posted 3 days ago on techdirt
Today we're continuing our recognition of Fair Use Week with an episode of the Techdirt Podcast focused entirely on this critical (but commonly misunderstood) counterbalance to copyright law. Though framed by many copyright proponents as a frivolous exception, fair use is actually fundamental to protecting not just free speech, but everything about our shared culture of art, thought, conversation and criticism. Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt. Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
Apparently, Google is getting prude in its old age, suddenly deciding that it will no longer allow "adult" content on its Blogger platform, giving bloggers on the site just 30 days to find another home or have their content set to private. Here's the note that some bloggers received yesterday: Frankly, this is ridiculous. Yes, Google is a private company and has the right to do whatever it wants, but this sort of prudish, paternalistic role in determining what content is appropriate and what content is "artistic" or "educational" is a path with a lot of landmines that will lead to stifled speech on a platform that used to be celebrated for enabling free speech around the globe. On top of that, you have people who have used the platform to post this kind of information and content for over a decade suddenly being evicted with 30 days notice. Yes, this is always a risk that you take when you rely on someone else's platform, but it's a really unfortunate move from a company that one would hope would know better than to take such a hamfisted position on what content it "allows." Of course, as Violet Blue notes, this is only the latest in a long line of moves by Google to stifle, hide or block any content that is sexual in nature. Here's just a snippet of a much longer piece by Blue, detailing the timeline of recent decisions by Google, all of which push content the company deems inappropriate further and further away: It was one thing when Google Plus rolled out in June 2011 with a strict anti-adult, no sexual content policy for its troubled attempt at a social network; many of us just didn't bother participating, knowing how the content-policy ax always falls (not on the side of artists, writers, activists, LGBT people, or cultural outsiders who speak up). But Google began its palpable aggression against erotic content in June 2013 when Google banned adult content from Google Glass apps, as well as enacting an affiliate porn purge across its Blogger platform. December 2013 saw Android's Google Keyboard updated to exclude over 1,400 "inappropriate" words, returning no results for typing or swiping words including "intercourse," "lovemaking," "condom," "panty," "preggers" and "STI." In February 2014 adult and erotic content was banned from Chromecast, followed by March 2014's ban and purge of adult and erotic apps from Google Play (Android's app and media hub). April saw an ongoing series of Google Search algorithm updates that savaged existing adult website rankings, causing major disruptions in traffic and revenues for many websites. So it's no surprise that many people believe that Google won't uphold its "freedom of expression" stance when it comes to organic adult search results. I'm sure there are plenty of good business reasons why Google no longer wants to have this kind of content available on its site, but it's disappointing on multiple levels. It's not "censorship" in the classical sense, but it does seem like a really bad move by Google. It's a company that should know better, and often holds itself up as enabling more speech around the globe, and avoiding making any sort of "artistic" decisions on the worthiness of content. It is immensely troubling that this company now suddenly wants to determine which content it thinks is "appropriate" and which is not, not based on any legal requirements, but on a very subjective standard. Facebook did this sort of thing from early on in doing ridiculous things like banning "breastfeeding" images, and one would hope that Google would take a more reasonable stand. On top of that, giving people just 30 days to figure out where to go, when many have built up their blogs for over a decade just seems tremendously callous. Google is a private company and can make its own choices, but this one seems like a particularly bad choice, which may have other consequences as well. For years, Google has pushed back on demands from copyright holders to magically monitor all its content, saying that it's just not possible. Yet, here it is now saying that it's willing to do exactly that, including making "artistic" judgments on the merits of whether adult content is purely prurient or done for a more artistic or educational reason. The company seems to be opening itself up to charges that if it can make such determinations for that type of content, it can also magically figure out what other content is "infringing" or not. This seems like a move that the company will regret.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
So, we just had a story about German-based Total Wipes issuing a series of increasingly bizarre takedown notices, including one that tried to claim that basically any website with the URL "download" was infringing (including the URLs of tons of popular software, from Skype to Open Office to Evernote). The company has now responded to the takedowns, insisting that it's all no big deal because it was all just a software bug. "No doubts about it," the company says: Due to several technical servers problems on the first February week (from the 2nd to the 8th) our script sent hundreds DMCA to hundreds domains not related at all with any copyrights of our contents. Taking a look at https://www.chillingeffects.org/notices/10420406 is pretty clear that for a few hours only the word "download" has been used by the script and that caused several illegal and wrong DMCA requests. It was our fault, no doubts about it. The DMCA is a serious issue and it must be carefully managed. Google rejected most of these DMCA but we totally understand the damage of it for small and medium companies that have to remove and manage them manually. It was a bug just on that week and this is not our daily routine, 99% of our found/removed links are about people that steal music and make moneys illegally. However, our Anti-piracy system has been taken down a week ago in order to add more improvements and avoiding further trouble about the DMCA sending. Of course, that would be slightly more plausible if Total Wipes hadn't done something similar just a few months ago, trying to take down every URL with the word "coffee" in it. Given that, the "it's just a bug" excuse doesn't seem particularly believable. However, even if we take Total Wipes at its word, that this is not the company's "daily routine," this still demonstrates how problematic any system for automatically issuing takedowns is for concepts such as free speech. If you're issuing DMCA takedowns you are, by default, stifling speech. You can argue that it's acceptable if that "speech" is nothing more than infringing on someone else's work -- and there's a reasonable argument to be made there. But it is immensely problematic when you combine the default "take this down!" nature of the DMCA with the automated efforts to issue such notices. It becomes not a tool to stop infringement, but rather a widespread tool of censorship, thanks to a broken copyright law.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
The DMCA takedown system is once again being abused by Craig Brittain. The recently deposed king inadvertent court jester of the revenge porn world -- defenestrated by the FTC no less -- has ssued a new bogus takedown request in hopes of purging the internet of critical articles. Brittain's takedown asks for the delisting of 23 posts from various sites, all of which have been denied by Google. Among the more scathing posts Brittain hoped to remove with his abusive request include those written by two of his nemeses, Ken White (of Popehat) and Adam Steinbaugh. Also listed: posts residing at Ars Technica, Gawker, Forbes, Huffington Post, GigaOm, Reddit, Salon, Vice and The Verge. Somehow, it appears that our own article on Techdirt about him may be the only one he didn't seek to take down. Gee, thanks, Craig! To top it off, Brittain also requests -- wait for it -- that the FTC's press release concerning his settlement with the agency, along with details of the case proceedings, be removed as well. But what takes it into truly surreal territory is Brittain's seeming inability to realize just how hypocritical his request is. For someone who made a living posting photos and contact information without permission (and made a further living pretending to be a "takedown lawyer" who could make the unauthorized photos and contact info vanish for the right price), he seems suddenly very sensitive about the use of photos and personal information. Or at least the use of his, anyway. From the takedown request hosted at Chilling Effects: Unauthorized use of photos of me and other related information. Unauthorized use of statements and identity related information. Unauthorized copying of excerpts from isanybodydown.com. Using photos which are not 'fair use'. [For whatever reason, Brittain claims the infringed item is a "book," which one must admit would be quite the conversation starter, ender and shatterer of friendships/marriages, should the now-dead "Is Anybody Down" website have been published as a glossy, hardbound coffee table-type book.] Desperate times call for desperate measures, I suppose, and for someone who only knew how to profit off the misery of others, a lifetime ban from exploiting both ends of a revenge porn website must be making Brittain very desperate indeed. You'd think he would have learned from the last time he sent out a bogus takedown request that the only thing that does is create more criticism. Brittain's name is irrevocably toxic and he can't seem to think of a better way to clean up his destroyed reputation than tossing a self-serving DMCA hail mary. With these 23 own-goals on the record -- along with a new wave of criticism headed his way -- Pustule Nickelback McHitler's Brittain's best bet at this point is probably to just exit the internet altogether. Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
Rep. Aaron Schock is frequently referred to as a "rising star" in Congress, but this week, the Associated Press reported on a scandal involving Schock and his use of taxpayer and campaign funds for things like flights on private jets (owned by key donors) and a Katy Perry concert. Frankly, I think some of the "scandal" here is a bit overblown. But what struck me is part of how the AP tracked these details about Schock down: The AP tracked Schock's reliance on the aircraft partly through the congressman's penchant for uploading pictures and videos of himself to his Instagram account. The AP extracted location data associated with each image then correlated it with flight records showing airport stopovers and expenses later billed for air travel against Schock's office and campaign records. In short, the metadata brought Schock down. Of course, as we've been describing, anyone who says that we shouldn't be concerned about the NSA's surveillance of metadata, or brushes it away as "just metadata," doesn't understand how powerful metadata can be. As former NSA/CIA boss Michael Hayden has said, the government kills people based on metadata. But it does seem noteworthy that Schock was one of those who claimed that Ed Snowden's leaking of how the NSA collected metadata on nearly everyone amounted to treason. I wonder if he still feels that way...Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
As we've been reporting, seemingly hopeless legal challenges to UK surveillance have already notched up two wins, and revealed previously secret details about what has been going on. Now the French digital rights group La Quadrature du Net (LQDN) is taking the same approach in France: Together with FFDN, a federation of community-driven non-profit ISPs, La Quadrature du Net is bringing a legal action before the French Council of State against a decree on administrative access to online communications metadata. Through this decree, it is a whole pillar of the legal basis for Internet surveillance that is being challenged. This appeal, which builds on the European Union Court of Justice's recent decision on data retention, comes as the French government is instrumentalizing last month's tragic events to further its securitarian agenda, with an upcoming bill on intelligence services. LQDN is referring to the fact that in December 2014, the French government quietly passed an executive decree bringing in controversial surveillance measures that were passed by the French parliament a year before -- more details are given in LQDN's post. This is the first legal challenge carried out directly by La Quadrature du Net, but is unlikely to be the last: Eventually, this legal challenge will make it possible not only to formally refer the issue to the Constitutional Council, since the [new surveillance law] never underwent a constitutionality check, but also to confront existing French Law with the [Court of Justice of the EU] and the [European Court of Human Rights]'s case laws. In other words, even if the present challenge before the French Council of State fails, there are further legal avenues that can be explored afterwards, which makes the likelihood that at least one of them will be successful much higher. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
Pat Lynch, the president of New York City's Patrolmen's Benevolent Association (PBA), has always been a cop's best friend, especially the more questionable ones. In the wake of Eric Garner's death at the hands of an NYPD officer, Lynch was quick to deflect criticism by pointing fingers at the person who captured the incident on video. The New York City Patrolmen’s Benevolent Association, the largest union representing NYPD officers, said in a statement that it was “criminals like Mr. Orta who carry illegal firearms who stand to benefit the most by demonizing the good work of police officers.” Lynch also opposed efforts (supported by Police Commissioner Bill Bratton) that might make his officers more accountable, ignoring evidence collected elsewhere because it didn't agree with his belief that cops shouldn't be watched. Oh, and the real problem is that the city is too quick to hand over money to victims of police misconduct. We are reserving our decision on body cameras until we see some real evidence of their effectiveness and impact on the officers who carry them. The Public Advocate cites the $152 million that the city spends on lawsuits against police officers but what she fails to say is that the city refuses to fight even the most ridiculous and baseless of the claims. Instead, they settle these ridiculous suits when they should fight everyone of them to conclusion which would effectively put an end to quick buck lawsuits against our officers. As the situation eroded after the killing of Eric Garner, Lynch continued to support the NYPD's every action. When two officers were killed in their cars by a gunman, Lynch used this tragedy to widen the divide between the police and the policed. During memorial services for the slain cops, attending officers turned their backs on Mayor De Blasio for his daring to suggest his mixed-race son might have more to fear from the city's stop-and-friskers than whites. Lynch further leveraged this tragedy with his explicit support of the NYPD's "work slowdown." Unfortunately, this non-enforcement of bullshit charges failed to return the city to its murder-a-minute heyday of the 70s and 80s, instead highlighting the fact that only going after more dangerous criminals was actually a fairly good way to police a city. But even though Lynch has done his most to be a cop's best friend, it's becoming clear that many cops are no longer returning his affections. Union members are finally realizing that Lynch doesn't really serve his members' interests. He only serves himself. Back in January, a union meeting devolved into shoving matches and screaming as members began to express their displeasure with Lynch's preference for grandstanding, rather than taking care of his officers. A police union meeting sparked an uproar Tuesday when officers blasted union president Pat Lynch over his demand that Mayor Bill de Blasio apologize to the NYPD, police sources said. The war of words took place at the end of the two-hour meeting at Antun’s in Queens Village when union delegates from the Patrolmen's Benevolent Association began shouting at Lynch, demanding to know what came out of a recent meeting with the mayor, a law-enforcement source said. Lynch accused the mayor of having "blood on his hands" after the slaying of two NYPD officers, while refashioning their corpses into his personal pulpit. But his officers don't care whether or not De Blasio apologizes for his statements on the Garner case. What they actually want is what almost all officers want: safety. The officers at the union meeting wanted answers from Lynch about getting heavier weapons, better bulletproof vests and new patrol cars, the source said. Lynch values being very publicly right above almost anything else. His officers just want to feel that what happened to two of their own won't happen to them. Lynch not only doesn't care about the rank-and-files' priorities, he's not above using their deaths to further his career. Critics of Patrick Lynch have accused the fiery union leader of campaigning for reelection on the backs of murdered cops — including the use of a somber photo at a memorial for the slain officers… The latest controversy stems from a new campaign video showing the president of the Patrolmen’s Benevolent Association in uniform at a makeshift memorial honoring Liu and Ramos. The 1-minute, 4-second video, which a Lynch spokesman said was not authorized by the campaign, begins with a backdrop of stars and the words: “Team Lynch 2015.” [...] In one image, Lynch is delicately laying flowers at the foot of the memorial. “Thousands of cops went to that memorial and he gets his picture taken and uses it,” the delegate said. “ None of the other cops had their pictures taken. Only the politicians . . . so that makes him worse than the politicians.” "Authorized" or not, it's not making Lynch any more friends in the department, something he kind of needs if he's going to continue to hold this position of power. And as for the authorized aspect of the video, various PBA spokespeople seem to be offering contradictory statements. The pictures in the video are not meant to elicit the sympathy vote, spokesman Al O’Leary said. “(They are) just the most recent photos available of him in uniform,” he explained. Why someone from Lynch's camp would feel compelled to defend images from an unauthorized video, much less make statements about the intent of the photos that supposedly weren't picked by Lynch's office, is puzzling. Then there's the fact that the video first surfaced on PBA treasurer Joseph Alejandro's Facebook page, which would at least suggest endorsement of the content. (Which has since been removed for -- of all reasons -- copyright claims by the NY Daily News over images used in the video.) Whether or not Lynch specifically authorized this video no longer matters. He will suffer the backlash from its publication just the same. He no longer has control of the union and he has really no one else to blame. While the PBA will undoubtedly continue to defend its officers from criticism and accountability, it likely won't be Lynch heading it up. It's the union that isn't, one whose "leadership" cares more about press appearances and political warfare than ensuring its members are better protected and equipped. At the end of the day, cops (rightly or wrongly) just want to make it home alive. And while Lynch is certainly quick to deploy the unofficial First Rule of Policing in defense of his officers' misconduct, he has no interest in actually backing up his stated concern for officer safety with any practical actions. Lynch's eventual exit will be welcomed, even if his replacement may be the same sort of self-centered political animal. Lynch managed to turn two tragedies into nothing more than a pointless, public shouting match with the Mayor's office that did nothing at all to serve the officers whose wages he receives a cut of. Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
It's surprising how poorly documented some of the Apollo missions are now -- with lost original footage of the first lunar landing (eventually restored from other recordings). Now we're entering a new phase of space that's more privatized, so it's even more likely that commercial space programs will not be preserved for the benefit of all. Maybe someday all of NASA's tweets will be safely stored on magnetic tape, and SpaceX's first reusable rocket landing video will be preserved in HD. Or maybe we'll have to check on Elon Musk's closet after he dies to look for Martian souvenirs. Neil Armstrong stashed away some cool stuff from his first walk on the moon -- including the camera that was used to record the mission and a bunch of cables and straps. Armstrong's widow recently found these artifacts in a closet, and historians should probably go through his underwear drawer to check for moon rocks. [url] NASA's first group of astronauts (aka the "Mercury 7") were a bunch of guys who were put through all kinds of endurance tests to make sure they were made of the right stuff to go into space. However, few people have heard of the group of "Mercury 13" women who also trained to be astronauts in the 1950s (but never got to go to space). [url] Hundreds of plant seeds were sent on the 1971 Apollo 14 mission and came back -- and some of the "Moon Trees" are still growing today. There wasn't an official list to keep track of Moon Trees when they were planted in the mid-1970s, but there's a partial list now maintained by NASA. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
For a few years now, we've been writing about the Trans Pacific Partnership (TPP) agreement, and how we're quite concerned by many aspects of it. In particular, we're quite concerned about the intellectual property provisions -- which leaks have shown are tremendously problematic -- as well as the corporate sovereignty provisions, which negotiators like to call "investor state dispute settlement" (ISDS) because it sounds so boring. Of course, the biggest concern of all is that these deals are negotiated in total secrecy, with the various negotiators refusing to reveal the agreed upon text until it's a done deal and the public is unable to comment on it or suggest changes and fixes. In the fight over the TPP (and the other big trade agreement, with Europe, called the TTIP or TAFTA), an important side issue is over so-called "fast track" authority, or (more officially) "trade promotion authority." This is where Congress basically tells the USTR that it will only take a single "yes/no" vote on whatever the USTR comes back with, rather than delving into the details of the trade agreement and challenging specific aspects of it. In fact, there's an argument that, without fast track authority, the USTR can't really commit the US to anything. What's really odd is that, in a Republican-controlled Congress that seems to want to fight President Obama on just about anything that even has a whiff of the executive branch having more power, it's those Republicans in Congress who are pushing strongly for fast track authority -- effectively giving up their (Constitutionally-mandated) power to regulate international trade. Either way, it is strongly expected that Congress will introduce some sort of Trade Promotion Authority bill in the coming days, even as the key Democrat involved in this issue, Senator Ron Wyden, has pushed back on hearings planned by Senator Orrin Hatch for later this week. To try to justify giving up Congress's own power to the executive branch, defenders of trade promotion authority, such as Paul Ryan, claim that it's actually Congress "asserting its authority in the early stages of a trade negotiation." That's clearly bullshit, since TPP is in its final stages, after being negotiated for many years. The other claim is that because of the way trade promotion authority works, it involves a bill that tells the USTR what needs to be included in any agreement. Again, while that is used to make it look like it's Congress presenting its desires to the USTR, which has to follow it, that would only make sense if TPA was offered at the beginning -- not the end -- of the negotiations. Even Paul Krugman, who was initially a supporter of the TPP eventually changed his tune. Most recently, in response to President Obama's latest call for trade promotion authority, Krugman referred to it as suspicious nonsense. He supports trade deals, but "strongly suspects" there's "bad stuff hidden in the fine print." Of course, that wouldn't be such a concern if the USTR actually released the drafts it's pitching, but that apparently will never happen. And that brings us (finally) to the question of what will be in the eventual push for fast track authority, that is expected to come out any day now. Daniel Sepulveda, who is sort of the US's "ambassador to the internet," just gave a speech talking about how fast track can help protect the open internet. He notes, rightly, that it's important to "[preserve] the free flow of information, to protect the internet's potential as the world's engine for future growth." He further points out that "the increase in Internet use creates significant economic potential." But, oddly, he claims that fast track can somehow guarantee this -- when previous attempts at fast track have shown no such thing. Here's Sepulveda: The Obama Administration is working to unlock the promise of e-commerce, keep the Internet free and open, promote competitive access for telecommunications suppliers, and set digital trade rules-of-the-road by negotiating new trade agreements. Trade Promotion Authority legislation and the pending trade agreements we expect Congress to consider over the coming months and years will provide that kind of protection. These agreements aim to ensure that the free flow of information and data are the default setting for nations. This will preserve the architecture that has empowered the Internet and global communications to fuel economic growth at home and abroad. It is in our interest, across parties and ideology, to ensure we move forward and approve TPA and the pending agreements for many reasons, but promoting the preservation and growth of global communications and the open Internet is one of the strongest. I agree that preserving an open internet is important -- and I wish that our trade deals did exactly that, but they don't. In particular, the intellectual property sections of various trade agreements have not been focused on preserving an open internet, but on shutting it down. We've been asking for nearly a decade how protectionist policies aimed at propping up a legacy industry's obsolete business models is "promoting free trade." It seems like the opposite. And, in fact, if you look at the version of the "fast track" legislation that was introduced in the last Congress, you'll notice that the section it has on intellectual property is almost entirely focused on ratcheting up enforcement and protection. It only talks about intellectual property enforcement, including "meeting enforcement obligations," and "providing strong protection for new and emerging technologies and new methods of transmitting and distributing products embodying intellectual property." It includes sections that are all about protectionism and enforcement, rather than "free trade." Providing strong protection for new and emerging technologies and new methods of transmitting and distributing products embodying intellectual property, including in a manner that facilitates legitimate digital trade; Preventing or eliminating discrimination with respect to matters affecting the availability, acquisition, scope, maintenance, use, and enforcement of intellectual property rights; Ensuring that standards of protection and enforcement keep pace with technological developments, and in particular ensuring that rightholders have the legal and technological means to control the use of their works through the Internet and other global communication media, and to prevent the unauthorized use of their works; Providing strong enforcement of intellectual property rights, including through accessible, expeditious, and effective civil, administrative, and criminal enforcement mechanisms. In fact, if you look, these clauses are almost verbatim from the last time Congress granted trade promotion authority, back in 2002, with the 2002 Trade Act. Check out the section in that law about intellectual property and you may notice a rather striking similarity to what was in the last Congress's attempt, put together by Senator Orrin Hatch, who's leading the charge this time around as well: Providing strong protection for new and emerging technologies and new methods of transmitting and distributing products embodying intellectual property; Preventing or eliminating discrimination with respect to matters affecting the availability, acquisition, scope, maintenance, use, and enforcement of intellectual property rights; Ensuring that standards of protection and enforcement keep pace with technological developments, and in particular ensuring that rightholders have the legal and technological means to control the use of their works through the Internet and other global communication media, and to prevent the unauthorized use of their works; and Providing strong enforcement of intellectual property rights, including through accessible, expeditious, and effective civil, administrative, and criminal enforcement mechanisms; Look familiar? Other than the inclusion of the phrase "including in a manner that facilitates legitimate digital trade," they are identical. And yet, think about just how much the world has changed since 2002 -- and how important we know the internet is, and how much we've learned about how intellectual property law can be widely abused to harm or break the open internet. Since then, we've seen the DMCA used repeatedly to stifle free expression. We've seen Russia using copyright law to stifle political dissent. We've seen how plans to use copyright law to block access to certain sites enable an architecture of censorship. We've seen news publications seized and popular digital storage lockers shut down completely via copyright claims. Given all that, it's difficult to see how the US can actually be serious about protecting an open and free internet, if it's going to continue to use trade agreements like the TPP -- to push for greater tools like those described above, that simply put the ability to censor the internet, and to take down innovative services, into trade agreements. If, when the eventual trade promotion authority bill comes out, it includes this same language all over again, you can be sure that the TPP is not about protecting an open internet, but rather about protecting a few legacy businesses, and enabling government to shut down and stop the open internet. I'm a believer in free trade and open borders. I know that some are protesting agreements like the TPP because they don't like free trade itself, and think it's problematic. That's not my concern. My concern is that what's being done in the name of free trade, and in the name of an open internet, is anything but that. It's about protecting the past, not investing in and enabling the future. We all have our concerns about what's in the various sections of the TPP (which could be solved today if the USTR just released the damn documents), but our first hint of what's really going on here will be evident by how the "intellectual property" section of the expected TPA bill is written. If it's just repeating the same misleading lines from 2002, you can be sure that the TPP is just as big a problem as expected.Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
Rightscorp -- another company with designs on revolutionizing the pursuit of infringers -- has a murky past, a very troubled present, and almost no future. For the second time in three months, it's facing a lawsuit over its shakedown tactics. Rightscorp tries to present itself as the good guy of the anti-piracy world, "allowing" alleged infringers to buy their way back into the company's good graces for the low, low price of $20 per accusation. It seems like quite a bargain when coupled with the company's Standard Threat Letter, which never fails to mention the $150,000 statutory limit when addressing potential shakedown victims. So far, its efforts have met with limited success. (Putting it kindly.) Its stock price -- which occasionally threatened to top the gilded $1/share limit now hovers at around $0.09/share. Its perky press releases can't hide the fact that a trickling revenue stream backed by shady tactics is never going to make millionaires of its shareholders. The lawsuit filed last November accuses Rightscorp of violating damn near everything under the sun in its quest to spin alleged infringers into gold. The complaint seeks class damages against Rightscorp for violations of the Telephone Consumer Protection Act, the Fair Debt Collection Practices Act, California’s Rosenthal Act, and Abuse of Process. The complaint alleges unlawful robo-calls, as well as other unfair debt collection practices, and that Rightscorp has abused the legal process by issuing DMCA Section 512(h) subpoenas that it knew were objectively baseless. If someone can take Rightscorp down for its shakedown tactics, it's probably Morgan Pietz, who is armed with a wealth of practical Prenda experience. This latest suit doesn't have Pietz, but it does have another list of accusations, most of which revolve around Rightscorp's seeming indifference to federal laws governing telecommunications. First, in the rundown of the events leading to this class action lawsuit, attorney Sergei Lemberg points to the fact that Rightscorp's questionable tactics can be traced back to information obtained with an equally questionable subpoena. (Internal citations omitted.) The legality of Rightscorp’s subpoenas is highly questionable. Under 17 U.S.C. § 512(h), a subpoena may not be issued to an ISP which does not store information on its system but rather acts as a mere “conduit” for electronic communications. Rightscorp willfully disregards this requirement, issuing such subpoenas to conduit ISPs and storage ISPs alike. In In re Subpoena Issued to Grande Commc’ns Networks LLC, 1:14-mc-00848, Doc. No. 1 (W.D. Tex. Sept. 5, 2014), the plaintiffs moved to quash a subpoena issued by Rightscorp to its internet service provider. Rather than defend its subpoena’s legality, Rightscorp packed up its bags and withdrew its subpoena the very next day. The case was dismissed in result. From there, the filing moves on to what Rightscorp did with its questionably-obtained subscriber data, including the deployment of unsolicited phone calls, text messages and threatening emails. Here's one email one plaintiff received. Dear Melissa Brown, Attached is the evidence of 26 copyright infringements that have occurred as a direct result of a file sharing program operating under your internet connection: [REDACTED]. I have also included all 26 e-mail notifications that were automatically sent to your internet service provider regarding federal law being broken under their services. Any further questions or concerns you may contact my direct line at (310) 405- 0102. I do ask that you refrain from derogatory language when speaking with a DMCA Agents, as the transactions are kept on file. Thank you for your cooperation, Marina The last sentence of this email stands out, as it could add to the numerous legal woes currently being faced by Rightscorp. As was pointed out by one of Fight Copyright Troll's Twitter followers, this wording suggests Rightscorp records and stores all incoming calls in apparent violation of California law. California is a so-called two-party state, and the recording of a phone conversation without consent may result in penalties. That point isn't mentioned in the lawsuit, but plenty of other violations are. The complaint notes that Rightcorp also sent unsolicited text messages to the plaintiff's phone as well as used a robodialer to make repeated calls. Considering the only loophole for unsolicited communications under the Telephone Consumer Protection Act pertains to "emergency purposes," it would appear that its use of both (text messages are considered "calls" by the FCC) run afoul of federal law. Despite being told to cease its calls, emails and text messages, Rightscorp persisted. Now, it's being accused of "wilfully violating" the TCPA in its pursuit of the two plaintiffs. While debt collectors are allowed to call debtors to pursue collections, they have to adhere to many rules, including how many calls may be placed a day and between what hours. Unless consent is obtained, they cannot send text messages or use other forms of communications (like email). Rightscorp isn't a debt collector, although I'm sure it feels its business model is closely related. In reality, Rightscorp's business is more closely aligned with telemarketers, which any person can opt out of receiving calls from in perpetuity. (Telemarketers are also not allowed to send unsolicited text messages.) Rightscorp is, in essence, selling $20 settlements to any alleged infringer it can obtain contact data for. Its "offers" are backed by no legal authority. It would take an actual lawsuit to pursue infringement allegations and that has never been part of Rightscorp's plans. If it chose to handle its business honestly (by suing alleged infringers), it would have no need to harass the accused via phone calls, emails and text messages. (It would, in fact, have several reasons not to contact potential defendants.) But since suing doesn't figure into the revenue stream, Rightscorp is reduced to pitching tiny "settlements" (in quotes because settling doesn't prevent an infringer from being sued by the rightsholders themselves) to the gullible or easily-intimidated. Hopefully, this lawsuit (and its previous one) will take the last few pennies out of its falling stock price and force it to return to whatever it was that it was doing when it was d/b/a Stevia Agritech Corp. or Kids Only Market Inc. There are much better ways to pursue alleged infringers (like: not at all!) than abusing or skirting every law on the books that relates to the chosen "business model." At this point, Rightscorp's tactics appear to be every bit as toxic as its stock price.Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
There have been questions of when (not if) the next "Ed Snowden" situation would show up. There certainly have been a few recent leaks that appear to have been from folks other than Snowden, but they've mostly been one-off leaks. However, this morning, Al Jazeera is claiming that it got its hands on a huge trough of spy documents, in the form of cables from South Africa's spy agency, the State Security Agency (SSA), and it will begin reporting on what's in those documents, in collaboration with reporters at The Guardian: Spanning a period from 2006 until December 2014, they include detailed briefings and internal analyses written by operatives of South Africa's State Security Agency (SSA). They also reveal the South Africans' secret correspondence with the US intelligence agency, the CIA, Britain's MI6, Israel's Mossad, Russia's FSB and Iran's operatives, as well as dozens of other services from Asia to the Middle East and Africa. The files unveil details of how, as the post-apartheid South African state grappled with the challenges of forging new security services, the country became vulnerable to foreign espionage and inundated with warnings related to the US "War on Terror". As Al Jazeera points out, this is not "signals intelligence" (SIGINT) material, but rather "human intelligence" (HUMINT) of the kind normally done by the CIA, rather than the NSA. It's about spies on the ground -- and also, according to Al Jazeera, their humdrum daily office existence. Honestly, it almost sounds like the plot of a bad sitcom: come work at a premier national intelligence agency... and bitch about the lack of parking: At times, the workplace resembles any other, with spies involved in form-filling, complaints about missing documents and personal squabbles.... One set of cables from the Algerian Embassy in South Africa relates to a more practical concern. It demands that "no parking" signs are placed in the street outside. The cable notes that the British and US embassies enjoy this privilege, and argues that it should be extended to Algeria as well. Whether or not this latest leak turns up anything more interesting than parking disputes, it is worth noting that another trove of intelligence documents have leaked...Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
This week is Fair Use Week, according to the Association of Research Libraries, and that's as good a time as any to remind everyone that it's wrong to refer to fair as merely a "limitation or exception" to copyright law -- or merely a defense to infringement. It is a right that is protected by the First Amendment. The Supreme Court has regularly referred to "fair use" as a "safeguard" of the First Amendment, allowing copyright law to be compatible with the First Amendment. As such, it seems bizarre that fair use is not seen as the default, rather than the other way around. If we are to protect the First Amendment, and not allow for speech to be stifled, at the very least, we need a greater recognition of the importance of fair use in guaranteeing that the First Amendment's principles of free speech are allowed to thrive. Freedom of expression is a right that may not be abridged by the government -- except in a few narrowly defined cases. Copyright is one of those cases -- and we can argue about whether or not that's appropriate, but at the very least, it's important to shift our view from thinking "copyright" is the norm and that fair use is a small "exception," to one where we recognize that free expression is the norm, with fair use making sure that freedom of expression is enabled, even when copyright is present. Unfortunately, too many powers that be in legacy industries have sought to flip this equation. They deny that fair use is a right -- insisting it is merely a "defense" to infringement. While it is true that under current law, in order to be able to demonstrate your fair use rights, you need to raise it as an affirmative defense to an accusation of copyright infringement, that does not diminish the fact that fair use is simply a procedure for guaranteeing your First Amendment rights. It is not a small issue that's only important in academic debate, but rather a central issue that determines just how strongly we, as a society, believe in the First Amendment. Finally, how could we conclude a post on fair use without including some fair use in it? How about this video, misleadingly called The Infringement Melody (Section 107 of the Copyright Act clearly states that "the fair use of a copyrighted work... is not an infringement of copyright"), which appears to be a student project to come out of a popular Yale class on Law, Technology and Culture, in which fair use is a big part of the curriculum: F-A-I-R U-S-E... find out what it means to me! Also, be on the lookout for tomorrow's podcast... all about fair use as well.Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
Apparently, execs at Gemalto went to the same crisis management training program as the top execs at Lenovo. As you probably recall, last week The Intercept revealed that the NSA and GCHQ had hacked into the systems at Gemalto, the world's largest maker of SIM cards for mobile phones, in order to get access to their encryption keys. This is a pretty massive security breach, allowing these intelligence agencies to decrypt calls that people thought were encrypted. But Gemalto insists its SIM cards are perfectly secure: “Initial conclusions already indicate that Gemalto SIM products (as well as banking cards, passports and other products and platforms) are secure and the Company doesn’t expect to endure a significant financial prejudice.” This sounds an awful lot like Lenovo's initial reaction to the reports about the Superfish/Komodia vulnerability it shoved onto many of its customers computers, saying (totally incorrectly): We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns. Lenovo, at least, pretty quickly changed its tune and admitted to it being a major problem. Of course, there are some differences here. With Lenovo, the company had made the choice to include Superfish -- whereas the Gemalto hacking was done (obviously) without the company's knowledge. You'd hope that the company would be much more upfront about the seriousness of the issue, rather than insisting that everything is just fine and dandy. Of course, it's that last phrase -- about not having to "endure a significant financial prejudice" -- that shows what's really going on. Gemalto's stock price took a huge hit, and the company is trying to assure investors that everything is okay -- not necessarily its customers. See if you can tell when the news about this came out? So now the question is, which is more important to Gemalto? Keeping its stock price up or its users secure?Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
With each passing day, it appears that new revelations come out, detailing how the Komodia/Superfish malware is even worse than originally expected. If you don't recall, last week it came out that Lenovo was installing a bit of software called "Superfish" as a default bloatware on a bunch of its "consumer" laptops. The software tried to pop up useful alternative shopping results for images. But in order to work on HTTPS-encrypted sites, Superfish made use of a nasty (and horribly implemented) "SSL hijacker" from Komodia, which installed a self-signed root certificate that basically allowed anyone to issue totally fake security certificates for any encrypted connection, enabling very easy man-in-the-middle attacks. Among the many, many, many stupid things about the way Komodia worked, was that it used the same certificate on each installation of Superfish, and it had an easily cracked password: "komodia" which was true on apparently every product that used Komodia. And researchers have discovered that a whole bunch of products use Komodia, putting a ton of people at risk. People have discovered at least 12 products that make use of Komodia. But it gets worse. Filippo Valsorda has shown that you didn't even need to crack Komodia's weak-ass password to launch a man-in-the-middle attack, but its SSL validation is broken, such that even if Komodia's proxy client sees an invalid certificate, it just makes it valid. Seriously. At this point a legit doubt is: what will the Komodia proxy client do when it sees a invalid/untrusted/self-signed certificate? Because copying it, changing its public key and signing it would turn it into a valid one without warnings. Turns out that if a certificate fails validation the Komodia proxy will still re-sign it (making it trusted), but change the domain name so that a warning is triggered in the browser. Okay, but at least there's a warning, right? Well, no, because... as Valsorda notes, there's another horrible part of the implementation that gets around this: alternative names. The Komodia proxy copies the server certificate almost entirely... What will it do with alternative names? Alternative names are a X509 extension that allows to specify in a special field other domains for which the certificate is valid. Boom. The Komodia proxy will take a self-signed certificate, leave the alternate names untouched and sign it with their root. The browser will think it's a completely valid certificate. So all you need to do to bypass verification is put the target domain in the alternate field, instead of in the main one that will be changed on failure. An attacker can intercept any https connection, present a self-signed certificate to the client and browsers will show a green lock because Komodia will sign it for them. As Valsorda points out, because of this, attackers don't even need to know which Komodia-compromised software you're running. They can just fuck with them all. Thought we were done with how bad this is? Nope. Not yet. Because another security researcher, going by the name @TheWack0lian, found that Komodia uses a rootkit to better hide itself and make it that much harder to remove. Komodia appears to have implemented its system in the worst way possible, and a whole bunch of companies agreed to use its product without even the slightest recognition of the fact that they punched a massive vulnerability into the computers of everyone who used their products. What's really stunning is that many of these products actually pitch themselves as "security" products to better "protect" your computer.Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
As you may have heard, last night was the Oscars -- Hollywood's favorite back-patting celebration. However, as a recent study found, films that were nominated for Oscars saw the number of unauthorized downloads and streams surge, as people wanted to make sure they had seen these celebrated films. Films like American Sniper and Selma saw a massive increase in unauthorized downloads after being nominated. The company that did this study, Irdeto, argues that these unauthorized downloads represent a major loss for the films' producers -- but it seems like there's another explanation: the MPAA really ought to be targeting the Oscars for encouraging infringement. After all, for the past few years, the MPAA has been on a rampage trying to blame other third parties, like Google, which Hollywood insists is leading to greater infringement -- and yet, here's pretty obvious proof of another "cause" of piracy. Sure, one could argue (as we have, many times) that the lack of authorized, legitimate versions of these offerings may be contributing to the unauthorized downloads -- but the MPAA has insisted over and over again that this isn't fair. So, we'll take the MPAA at its word, and assume that the real culprit is "the Oscars" itself. Clearly, it's time to get rid of that major promoter of piracy. Just a few weeks ago, we noted that nearly all of the Oscar-nominated films were quickly finding their way online (in HD format, no less), and it's pretty clear that there would be a lot less demand if they weren't nominated. Sure, one might argue, that the more popular a film is, and the more attention it gets, the more piracy will be the result -- but, again, the MPAA angrily dismisses such claims, insisting that it must be other factors leading to piracy. And, from the Irdeto study, it certainly appears that one major factor is... the Oscars. I expect that the legal geniuses at the MPAA are now huddling in a circle figuring out which Attorney General they can convince to front a legal assault on the Oscars -- and this will all come out in the next batch of hacked emails....Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
Last month, BlackBerry CEO John Chen tried to kiss up to major wireless carriers on the issue of net neutrality with a truly bizarre missive that received ample mockery in the technology press. Basically, Chen tried to argue that we don't need tough neutrality rules -- but we really should consider rules that force app developers to make content for unpopular mobile platforms. Like oh, BlackBerry, which after endless missteps now controls just 2% of the smartphone market. This was, to hear Chen tell it, because when companies refuse to make apps for unpopular platforms they're violating something Chen called "app neutrality": "Netflix, which has forcefully advocated for carrier neutrality, has discriminated against BlackBerry customers by refusing to make its streaming movie service available to them. Many other applications providers similarly offer service only to iPhone and Android users. This dynamic has created a two-tiered wireless broadband ecosystem, in which iPhone and Android users are able to access far more content and applications than customers using devices running other operating systems. These are precisely the sort of discriminatory practices that neutrality advocates have criticized at the carrier level." Of course, as we pointed out at the time, Netflix isn't discriminating against anybody. If BlackBerry wasn't currently a train wreck and had a big enough market share to justify their time, Netflix would surely develop an app for BlackBerry users as well. As most of you know, net neutrality is about protecting the Internet from the bad behavior of companies that have built massive last-mile broadband monopolies courtesy of regulatory capture. In contrast, developers aren't making apps for BlackBerry simply because people aren't using BlackBerry's products. And while Google and Apple do dominate the smartphone market, the primary reason is because they offer a good product. That's in contrast to say, AT&T or Comcast, which offer a crap product because they have a government-protected monopoly over the last mile and have no incentive to improve. I have no idea from the bowels of which ISP think tank or telco meeting room this "app neutrality" talking point originated; Chen and BlackBerry's incoherent tirade dominates the search results for the term. But it's worth noting that Mark Cuban actually argued a very similar point two days earlier, but, fortunately for Cuban, the media was too busy mocking BlackBerry to notice. Here's a snippet of Cuban's insight on the issue of app neutrality: "There are basically 2 doors that control the availability of apps to the vast majority of smart phones in this country. They are owned and controlled by 2 of the largest tech companies in the world, Apple and Google. If you want your app to reach any type of audience (yes there are other app platforms supporting phones on the margin, but they are tiny by comparison), you have to make Google and Apple happy." Again, this ignores that Apple and Google have come to dominate the smartphone market because they make a kickass product. Not to say either of those companies doesn't engage in anti-competitive behavior, and I don't think anybody would argue Apple's app approval process isn't bizarre. But that has nothing to do with net neutrality, and Apple and Google are a far, far cry from government-pampered duopolists like AT&T and Comcast. Still, Cuban proceeds to insist that net neutrality rules need to ensure Apple and Google play nice too: "The mobile app economy is far from open. It’s dominated by two companies. It is in the best interest of the entire mobile eco-system to address this duopoly while we are re-examining net neutrality. We should seriously consider requiring Apple to to allow and support 3rd party app stores and to require that Google continues to support and enable 3rd party stores and more importantly to integrate them into the Play Store, much as Amazon does with Marketplace integration." Cuban is again showing he doesn't quite understand how the broadband industry works or what net neutrality actually is. Consumers actually do have a choice of what kind of smartphone to buy or what apps to install. While there are some smartphone freedom constraints (usually imposed by the aforementioned carriers, mind you), users still can buy a Windows phone, or a BlackBerry phone, or some offshoot hackable Android ROM that provides greater application freedom and allows them to install whatever unsigned applications they'd like. They can also access something called the Internet for even greater freedom. That's in contrast to a Comcast customer who, if they want decent broadband, usually doesn't have any other choice. The two discussions are nothing alike, and I don't think that's a particularly complicated point to understand. Still, like "search neutrality" before it, somebody somewhere pretty clearly hopes that the idea of "app neutrality" will shift people's attention away from what the net neutrality conversation is actually about: highly-tactical telecom carrier abuse of an uncompetitive broadband market. Fred Campbell of the Center for Boundless Innovation in Technology (a policy group dedicated to "liberate the ingenuity and creative spirit of America’s high-tech entrepreneurs and enterprises through market-oriented government policies") also rushed to the "app neutrality" argument when the group recently suffered a small stroke over the FCC's Title II plans: "Chairman Wheeler’s description of his plan in Wired is disingenuous. His proposal will not ‘ensure the rights of innovators to introduce new products without asking anyone’s permission.’ Some of the biggest gatekeepers on the mobile Internet today are using their power over mobile operating systems to deny access to application developers, yet these behemoths are exempted from the FCC proposal. The fact is, application developers will still have to ask someone for permission before they can access the mobile Internet. The Chairman’s plan is also discriminatory. He is proposing to apply privacy limitations on Internet service providers through ‘Section 222′ while exempting Internet ‘edge’ companies whose fundamental business model is to profit from collecting and selling personal information about consumers. The Chairman’s discriminatory decision to exempt the Internet’s biggest data collectors from this privacy provision appears designed to protect the Administration’s political allies in Silicon Valley, not consumer privacy." You see, Google, Apple and Netflix's domination of the smartphone and streaming video market is bad, even though consumers still actually have an organic market choice when it comes to those services. AT&T, Comcast and Verizon's stranglehold on the broadband market is to be ignored -- even praised -- because, uh, well, I'm not sure. You'd think those endlessly espousing the value of "free markets" would find the latter situation equally untenable, since it often involves companies literally writing state telecom law to further insulate government-protected duopolies from said market freedom. Unless of course it's not really about loving free markets or meaningful personal values at all, and it's really just about offering any old flimsy, inconsistent argument to help carriers protect the revenues received from uncompetitive (and certainly not free) markets?Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
The DOJ wants to amend Rule 41 (Search and Seizure) to grant its agencies unilateral powers to hack any computer in the world. This would expand its reach beyond the US, using warrants granted by magistrate judges to facilitate searches and seizures of remote data. This would obviously open up a whole diplomatic can of worms, what with the FBI hacking into computers whose locations it can't ascertain until after the fact. Not that the DOJ is bothered by the implications of the amendment it's pushing. It argues that the law already has determined searches in known jurisdictions legal. What's left to be established is whether it's similarly legal to search computers whose true location is unknown, thanks to the use of proxies and VPNs. That operating extraterritorially might cause some diplomatic strain or possibly even be illegal in the country the search takes place doesn't seem to have crossed its mind. In its opinion, this is the natural progression of Rule 41, which must be updated to reflect the change in technology. Google has fired back at the DOJ in its comments on the proposed wording change, pointing out not only the damage it could cause to international relationships, but also its further dismantling of Fourth Amendment protections. Although the proposed amendment disclaims association with any constitutional questions, it invariably expands the scope of law enforcement searches, weakens the Fourth Amendment's particularity and notice requirements, opens the door to potentially unreasonable searches and seizures, and expands the practice of covert entry warrants. Google then suggests that if the DOJ wishes to keep stripping away these protections, it should have the decency to do it the way it's usually been done: through acts of Congress. The substantive changes offered by the proposed amendment, if they are to occur, should be the work of congressional lawmaking. Such was the case with a slew of legislation providing law enforcement with the ability to use technological means to conduct invasive searches on targets, including the Foreign Intelligence Surveillance Act, which provides law enforcement with the ability to legally surveil and collect foreign intelligence information; Title III of the Omnibus Crime Control and Safe Streets Act of 1968, which provides law enforcement with the ability to legally intercept wire, oral, and electronic communications; the Stored Communications Act, which provides law enforcement with the ability to legally access electronically stored communications; and the Pen Registers and Trap and Trace Act and USA PATRIOT Act, both of which provide law enforcement with the ability to legally intercept real-time telephony metadata. In passing this legislation, Congress was able to openly debate and weigh the various constitutional issues at play. This would seem to be the least the DOJ can do, rather than trying to sidestep the process it forces American citizens to use. "I empathize that it is very hard to get a legislative change," Amie Stepanovich, senior policy counsel with Access, a digital-freedom group, told the judicial panel during a meeting called to review the proposal in November. "However, when you have us resorting to Congress to get increased privacy protections, we would also like to see the government turn to Congress to get increased surveillance authority." Google also warns that the non-specific wording of the proposal lends itself to all sorts of shady tactics. There are a myriad of serious concerns accompanying the government's use of NITs [Network Investigative Techniques]. These are outlined in detail in other comments submitted to the Committee and include, among other things, the creation of vulnerabilities in the target device thereby increasing the target's risk of exposure to compromise by other parties, actual damage to the target device, the creation of a market for zero-day exploits, and unintended targets' exposure to malware. Additionally, the remote facilities accessed by the government may in fact identify and disclose the 'hack' or take action to prevent it or retaliate against its use. These are serious concerns that are more appropriately considered and balanced by Congress than by the Committee. Again, with the exception of the eventuality listed last, these are side effects the DOJ couldn't care less about. Collateral damage is almost always acceptable, and at this point -- considering what we've learned about the tactics deployed by the NSA and other intelligence agencies -- making things worse and less safe for the world's citizens is just another essential part of fighting Wars on Things. The DOJ seems to view its proposal as a necessity in the race against technological advance, rather than a dangerous expansion of power that could result in some very negative repercussions. Unfortunately, the nation's prosecutors and magistrate judges seem to be very much aligned with the DOJ. Both refer to the Rule 41 change as "filling a significant gap" in existing law. But it does far more than that. The DOJ argues it's just a needed tweak, but it gives its agencies unprecedented extraterritorial powers and encourages these investigators to view anonymous connections as inherently suspicious. Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
This week, when the president was asked directly about his thoughts on encryption and law enforcement, he gave what was overall a very well-measured response about the need to acknowledge the tradeoff between safety and privacy, regardless of which side you ultimately conclude to embrace. It was a great answer in theory, but it was missing a critical point from the reality of the situation, and That One Guy wins most insightful comment of the week for pointing that out: You made your bed, now sleep in it This is something that even children can understand, the idea that if you cannot show responsibility with your toys, you'll have them taken away, and yet it seems to completely escape the government and law enforcement. They've had their chance, to act in a reasonable fashion, to show that they can be trusted, and they have utterly failed. If people and companies are moving towards phones that are encrypted by default and require the owner to personally unlock them, it's because law enforcement has proven that they cannot be trusted to follow the laws that prohibit them from 'browsing' on a whim or hunch. If society and the companies in it are pushing for more encryption, and more secure forms of communication, it's because those like the NSA have shown absolutely no restraint in scooping up everything they can get their hands on, just in case it might prove useful at some point down the road. The government, and the police, have shown that they cannot be trusted, and the public is reacting accordingly. It would be nice if those in the government and police forces were willing and able to admit this, but given that would require them to first admit that they've done something wrong, I'll not hold my breath while waiting for it to happen. Case in point: this week we also discovered that the NSA has the ability to hide spyware deep inside hard drives and swipe the encryption keys for SIM cards. One commenter asked why they weren't in jail, and jupiterkansas went on to wonder (and win second most insightful comment of the week) what all this accomplished anyway: Or a related question, since they pretty much have unrestricted access to everything, why is there still terrorism in the world? Of course, not all hardware is compromised by the NSA — sometimes it's compromised by the manufacturer itself, as is the case with Lenovo's Superfish malware and associate HTTPS hack. Lenovo CTO Peter Hortensius seemed to think that he could handwave this massive blunder because the threats were, in his mind, "theoretical", and both our editor's choice comments for insightful this week come in response to that notion. First up, an anonymous commenter pointed out what an inane statement that is: ALL threats are theoretical; otherwise, they're called attacks. But before that, John Fenderson explained why this kind of reaction is worse than the initial mistake: Including Superfish and the bogus certificate was a terrible thing to do in the first place, but what convinced me to never buy another Lenovo machine in the future was this exact response by them. It indicates either an insane level of incompetence or a deliberate effort to deceive everyone. Either way, that's enough to put them on my "never do business with" list. There's a reason I chose that first Lenovo comment — it's an interesting juxtaposition with our funniest comment of the week. The first one made the point in perhaps the most succinct and direct way possible — but there's something to be said for Just Another Anonymous Troll's approach of making it in the most amusing and indirect way possible: "Yes, there's a big honking hole in my castle wall, but no enemy troops have stormed in through it so any concerns about it are all theoretical." -King Peter Hortensius the First (and last) For second place on the funny side, we head to an already-pretty-funny trademark dispute between three companies with logos that are more or less just plain 'W's. Sorrykb might have inadvertently given the lawyers some ideas: "Today's episode of Sesame Street was brought to you by the letter [removed due to trademark claim]..." For editor's choice on the funny side, we turn our attentions to AT&T, which had a more creative approach to spying on people: offering lower broadband prices for users who opt in to be spied on. Rich Kulawiec had an idea: A solution suggests itself 1. Sign up for AT&T's surveillance package. 2. Set up VPN for all "real" traffic. 3. On a spare system that's connected 24x7 and not connected through the VPN, run a Perl script that issues intermittent search queries comprised of terms found on 4chan forums, Twilight fanfic sites, YouPorn, and whatever site is the main one for Bronies. Oh, and Frank Zappa lyrics. 4. Smile while contemplating how confused the marketroids staring at the data analytics are going to be. Finally, we've got one of the funniest things that happened this week. Plfer, the service that promises to find copyright-infringing text online and calculate damages for you, is a groaner for dozens of reasons, not the least of which is its apparent distaste for fair use. That especially, as pointed out by That One Guy, is compounded by the fact that its hypocritical practice of using (and attacking) Techdirt quotations on the site is a classic case of commercial fair use: Well, this is awkward... ...it is difficult to argue any part of the internet is truly "non-commercial" and so the application of the "fair use" defence would seem to remain limited. So fair use should be severely limited apparently. Boy, that sure does make this bit rather awkward... For instance, Mike Masnick at TechDirt says: "People copy stuff all the time, because it's a natural and normal thing to do. People make copies because it's convenient and it serves a purpose -- and quite often they know that doing so causes no harm in those situations." He's using someone else's quote to promote his own service, which according his own argument, would almost certainly count as commercial use, and therefor fair use wouldn't apply. ... I wonder just how much his service would qualify his use of someone else's work, and the 'harm' it caused? Perhaps a couple hundred thousand or so, depending on how long his post has been up? That's all for this week, folks! Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Five Years Ago In the past five years, we've been convinced that Title II is a necessary step in the right direction for net neutrality — but back in 2010, we still holding out hope that the problem could be solved purely with competition. Nonetheless, we could already see the utter ridiculousness of most anti-regulation arguments and the bad behaviour of ISPs, from warning about the death of iPhones to blocking broadband stimulus efforts or favoring marketing lawsuits over service improvement. And we weren't convinced when the FCC chair said that Google Fiber represents enough viable competition. These were also the early days of the New York Times paywall, when folks were still debating its fundamental structure and studying the question of how willing people are to pay for content online. Meanwhile the Times itself, like many other publishers, was attempting to sell people an expensive iPad edition (despite the obvious fact that pretty much all the same things can be done on the web). To some, the future of journalism was more about curation, or maybe even pay-what-you-want. The USTR's infamous Special 301 report came out this week in 2010, and for the first time included an open comment system which we promptly utilized. It was nice and all, but it's really time to scrap the program altogether. And if you want to talk about copyright, maybe look at Public Knowledge's sensible ideas for reform. Ten Years Ago The future of digital journalism was even less clear this week in 2005. Some newspapers thought the best approach was to keep lots of content offline. The New York Times, for its part, bought About.com (since sold to Barry Diller's IAC). Of course, iPad editions weren't exactly an issue yet — at this time, analysts were still arguing about the distinction between PDAs and smartphones. That didn't stop lots of companies from pushing mobile TV, though, and while we still weren't sure how big of a draw it that would really be, we were happy to see Showtime start experimenting with straightforward online streaming. This was the year that SHA-1 encryption was broken. Unfortunately, a decade later it's still in widespread use — though most companies are on track to deprecate it by 2017. Also in 2005: some states were rejecting red light cameras while others were demonstrating their problems, an Italian DJ was fined over a million euros for his MP3 collection, a tattoo artist sued the NBA for showing his artwork, manufacturers were starting to make ultra-cheap phones for developing nations while companies at home were jumping on the gadget giveaway bandwagon, and we were catching on to the practice of UK libel tourism. Fifteen Years Ago Ah, 2000 — the not-exactly-dawn of the new millennium, and a time of much philosophizing and prophesying about technology. The New York Times (popular this week) realized we were stuck with the internet for better or worse; Forbes opined on the parallels between the internet and railroads; Salon debunked the idea that the internet makes us lonely; and everyone was trying to have their say about the wireless future. Some people were tackling more immediate, practical questions: does internet sex count as prostitution? Should married couples share an email address? Are online customers less loyal? And, critically, should Jeeves answer questions about sex? Oh, and there was one very notable release this week in 2000: the original version of The Sims. Sixty-Nine & Thirty-Seven Years Ago We've got two milestones in the history of the internet and computing this week. First, on February 15th, 1946, the ENIAC was formally dedicated. It was the world's first general-purpose electronic computer, containing 17,468 vacuum tubes, 7,200 crystal diodes, 1,500 relays, 70,000 resistors, 10,000 capacitors and around 5 million hand-soldered joints according to Wikipedia. Next, just a few decades later, after a snowstorm gave them few options other than cabin fever or feverish engineering, two Chicago men launched CBBS, the world's first bulletin board system on February 16th, 1978. Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
For this week's awesome stuff, we're talking all about monitors, projectors and display technology. Beam My first thought about Beam — a compact projector that plugs into any light socket and is controlled by your smartphone — was that it's a great idea. My second thought was that it can't possibly be bright enough. But, refreshingly, the video and pictures of the device in action don't make any attempt to deceive on this front: the projections are shown to be rather dim, but still visible, which is the best you could expect from 100 lumens. It's limiting, but it doesn't make it useless, and in the right circumstances for the right applications, Beam could be a very cool solution. Displio In a world of rapid device convergence, there's still something very attractive about the idea of dedicated single-purpose units like Displio: a small, configurable wi-fi display that can monitor anything from the weather to an eBay auction. Sure, you could get a smartphone widget or a desktop screensaver to do that job, but would it really feel the same? Some people already do this, at a high cost — I recently visited an office where every conference room was managed by a separate wall-mounted iPad with the sole purpose of scheduling meetings. The Displio looks like it can do that job for $100 a pop. ScreenStick This one's not a display, but a display accessory. The rise of mobile gaming has brought with it a revolutionary wave of innovative game design tailored for touch screens, but it's also brought a slew of games that struggle to force traditional control schemes onto these radically different devices. The most common and frustrating of these is the simulated on-screen joystick, which never feels natural and puts a huge cognitive barrier between the player and total immersion. The ScreenStick is not the first attempt to solve that problem by attaching a true joystick right to your touchscreen, but it is one of the nicest designs and best prices I've seen, perhaps capable of becoming a mainstream accessory among the mobile gamers of the world. Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
We've made the argument for some time that a good modding community and culture is a boon for games and game creators. Far from the dangerous infringement on the original works that some seem to think, a prolific modding community can lengthen the shelf life of a game, improve it for customers of the original work, and even allow the original work to spiral off into unforseen directions, all of which only serve to increase the game's playability, replayability, and fun factor, making it all the more attractive for purchase. (An aside: many people think that modding as an element that can be included in business model considerations is unique to gaming. It isn't. Remixing, after all, is modding in another form, as are fan-edits to movies/television shows, or fan-made creations in existing universes. All of these are modding in a fashion simliar to how it works for gaming, so don't let anyone tell you that gaming is unique this way.) All that being said, it's fun for gaming enthusiasts like myself to watch a decades old game being yanked into modernity through the modding community. An obvious example of this is the original Doom games, still relevant enough to warrant the modding community developing a way for players to take "selfies" in-game. After almost 22 years Doom is finally finished thanks mod-maker Linguica's "InstaDoom", which adds 37 InstaGram filters to the game and swaps out the fabled BFG with a selfie stick. Available as a free download over at Doom World, "InstaDoom" gives players of the classic shooter a chance to take the battle to the next level by applying filters like "Ashby", Lo-Fi" and "Valencia". This, of course, is simply the latest mod coming out for a game that has one of the most insane mod-rosters of any in the history of gaming. The whole modding of the game original took off in no small part because Doom was an incredibly well-made game, but the continued modding of the game by the loyal fan community is what propelled the game far beyond being relevant to gaming, to instead being relevant to culture as a whole. The very idea that a game made over two decades ago, long before smartphones existed and any of us had to put up with the term "selfie," has been dragged into relevance with cultural motifs tossed in for effect by a modding community still going strong shows the power of a passionate fan base. With the success of Doom still on display, and sequels continuing to ride on the early success of a franchise still enjoying relevance in its oldest parts, why would anyone want to kneecap the modding community?Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
We've had a bunch of posts today (and yesterday) about the "Superfish" debacle, with a few of them focusing on Lenovo failing to recognize what a problem it was -- first denying any serious security problem, and then calling it "theoretical." It appears that Lenovo has now realized it totally screwed up and is finally saying so. Speaking to Re/code, CTO Peter Hortensius has changed his tune from the "theoretical" problem he discussed earlier: “We messed up,” CTO Peter Hortensius told Re/code. The company now confirms that the way Superfish operates could leave machines vulnerable to a “man-in-the-middle,” or MITM, attack, in which an attacker mimics both sides of a conversation to actively eavesdrop on each one. [....] The company has an engineering review that made sure the tool itself didn’t store customer information and had a mechanism for users to opt out, but Lenovo missed that the way the software behaved could create a situation that left machines vulnerable to an attack. “We should have known going in that that was the case,” Hortensius said. “We just flat-out missed it on this one, and did not appreciate the problem it was going to create.” He later admits that the company "deserves" to take a beating for missing that. The company has also promised to publicly announce a plan for how it will make sure this sort of thing doesn't happen again. While we called the company out for its initial terrible reaction, at least the company now seems to recognize the problems it caused and is owning up to it. It should have happened faster, but at least it's happening. Hopefully, the company is better off for it. Of course, the same can't be said for Superfish, who insisted yesterday that Lenovo would show that there was no security risk at all, and still seems to be standing by that ridiculously wrong statement.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
The hot sauce that has gotten insanely popular over the past few years is getting into everything. Several fast food chains -- Pizza Hut, Dominoes, Taco Bell, Subway, Jack In The Box, Panda Express, Wendy's -- have added Sriracha to their menu in some way. There's no trademark on Sriracha, so there's no legal friction to using the name/product. Maybe some products aren't using the real sauce, but it's still free advertising for the authentic Sriracha. (And do you really want to risk alienating the rabid fans of Sriracha just to save a few bucks using a knock-off hot sauce?) Rogue Sriracha Hot Stout Beer has a little bit of rooster sauce in it. Spicy beer isn't the only way to get drunk on Sriracha -- there's also Sriracha vodka (but that vodka doesn't actually use real Sriracha sauce). [url] Sriracha-flavored popcorn made with authentic rooster sauce is available. "Every kernel is infused with the most amazing condiment on the planet." [url] Sriracha has been in space -- consumed by astronauts on the International Space Station. Sure, Tabasco is also available in space, but a liquid sphere of Tabasco is probably a bit messier than Sriracha in microgravity. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
Let's play out a little thought experiment. Let's say that a corporation involved in the money business has a logo for themselves. Now, let's say that two separate trademark holders both claim that this company's logo is too similar to their own. However, let's also stipulate in this scenario that the two offended trademark holders, who both claim similarity concerns with the finance company's logo, aren't bothering to file against each other for trademark claims, even though both are intimately knowledgeable of the other. Now, just to really make all this as face-palming-ly silly as possible, let's consider that these are the three logos in question: Well, this isn't a thought experiment, it's actually happening, and it is maddeningly silly. The top left image is a registered logo for the Washington Nationals baseball team, the bottom left is the registered "W" flag the Chicago Cubs fly on the rare occassion they win anything, and the logo on the right is that of Evolution Finance's website, WalletHub, through which users can compare credit card prices and get financial advice. So what's the problem, you ask? Evolution Finance has been locked in a trademark dispute with lawyers representing the Washington Nationals and Chicago Cubs for two years after Major League Baseball, on behalf of the teams, opposed their attempt to trademark the white-and-green logo. The league asserts that the WalletHub logo bears a strong resemblance to Ws trademarked by the two teams, and that granting Evolution Finance rights to use the mark without restrictions could create confusion for customers and complications for both businesses. So many issues here, one struggles to know where to begin. Let's start with the fact that Evolution Finance is as much in the baseball business as it is in the puppy-murdering business, which is to say not at freaking all. "I came here to buy baseball tickets and I ended up transitioning my 401k into a personal Roth IRA on the basis of better returns in the bonds market" is a phrase that is nearly impossible to even have imagined, thus showing the extreme and dangerous power of dumb ass trademark claims. Add to it that half the problem appears to be that a trademark was granted on what barely amounts to more than a letter and we've already got issues with MLB's claims. But to really make this a head-scratcher, I'm trying to figure out why the two teams, who actually are in the same market, are being allowed to make this claim when they haven't bothered to go after each other over their respective marks. I mean, the obvious answer is that the league likely wants the two teams to play nice over the Ws each as trademarked, but that shouldn't make anyone more comfortable with a specious move attacking a company that isn't in their market. “It is common for trademark owners to sometimes overreach in protecting their marks,” said S. Lloyd Smith, an attorney at Buchanan, Ingersoll and Rooney who represents Evolution Finance. “They’re always concerned or cautious that if they don’t enforce their marks they might lose their rights. The real question is why does MLB care?” Smith said. “They don’t own the letter W. There’s lots of other Ws out there. They’re just plainly overreaching in this case.” Overreaching and fanning on a curve ball for strike three, more like it. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
For a couple of years now, Chicago taxi companies have been making all kinds of noise in an attempt to keep Uber and other ridesharing services from disrupting the marketplace. The whole thing has been a fairly transparent case of a jealous legacy player in an industry not loving a disruptive newcomer. That said, there's precious little validity in a claim against a city or competitor that mostly amounts to: "But I really like all that money I was making." Not that such a lack of validity is keeping Chicago's taxi services from waving their arms around in an attempt to get attention. The most recent futile event was a staged mini-strike in Chicago's downtown area (actually, directly below my office), during which cabbies refused to pick up fares and instead drove around the loop honking their horns the entire time. Many cabbies drove through downtown for four hours Tuesday morning, refusing to pick up fares. Dozens of cabs drive in circles around City Hall and the Daley Center for more than an hour, honking their horns to draw attention. Many cabbies had posted protest signs in their windows, accusing Uber of stealing their customers. “It’s good music to my ears,” said cab driver Rocky Mmomo, a steering committee member of the United Taxidrivers Community Council. Mmomo said cabbies want the tax industry deregulated, so it can better compete with Uber and the other ride-sharing companies. A couple items to note here. First, don't be fooled by old Rocky's claim that they just want the cab companies to be deregulated so they can be on a level playing field with Uber drivers. What isn't mentioned here is the obvious problem with that line of thinking: Uber's service and livery services aren't really the same thing, so the same regulations don't apply. A full-time taxi driver employed by a taxi service that pays for the medallion and proper livery license is a far cry from an Uber driver who does a little people-shipping during his or her off hours. They're just not the same thing and pretending they are won't get anyone anywhere. And the city of Chicago, for its part, is licensing Uber based on what it actually is. On Monday, the city agreed to issue a “transportation network provider” license to Uber, after negotiations led to a promise from Uber to provide more stringent safety measures than required by the city’s ride-sharing ordinance. Uber competitors Lyft and Sidecar were granted similar licenses three months ago. Again, as you can see, Uber and ridesharing service providers aren't cab companies. Pretending they are doesn't make any sense. But that's what the legacy cab companies want. And you can tell that's all they want by their arguments for deregulation. “We’ll be sitting at a hotel for two, three hours; and all of a sudden you see three UberX cabs just came and picked up customers while we’re just sitting there. How is that fair? That’s not fair to a cab driver,” cab driver Mustafa Husein said. Forgive me, sir, but who the hell ever promised you fairness when it comes to competing in a changing business marketplace? The very nature of disruptive business models are to be "unfair" to the legacy models so as to build a more efficient product and happier customers. That's the entire point. I'm fairly certain nobody promised cabbies a living, after all. So honk away, guys. I'm sure Uber drivers are happy to pick up those fares you refuse. Permalink | Comments | Email This Story

Read More...