators actually going to enable literal policing of speech? And how is this supposed to be accomplished? Would potential gun buyers be forced to relinquish account info and passwords to ensure law enforcement is able to see everything purchasers have posted? These are all worrying questions, none of which anyone involved with this bill seems to have answers for. Sure, it's still early the legislative process, but these lawmakers are speaking about it publicly using specious reasoning and inapt comparisons. This suggests they like the idea they've had, but haven't really thought about it past the point of "the Pittsburgh shooter posted racist memes, therefore this would definitely work." This quote, given to the New York Post, adds more words but no more clarity. And it certainly doesn't do what Eric Adams claims it does: Adams said the bills take the First Amendment right to free speech and the Second Amendment right to bear arms into the equation. “We’re not talking about a person advertising ‘I hate a particular elected official. I hate a policy that’s passed,’” Adams said. “If there’s something that a law enforcement officer of a reasonable mind reviewed that shows this person does not hold the mental capacity to own a gun, then he should not be able to get a permit. We should use the same standard that determines whether a police officer can carry a gun.” It doesn't take either of those rights into account. It simply says police will now be allowed to view three years of social media history (along with search history from Google, Yahoo, and Bing) to determine gun ownership eligibility. All Adams says is it won't be used to punish certain protected speech. (And it will be used to punish this specific protected speech because any law that can be abused by the government will be abused by it.) To add to surreality of the proposal, Twitter For Bigots Gab won't be included in the social media monitoring despite this being the site where the Pittsburgh shooter posted the comments these legislators point to as the impetus for this terrible legislation. No matter how it's pitched, it all comes down to this: no Second Amendment rights for New Yorkers if they don't use their First Amendment rights in a way their government approves. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Despite numerous government initiatives and countless promises from the telecom sector, our national robocall hell continues. Robocalls from telemarketers and scammers continue to be the subject the FCC receives the most complaints about, and recent data from the Robocall Index indicates that the problem is only getting worse. Consumers are routinely hammered by mortgage interest rate scams, credit card scams, student loan scams, business loan scams, and IRS scams. In September, group data showed that roughly 4.4 billion robocalls were placed to consumers at a rate of 147 million per day. The trend is not subtle: Usually, you'll see the FCC crack down hard on small robocall scammers if the case is a slam dunk. But you'll never really see the agency hold giant carriers accountable for their longstanding apathy, blame shifting, and tap dancing that they have engaged in in terms of quickly adopting modern technical solutions to the problem. This week, FCC boss Ajit Pai took a break from neutering popular consumer protections to send a letter to 13 companies including AT&T, Sprint, T-Mobile, and Google, demanding they all do more to help protect consumers from robocalls. In a separate statement (pdf), Pai declared that if things don't start improving by next year, he'll maybe actually do something about it: "Combatting (sic) illegal robocalls is our top consumer priority at the FCC. That’s why we need call authentication to become a reality—it’s the best way to ensure that consumers can answer their phones with confidence. By this time next year, I expect that consumers will begin to see this on their phones...If it does not appear that this system is on track to get up and running next year, then we will take action to make sure that it does." Pai's letter resulted in numerous outlets stating that carriers must finally move quickly on the scourge of robocalls, "or else." Some outlets took the FCC's letter to mean that carriers absolutely had to solve robocalls by next year or something ambiguously serious would happen to them. But that's not likely to be the case. Giant carriers have, if you haven't noticed, found the Trump FCC to be a mindless rubber stamp for every single one of their wishes, no matter how preposterous. Surely they're terrified that Pai may actually send them some additional snarky letters. After all, AT&T spent years trying to blame the FCC for its own failure to do more on this front, with zero real repercussions for the behavior (aside from being appointed lead on a "strike force" a few years back that pretty clearly hasn't addressed the problem). Like past FCCs under opposing parties, the agency loves to do this thing where it "demands" carriers do something they already planned to do. In this case, it's the adoption of a new SHAKEN/STIR call authentication technology to hinder the use of spoofed numbers, which are all but impossible to police. Outside of a few holdouts (CenturyLink, Frontier), most of the carriers Pai sent letters to this week are already engaged in trials of this new technology, and have publicly stated they'll be launching the tech in early 2019. In short, Pai is "demanding" that carriers adopt technology he knows they already planned to adopt. But his failure to impose a hard deadline (unlike, say, Canada), and his legacy so far of being aggressively cozy with the companies he's supposed to hold accountable, means that it's pretty unlikely that companies that fail to keep pace on SHAKEN/STIR deployments will actually see much in the way of punishment. After all, wasn't letting giant, lumbering telecom monopolies pretty much do whatever they want supposed to be a mystical panacea for the ills of the telecom sector? Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Late last week, Torrentfreak had a fascinating story about Bahnhof's response to a court case demanding it block the site Sci-Hub due to demands from Elsevier that Sci-Hub was inducing infringement of academic papers. We've written in the past about Sci-Hub. Rather than an evil piracy site as Elsevier likes to imply, it is a very clever system to allow academics to share and access other academic works. Of course, Elsevier prefers to lock up academic research that it did not pay for, which is a travesty. And it has gone after Sci-Hub in multiple jurisdictions, and is constantly playing a form of Whac-a-Mole as Sci-Hub keeps on moving around (not to mention each attempt at taking it down only seems to add to Sci-Hub's popularity). In this case, Elsevier sought a blocking order in Sweden. The Swedish ISP, Bahnhof, which has spent years pushing back against copyright maximalist extremism, but without much luck. In giving in to the block demand, however, Bahnhof went a step further. It also put up a "block" for any subscriber visiting Elsevier's sites or the court's sites: These are not full "blocks" per se. After reading Bahnhof's protest message, you can then apparently click through to the original site. I posted this on Twitter on Friday and it got a huge response, with many people cheering it on. I think many of them had an initial gut reaction that this was a clever (and somewhat amusing) way to protest what many people feel is an unjust blocking order by turning the tables on those who requested and approved the blocking order. Indeed, that was my instinctual reaction as well. But, I don't think we should be that celebratory about this. For one thing, this is exactly the kind of thing that many of us warn about concerning a lack of net neutrality laws. In this case, many people support this because they all agree that Elsevier is being ridiculous and censorial here. But... it's not hard to imagine a different situation. How would people feel if an ISP were, say, putting up a similar block page for anyone trying to visit a union webpage of striking telco workers? Because that happened once in Canada. Then... it feels a bit more like a giant company using its market position to silence critics in its workforce. We shouldn't change our views on what is and what is not okay for an ISP to do based solely on whether or not we like who is put out by the decision. Sweden doesn't currently have net neutrality rules as far as I can tell, though ironically it appears that Bahnhof sells a pro-net neutrality hoodie. But blocking sites -- even to make a good point in the ridiculousness of the site blocking order -- still goes against net neutrality and raises serious questions about whether anyone should want an ISP inspecting the sites that we go to and interjecting its own man in the middle attack to make a political message. Suddenly... it doesn't look quite as clever in that light. I understand the value of protesting an unjust court ruling, and this certainly feels like just desserts for Elsevier and the court, but we should always see it as problematic when an ISP is getting between us and the sites we want to visit, even if it's for a good cause. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Those familiar with how multiplayer online gaming works know that inter-player chat is both a feature of this gaming genre and one of its primary hellscapes. On the one hand, in-game chat can be both fun when it's part of the game and funny when you get lively banter between players. On the other hand, such chat is also rife with stupid, sophomoric, abusive language casually bandied about by teens and adults alike. Because of this, some game developers have tried to limit what words can be inputted into the game's chat system. The end result of this is mostly spectacular creativity for players dedicated to being assholes in getting around such systems. But for Rockstar, when it came to the online portion of Grand Theft Auto, this chat blacklist was also a place to stupidly blacklist references to illicit gaming sites like "The Pirate Bay", meaning users entering that text would see their words simply disappeared. But this all gets doubly stupid now that Rockstar is set to release Red Dead Redemption 2, within which it simply ported over its previous blacklist. As revealed by a user on Reddit, the company has implemented a banned words list, which attempts to deter people from using some of the worst sexual, racial, and religious insults, which is fair enough. However, the developer has also seen fit to prevent players from talking about sites like The Pirate Bay, with the word ‘PirateBay’ banned from the game. Since the galaxy’s most resilient torrent site is hardly a friend of the gaming industry, the decision is not that much of a surprise. However, the developer goes much further with a whole range of bizarre censoring decisions that start of weirdly and get worse. Taking them in alphabetical order, first up we have the term ‘BTJunkie’, which refers to a once-prominent torrent indexing site. What’s so special about this platform is that it’s been shut for well over six years. In fact, the site closed down for good in 2012following the massive raid on Kim Dotcom. Safe to say, it’s not coming back. The examples go on from there. Now, there are a couple of things to say about this. Obviously blacklisting long-dead websites, even if it would have been once understandable that a game developer would want to keep those names out of the game chat, is painfully stupid. I'm not sure what Rockstar thinks it was accomplishing by keeping those site names out of their game chat when those sites were live, but I'm super-certain that they're accomplishing nothing by doing so when those sites are dead. And because, of course, there is the inevitable collateral damage caused by such word-bans. The initialism ‘VCDQ’ has also made it onto Rockstar’s Great Firewall, which is nothing short of ridiculous. VCDQ – otherwise known as VCDQuality – was a site that reported on freshly-leaked pirate copies of movies and commented on the quality of the release. The site never offered copyrighted content and was a really useful platform. It too has been dead for a number of years. The other thing to say about this is simply that any company that would so callously treat chat censorship in this way, where the company thinks that a simple port of old blacklists would suffice, is a company that doesn't care much for its own players. Gaming companies can put in these blacklists if they like, and they might be good things when it comes to hateful and abusive language, but they should do so with care. Gamer interaction is kind of a key component of online multiplayer, after all. To treat banning words with so little regard isn't a great look. So, the end result? Anyone want to place money betting that this censorship of its own customers has made Red Dead 2 free from abusive language and conduct? Or that there aren't more examples of collateral damage out there, specifically since the blacklist also bans the word "Torrent" entirely? I didn't think so. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Back in September, Techdirt wrote about the oddly-named 'Plan S', which was nonetheless an important step forward for open access in Europe. As we remarked then, the hope was that others would support the initiative, and that has now happened, with two of the biggest names in the science funding world signing up to the approach: To ensure that research findings are shared widely and are made freely available at the time of publication, Wellcome and the Bill & Melinda Gates Foundation have today (Monday) joined cOAlition S and endorsed the principles of Plan S. An article in Nature on the move notes that Wellcome gave out $1.4 billion in grants in 2016–17, while the Gates Foundation spent $4.7 billion in 2017, although not all of that was on science. So the backing of these two organizations is a massive vote of confidence in Plan S and its requirements. Wellcome has also unveiled its new, more stringent open access policy, which includes a number of important changes, including the following: All Wellcome-funded research articles must be made freely available through PubMed Central (PMC) and Europe PMC at the time of publication. We previously allowed a six-month embargo period. This change will make sure that the peer-reviewed version is freely available to everyone at the time of publication. This move finally rectifies one of the biggest blunders by academic funding organizations: allowing publishers to impose an embargo -- typically six or even 12 months -- before publicly-funded research work was freely available as open access. There was absolutely no reason to allow this. After all, the funding organizations could simply have said to publishers: "if you want to publish work we paid for, you must follow our rules". But in a moment of weakness, they allowed themselves to be bamboozled by publishers, granting an unnecessary monopoly on published papers, and slowing down the dissemination of research. All articles must be published under a Creative Commons attribution licence (CC-BY). We previously only required this licence when an article processing charge (APC) was paid. This change will make sure that others -- including commercial entities and AI/text-data mining services -- can reuse our funded research to discover new knowledge. Although a more subtle change, it's an important one. It establishes unequivocally that anyone, including companies, may build on research financed by Wellcome. In particular, it explicitly allows anyone to carry out text and data mining (TDM), and to use papers and their data for training machine-learning systems. That's particularly important in the light of the EU's stupid decision to prevent companies in Europe from carrying out either TDM or training machine-learning systems on material to which they do not have legal access to unless they pay an additional licensing fee to publishers. This pretty much guarantees that the EU will become a backwater for AI compared to the US and China, where no such obstacles are placed in the way of companies. Like Plan S, Wellcome's open access policy no longer supports double-dipping "hybrid journals", which charge researchers who want to release their work as open access, but also require libraries to take out full-price subscriptions for journals that include these freely-available articles. An innovative aspect of the new policy is that it will require some research to be published as preprints in advance of formal publication in journals: Where there is a significant public health benefit to preprints being shared widely and rapidly, such as a disease outbreak, these preprints must be published: before peer review on an approved platform that supports immediate publication of the complete manuscript under a CC-BY licence. That's eminently sensible -- in the event of public health emergencies, you want the latest research to be out there in the hands of health workers as soon as possible. It's also a nice boost for preprints, which are rapidly emerging as an important way of sharing knowledge. The Gates Foundation has said that it will update its open access policy, which in any case is already broadly in line with the principles of Plan S, over the next 12 months. Even without that revision, the latest announcement by these two funding heavyweights is highly significant, and is likely to make the argument for similar organizations around the world to align their open access policies with Plan S hard to resist. We can therefore probably expect more to join cOAlition S and help bring the world closer to the long-cherished dream of full open access to the world's research, with no embargoes, and under a permissive CC-BY license. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
In late September, Mike joined a panel at the Lincoln Network's Reboot conference to tackle the question "will rising activism limit government’s access to Silicon Valley?" along with Trae Stephens, Pablo E. Carrillo, with moderator Katie McAuliffe. For this week's episode, we've got the full audio from that panel plus an additional introduction from Mike with some thoughts after the fact. Enjoy! Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes or Google Play, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
As Election Day 2K18 rolls on, the good news continues to roll in, he said in his most Professor Farnsworth voice. It's never good news, not if we're talking voting machine security. Kim Zetter, writing for Motherboard, has obtained a manual for devices made by Unisyn Voting Solutions, which provides horrendous security advice for users of its products. There are federal guidelines for voting systems. The Elections Assistance Committee makes the following recommendations for passwords: [E]lection officials are encouraged to change passwords after every election. Passwords should also have the following characteristics: they should be at least six characters, preferably eight, and include at least one uppercase letter, a lowercase letter, at least one number and a symbol. It also says, though, that passwords should be easy to remember so that employees won't need to write them down, "yet sufficiently vague that they cannot be easily guessed." Unisyn has apparently decided minimal security efforts are badly in need of disruption. To begin with, the device manual suggests users should simply use variations of the default password the devices ship with. That password is the company's name with a "1" appended to the end of it. This easily-guessed admin password should then be immediately replaced with… an easily-guessed password. Once logged into the system the credentials needed to access the tabulation monitor or the system for creating reports of ballots and vote tallies are different. The username is again a simple word to log in. The password is the same word with "1" appended to it. Users are told that to change the password when prompted, they should simply change the number sequentially to 2, 3, 4, etc. The Unisyn manual takes the EAC guidelines and throws them out. It then makes a minimal nod towards compliance before throwing everything out a second time. Remember the part about not writing down passwords? The sort of thing no one should do because it defeats the purpose of password security? Here's Unisyn's scorching hot take on EAC compliance: "You will be periodically asked to change your password per EAC regulations," [the manual] notes. But instead of providing customers with sound instructions for changing passwords—such as creating completely new passwords and not re-using them—the manual instructs them to simply alternate between a system administrator and a root password each time they are prompted to change the password. Space is provided below this instruction for election workers to write down which password they are using at any given time. If there's good news, it's that these machines aren't in use everywhere. Just 3,500+ jurisdictions in ten states. They're also fairly insulated from online attacks, since they're not supposed to be connected to the internet. This means attackers will most likely need physical access to the devices. Good thing these only get touched by non-election personnel every couple of years or so! Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
A brave new world of voter suppression is upon us. It isn't shadowy government guys with guns patrolling polling centers in search of "voter fraud" unicorns. It isn't the surrealistic landscapes created by gerrymandering. It isn't even the messages being sent from the top man in the land: that people who aren't Caucasian are probably bussed-in illegals voting straight Democrat. This new voter suppression flows through the internet, originating in closed chat sessions and manifesting as disinformation campaigns meant to steer certain voters away from the polls. In a private “strategy chat” with more than 40 far-right trolls, one user who tried to create a new Twitter account to spread disinformation ahead of Tuesday’s midterms elections described how he had hit an immediate roadblock: Twitter banned him for deliberately giving out the wrong election date. “Were they really banning people for saying [vote on] November 7? Lol, whoops,” the user, whose name was a racist joke about Native Americans, wrote. “Maybe that’s what got me shadowbanned.” As the report points out, some of Twitter's anti-election interference efforts appear to be working. Tweets containing the wrong voting date were blocked before they were seen by other users. But there's only so much algorithms can catch. Faced with this blocking, the trolls viewed in this chat room adjusted their tactics. Several were successful in creating unique identities that appeared to be middle-aged women who posted anti-Trump rhetoric as part of a long-term effort to build up followings that could later be used to seed disinformation to hundreds or thousands of followers. If this seems counterproductive in terms of eliminating votes for non-Republican candidates, it actually isn't. As NBC's Ben Collins notes, this more clever effort has managed to elude moderators. Posting under hashtags like #nomenmidterm and #letwomendecide, these accounts are being used to deter male liberals from casting votes. The interference is coming from inside the house. Homegrown efforts are joining foreign state-sponsored interference to make every election from 2016's to the rest of forever seem tainted. This is piled on top of ongoing problems with electronic voting devices, which are notoriously insecure and far from user friendly. The democratic process appears to be no more secure than a connected tea kettle. But this cascade of bad news shouldn't deter anyone from voting. For the most part, the system works! (And by "system," I mean the actual act of voting, not necessarily the system run by those receiving votes…) Even if the individual act of voting can often feel pointless or useless, it's still better than the predetermined "elections" held by despotic governments where the outcome is made-up and the points don't matter. This also shows efforts to quell online disinformation are working to a limited extent. Combining humans and algorithms makes more sense than relying solely on one method, but both have their limitations. Human biases can strip the neutrality out of moderation efforts and algorithms tend to do one thing pretty well, but suck at anything else that requires comprehension of context, nuance, or sarcasm. This is the new normal for elections. Get used to it. But don't get discouraged. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
If you enjoy making new things, the CAD & 3D Printing eBook Bundle By Make: is right up your alley. The 12 books will help you learn about all forms of fabrication. Topics covered include, 3D carving, CNC Routing, 3D printing, and more. The bundle is on sale for $20. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
After having just successfully convinced the Trump administration to neuter state and federal oversight of lumbering telecom monopolies, those same companies continue their unyielding call for greater regulation of Silicon Valley. If you've been paying attention, you'll know that Comcast, AT&T, and Verizon's attack on net neutrality rules was just the tip of a massive, dysfunctional iceberg. Those companies have also convinced the Trump administration to effectively neuter FCC authority over ISPs, and are in the process of trying to ban states from protecting consumers from wrongdoing as well (you know, for freedom or whatever). With neither competition nor even tepid meaningful oversight in place, the kind of bad behavior we've long seen from Comcast appears poised to only get worse. At the same time, top lobbyists for the telecom industry continue to insist it's Silicon Valley giants that are in need of massive regulation. You're to ignore, of course, that these calls are coming just as giants like Verizon, AT&T, and Comcast try to pivot more fully from broadband into online video and advertising, in direct competition with the companies' they're calling to have heavily regulated. Former FCC boss Mike Powell, now the cable industry's top lobbyist over at the NCTA, has been leading this charge for much of the last year or two. Powell was back last week at an industry event insisting once again that government needs to step in and start heavily regulating the companies Powell's clients are trying to compete with: "I think there is a fundamental underappreciation in policy circles about the extraordinary power of the platforms and the data that rides on these companies and value of that information both as a competitive advantage as a platform and the potential dangers to consumers. “That has always been a naive concept and one that I think government was entirely inattentive to for too long, only to wake up in 2018 to realize there are some consequences that are not necessarily affirmative." Powell's of course trying to play up Silicon Valley's admitted and obvious naivete as it pertains to aiding the amplification of propaganda and racist drivel. But at the same time, of course, he's happy to ignore all of the obvious problems caused by his own sector's growing competition issues, which Powell will be happy to tell you don't exist. In fact back in March Powell gave a very similar speech during which he effectively accused Silicon Valley of most of the things the telecom sector has been doing for years: "Our governmental authorities need to get a handle on what kind of market power and harm flow from companies that have an unassailable hold on large pools of big data, which serve as barriers to entry, allowing them to dominate industries throughout the economy. For years, big tech companies have been extinguishing competitive threats by buying or crushing promising new technologies just as they were emerging. They dominate their core business, and rarely have to foreclose competition by buying their peers. Competition policy must scrutinize more rigorously deals that allow dominant platforms to kill competitive technologies in the cradle." While it's obvious that Silicon Valley has plenty of problems that need addressing, listening to Powell's advice (read: Comcast's advice) on these subjects is like getting fire safety advice from a serial arsonist. But for whatever reason it's advice that's clearly resonating in the Trump administration, which pretty consistently has called for antitrust inquiries into major Silicon Valley giants while neutering most meaningful consumer protections (from privacy to net neutrality) governing some of the most clearly anti-competitive and unpopular companies in all of American industry. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Yesterday we had a rather incredible story about Georgia's Secretary of State, Brian Kemp, who, despite the conflict of interest, is both running for Governor and in charge of making sure Georgia's elections are fair. Over the weekend, Kemp had made a highly questionable claim that his opponents in the Democratic Party of Georgia had attempted to hack the voter registration system, and he was opening an investigation. As we noted, what appears to have actually happened was that an independent security researcher had discovered massive, stunning, gaping security flaws in Georgia's voter registration system, that would potentially allow anyone to access anyone else's information and even modify it. That's an especially big deal in Georgia, where the very same Secretary of State Brian Kemp had pushed for laws that meant that if any of your ID information was different from what was in the voter system, you didn't get to vote. Incredibly, despite multiple security experts pointing out some fairly basic flaws, Kemp's office insisted the site was secure. According to press secretary Candice Broce: “We can also confirm that no personal data was breached and our system remains secure.” Elsewhere the Secretary of State's Office insisted there were no problems with the site. However, as ProPublica is now reporting, late Sunday night, after it had insisted there was nothing wrong, it appeared that someone behind the scenes was scrambling to patch the vulnerabilities: ProPublica’s review of the state’s voter system followed a detailed recipe created by the tipster, who was described as having IT experience and alerted Democrats to the possible security problems. Using the name of a valid Georgia voter who gave ProPublica permission to access his voter file, reporters attempted to trace the security lapses that were identified. ProPublica found the website was returning information in such a way that it revealed hidden locations on the file system. Computer security experts had said that revelation could give an intruder access to a range of information, including personal data about other voters and sensitive operating system details. ProPublica’s attempt to take the next step — to poke around the concealed files and the innards of the operating system — was blocked by software fixes made that evening. The same Candice Broce who had insisted that there was absolutely nothing wrong with the site then told ProPublica two obviously bullshit claims. First, that the setup that allowed users to see exactly where files were stored was standard practice, and so was making last minute changes to a voter registration website two days before an election: Broce said the ability to see where files were stored was “common” across many websites, and she said it was not an inherent vulnerability. She did not deny that the website’s code was rewritten and would not say whether changes were made as a result of the possible security holes. “We make changes to our website all the time,” Broce said. “We always move our My Voter Page to a static page before Election Day to manage volume and capacity. It is standard practice.” By Monday afternoon, the page did not appear to be static in the way Broce described, and she did not respond to a request to provide evidence of the change. Of course, as anyone who has done any serious website building in, let's say, the last 10 to 15 years, knows well, that is not at all standard practice. But, let's see the quote from an expert anyway: Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology in Washington, D.C., disputed that visibility into file storage was common. “It’s definitely not best practice,” he said. He said it appeared the state had made the change in response to being notified of the problem and could see no reason why officials would otherwise make such a change ahead of Election Day. Security experts frown on making such seemingly ad hoc changes close to major events, such as an election, because they can create unforeseen problems when made so quickly. Basically, it appears that Kemp and the Secretary of State's office are betting on voters in Georgia being totally ignorant. Meanwhile, this is the same office that just a couple months ago made the following bold statement: “There has never been a breach in the Secretary of State’s office. We have never been hacked, and according to President Trump and the Department Of Homeland Security, we have never been targeted. Georgia has secure, accessible, and fair elections because Kemp has leveraged private sector solutions for robust cyber security, well before any of those options were offered by the federal government.” I don't care what side of the partisan divide you fall on, but Kemp's actions in failing to protect the system, overseeing the voting in his own election, then attacking the messenger for pointing out his own vulnerability, denying the vulnerability, and then scrambling to fix the vulnerability at the last minute without telling anyone, should disqualify him from running a Burger King, let alone being Governor of the state of Georgia. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
We just covered cops getting all angry and sued as the result of their inability to not violate civil rights just because someone interrupted one of their sting operations. In that story, officers were upset a man had placed a cardboard sign dam in their revenue stream by warning drivers of a distracted driving sting a couple of blocks ahead. It's not a Connecticut thing. It's a #CopThing. Techdirt reader John Mehaffey directs us to another civil rights lawsuit stemming from sting operation disruption, this time in Nevada. There, John Hunt saw Boulder City cops running a sting involving a pedestrian crosswalk on the main drag. He wasn't impressed by their tactics. The fracas started in 2016 on Boulder City's main drag. Boulder City Police obtained federal funds to conduct a pedestrian sting operation, one designed to ticket motorists who fail to stop for pedestrians in this crosswalk on Nevada Way. A decoy in an orange shirt was assigned to walk back and forth across the road. There were problems from the start. "This decoy was doing shady things. We have him on video walking extremely slow, walking into the crosswalk at one-fifth the speed a normal person would walk, and he's stopping half-way and raising his hand," Stubbs said. Much like the Connecticut case we covered recently, this sting involved federal funds. The PD obviously didn't want this funding to dry up, so it needed to ticket as many people as possible, even if it meant utilizing a faux pedestrian who didn't behave like regular pedestrians. John Hunt was one of those ticketed for failing to yield to the PD's stunt walker. He went back to the scene of his crime and performed some pro se walking. The results were predictable. [A]ter being cited, he returned to the scene of the ongoing sting and began a one man protest, by doing the same thing the decoy was doing. It took hunt just over a minute to walk across the street three times. That was enough for police Sgt. John Glenn, who whipped into action. Sgt. John Glenn can be heard saying, "Come over here. Come over here. Because I said so." Within minutes, other officers converged, and the pedestrian protester was taken down, then taken to jail. The cops lied in their arrest report, stating that Hunt had "caused a vehicle to slam on its brakes and skid to a stop." (Even if true [it wasn't], the pedestrian had the right of way in the crosswalk... so... the crime is what exactly?) Dash cam obtained by Hunt's lawyer, Stephen Stubbs showed nothing like that ever happened. This resulted in the city dropping the charges against Hunt. Then Hunt decided to sue the city and, magically, the charges -- pushed by a new city attorney (and local religious leader) -- reappeared. City Attorney and local Mormon church stake president Steve Morris rang Hunt up for the original charge plus a few more. Hunt's lawyer complained on Facebook about the bogus charges. This led the municipal judge (and good Mormon) Victor Miller to hand down a completely unconstitutional gag order forbidding Hunt's lawyer from discussing the case anywhere but in court. This gag order was thrown out [PDF] by a district court judge who noted it seemed to be put in place solely to protect the judge from criticism. And it was so overbroad it could not possibly be viewed as Constitutional. [A]s couched, the Order is so broad both Mr. Stubbs and Mr. Morris could violate the mandate if they disparage their adversary even in a private conversation with their spouses or friends within the sanctity of their homes. The gag order was tossed in April. Six months later, Hunt has received another favorable ruling from a district court. A minute order [PDF] (one made orally prior to a written order) from district court judge Richard Scotti blasts the city for its vindictive prosecution and dismisses the bogus charges the city dumped on him after it found out it was being sued. The Court finds that the City vindictively prosecuted Appellant John Hunt when they resurrected their 2016 complaint against Mr. Hunt containing 3 additional claims, only six (6) days after Mr. Hunt filed a Civil Rights lawsuit against the City. Additionally, the Court finds Appellant satisfies the requirements needed to establish a presumption of vindictive prosecution and the prosecution fails to prove that the increase in severity of the charge did not result from any vindictive motive. The only evidence that the prosecution provides this Court to rebut Appellants claim of vindictive prosecution is that City Attorney Mr. Olsen was preparing for retirement and did not have a paralegal. This evidence is not sufficient to indicate that the increased charges could not have been brought before the defendant exercised his right. Almost Eleven (11) months elapsed between when the City dismissed all charges and Mr. Hunt filed his civil rights lawsuit. The prosecution had ample time to prepare a complaint the eleven (11) months previous to Mr. Hunt filing his civil rights lawsuit. The benchslap continues: The filing of the criminal complaint only days after Mr. Hunt filed his civil rights lawsuit, coupled with the facts that the City of Boulder City previously dismissed the criminal case rising from June 8, 2016 and has not received any additional evidence, clearly indicates that the prosecution had a vindictive motive when they refiled their complaint on June 5, 2017. Finally, the court notes Hunt's one-minute traverse of the crosswalk was protected speech, which will add more ammo to Hunt's civil rights lawsuit. And the judge points out a major flaw in the city's bogus obstruction charge: Hunt's use of the crosswalk during the sting operation was actually encouraged by the PD itself. The City of Boulder knew that Mr. Hunt was protesting and still charged him with Obstruction even though the police previous to this incident sent out a press release asking people to use the crosswalk during the enforcement activity. Hunt is now facing zero (0) criminal charges. The city is still facing one (1) civil rights lawsuit. And yet, the city just can't stop digging. It's going to lose the lawsuit and it's decided the best thing to do is further destroy its own credibility. This bit of First Amendment stupidity comes directly from the city government. Boulder City Communications Manager Lisa Laplante told the I-Team Tuesday afternoon that the city respectfully disagrees with the ruling, and said the pedestrian protest was the equivalent of yelling fire in a crowded theater. She also said that the city plans to appeal the decision. God help me, I hope the city uses this "fire in a crowded theater" argument during its appeal of this dismissal. I hope it uses it when it defends itself against Hunt's civil rights lawsuit. I can't wait to see a couple of federal judges tee off on this misused trope during their rundown of every other stupid thing the city did in response to Hunt's mild protest. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
When it comes to the private sector, it's not rare thing to see lawsuits over press leaks. Typically, those lawsuits target the person or entity responsible for the leak itself. While the real irritation in these leaks for companies comes from seeing them reported in the press, suing the press for reporting on a leak is fraught with statutory barriers. Which is what makes it so odd to discover that TrustedReviews, a website that publishes news and reviews in the video game industry, disappeared an article it posted months ago discussing leaked information on the now released Red Dead Redemption 2. Oh, and it agreed to pay over a million dollars to charities of Rockstar's choice. The British website TrustedReviews today pulled an article, apologized to publisher Take-Two Games, and said it was donating 1 million pounds ($1.3 million) to charity after publishing leaked information about Red Dead Redemption 2 in February of this year. It’s a radical move that raises serious questions about editorial independence and legal threats against the press. TrustedReviews, which is owned by TI Media (formerly Time Inc, UK), is a technology website that publishes deals and reviews. In February, it published an article, sourcing a leaked internal Rockstar document, that listed details from Red Dead Redemption 2, which would come out eight months later. The article contained a list of bullet-points that claimed, among other things, that you’d be able to play all of Red Dead 2 in first-person (true) and that the online component would have a battle royale mode (to be determined). Reporting on leaks of this sort is common, of course, particularly in the entertainment industries. While content companies have attempted to sue over everything from leaks to publishing spoilers, these threats and suits rarely go anywhere. If press freedoms in a given country are at all a thing, reporting from confidential sources on leaks is almost always included. The UK has its "State Secrets" nonsense, but that doesn't apply here. Which makes all of this bizarre. Adding to the whole thing is TrustedReviews bending over backwards to fully apologize publicly, not in any way lamenting this outcome. “On February 6, 2018, we published an article that was sourced from a confidential corporate document,” the website now reads. “We should have known this information was confidential and should not have published it. We unreservedly apologise to Take-Two Games and we have undertaken not to repeat such actions again. We have also agreed to donate over £1 million to charities chosen by Take-Two Games.” Nothing about this makes sense, unless TrustedReviews was somehow involved in the leak itself, rather than simply reporting on it. There is nothing publicly suggesting that is the case, so we're instead left to assume that the site simply didn't want to engage in a costly lawsuit brought by Rockstar, who we have to assume threatened one. On the other hand, a $1.3 million payout isn't exactly peanuts either. Frustratingly, everyone appears to be in the dark here. If only another press outlet could obtain a leak of what exactly the hell is going on here, we might get some clarity. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Back in the early days of Techdirt, we used to talk about legal disputes involving so-called "sucks sites" -- i.e., web addresses that use a company or organizations' name along with a disparaging adjective, in order to setup a website criticizing the company. In the early 2000s there were a bunch of legal disputes in which overly aggressive lawyers would threaten and/or sue the operators of such sites, claiming they were trademark infringement. Spoiler alert: they were not trademark infringement. There was never any confusion over whether or not the sites were actually endorsed by the trademark-holder (because the sites were criticizing the trademark holder.) Nor, in most cases, was there any commercial activity, which is necessary for a trademark violation. For the most part, lawyers have finally learned that going after sucks sites is a bad idea and we don't hear of as many cases these days. But they do sometimes pop up. The latest is particularly stupid, involving the University of California, Los Angeles (UCLA). The details are laid out for you nicely by Adam Steinbaugh of FIRE (the Foundation for Individual Rights in Education), an organization focused on protecting free speech on campus. You see, UCLA had done this before. Way back in 2009 it had threatened a critical site run by a former student: In 2009, the university sent a letter to former student Tom Wilde, alleging that his website’s domain names, ucla-weeding101.info and .com, infringed on the university’s trademarks and amounted to a criminal act under California Education Code Section 92000, which purports to authorize public universities to police virtually any use of their name or acronym. FIRE wrote to UCLA in 2009, explaining that the First Amendment protects “cybergriping” websites and noting that the university’s purported authority under the California Education Code was contrary to the university’s obligations under the First Amendment. After some hesitance, UCLA backed down. But, as you likely guessed, they've done it again. And, here's the real kicker: UCLA sent a letter to the same guy over the same website. As Steinbaugh notes, the latest letter is less threatening and more friendly, talking about giving Wilde a "friendly reminder" and asking as a "courtesy" for him to "remedy" his claimed misuses of UCLA's trademark and... building images (?!?). FIRE again took up the case, reminding UCLA of what happened a decade ago and asking it to retract the letter. Incredibly, UCLA refused to do so, saying that Wilde was creating confusion by using similar images and design. However, a quick comparison of the two sites suggests that no one is going to be confused that the one on the left is officially a part of the one on the right: UCLA also had claimed in its new letter that it sent that in response to "an inquiry" about Wilde's site. FIRE filed a public records request to find out who the hell "inquired." Turns out: it was a UCLA staff member on the external affairs team who sent an email pointing to the site and saying: Grumpy former student has created this FB page and website…was thinking that the Royce Hall image and use of UCLA in the domain name might both be no-nos. This was under the subject "protecting the brand." Right. So this wasn't someone confused about the site. It was someone who thought that they could go after a site that was critical of UCLA by abusing trademark law -- something that has long been a non-starter, and which is an insult to the First Amendment. You know how you protect your brand? By not threatening critics with a potential legal attack over First Amendment protected speech. And, also, not doing that twice. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Before Comcast, AT&T, Verizon and friends convinced the Trump FCC to ignore the public and kill net neutrality, they attempted to dismantle the rules legally. That effort didn't go very well, with the U.S. Court of Appeals for the D.C. Circuit upholding the FCC's Open Internet Order in June of 2016, and ISPs losing a subsequent en banc appeal. More specifically, the courts found that the former Wheeler-run FCC was well within its legal right to reclassify ISPs as common carriers under the Telecom Act. But, last August, lawyers for the FCC and Department of Justice (at direct telecom industry behest) filed a brief (pdf) with the Supreme Court, urging it to vacate the 2016 court ruling that upheld the Wheeler-era net neutrality rules. The move was necessary, FCC lawyers claimed, because the FCC's comically-named "Restoring Internet Freedom" proposal had somehow "repudiated those factual and legal judgments." If you watched as the FCC repealed net neutrality using little more than lobbyist fluff and nonsense, it should be fairly obvious to you that wasn't true. So what was the telecom industry and its BFFs in the Trump administration trying to do? They know their repeal of net neutrality was so filled with procedural missteps and outright fraud that they're worried it will be overturned by next year's net neutrality lawsuits, opening arguments for which begin in February. As such, they were hoping to undermine the established legal precedent supporting the 2015 rules in a bid to ensure they couldn't and wouldn't be restored. That gambit hasn't worked. The Supreme Court this week stated it wouldn't be hearing the case (pdf). While the announcement states that Justices Clarence Thomas, Samuel Alito and Neil Gorsuch would have taken up the case, the Washington Post notes that John Roberts and newly-appointed Justice Brett Kavanaugh were required to recuse themselves because of conflicts of interest, leaving the telecom industry without enough court backing to move forward: Three of the Court’s justices — Clarence Thomas, Samuel Alito and Neil M. Gorsuch — would have voted to take up the case, according to the Court’s announcement, and overturn a lower court’s decision backing the Federal Communications Commission’s net neutrality rules, which were originally passed in 2015. But there were not enough justices for a majority, after Chief Justice John G. Roberts Jr. and Justice Brett M. Kavanaugh recused themselves. (Roberts' financial disclosures show that he owns stock in Time Warner, which is now owned by AT&T under the name WarnerMedia, while Kavanaugh took part in the case as a judge in the lower court.) As we've noted in the past, Kavanaugh was more than eager to support the telecom industry argument that net neutrality violated their First Amendment rights, despite the fact that's obviously not true. While Verizon, Comcast, and AT&T lawyers claimed that blocking content and services amounts to an "editorial decision," in reality, ISPs aren't editors; they're simply connecting people to services. Still, "net neutrality violated ISPs' First Amendment rights" was an argument ISP lawyers basically threw at a wall to see if it would stick, and Kavanaugh was more than happy to agree. Of course while the Supreme Court has refused to hear this case, they could be hearing future cases depending on how next year's net neutrality lawsuits (filed by 23 State AGs and Mozilla) go. ISP lawyers have routinely claimed at this point that any state or federal attempt to hold them accountable for poor service or fraud is a violation of their First Amendment rights, and Kavanaugh's sure to play an un-recused, starring role in many of these cases, one way or another. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Over the weekend, the group Guardians.ai released a fascinating report detailing what appears to be a massive influence campaign taking shape on Twitter. By way of disclosure, one of the three key authors of the report, Brett Horvath, is also one of the key people behind the election simulation game that we helped create and run, though I have nothing to do with this new report. The report is fascinating, and if you don't feel like reading the whole thing, Bloomberg also has a write up. The key to the report is that they have identified some truly fascinating patterns that they've spotted among a cluster of users on Twitter, who, at the very least appear to be acting in a manner that suggests some attempt to influence others. I should note that unlike other such reports that jump to conclusions, the authors of this report are very, very, very clear that they're not saying these are "bots." Nor are they saying these are Russian trolls. Nor are they saying that a single source is controlling them. Nor are they saying that everyone engaged in the activity they spotted is officially part of whatever is happening. They note it is entirely possible that some very real people are a part of what's happening and might not even know it. However, what they uncovered does appear strange and notable. It certainly looks like coordinated behavior, at least in part, and it appears to be designed to boost certain messages. The report specifically looks at statements on Twitter about voter fraud using the hashtag #voterfraud, but it appears that this "network" is targeting much more than that. What made the report's authors take notice is that in analyzing instances of the use of the tag #voterfraud, they noticed that it appeared to have a "heartbeat." That is, it would spike up and down on a semi-regular basis, based on nothing in particular. There wasn't a specific news hook why this entire network would suddenly talk about #voterfraud, and they wouldn't talk about it all the time. But... every month or so there would suddenly be a spike. From there, they started digging into the accounts involved in this particular activity. And they found a very noticeable pattern: We wanted to know how these accounts were coming onto Twitter and gaining mentions at such a high velocity — what was leading accounts to gain influence, so quickly? So we took a sample set of accounts from a group of suspicious Voter Fraud accounts and started looking at their activity day-by-day, starting at day one. What we began to notice is a pattern for how the influence machine might be working, and how coordination could be happening. Here's the consistent network pattern we saw: User signs up for an account. User starts replying to multiple accounts—some known verified Twitter users and many other accounts that are also on our list of actors, or that fit a similar profile. The replies tend to contain: text, memes, hashtags, and @mentions of other accounts, building on common themes. At some point the pattern shifts from being all replies to original tweets. Those original tweets contain the same types of content as their replies do. It appears that this pattern cycles and repeats when the next batch of new accounts come online. The next batch starts replying to the existing, newly influential accounts, and carry on with the same sequence of events for gaining influence. The report highlights this pattern with a few example accounts, though the full study looked at (and continues to look at) many, many more. What you see over and over again are Twitter feeds of people who seem to do little other than constantly tweet pro-Trump memes and disinformation, and yet magically get thousands and tens of thousands of retweets, often coming out of nowhere. Here's one example: The gray line at the bottom is the number of tweets. The black line is the number of mentions from others. Notice how it goes from nothing to around 10,000 in no time? Sometimes the accounts are more or less dormant for a while, before suddenly becoming massively popular for no clear reason at all: Again, as the report makes clear, these aren't necessarily bots (though, they may be). They aren't necessarily even aware that they're a part of something. But the patterns seen over and over and over and over again are uncanny. And it certainly provides strong circumstantial evidence of some sort of influence operation -- and it's one that appears to continue to grow and grow. As the report notes: We don’t know why this activity is occurring, or who is behind it. However, the best we can do is look at the data around what’s actually happening. What we've discovered along the way is that there are overlapping patterns of behavior, demonstrating some form of coordination. We think it's possible that some of these accounts don't realize that they're coordinating or part of a larger influence network. For example, one of these sample accounts might genuinely care about Voter Fraud. A bad actor, coordinating large numbers of accounts could find this person’s tweets useful, then amplify those tweets through thousands of @mentions and replies. By focusing on the hard data around coordination, we can better understand how public conservations are being distorted and how it affects society. Whatever your views are on Voter Fraud, these accounts and the accounts that amplify them are rapidly accelerating their activity in the lead-up to Election Day. Similarly, of course, it's not clear that this is actually having any impact on anyone's views. But it's at least worth looking at what happens when there is what appears to be massively coordinated activity, mostly focused around spreading disinformation regarding the election and more. The full methodology of the report is available on the site, as are the names of 200 of the accounts studied. What's fascinating, of course, is the sheer size of what's happening, and the level of coordination necessary to make it happen. Twitter's response to the report (as noted in the Bloomberg article) is pretty much what you'd expect Twitter to say: “While we prohibit coordinated malicious behavior, and enforce accordingly, we’ve also seen real people who share the same views organize using Twitter,” the company’s statement said. “This report effectively captures what often happens when hot button issues gain attention and traction in active groups.” Indeed, that's part of what's so tricky here. Could this kind of thing happen organically? Well, certainly much of it can. Lots of people who share the same views on any particular subject often will see surges in conversations around those topics, including lots of retweets, mentions and replies. But the pattern here definitely looks different. When these things happen organically, they tend to have a fairly different rhythm, either a lot more sustained, or the spikes are much more spread out and explainable (e.g., there was some news event that tied to the topic). Similarly, it is hard to see how so many pseudononymous people, who no one else really knows, magically all jump up to thousands or tens of thousands of mentions with no clear explanation for their sudden and sustained fame. But this is also why Twitter is put in an impossible position if it's expected to spot all of this. Even with so much evidence, it's still possible that what Guardians.ai spotted was organically formed. It may seem unlikely, but how can you tell? And you can bet that there are some with less than virtuous intent, who are actively figuring out ways to increasingly make all of this activity look organic. Expecting that Twitter, or any company, can always magically determine what is and what is not "authentic" behavior online, is an impossible task. And the very fact that it might sweep up some perfectly innocuous accounts in the process also makes it troubling to expect that the platform should be in charge of sorting out who's who and who's real in these kinds of situations. But, then again, if these kinds of disinformation campaigns truly are having an impact on influencing the public, that too should be a concern. Either way, as the report highlights, there is still much work to be done in analyzing how social networks are being used to influence the public. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Small and discreet, but powerful, TREBLAB's X11 earbuds exemplify the best of truly wireless tech. Whether you're running, working out, doing chores, or just going about your commute, these buds have your soundtrack covered with elite Bluetooth audio. Packed with advanced features like passive noise cancellation and a built-in mic, the X11's will be your everyday listening solution. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Okay, let's start with this. Can we all agree -- no matter what your party, ideological, or candidate preference -- that in any election where you are up for one of the offices, that you shouldn't be the one in charge of safeguarding the integrity of the election? This seems like a fairly basic point concerning democracy, that if you're a candidate for office, you should recuse yourself from anything involving election integrity. However, that's not the way things work around here, apparently. In at least three key elections this year, current secretaries of state, who are in charge of election integrity, are running for higher office while being in charge of counting their own votes. It just so happens that this year all three of those cases involve Republicans (and all three of those Republicans have a long and fairly detailed history of voter suppression tactics), but the issue applies equally to Democrats who might be in the same position. No one who is in charge of election integrity should ever be in the position of running for office at the same time. But let's focus in on just one of the three individuals in that situation this year: Republican Brian Kemp, Georgia's Secretary of State, who is in a very heated campaign to be Governor of Georgia, campaigning against Democrat Stacey Abrams. As you may know, our stated policy on Techdirt is that we tend not to name the party affiliation of any politician, unless it truly matters to the story. That's because in this age of red team/blue team insanity, many people determine what they agree or disagree with depending on the color of the uniform. However, in this story, the party affiliations matter, not for which one is which (we could have posted an identical story with the party's changed), but because the dispute here clearly involves partisan politics. As you may have heard, on Sunday, just two days before the election, Kemp (who's been getting hit with a bunch of bad headlines around his failed attempts at voter suppression in that state) announced that he had opened an investigation into an alleged "failed attempt to hack the state's voter registration system" by the Democratic Party of Georgia. Most of the headlines about this correctly noted that Kemp's office provided basically zero details to support this claim. Indeed, the entire announcement was two very short paragraphs long: After a failed attempt to hack the state's voter registration system, the Secretary of State's office opened an investigation into the Democratic Party of Georgia on the evening of Saturday, November 3, 2018. Federal partners, including the Department of Homeland Security and Federal Bureau of Investigation, were immediately alerted. "While we cannot comment on the specifics of an ongoing investigation, I can confirm that the Democratic Party of Georgia is under investigation for possible cyber crimes," said Candice Broce, Press Secretary. "We can also confirm that no personal data was breached and our system remains secure." Before we dig into what appears to have happened, it's time to take a little jump back in time. You see, back in 2016, Georgia Secretary of State Kemp also raised the alarm about what he claimed was an attempt by the US Department of Homeland Security to "breach" his office's firewall. Kemp sent an angry letter to then DHS boss Jeh Johnson, insisting that this was a sneaky attempt by DHS to do penetration testing and test the security of Georgia's election systems without permission. Except... none of that was accurate. Six months later, the investigation revealed that Kemp misinterpreted someone from DHS checking an openly accessible database on the Secretary of State's site to check firearms licenses. An earlier, internal DHS investigation into the reported incident showed that the "attempt to penetrate the Georgia Secretary of State's firewall" was actually residual traffic from a Federal Law Enforcement Training Center employee checking the Georgia firearms license database. That employee said he was doing due diligence on private security contractors for the facility. That traffic, the first report determined, was caused by the employee cutting and pasting data from the database to Microsoft Excel, which sent light traffic to the Georgia server while parsing the data. That traffic would have been in no way abnormal. The DHS inspector general, which operates independently from the DHS chain of command, conducted a second investigation. It validated the first report's results That report further noted that "the DHS internet addresses that contacted the Georgia systems could not be used to attack those systems in the way Kemp described." And, as you'll see, this article is already so long that we won't bother with more other than a link to another story about how Kemp has been credibly accused of destroying evidence in a still ongoing lawsuit about whether or not Georgia's voting system was hacked. So, Kemp already has some credibility problems with "crying wolf" about supposed hacks of his computer systems before. And those should only increase given what appears to have lead to yesterday's claim of an "investigation." The small, but respected investigative journalism site WhoWhatWhy has a fairly detailed look at what happened and it looks really, really bad for Kemp. You see, on Saturday, the Democratic Party of Georgia had discovered massive vulnerabilities in the voter registration system overseen by Kemp, and had passed those details on to security experts... and then someone passed them along to WhoWhatWhy. Just before noon on Saturday, a third party provided WhoWhatWhy with an email and document, sent from the Democratic Party of Georgia to election security experts, that highlights “massive” vulnerabilities within the state’s My Voter Page and its online voter registration system. According to the document, it would not be difficult for almost anyone with minimal computer expertise to access millions of people’s private information and potentially make changes to their voter registration — including canceling it. The publication spoke to a bunch of security experts, who all noted (correctly) that actually testing the vulnerabilities would be illegal, but... ...several logged onto the My Voter Page to look at the code used to build the site — something any Georgian voter could do with a little instruction — and confirmed the voter registration system’s vulnerabilities. They all agreed with the assessment that the data of voters could easily be accessed and changed. “For such an easy and low hanging vulnerability to exist, it gives me zero confidence in the capabilities of the system administrator, software developer, and the data custodian,” Kris Constable, who runs a privacy law and data security consulting firm, told WhoWhatWhy. “They should not be trusted with personally identifiable information again. They have showed incompetence in proper privacy-protecting data custodian capabilities.” From the reporting, it appears that the vulnerability is the kind of mistake that was common on the web two decades ago, that once you've logged in you can access anyone else's content just by changing the URL. Basically anyone with any degree of knowledge of online security learned to block such a vulnerability at least a decade or more ago. It is astounding that such a vulnerability might still exist online, let alone on something as vital and key to democracy as a state election system. It appears that this is the basis of Kemp's new investigation. The Democratic Party had discovered just how poorly Kemp's own team had built its online voter registration system, and his response is to blame the messenger. Of course, we see this kind of thing all the time in writing about vulnerabilities reporting, and we've always pointed out how ridiculous it is. But here, it's been taken to a new level, because beyond the usual dynamic, here we have the Republican running for Governor overseeing the insecure voting registration system, and it's the opposing candidate's party who discovered the vulnerability. This is beyond "blame the messenger." It's "blame the messenger who not only showed my own incompetence, but is also running against me for my shot at the big time." A later story on WhoWhatWhy details that it wasn't the Democratic Party who had discovered the vulnerability in the first place, but rather someone else, who then contacted a lawyer for someone already suing Kemp over weaknesses in Georgia's election system: A man who claims to be a Georgia resident said he stumbled upon files in his My Voter Page on the secretary of state’s website. He realized the files were accessible. That man then reached out to one of Cross’s clients, who then put the source and Cross in touch on Friday. The next morning, Cross called John Salter, a lawyer who represents Kemp and the secretary of state’s office. Cross also notified the FBI. As noted above, WhoWhatWhy reached out to multiple security experts who all confirmed the vulnerability -- and apparently all five of them noted that actually testing the vulnerability would be illegal. But all five of them were able to just look at the code on the site and confirm the vulnerability was real and could be used to alter voter information in the rolls, which is an especially big deal considering that one of Kemp's voter suppression methods was to insist that if any tiny bit of your information did not match what was in the rollbook, you couldn't vote. The report further notes that the security researchers approached by WhoWhatWhy reached out to both US intelligence officials and the Coalition for Good Government, who also reached out to Kemp's own lawyers to alert him to the problems in the system: Bruce Brown, a lawyer for the group, then reached out to Kemp’s attorneys to alert them of the problem. At 7:03 PM Saturday night, he emailed John Salter and Roy Barnes, former governor of Georgia, in their capacities as counsel to Secretary of State Kemp, to notify them of the serious potential cyber vulnerability in the registration files that had been discovered without any hacking at all, and that national intelligence officials had already been notified. [....] “What is particularly outrageous about this, is that I gave this information in confidence to Kemp’s lawyers so that something could be done about it without exposing the vulnerability to the public,” Brown told WhoWhatWhy. “Putting his own political agenda over the security of the election, Kemp is ignoring his responsibility to the people of Georgia.” You really should read the entire WhoWhatWhy article (or, actually, both of the ones I've linked to here) because it goes into much more detail than I've described here, and all of it is mind-bogglingly stupid. Just to give you a taste, the report details not just one, but multiple vulnerabilities, including this: In the code of the website — which anybody can access using their internet browser — there is a series of numbers that represent voters in a county. By changing a number in the web browser’s interface and then changing the county, it appears that anybody could download every single Georgia voter’s personally identifiable information and possibly modify voter data en masse. In addition, voter history, absentee voting, and early voting data are all public record on the secretary of state’s website. If a bad actor wanted to target a certain voting group, all of the information needed is available for download. “It’s so juvenile from an information security perspective that it’s crazy this is part of a live system,” Constable said. Oh, and then there's this: while Kemp's office insist what they are misleadingly calling a hack from the Democratic Party "failed," according to the various security experts WhoWhatWhy spoke to, there didn't appear to be any logging, meaning there wouldn't necessarily be a way to see if anyone had actually changed the information. It goes on and on like this. And, rather than admitting a fuck up of colossal proportions for a voting system, Kemp is claiming the Democratic Party of Georgia hacked the election system. Again, no matter who you support as a candidate, can we at least all agree that something is rotten in the state of Georgia when it comes to how they manage their election systems? Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
For years now, streaming video providers like HBO and Netflix have taken a relatively-lax approach to password sharing. Netflix CEO Reed Hastings has gone so far as to say he "loves" password sharing, and sees it as little more than free advertising. Execs at HBO (at least before the AT&T acquisition), have similarly viewed password sharing in such a fashion, arguing that young users in particular that share their parents password get hooked on a particular product via password sharing, then become full subscribers down the road once they actually have disposable income. On the other side of the equation sits Charter CEO Tom Rutledge, one of the highest paid execs in media. He, in contrast, has long complained that he views password sharing as "piracy", and has consistently promised to crack down on the practice. Rutledge and his fellow executives gave a particularly rousing "get off my lawn" lecture at a media event last year: "There’s lots of extra streams, there’s lots of extra passwords, there’s lots of people who could get free service,” Rutledge said at an industry conference this month...“It’s piracy,” Connolly said. “It’s people consuming something they haven’t paid for. The more the practice is viewed with a shrug, the more it creates a dynamic where people believe it’s acceptable. And it’s not." Of course it's far from "piracy" if it's being sanctioned by the companies doing it, with an eye on generating product awareness and happy customers. That last bit is something Rutledge could use some lessons on. Rutledge fixates on password sharing when he should be focused on why exactly his company continues to bleed subscribers to these cheaper, more flexible traditional cable alternatives. Hint: endless rate hikes, historically terrible customer service, and megamergers Last week Rutledge was at it again. During his company's latest earnings call, Rutledge proclaimed that streaming providers like HBO and Netflix clearly "don't know what they're doing" because they've refused to crack down on the villainous practice of password sharing: "By the content companies going over the top without having the experience of being distributors, they’ve done that in a way without securing their content, which any distributor would theoretically do if they knew what they were doing. But that hasn’t been the case, so you have free service all over the country through passwords,” Rutledge said. “The reality is television can be had fairly easy without paying for it." Granted just because television can sometimes be "had fairly easy without paying for it" doesn't mean it's bad, or it's "piracy." Millions of users increasingly are flocking to over the air antennas as an alternative to the bloated, expensive cable bundles execs like Rutledge simply can't move on from. It's worth noting that this is a "problem" that really isn't. Most streaming services already limit simultaneous streams per account, and being able to share your password with a limited set of friends and family members is part of the value equation you're paying for. It's also worth noting that when HBO or Netflix execs acknowledge the trend, they note there really aren't all that many users actually doing it. As such, if there's something Rutledge wants to spend several years hyperventilating over, it should probably be his company's continued failure to actually listen to consumers, and offer a better product with support that isn't ranked among the worst of any company, in any industry in America. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
This flow of especially pointless lawsuits doesn't appear be drying up -- fed mainly from the (revenue) streams maintained by 1-800-LAW-FIRM and Excolo Law. Neither does the flow of courtroom losses. These two firms are responsible for most of the lawsuits we've covered that attempt to hold social media companies responsible for international acts of terrorism. The legal theory behind the suits is weak. Attempting to avoid Section 230 immunity, the suits posit that the presence of terrorists on social media platforms is a violation of various federal laws targeting terrorist organizations. Section 230 defenses have been raised by Twitter, Facebook, et al, but these usually aren't addressed by the courts because there's not enough in the terrorism law-related arguments to keep the suits alive. According to Eric Goldman -- who has snagged the latest dismissal [PDF] -- this is the seventh time a federal court has tossed one of these suits. If you're familiar with the other cases we've covered, you know what's coming. The California federal court's decision quotes Ninth Circuit precedent from a similar lawsuit that said plaintiffs have to show a direct relationship between social media services' action and the act of terrorism prompting the lawsuit. In this case, the complaint fails to do so. In Fields, the Ninth Circuit addressed what is meant by the phrase “by reason of an act of international terrorism.” It began by noting that the “‘by reason of’ language requires a showing of proximate causation.” Fields, 881 F.3d at 744. It rejected the plaintiffs’ contention that “proximate causation is established under the ADA when a defendant’s ‘acts were a substantial factor in the sequence of responsible causation,’ and the injury at issue ‘was reasonably foreseeable or anticipated as a natural consequence.’” Id. Instead, it held that, “to satisfy the ATA’s ‘by reason of’ requirement, a plaintiff must show at least some direct relationship between the injuries that he or she suffered and the defendant’s acts.”4 Id. (emphasis added). And, although the facts of this case are a little different than the cited decision, the allegations in the plaintiff's lawsuit undermine its arguments about direct or proximal responsibility. The instant case is somewhat different from Fields in that, here, Plaintiffs have made one allegation suggesting that Mr. Masharipov’s attack was in one way causally affected by ISIS’s presence on the social platforms. Specifically, Plaintiffs allege that Mr. Masharipov was “radicalized by ISIS’s use of social media.” FAC ¶ 493. However, this conclusory allegation is insufficient to support a plausible claim of proximate causation. Plaintiffs do not allege that Mr. Masharipov ever saw any specific content on social media related to ISIS. Nor are there even any factual allegations that Mr. Masharipov maintained a Facebook, YouTube, and/or Twitter account. Furthermore, there are allegations in the complaint suggesting that there were other sources of radicalization for Mr. Masharipov. See, e.g., FAC ¶ 337 (alleging that Mr. Masharipov “had previously received military training with al-Qaeda in Afghanistan in 2011”); see also Iqbal, 556 U.S. at 678 (stating that, “[w]here a complaint pleads facts that are ‘merely consistent with’ a defendant’s liability, it ‘stops short of the line between possibility and plausibility of “entitlement to relief”’”). Finally, a direct relationship is highly questionable in light of allegations suggestive of intervening or superseding causes – in particular, Plaintiffs have alleged that, after becoming radicalized, Mr. Masharipov would have a “year-long communication and coordination [with] Islamic State emir Abu Shuhada” to carry out the Reina attack. FAC ¶ 334. Moreover, Plaintiffs fail to allege any clear or direct linkage between Defendants’ platforms and the Reina attack. The allegations under another anti-terrorism law are no better. This argument posits the existence of terrorist-owned accounts is the same thing as providing support for terrorist acts or organizations. The court again finds the allegations don't approach the legal requirements for liability. Here, Plaintiffs have failed to allege that Defendants played a major or integral part in ISIS’s terrorist attacks; for example, there are no allegations that ISIS has regularly used Defendants’ platforms to communicate in support of terrorist attacks. Also, for factor (4), i.e., the defendant’s relation to the principal wrongdoer, the Halberstam court indicated that a close relationship or a relationship where the defendant had a position of authority could weigh in favor of substantial assistance. Here, there is no real dispute that the relationship between Defendants and ISIS is an arms’-length one – a market relationship at best. Rather than providing targeted financial support,[...] Defendants provided routine services generally available to members of the public. As to factor (5), i.e., the defendant’s state of mind, the Halberstam court indicated that, where the defendant “showed he was one in spirit” with the principal wrongdoer, id., that could also weigh in favor of substantial assistance. Cf. NAACP v. Claiborne Hardware Co., 458 U.S. 886, 920 (1982) (noting that, “[f]or liability to be imposed by reason of association alone, it is necessary to establish that the group itself possessed unlawful goals and that the individual held a specific intent to further those illegal aims”). But here there is no allegation that Defendants have any intent to further ISIS’s terrorism. The entire suit -- including state claims for wrongful death and emotional distress -- are dismissed with prejudice. The only thing left for the plaintiffs to do is appeal, and this decision quotes generously from this jurisdiction's appellate decision in a similar case, which should hopefully deter them from wasting any more of the Ninth Circuit's time. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
This week, our first place comment on the insightful side comes in response to our post about the ridiculous problems plaguing Texas voting machines. Crade was rightfully appalled: "Hitting "submit" before it's ready to move forward causes problems with candidate selection" Any software dev out there calling this user error isn't worth their salt. In second place we've got Gary with a simple message about the cop being sued for a bogus arrest (with a small typo corrected): Look and Learn Every time this happens, it's essential to spread the word. Public awareness is important for keeping the police in line. Cause they ain't gonna police themselves. For editor's choice on the insightful side, we start out with James Burkhardt correcting a misunderstanding about our point that our election simulator game highlights how much goes on behind the scenes of public speeches and statements (this doesn't mean people shouldn't vote): Yeah, that's actually not the point. The point was that a lot of what we see in speeches and debates is not speaking directly to people, but is rather signaling to various other groups. This doesn't mean your voting choices mean nothing, or not to vote, but rather that this game gives us insight into how to assess candidates better. Next, we've got Dan with a response to folks who still believe Bloomberg's supply chain hack story just because it seems like something that would be true: There's an enormous difference between "the supply chain can be compromised" and "the supply chain has been compromised, in this way, at this time, with these targets." The former is, I think, beyond reasonable question (especially since "can be" is a very low bar). The latter? Not so much. I haven't made it all the way through the STH piece yet, though it does appear to be very thorough. As a counterpoint, this piece purports to explain how something like this would be possible. Over on the funny side, our first place winner is an anonymous followup to John Oliver's segment about the political grandstanding of state AGs, and a comment that technically achieved the wrong goal: Please vote this comment as insightful because I will not steal your pen! In second place, we've got another anonymous comment, this time parodying the ongoing efforts by big companies to deny and/or fight against cord cutting: "What?! How are they 'cord cutting' us! It's Satellite! It's wireless! There's no cord to cut!" -AT&T exec For editor's choice on the funny side, we start out with a comment from That One Guy about the Texas voting machine issues: 'Eh, accurate voting isn't that important really.' The Democratic Party is blaming the government for not doing more, which is a very Democratic Party thing to do. In this case, the Republicans are in control of the state and the Democratic Party has chosen to claim the Republicans don't care enough about the problem. Come now, that's a bit hyperbolic isn't it? I mean I'm sure they are taking the matter seriously and are deeply concerned that votes might end up going to the wrong people. It's not like they're going to just handwave something as large as bogus votes during an election or anything... The state's government has pointed out e-voting machines only need to comply with state laws, not actually be accurate and/or idiot-proof. It points to the voting machines' certification -- which last happened nearly a decade ago -- as evidence that the bare minimum requirements have been met. ... huh. You know, they may be on to something in this case after all. One does have to wonder if they'll be singing the same tune should the democrat candidate win, or if suddenly potential 'bogus' votes will be of huge concern, leading to calls to redo the election. And finally, because it's a joke that speaks to me in a powerful way (and many other users too, I'm sure), we've got an anonymous take on the "broken windows" fallacy: Is that where every time I attempt to run Windows 10, it decides to do an update instead? That's all for this week, folks! Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Five Years Ago The ongoing fallout of the Edward Snowden leaks heated up again this week, so we're taking another break from the five/ten/fifteen-year retrospective to dig into what happened this week in 2013. The feds had waited until late the previous Friday to quietly release details of a criminal case that used information from NSA surveillance, but this news was quickly overshadowed by new leaks showing the NSA had collected millions of phone records in Italy and Spain, in addition to the previous revelations about France, and of course about spying on world leaders. Speaking of which, Obama was denying that he knew anything about the NSA spying on Angela Merkel's phone, and was apparently quietly telling the NSA to quit spying so much on the UN (or perhaps just quit getting caught). The Merkel scandal was threatening to scuttle the TAFTA/TTIP negotiations, while the NSA was apparently pretty furious at the administration for denying knowledge — and Mike Rogers was insisting Congress knew about it to, and attacking (with video!) the lawmakers who said that wasn't the case. As for the European bulk collection targets, Mike Rogers was saying they should be thrilled that the US is helping to keep them safe, though it later turned out that those countries' own intelligence agencies were heavily involved. This was one of many conflicting messages though, with the NSA constantly revising its own exact position. Congress, however, was trying to push back, with a bill that would stop the worst of the NSA's excesses. They had no ally in Dianne Feinstein though — she started preparing another bill that would largely codify current practices, then later decided she had changed her mind and agreed the NSA had gone too far, leading NSA officials to admit they were screwed... except then she released her bill anyway and, as expected, it looked like it might even make it easier for the NSA to spy on people. Of course, there was still more to learn about the NSA this week. James Clapper begrudgingly declassified documents that showed the NSA believed it could spy on everyone's location data based on existing approvals (something they had previously denied they do at all). And then the latest realization from the Snowden docs: the NSA had infiltrated Yahoo and Google servers without the companies knowing. Keith Alexander was on stage at an event while the story broke, and quickly cooked up a misleading response that was later formalized with an official non-denial from the agency. While people tried to figure out how the NSA pulled it off, we figured there was one small silver lining: some tech companies were finally starting to realize they should oppose the NSA. Believe it or not, that's not even every NSA post from this week in 2013, but it's the important news. As a final note, the creator of a parody NSA t-shirt also sued the agency over the legal threats it was sending to him. Permalink | Comments | Email This Story

Read More...