posted 27 days ago on techdirt
Hoping to assuage growing fears that vehicle data won't be abused, nineteen automakers recently got together and agreed to a set of voluntary principles they insist will protect consumer privacy in the new smart car age. Automakers promise that the principles, delivered in a letter to the FTC (pdf), require that they "implement reasonable measures" to protect collected consumer data, both now and as the industry works toward car-to-car communications. The principles "demonstrate the industry's commitment to its customers" and "reflect a major step in protecting consumer information" insists the industry. Should you bother to actually read the principles, the promised revolution in privacy protection quickly become less apparent. While the principles do require that automakers clearly communicate with customers (and by clear they mean "hey, here's some fine print saying we're selling your location data now"), many don't appear to actually do much of anything. Like this particular gem:"Data Minimization, De-Identification & Retention: Participating Members commit to collecting Covered Information only as needed for legitimate business purposes. Participating Members commit to retaining Covered Information no longer than they determine necessary for legitimate business purposes."With "legitimate business purposes" being whatever they see fit, that doesn't mean much. Similarly, the industry's "groundbreaking" promises are also heavily peppered with the ambiguous word "reasonable," which can of course mean whatever they'd like it to mean:"Participating Members commit to implementing reasonable measures to protect Covered Information against unauthorized access or use."Aka, we'll make some kind of ambiguous effort to secure your data. As with most efforts of this type, the goal is to preempt government from crafting new (or enforcing existing) privacy protections as the industry moves into more aggressive ways of monetizing location data. Said promises unsurprisingly aren't easing the worries of both safety and privacy advocates as we move into the vehicle black box age, notes the Associated Press:"Industry officials say they oppose federal legislation to require privacy protections, saying that would be too "prescriptive." But Marc Rotenberg, executive director of the Electronic Privacy Information Center, said legislation is needed to ensure automakers don't back off the principles when they become inconvenient. "You just don't want your car spying on you," he said. "That's the practical consequence of a lot of the new technologies that are being built into cars."With many parts of this technology DRM locked, users won't have much control over or access to their own data (something the EFF is trying to fix with their latest slate of DMCA exemption requests). It's also worth noting this supposed circle of automotive trust was already quite rusted before cars became more intelligent; most car dealerships and garages are paid by Carfax to report vehicle mileage and accident repair, with Carfax in turn being paid for that data by insurance companies. Similarly most of the in-car infotainment systems rely on cellular chipsets from companies like AT&T and Verizon, who quite happily sell any and all location data that isn't nailed down, and consistently experiment with creative new privacy violations (despite very similar promises they'd be on their best behavior). So while it's very sweet that the auto industry is promising to respect your privacy as they push into brave new data snoopvertising and location data tracking territory, like so many self-regulatory promises before it they likely aren't worth the paper they're printed on.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Semiconductors are all around us, everyday. They make our phones and computers work, and sometimes we don't realize they're also in our cars and fancy toasters and refrigerators, etc, etc. It's likely that the majority of the Techdirt audience has taken an electrical engineering class, but if you're not in that group (and you're curious about what a semiconductor does), check out these links on what goes into the chips that run the modern world. If you wanted to know what the basic parts of a processor are, here's an answer from Quora. You'll need to be able to figure out an AND gate, an exclusive OR gate, a flip-flop circuit, a multiplexer, a full adder... and some time to remember any Boolean logic you might have learned once. [url] How does a transistor work, and how does anyone make these things? Anandtech has a not-so-brief introduction to transistors and lithography, explaining a bit how past, present (and future) processors (will) work. [url] Ask most folks to name a chip manufacturer, and they'll name Intel. However, companies that use enormous amounts of computing power are looking for alternatives to X86 chip designs. ARM and OpenPower chip designs can be licensed more freely than X86, so there could be more kinds of chips running our Google searches and Facebook feeds someday. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
There may be some better news on the way for those of us who like free-as-in-FOIA information and an accountable government. Professor and attorney Douglas Cox points out that an amendment to the statutes governing the National Archive may give that agency the power to keep records of public interest from being deleted, destroyed or otherwise hidden. Having passed every step but presidential approval, H.R. 1233 (Presidential and Federal Records Act Amendments of 2014) [pdf link], makes the following small, but important, change to the Archivist's powers and duties. Here's the portion Cox highlights at Document Exploitation: DETERMINATION OF DEFINITION.—The Archivist’s determination whether recorded information, regardless of whether it exists in physical, digital, or electronic form, is a record as defined in subsection (a) shall be binding on all Federal agencies. As Cox explains, this single paragraph allows the Archivist to determine what is or isn't a record -- something that must be retained -- and makes it binding across all federal agencies. If that passes, government agencies will no longer be able to exploit the law to bury embarrassing or incriminating documents. [T]his authority allows the Archivist to close up - or at least tighten up considerably - the horrible loophole in the law that has been manipulated in a long line of cases of government document destruction or alienation. Cox goes on to note that this isn't a theoretical harm. It's something that has happened time and time again over the past several years. [F]rom the State Department's indefensible decision to allow Henry Kissinger to remove (and treat as his personal property) the transcripts of his official telephone calls as the Secretary of State all the way up to the CIA's destruction of the interrogation tapes. This is the same loophole that could legitimately endanger the long-term survival of the CIA's "Panetta Review" and necessitated the actions of the SSCI staff in exfiltrating a copy from the CIA to a Senate vault (as I described at length here - it is not a conspiracy theory), which is further complicated now by fears that new leadership at the SSCI will return the Panetta Review to the exclusive custody of the CIA. The loophole isn't in the "record" language. That's still very broadly defined and (unfortunately) rather malleable. The loophole is which records are "appropriate for preservation," something that has been left up to each agency to determine. And "determine" they did, right up to the point that DC circuit court judges pointed out that government agencies have a "built-in incentive" to destroy records related to "mistakes." Cox notes that while this amendment is promising, it doesn't fix everything -- especially some records-related circular reasoning that has made its way into the definition of "records" with the assistance of the National Archives and Records Association itself. But it is a step forward. To be clear, the Archivist neither has the funding, nor the personnel, nor the appetite to look over the shoulder of every federal employee to micromanage whether each email is, or is not, a record, but this bill, once signed by the President, will give the Archivist an important power that should not be left to rot on the vine. Cox recommends the first action it should take with its new powers (should the President sign it into law) is ensure the Panetta Review is designated a permanent federal record to keep the CIA from performing any extra "editing." Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
On Tuesday evening, Senator Dianne Feinstein had told reporters that the Senate Intelligence Committee and the White House were finally close to an agreement to finalize the release of the declassified executive summary of the CIA torture report. As we've been discussing for months, back in April the Senate Intelligence Committee agreed to declassify the 480-page executive summary of the 6,300-page report (which cost $40 million to put together). As we'd noted, the CIA and White House first offered up redactions that made the whole thing "incomprehensible" according to some in the Senate. The main fight had come down to pseudonyms. The White House and CIA were demanding that pseudonyms be redacted, even though they were already pseudonyms. The concern, from the CIA, was that by identifying which individuals are the same throughout the report, it would provide enough information for people to figure out who some of the people were. However, as Senator Wyden noted, this is both ridiculous and unprecedented, as plenty of previous such reports have used pseudonyms without a problem. Either way, it appears that the Senators finally gave in and agreed to "meeting [the White House/CIA] more than halfway", and the response from the White House was to reject even this compromise. Now even after Senate Democrats agreed to remove some pseudonyms at White House request, the Oval Office is still haggling for more redactions. "The White House is continuing to put up fierce resistance to the release of the report," said one knowledgeable Senate aide. "Ideally, we should be closing ground and finalizing the last stages right now so that we can release the report post-Thanksgiving. But, despite the fact that the committee has drastically reduced the number of pseudonyms in the report, the White House is still resisting and dragging this out." It appears that many people are reasonably wondering if the White House is just trying to drag this out until the Republicans are in charge of the Senate and they can bury the report. Of course, that only increases the chance that Mark Udall reads the report into the record. However, I've seen some suggestions that if this is the real sticking point, he can just leak the pseudonyms... Either way, it looks like this stupid political fight is ongoing...Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
In case you haven't read the news reports, Bill Cosby is having a terrible, no good, very bad few weeks. Ever since Hannibal Buress, a fellow comedian, brought up the fact that Bill Cosby has been accused of sexual assault and rape an incredible number of times, details of the accusations have been making headlines and formerly silent women have come forward with new accusations of their own. The pudding guy, on the other hand, has been remarkably silent on the matter, even as a Netflix special and a scheduled network sitcom are being sidelined as the controversey grows. In the midst of all this, one would think Mr. Cosby would be out there telling his side of the story. He isn't. His lawyers, on the other hand, have been quite active, but most of their work has been in the arena of making sure that nobody's side of the story gets out. In addition to blasting one of his alleged victims, who claimed her publisher nixed part of her book that detailed her allegations against Cosby, that letter to Buzzfeed from Cosby's attorneys makes some barely-veiled threats. Because you can confirm with indpendent sources the falsity of the claim that my client's lawyers allegedly pressured the publisher to kill the story, it would be extremely reckless to rely on anything Ms. Dicknson has to say about Mr. Cosby since the story about the publisher is false...If you proceed with the false Story when you can check the facts with neutral independent sources who will provide you with facts demonstrating that the Story is false and fabricated, you will be acting recklessly and with Constitutional malice. It goes on and on in that fashion. It's worth noting that the neutral third parties the lawyers are insisting Buzzfeed rely upon are the same publishers that allegedly conspired with Cosby's lawyers to pull the rape allegation from the book. So... yeah, not the most independent of choices, I don't think. In any case, attempting to muscle journalists in any situation probably wouldn't reflect well on their client, but doing so when Cosby is remaining completely silent on the matter, beyond the occasional attempt to intimidate journalists himself, really doesn't look good. Add to all of this the always laughable claim at the top of the letter sent to Buzzfeed: CONFIDENTIAL LEGAL NOTICE PUBLICATION OR DISSEMINATION IS PROHIBITED And you can tell that they mean business because they used all caps. Too bad this is a statement equal parts meritless and futile. As Marc Randazza notes, the proper responses to that disclaimer all involve vulgarity. No. Wrong. Jesus Hello Kitty Christ on a Rocket-Powered Toboggan, NO! It is NOT confidential. You CAN disseminate it. Here is why: I JUST FREAKIN’ GAVE THIS LESSON, WILL YOU PEOPLE PAY ATTENTION???? That link he provides is a nice overview of why the confidentiality disclaimer is complete horseshit. In that rundown he highlights the futility of the disclaimer, since it's ultimately reproduced when the recipient goes ahead and publishes the letter anyway. It lets any reader know not only that you're the kind of lawyer who will make a false claim, but also that you don't really want your actions to be known publicly, indicating that there's something underhanded in all of this. Which there is. Several women have now come forward at this point with claims of rape against Bill Cosby. You can choose to believe they're all lying if you like, but attempts to muzzle the press aren't going to get Mr. Huxtable very far, I fear. Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Last week we launched our new Podcast. If you haven't yet subscribed, please do. You'll find all the episodes on Techdirt and on Soundcloud, though the best way is to subscribe via what ever podcatching software you use, so the file will magically show up for you when it's ready. For that, you can subscribe via iTunes or the RSS feed. This week's podcast is actually a little different -- because it just so happened that I was scheduled to be at the pii 2014 Conference -- Privacy Identity and Innovation Conference -- held in Palo Alto, interviewing venture capitalist Brad Burnham (from Union Square Ventures) on stage. So, we took that interview, and turned it into this week's podcast. The official topic of the discussion was "The Paradox of Data Sharing" but it went way beyond that, getting into a discussion on user control over data and whether or not companies would give up that control. Special thanks to Brad Burnham for taking part and also to the team at pii for inviting me, and letting us use the recording for the podcast. I highly recommend their events. They've put on great events for years, and this was another excellent one. Also, I do need to apologize about the sound quality. Something happens about a third of the way into the interview that messed with the sound levels. We've tried to correct for it as much as possible, but because of it there's a lot more of a "hiss" noise than we'd normally like. Hopefully the discussion is interesting enough that it's not too distracting. Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
The AP has a big story out claiming that, back in 2009, a "now-retired" but "senior NSA official" found out about the Section 215 program collecting bulk phone records from the telcos and argued that it went too far and should be stopped: Years before Edward Snowden sparked a public outcry with the disclosure that the National Security Agency had been secretly collecting American telephone records, some NSA executives voiced strong objections to the program, current and former intelligence officials say. The program exceeded the agency's mandate to focus on foreign spying and would do little to stop terror plots, the executives argued. The 2009 dissent, led by a senior NSA official and embraced by others at the agency, prompted the Obama administration to consider, but ultimately abandon, a plan to stop gathering the records. The "former official" apparently found the whole program to be problematic and correctly predicted that if it ever became public it would be a problem: The former official, who spoke only on condition of anonymity because he didn't have permission to discuss a classified matter, said he knows of no evidence the program was used for anything other than its stated purpose — to hunt for terrorism plots in the U.S. But he said he and others made the case that the collection of American records in bulk crossed a line that he and his colleagues had been taught was sacrosanct. He said he also warned of a scandal if it should be disclosed that the NSA was storing records of private calls by Americans — to psychiatrists, lovers and suicide hotlines, among other contacts. The article notes that these concerns did lead the Justice Department, Congress and the White House to take a closer look at the program -- and then choose to keep it going. This contradicts the narrative that some have suggested that the White House didn't fully understand the program in the past because it was preoccupied with other issues. Now it seems clear that not only were officials well aware of the program, they chose not to rein in the program when they had the chance. The article further notes that this official and others within the NSA who were concerned with the program had offered up some suggested changes, not unlike what was actually in the USA Freedom Act that was just rejected. Perhaps more interesting, the article concludes by pointing out that if this change had been put in place, there's a decent chance that Ed Snowden never would have revealed everything else -- because this was the main program that so concerned Snowden, and which has been the centerpiece of most of the discussions since the Snowden revelations.Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
By now it's sadly clear that the nation's satirical news programs do a significantly better job at reporting the news than most of the nation's actual news outlets, despite a fraction of the budget and experience. John Oliver's recent analysis of Miss America scholarship claims, for example, contained more original reporting in a fifteen minute segment than most Apple regurgitation blogs manage to stumble through in an entire year's worth of gadget lust. Not only are satirists now doing a better job unearthing the truth, they're doing a better job explaining complex issues. Case in point: a study earlier this year out of the University of Pennsylvania suggested that Stephen Colbert explained campaign financing more effectively than most beat reporters. Of course a 2012 Pew study suggested many cable news viewers were less informed than those who watched no news at all, suggesting it's not too difficult to beat many modern news outlets at their own game when the standards bar is set ankle height. Satire's continued rise as one of the country's most effective and influential original reporting platforms was again on display courtesy of John Oliver's fantastic net neutrality rant, which not only explained the issue in effective detail, it captured the attention of the dingo-staffed FCC itself (as these recent FOIA-obtained internal FCC memos indicate). It also helped spur the lion's share of the four million net neutrality comments filed with the agency, blurring the line between not only satire and journalism, but consumer advocacy and activism. This month a new study (pdf) out of the University of Delaware once again highlights how viewers of satirical programs are significantly better informed on the subject of net neutrality than those who watch traditional news programs:"The survey also reveals that viewers of satirical shows such as John Oliver's Last Week Tonight and The Colbert Report are far more aware of the issue than consumers of traditional news sources...Opposition to the creation of "fast lanes" is strongest (86%) among those who say they have heard a lot about the proposed rules, but most Americans say they have heard little or nothing about the topic. The University of Delaware research found that only 10% of Americans have heard a lot about how "the U.S. government is considering new rules for ISPs." Another 39% have heard a little, whereas fully half (50%) have heard nothing at all about the topic." Of course a big reason major news outlets aren't adequately informing their viewership on net neutrality is because they're simply not mentioning it. A Pew study from earlier this year studied net neutrality coverage among twenty-three major newspapers and cable news networks, and found most simply didn't discuss the issue this year. That trend continued this month when the President's clear support of Title II rules barely made a dent on major networks like Fox News and CNN, and when it did -- often saw either misleading and inaccurate analysis, or an over-emphasis on inane aspects of the discussion (like what Donald Trump has to say about the issue). Traditionally, folks like Jon Stewart have denied that satire can be journalism, largely because while clinical presentation of facts easily offends the nation's roaming partisan-cheerleader zombie hordes, a humorous presentation of those same facts magically defuses, creating a narrow-minded stupidity firewall through which truth can function (or as my less verbose grandmother used to say, honey makes the medicine go down). In a New York Times article posted over the weekend, Oliver follows Stewart's lead, stating that what his show is doing is not journalism:"So, I asked Mr. Oliver: Is he engaging in a kind of new journalism? He muttered an oath, the kind he can say on HBO for comic emphasis, but we don’t say here, adding, "No!" "We are making jokes about the news and sometimes we need to research things deeply to understand them, but it’s always in service of a joke. If you make jokes about animals, that does not make you a zoologist."While Oliver's presentation of the facts utilizes satire and humor, Oliver's staff has had previous stints at New York Times Magazine and ProPublica, and what they're doing is absolutely and undeniably investigative journalism. Unless of course you're an iron-headed, old guard news industry employee who still believes only Walter Cronkite's talking head has been mystically ordained with the authority to inform the lowly plebeians. In the end though who really cares if you call this flavor of reporting "journalism," "investigative comedy," or "donkey walnuts." The sole purpose of journalism is to accurately inform and deliver the truth. That's something that has been increasingly lost with the rise of tepid, he said, she said news reporting that sacrifices truth for the bland, unoffensive illusion of balance -- in the process helping to make stupidity fashionable and facts negotiable. It really doesn't matter if it's satirists, comedians, or male strippers stepping up and trying to fix the broken news industry -- just as long as somebody, somewhere is trying to.Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
Back in May 2013, we wrote about worrying attempts to create a harmonized system for controlling the sale of seeds in Africa that would increase the power of large suppliers such as Monsanto, at the expense of small farmers. A long and interesting article in Intellectual Property Watch indicates that those efforts are intensifying: The African Regional Intellectual Property Organization (ARIPO), with the help of the United States and an international plant variety organisation, is working to grow regional support for a controversial draft law. The draft protocol would boost protection for new plant varieties, despite concerns of local civil society that it would not be in the best interest of ARIPO members' food security due to its potential impact on small farmers. ARIPO held a regional workshop on the issue in recent weeks in part to build support for a treaty negotiation to lock in these protections. There appears to have been an attempt to censor criticism at that workshop: The event restricted the attendance of civil society, according to the Alliance for Food Sovereignty in Africa (AFSA). At the event, the group confirmed its fears about the impact of the adoption of the protocol on small farmers and food security. ARIPO, meanwhile, said it had not heard particular worries from farmers over time. On its website, the AFSA explains its fears: These national laws will enable the entry of foreign breeders and threaten the rights of small-scale farmers. It also outlines plans to counter this move: AFSA's goal over the next three years in this area will be: to build the capacity of AFSA members to influence regional and national seed legislation and policies towards protection of farmers’ rights in seed sovereignty. This will happen through and with the seed network that already exists. AFSA will help grow this into a continent-wide platform over the next three years. That's a laudable goal, but the worry has to be that many new plant variety protection laws will have been passed by then -- doubtless with a little more help from the US on behalf of its Big Ag companies. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
Listen up, everyone, because I think this is important and I'm very serious about this. The Florida middle school we recently discussed that conducted an unannounced active school shooter drill with armed police bursting into darkened classrooms full of terrified students and teachers has taken action. That action has been suspending the school's principal pending an investigation to be conducted by the school district. "I very much regret that this occurred," Superintendent of Schools Kathryn LeRoy said Tuesday evening during a School Board meeting. LeRoy said Jewett Principal Jacquelyn Moore was suspended Tuesday pending an internal investigation. In the past, the School District has not informed students, parents or staff members in advance about lockdown drills. But LeRoy specified some new rules for the future. Let me be clear: this isn't enough. The issue of irrational overreaction to an exaggerated fear of school shootings runs far deeper than one principal, and her suspension should not be allowed to assuage the outrage and anger this story has generated. This cannot become a sweep-it-under-the-rug story. None of this has occurred in a vaccum, after all. We've seen examples of these kinds of insane drills in the past and we've recently covered stories about potential massive amounts of money going into systems designed for school shooting situations. And, damn it, I cannot repeat this enough: school shootings are incredibly rare, they are not increasing in frequency, and the average child is safer in their school than they are in most other places on Earth. In the face of the actual reality regarding school shootings and our reactions to them, a principal's suspension is not enough. It must only be the start. Because if it isn't, here's what you'll get from people like the aforementioned school Superintendent LeRoy. From now on, she said, officers will not carry weapons during such practice; administrators should send a message to parents at the beginning of the drill and let students know a drill is taking place; and staff members should be on hand at the school entrance and answering phones to let callers know the lockdown is just a drill. What the hell is the matter with you people? I realize that for a politician or government official, or even someone in law enforcement, standing in front of a public whose fear has been stoked by a sensationalist and lazy mass media, telling them all to calm the hell down because they're getting worried over nothing isn't the popular thing to do. It isn't the politically expediant thing to do. But it would be the right thing to do. When that happens, you'll know things are actually getting better, and not before. Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
If you're looking for some good data to put into an infographic, it's not too hard to find statistics on death. Reliable stats of how people died go back quite a ways, too. Sure, it's a bit morbid, but most people don't think about dying until they're close to doing it. So if you're curious, check out a few of these visualizations on how we die. The leading causes of death have changed significantly since 1900, so the flu (or pneumonia) isn't killing off as many Americans as it used to. Instead, heart disease and cancer have replaced the flu/pneumonia and tuberculosis. [url] What are the odds? Dying of heart disease has relatively common 467:1 odds -- compared to dying from cycling (340,845:1) or an asteroid impact (74,817,414:1). [url] Another infographic on how the world died (in the 20th century) shows non-communicable diseases and infectious diseases are obviously really deadly, but so are wars and drugs. It could be difficult to change these stats. Medical technology could wipe out some diseases, but we haven't cured old age.... [url] Is it worth it to try to minimize your risks of dying? If you want to try, remember to focus on the activities that are actually high risk, not the spectacular deaths that don't kill that many people (eg. stepladders vs terrorism). [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
The last time we wrote about Tiger Woods, it was way back in the day when he was best known for putting golf balls in small holes instead of [Ed.: Tim, did you really think we were going to allow this to stay in the post?]. Even back then, however, Woods demonstrated his lack of knowledge concerning the Streisand effect, trying to stifle a story and spotlighting it instead. It seems the lesson has yet to be learned. This go around, Woods has decided to respond to a barely note-worthy piece of obvious satire in Golf Digest by issuing a formal rebuttal to it in The Players' Tribune because... well, I don't know why really. The satire itself is both clearly marked and decidedly vanilla. If you hadn't seen it—and nobody had, because it wasn't yet online—Woods is apoplectic about a fake Q&A by sportswriting legend Dan Jenkins. It is labeled as "fake" on the cover, and in the headline, and in the table of contents, so no one, not even America's dads, could possibly have believed that it was actually Tiger Woods declaring that he fired caddy swing coach Butch Harmon because "Butchie was making me tip too many people." There's no exaggeration here when it comes to how clearly this piece is noting its own satire. The damned title of the piece is: My (Fake) Interview With Tiger*: *Or how it plays out in my mind. The fake Q&A includes such scathing satire as: Q:TV still loves you. Tiger: The print press still loves you. The average fans still love you. Of course the average fans still love the Kardashians, too, but I feel sure America will find a cure for this someday. I just do what Steiny says. Yawn. Anyway, the guy that used to be good at golf decided to issue his own formal and very real rebuttal to the fake Tiger that Dan Jenkins created in his head, leading to the very first ever war of words between a real and fictional version of the same professional sports star. Did you read Dan Jenkins' interview with me in the latest Golf Digest? I hope not. Because it wasn't me. It was some jerk he created to pretend he was talking to me. That's right, Jenkins faked an interview, which fails as parody, and is really more like a grudge-fueled piece of character assassination. Journalistically and ethically, can you sink any lower? I like to think I have a good sense of humor, and that I'm more than willing to laugh at myself. Mmm, no on both counts, I think. In the meantime, Woods' going to battle over this has, you guessed it, put a big old spotlight on the now published article. It's, frankly, all the free advertising the author could ever want. And for what? For satire that's barely funny and would have otherwise gone completely unnoticed? That's called landing in the rough, Tiger. Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
Mario Trujillo, over at The Hill, has highlighted how the incoming House Intelligence Committee boss, Devin Nunes, doesn't believe any surveillance reform is necessary, based largely on an opinion piece he wrote back in July entitled "don't shackle the NSA now." The article is the typical FUD from surveillance state supporters, talking about terror threats and ISIS up front to keep you scared, followed by insults directed at Ed Snowden, and finishing off with a "we need this information to keep us safe" conclusion. Straight out of the classic surveillance state apologists' handbook. The attack on whistleblowing by Snowden is particularly ridiculous: But for the last year, various groups have sought to curtail our intelligence activities based on selectively presented, maliciously leaked documents about anti-terror programs that are widely misunderstood and whose effects have been wildly exaggerated. These programs, which are subject to multiple levels of oversight by all three branches of government, have been crucial in stopping dozens of terror attacks, including plots against the New York Stock Exchange and the New York City subway system. First of all, the groups have actually been looking to protect Americans' Constitutional rights and freedoms. And, the job of the head of the Intelligence Committee is supposed to be to protect those rights -- not to defend the NSA. But Nunes appears to see himself in the mode of his predecessor, Mike Rogers, who always viewed his key job as defending the NSA, rather than overseeing it. Second, the "oversight" claims have all been shown to be exaggerated in the past -- and all three branches of government have also presented evidence of both widespread abuse and that these programs were illegal and/or unconstitutional. Finally, the programs have not been shown to be crucial in stopping terror attacks, and each of the claims made saying that have been largely debunked -- including the bomb plots Nunes names (which were debunked within days of first being claimed). Shouldn't we be concerned that the guy in charge of "oversight" of the NSA is spreading debunked arguments in favor of the NSA spying and unconstitutional privacy violations? Shouldn't that disqualify him from the job?Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
Keeping up with the ongoing Roca Labs saga appears to require full-time effort, as there are a bunch of updates. First up, though, is that Roca Labs has decided to sue blogger Tracy Coenen for the articles she published about Roca Labs. Earlier this month, we wrote about Roca Labs' threats against Tracy Coenen, a fraud investigator, who wrote about Roca Labs on her Fraud Files blog. As in the past, it appears that Roca Labs believes statements that are clearly opinions or hyperbole are somehow defamatory if they reflect negatively on Roca Labs. Before filing the lawsuit, Roca sent a second threat letter with a very brief deadline, complaining that she "publicly mocked" them. Coenen's response was to publish a new blog post explaining why she believes "Roca Labs Must Be Mocked." In the actual lawsuit, Roca also claims that because Coenen sent us Roca's threat letter and we published it, that she was using Roca's letter to "harass and mock" the company. Who knew that merely publishing the threat Roca Labs sent is harassment of Roca Labs? And, of course, mocking Roca Labs is not against the law, no matter how much the company might wish it were so. In the meantime, it appears that Coenen actually did -- at least temporarily -- give in to Roca's demands and removed the blog post in question -- but Roca Labs claimed it was not enough because she "did not retract [her] Defamatory Statements or otherwise comment publically [sic] concerning the defamatory Statements' lack of fact and merit." Further, the lawsuit accuses her of trying to "conceal the truth and cover-up [her] bad acts." So, to keep this straight: Roca Labs sent her threat letters claiming what she wrote was defamatory, and after she removed the post (temporarily), the company is using that as evidence that she's trying to conceal the truth? Really? Good luck with that one. Oh, and also, it appears that Roca's attorney in this case, John DeGirolamo, is still somewhat confused about what defamation per se means. Hopefully, the court will sort it out for him. In the meantime, some other things have been happening in various other Roca Labs court proceedings. Up in New York, where PissedConsumer (Consumer Opinion Corp.) had originally sued Roca Labs for declaratory judgment of non-infringement, Roca Labs had been trying to get out of the case arguing that the jurisdiction is improper. But, as you may recall, Roca also recently sent a questionable DMCA takedown letter to Google, claiming that content on PissedConsumer was infringing (something we find unlikely to be true... but...). However, as PissedConsumers' lawyers in New York note, in filing that takedown, Roca Labs has effectively made itself subject to PissedConsumer's local court's jurisdiction. This is based on a ruling in another nutty case we covered for a while, the effort by Gina Crosley-Corcoran to use the DMCA to silence a critic. In that case, the court noted that, in serving a DMCA takedown notice, the sender "purposefully and voluntarily directed [its] activities toward the forum so that [it] should have expected, by virtue of the benefit [it] received, to be subject to [this] court's jurisdiction based on these contacts." When PissedConsumer's lawyers notified Roca Labs' lawyers of this, Roca Labs stood by its argument that the court has no jurisdiction, but Roca Labs' lawyers didn't seem to understand the significance of this. In response, PissedConsumer is now seeking to go after Roca Labs for DMCA 512(f) penalties, for misrepresentations in filing a DMCA takedown. And, finally, just to complete this trio of stories, we'll also note that, down in the Florida case, PissedConsumer has filed a humdinger of a motion for summary judgment, laying out why Roca Labs has no chance in its case, and why the case should be put to rest quickly. Given everything else going on, we won't go into a more detailed analysis of that motion, other than to suggest you read it, and note that, as we predicted, it relies heavily on Section 230. It's written by Marc Randazza, so it's got that readable style he's become known for.Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
A legal battle between Yahoo and the government over the Protect America Act took place in 2008, but details (forced from the government's Top Secret file folders by FISA Judge Reggie Walton) are only emerging now. A total of 1,500 pages will eventually make their way into the public domain once redactions have been applied. The most recent release is a transcript [pdf link] of oral arguments presented by Yahoo's counsel (Mark Zwillinger) and the US Solicitor General (Gregory Garre). Zwillinger opens up the arguments by questioning the government's methods of determining who should be placed under surveillance. Why I show this to you is because I think it's a perfectly fair question for you to ask the Solicitor General of the United States how a name gets on this list. This isn't reviewed by a -- the FISA Court. These names aren't reviewed by the Attorney General of the United States. The difference between surveilling an account and exposing someone's most private communications and not is how a name gets on this list; and all we know about it from page 47 of their brief, is that an intelligence analyst puts it on the list. From this arbitrary beginning springs a wealth of errors. [REDACTED] of the accounts we have been given do not exist. They aren't accounts at Yahoo. Whether the government is misinformed, or using stale information, we don't know; But the fact that [REDACTED] accounts do not exist raises a serious possibility that some of those accounts have already been recycled and are used by other Yahoo users, or that the information that the government has is just wrong, and the wrong is being placed under surveillance. Zwillinger points out that Yahoo is just one provider and yet has (the number is redacted, but is at least 4 digits with a comma) a large number of accounts under surveillance. He then refers to the multiple errors again, stating that when the government screws up, it's very likely that American citizens will be mistakenly placed under surveillance. The difference between a U.S. person and a non-U.S. person in this context could be a letter or a digit in an email address; and if they have it wrong, the consequences will likely be felt here, because more Yahoo users are from the United States than any other single country. The judges claim minimization procedures eliminate the problem of inadvertent collections, but Zwillinger points out that the surveillance carried out under the Protect America Act actually doesn't contain protections against use of wrongly swept up US persons' communications and data. The government's response begins by denying that US persons' data is retained. "There is no database," says Gregory Garre, before having to admit a few sentences later, that incidental data is retained (and distributed) if there is evidence of other, non-national-security-related criminal activity. Garre then goes on to explain why the government feels it should have warrantless access to US persons' communications, routed through and stored at US servers. He refers to satellite communications -- something in use when FISA was enacted in 1978. Garre says that even though these communications may have been captured by domestic satellite receivers, it's the point of origin that matters. Outside the US? No warrant needed, even for US persons. Likewise for emails stored on Yahoo servers. MR. GARRE: I don't think anybody would argue that the Fourth Amendment would apply to that communication, even though the email communications go to account in Sunnyvale, California. I haven't understood Yahoo to argue that the Fourth Amendment would be implicated by that. And, similarly, the Fourth Amendment isn't -- JUSTICE SELYA: You mean the interception there by you and Yahoo would not implicate the Fourth Amendment? MR. GARRE: That Certainly would be the government's view. Garre also blames the large number of dead accounts in the court orders on Yahoo's refusal to immediately comply, while simultaneously spinning it as the unavoidable collateral damage of "efficient" surveillance. So the fact that accounts have been closed is not significant, and that's particularly true given that the large number of email accounts here is reflected by the fact that Yahoo is in noncompliance for several months. So, if you go back several months, it's not surprising that several accounts have been closed. Garre asserts that if anyone deserves the benefit of a doubt in this situation, it's the US government. He states that the Executive Branch and the intelligence community have a long-standing history of not violating the rights of US citizens -- a statement that wasn't even mostly true prior to the 9/11 attacks, and is almost laughable in the wake of what's been uncovered since then. He also points to Congressional oversight and suggests its legislative powers would have been used to rein in the NSA and others if it had actually seen signs of abuse. In his rebuttal, Zwillinger punches holes in Garre's narrative. You know, the Solicitor General talks about Congress spoke here, but to the extent Congress has spoken, then they turn around and admit they misspoke. And now they have a Senate report that says we failed to provide adequate protections for U.S. persons, and we are going to pass new legislation. They intentionally let the Protect America Act lapse. So to the extent congressional oversight even exists after February 16, 2008, which I'm not sure it does, it provides no check. Congress can't do anything differently. The statute has passed. The directives continue all the way until the expiration date, but the statute doesn't exist any more. It's not Congress's current view of how surveillance should he conducted. But the most surprising assertions made in these oral arguments don't come from the Solicitor General. They come from Judge Morris S. Arnold, who shows something nearing disdain for the privacy of the American public and their Fourth Amendment rights. In the first few pages of the oral arguments, while discussing whether or not secret surveillance actually harms US citizens (or the companies forced to comply with government orders), Arnold pulls a complete Mike Rogers: If this order is enforced and it's secret, how can you be hurt? The people don't know that -- that they're being monitored in some way. How can you be harmed by it? I mean, what's --what's the -- what's your -- what's the damage to your consumer? By the same logic, all sorts of secret surveillance would be OK -- like watching your neighbor's wife undress through the window, or placing a hidden camera in the restroom -- as long as the surveilled party is never made aware of it. If you don't know it's happening, then there's nothing wrong with it. Right? [h/t to Alex Stamos] In the next astounding quote, Arnold makes the case that the Fourth Amendment doesn't stipulate the use of warrants for searches because it's not written right up on top in bold caps… or something. The whole thrust of the development of Fourth Amendment law has sort of emphasized the watchdog function of the judiciary. If you just look at the Fourth Amendment, there's nothing in there that really says that a warrant is usually required. It doesn't say that at all, and the warrant clause is at the bottom end of the Fourth Amendment, and -- but that's the way -- that's the way it has been interpreted. What's standing between US citizens and unconstitutional acts by their government is a very thin wall indeed.Permalink | Comments | Email This Story

Read More...
posted 28 days ago on techdirt
We've talked more than a few times about the telecom industry's favored tactic of paying minority groups to parrot bad telecom policies, even if said policies actually harm these groups' constituents. Whether it's AT&T paying the The Hispanic Institute to support AT&T's failed bid for T-Mobile (a deal that would have raised rates for wireless users) or Comcast paying The United States Hispanic Chamber of Commerce to support their acquisition of Time Warner Cable (a deal that will likely only make bad customer service at both companies worse), by combining these groups with the existing payroll of fauxcademics, consultants, think tankers and other sockpuppets helps create the illusion of broad support for anti-consumer policies. It's a parlor trick that has seen endless implementation in the net neutrality debate. The latest example is the Minority Media and Telecom Council (pdf), which alongside a laundry list of diversity and minority groups (pdf) has been lobbying the FCC with net neutrality talking points that (surely coincidentally) mirror the broadband industry's. Namely, that weaker Section 706 rules are the best path forward (ignoring they do nothing and likely won't survive another legal challenge) and that tougher rules under Title II will kill network investment (which, as we've noted repeatedly, is also bunk). At the front of this disingenuous diversity army appears to be Jesse Jackson, who, the Washington Post states, spent some time recently lobbying the FCC for weaker net neutrality protections. Why? Apparently Jackson believes that carrying the water for lumbering duopolies somehow will magically create jobs:"Jackson "was unequivocal in voicing his opposition to Title II because of its effects on investment in broadband and because of the ultimate impact on minority communities and job creation," said Berin Szoka, another participant in the meeting with Wheeler who has also argued for Section 706."Szoka is the same individual who has repeatedly tried to argue that killing off net neutrality will be a great thing for startups, so if anything, this latest FCC meeting must have at least had great entertainment value. As for the claim that Title II will kill investment (and therefore jobs), this has been debunked time and time and time again. When parts of Verizon's FiOS network were classified under Title II (mostly to net tax breaks for Verizon), you'll be pleased to learn that the sky didn't fall. Meanwhile, after a decade of deregulation companies like AT&T and Verizon have made it clear they're never going to upgrade many poor areas. In fact, they intend to back away from many of the communities they do serve. Shockingly, neither Jackson nor any of the lobbying groups listed in "united" support seem aware of these realities in the slightest:"Civil rights and diversity organizations are largely united in their support for Section 706, Jackson said in an interview Monday. He added that no matter which legal approach the FCC chooses, the agency's net neutrality rules should not end up marginalizing minorities and the poor. "We got a lot of poor folks who don't have broadband," said Jackson. "If you create something where, for the poor, the lane is slower and the cost is more, you can't survive."Of course if you've been playing along at home you know that the entire concept of net neutrality revolves around protecting everyone (including the poor) from the nation's broadband duopoly, and the price hikes and assorted gatekeeper shenanigans been playing with for the better part of a decade. Yet somehow in Jackson's head, protecting the incumbent ISP's right to engage in anti-competitive pricing models will be a good thing for less affluent areas:"Jackson raised substantive concerns Thursday about the ability of low-income Americans and minority communities to afford bandwidth-hogging Internet services, according to someone who attended the FCC meeting and had lunch with Jackson beforehand but who spoke on condition of anonymity because the meeting was private. Internet plans that exempt some applications from consumers' monthly data caps are one way to make data more affordable, and the tactic has become a popular business strategy in developing countries. But the practice also cuts against the principle of "strong" net neutrality because exempting some services from the cap necessarily means giving them special treatment over others. "[Jackson] immediately glommed on to this," said the person. "There are some strands of net neutrality … that are in direct conflict with low-income Americans."Plans that "exempt some applications from consumers monthly data caps" sounds a lot like AT&T's misguided "Sponsored Data" efforts, which involve companies paying AT&T a fee for their content to bypass the company's usage caps. It's an idea that's solely about creating a new revenue stream for AT&T, but has the potential to hurt small companies and non profits that may not be able to pay AT&T's troll toll (how exactly would that help the poor?). And while there are some international examples of cap-exempt services being experimented with in developing nations where infrastructure barely exists (see 0.facebook.com and Google Free Zone), we're talking about the United States. And here in the United States, our friendly neighborhood duopoly giants are looking for any opportunity to jack up what are already some of the highest prices in the developing world. If Jackson and friends really want to help their constituents, these diversity and minority groups could focus on things like fighting state laws that ban communities from improving their own broadband. I'll go out on a limb and guess that these groups' obfuscated financial donors would prefer that doesn't happen. Instead, by supporting the status quo and ensuring we take the weakest path possible on net neutrality, Jackson and friends are fighting against the best interests of the very same people they claim to be supporting.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
Update: And, of course just as this story came out, Nelson's office finally spoke on the issue after dodging requests from multiple reporters all morning. They told Kevin Collier that the vote was not a mistake, despite the rumors and questions (and the fact that he was the only Democrat to vote against cloture. The original post is below. According to Collier, Nelson's office says that he feared the bill would have "undone a provision allowing for retention of certain telephone records that he feels is helpful in preventing future terrorist attacks." That's a funny statement, of course, given that the program in question has yet to be shown to have prevented any terrorist attacks. Ah well... Oh, Florida. As we noted last night, the Senate failed to move the USA Freedom Act forward in a cloture vote. Sixty votes were needed to bring the bill to a real vote, and only 58 made it. Many people focused on the fact that "Republicans blocked the bill" while noting that the vote was mostly along party lines, with just four Republicans voting for it: Senators Mike Lee, Dean Heller, Lisa Murkowski and Mike Lee. A lot of the focus was on Senator Rand Paul, who is vocally opposed to NSA spying, but voted against this bill, saying he didn't think it went far enough (nearly all of the other no votes were because they felt it went too far). Bizarrely, after voting no on cloture, Rand Paul now claims he's sad -- and that "they probably needed my vote." Uh, yeah. However, few have mentioned that there was only one Democrat who went the other way and voted against cloture: Senator Bill Nelson of Florida. Now there are reports from Alvaro Bedoya (a recent Senate staffer) that Nelson actually meant to vote for cloture, but voted no "by mistake." I have a request in with his office to see if this is accurate, but haven't heard back yet. However, that's quite an incredible mistake if true. It's certainly not unheard of for elected officials to accidentally vote the wrong way, but on major issues like this, they're usually pretty careful. And, yes, if Nelson had voted for cloture it would have only brought the vote up to 59, but that just highlights how important Rand Paul's vote was in killing off this attempt at reform. No matter what, can't we at least expect our Senators to vote the way they actually planned to vote?Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
Via James Bessen, we learn of how a patent trolling operation by StreamScale has resulted in an open source project completely shutting down, despite the fact that the patent in question (US Patent 8,683,296 for an "Accelerated erasure coding system and method") is almost certainly ineligible for patent protection as an abstract idea, following the Supreme Court's Alice ruling and plenty of prior art. Erasure codes are used regularly today in cloud computing data storage and are considered to be rather important. Not surprisingly, companies and lawyers are starting to pop out of the woodwork to claim patents on key pieces. I won't pretend to understand the fundamental details of erasure codes, but the link above provides all the details. It goes through the specific claims in the patents, breaking down what they actually say (basically an erasure code on a computer using SIMD instructions), and how that's clearly an abstract idea and thus not patent-eligible. Furthermore, it details the relevant prior art: The most prominent prior art invalidating this patent is the RAID6 (one of the most commonly used Erasure Code) implementation of the linux kernel. In an article dated 2004 (i.e. ten years before the patent was granted to StreamScale) it is described to be optimized as follows : For additional speed improvements, it is desirable to use any integer vector instruction set that happens to be available on the machine, such as MMX or SSE-2 on x86, AltiVec on PowerPC, etc. Where SSE2 is the acronym of Streaming SIMD Extensions 2. The patent cites Anvin aticle’s but only to state the problem and does not acknowledge it also contains the solution. Even so, StreamScale apparently bullied the open source project's creator, Professor James Plank, into removing his repositories and saying he is no longer working on the software project. No lawsuit was filed, but Plank posted a statement that makes it clear he was threatened by StreamScale and agreed to do this to avoid a lawsuit. Apparently, StreamScale also threatened USENIX for merely publishing a paper by Plank detailing the concepts in his software. After a failed attempt to bully USENIX, StreamScale  intimidated (i.e. there was no lawsuit and therefore no ruling) James Plank, a known researcher in the field, also author of widely used Free Software libraries using the same techniques as those described in the linux kernel. James Plank agreed to publish the following on his web site as part of a settlement, presumably in exchange for a promise from StreamScale to not threaten to sue him in the future. On this page I (James Plank) am providing notice that: GF-Complete and Jerasure versions 2.0 and later are no longer supported. StreamScale, Inc. offers a similar solution for commercial purposes. I offer no representations or warranties in general about StreamScale’s products. I have verified that StreamScale’s solution is faster than GF-Complete or Jerasure in at least some respects. StreamScale, Inc. asserts that the use of GF-Complete (particularly as part of Jerasure 2.0 or later) or any similar software, method or code for erasure coding infringes StreamScale’s issued United States Patent No. 8,683,296. I express no opinion on StreamScale’s claims, but I believe that parties should be aware that StreamScale asserts such claims. The repositories on which James Plank published the software implementing the ideas from his research papers ( gf-complete and jerasure ) have been removed the same day, meaning James Plank had to agree to never work on implementing erasure coded software in the future. There is the only marginally complicating factor that Plank, apparently, was a consultant for StreamScale a few years ago -- leading the company to argue that his research, publications and code pulled from information he had learned while working with the company. But, again, these ideas both have clear and known prior art and do not appear to be patentable subject matter. And the end result: less ability to innovate (or even research!) these sorts of things, and some important open source code no longer being supported.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
We're going to have to go over this again: if your drills to prevent school tragedy actually leave school children traumatized, then don't do those damned drills. What began with terrorism drills on school buses and then devolved into unannounced school-shooting drills is getting to be so full-on crazy that I sort of can't believe that anyone thinks any of this is a good idea. The latest story involves police running an unannounced "active shooter drill" at a local middle school while classes were in session. As a part of this insane exercise, police officers went around bursting into classrooms filled with terrified students, weapons out, as they acted out their fun little thespian experience of horror. And, to add insult to injury, school officials notified parents of the drill long after unknowing students were informing their parents that an actual shooting was taking place at the school. According to Fox affiliate WTVT, officials at Jewett Middle Academy e-mailed parents to inform them of the drill, after it took place. By that point, WTVT reports, cellphones were already filling up with texts from frightened students, who thought there was a real shooter in the school. Were the parents supposed to be part of this drill as well? Otherwise, exactly what was the point of sending terrified parents barreling towards the school to see exactly what the hell was going on? You'd think school officials must be issuing one hell of a mea culpa, right? Of course not. Realism is the key, yo. “Unfortunately, no one gets an advanced notice of real life emergencies,” Polk County Public Schools spokesman Jason Gearey said in an e-mailed statement to The Washington Post. “We don’t want students to be scared, but we need them to be safe.” And you can see his point. But why stop at school shootings? If terrifying students is done in the name of preparing them for terrifying, if not in any way likely events, why not prepare them for tragedies much more likely to occur? Why not tell kids every once in a while that their parents are dead, just to get them used to the eventual occurrence? Or, hey, maybe just burst into their rooms while they're sleeping occasionally and scream, "You probably won't be nearly as successful as you think you will!" and then run away, just to get them used to the disappointment of life. I mean, they'll have to face hardship at times, so why not get them ready for that hardship by making them face fake hardship? What's that? You're saying that way of thinking is crazy-pants? As crazy as, say, the police admitting that the officers in this drill were using real firearms with live ammo? Stacy Ray told WTVT that she received a text from her seventh-grade daughter Lauren Marionneaux after two armed officers burst into her classroom.Winter Haven police told The Post that one of the officers had his duty firearm – a handgun – drawn. The gun was loaded, as required. The other officer was carrying an unloaded AR-15. According to Ray, one of her other children texted: “I thought he was going to shoot me.” Get used to it little girl. After all, there's a tiny, basically insignificant and certainly not growing likelihood that you'll have to face this situation for real some day. Totally justifies terrifying our children, right? Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
It is hardly news that China is blocking Web sites -- it's so common these days that it has become almost proverbial. But hitherto, it has done it in a very targeted manner so as to minimize collateral damage that might hamper its citizens' access to other key parts of the Internet. The Greatfire.org blog is reporting that, for the first time, China has started blocking one of the Internet's biggest content delivery networks (CDN) -- EdgeCast -- with major knock-on effects: The Chinese censorship authorities have DNS poisoned *edgecastcdn.net, which means all subdomains of edgecastcdn.net are blocked in China. EdgeCast is one of the largest Content Delivery Networks (CDN) in the world and provides its cloud services to thousands of websites and apps in China. According to the blog post, this is being done specifically to block Greatfire.org's mirrors of sites censored in China, which are hosted in the cloud: We have acknowledged all along that our method of unblocking websites using "collateral freedom" hinges on the gamble that the Chinese authorities will not block access to global CDNs because they understand the value of China being integrated with the global internet. However, we can now reveal publicly that the authorities are doing just that -- attempting to cut China off from the global internet. In other words, if the Greatfire.org analysis is correct, the Chinese authorities have decided that it is more important to block these cloud-based mirrors than it is to maintain access to key sites. The blog post lists Drupal.org, Mozilla's addons.cdn.mozilla.net and Gravatar, which is used by many websites to show images, as among the important Web sites that have been affected. As Greatfire.org points out, this is not a particularly good moment to increase censorship in this way: If the authorities did not anticipate what damage the blocking of EdgeCast would inflict, they have likely been alerted by the many companies that use EdgeCast in China. This action comes at a bad time for the Chinese authorities. This week, they are hosting the World Internet Conference and the blocking of EdgeCast will likely be a hot topic of discussion. That might mean we will see EdgeCast being unblocked during the World Internet Conference, so as to avoid embarrassing questions being asked. But even if that does happen, we can probably expect to see the DNS poisoning to resume as soon as the delegates have packed their bags and left China. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
So, this evening the USA Freedom Act failed to get the 60 votes it needed for cloture to "advance" to a full floor vote. It ended up at 58 to 42. There was a short debate prior to the vote, and the debate was... stupid. Yes, there are some legitimate concerns with the USA Freedom Act, mostly in that it doesn't go far enough. But that's not what the debate was about at all. You had a bunch of bizarrely clueless Senators, many of whom insisted they were against the act because it would take the bulk collection out of the hands of the NSA and put it into the hands of the telcos -- with the claim being that the NSA could keep that data safer. Senators Susan Collins and Saxby Chambliss kept harping on that point. But it's flat out wrong. Because the whole point of this is that the telcos already have this data. The debate is between "telcos have the data" and "telcos and NSA have the data." Arguing that telcos-only is inherently more likely to lead to a privacy violation makes no sense at all. Chambliss went further, repeating (over and over again) that it's okay for the NSA to have this data because only 22 people have access to it. Of course, as Marcy Wheeler points out, that's not true. 22 people can authorize a search based on "reasonable articulable suspicion" but many others can access the results. Furthermore, as Harley Geiger points out, the problem is not even at the point of access, but collection, and there's nothing in the law that says the limit is always 22. Frankly, the whole 22 people debate seems strange to me. Is Chambliss really arguing that it's okay to violate the 4th Amendment if only 22 people can do it? Separately, Senator Dianne Feinstein very reluctantly supported the bill, noting that she's very afraid that if this bill doesn't pass, the whole Section 215 program will go away. Frankly, that actually sounded like a good reason not to support the bill. She also kept insisting that it wasn't being abused because there were only "288" searches last year on that data. First of all, 288 already seems like quite a lot to me, and again we go to Marcy Wheeler for the fact check, where she points out that it's not 288 searches, but rather 288 "selectors," which could be queried multiple times (and those selectors could scoop up lots of data). Hopefully, it turns out that Senator Feinstein's "fears" on this bill were accurate, and that it leads to the end of Section 215 altogether. But, the completely bogus debate over this effort just highlights how ridiculous the idea is that the Senate has any sort of "oversight" over the NSA, or that it has the interests of the Constitution or the public in mind.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
The fight against cancer is a tough one, but new treatments are coming along that might put an end to more forms of it. For example, Google X (aka Google[x]) is working on a way to target cancer cells with nanoparticles and a wearable device. That sounds like pretty far out research, but there are a lot of different approaches to tackling cancer. Here are just a few promising ones. Genetically engineered T cells have been re-programmed to kill off other blood cells that might become cancerous. Patients with deadly leukemia have been treated with these modified T cells, and it looks like a promising treatment which could be modified to work against other cancers. [url] An experimental protein therapy might stop the metastasis of certain cancers and offer an alternative to chemotherapy. Modified proteins have stopped the spread of breast and ovarian cancers in lab mice, but testing has not yet been done in humans. [url] Some "zombie bacteria" (genetically modified anthrax) can be used as a drug delivery system for cancerous cells that are typically difficult to target. Cancer-fighting anthrax is being tested on mice, and this strategy might help expand the number of drugs available to treat recalcitrant tumors. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
As we noted a few weeks ago, Verizon and AT&T recently began utilizing a controversial new snoopvertising method that involves meddling with user traffic to insert a unique identifier traffic header, or X-UIDH. This header is then read by marketing partners to track your behavior around the Internet, which Verizon and AT&T then hope to sell to marketers and other third parties. In addition to the fact they're modifying user traffic, these headers can also be read by third parties -- even if customers opt out from carrier-specific programs. After the practice received heat from security experts and groups like the EFF, AT&T has since announced they're backing away from the practice. AT&T insists that unlike Verizon (who has been using this technology commercially for two years with clients like Twitter), AT&T's implementation was only a trial. That trial is now complete, insists AT&T, and while they may return to the practice -- AT&T promises it will be somehow modified so user information isn't broadcast and opting out actually works:"AT&T says it has stopped its controversial practice of adding a hidden, undeletable tracking number to its mobile customers' Internet activity. "It has been phased off our network," said Emily J. Edmonds, an AT&T spokeswoman....AT&T said it used the tracking numbers as part of a test, which it has now completed. Edmonds said AT&T may still launch a program to sell data collected by its tracking number, but that if and when it does, "customers will be able to opt out of the ad program and not have the numeric code inserted on their device."The EFF confirms that the appearance of the header has indeed declined on AT&T's network. But while AT&T appears to have smelled the looming lawsuit on the wind, Verizon so far has stood tough on their use of the technology. Verizon says that the company's program continues but as with any program, Verizon is "constantly evaluating." Years ago when Verizon was fighting tougher privacy rules, the company proclaimed that "public shame" would keep them honest. This particular privacy abuse took two years for savvy network engineers and security consultants to even spot, and so far there's no indication that two weeks of public scolding have done anything to thwart Verizon's ambitions. Cue the class actions and regulatory wrist slaps.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
We recently noted that it was really good news to see companies like Google and Apple finally taking end user encryption seriously, and it appears that's spreading. The super-popular chat messaging app WhatsApp, which was acquired by Facebook not too long ago, just turned on full end-to-end encryption, powered by Open Whisper Systems, the makers of such great tools as TextSecure, which is the basis for the new encryption: The most recent WhatsApp Android client release includes support for the TextSecure encryption protocol, and billions of encrypted messages are being exchanged daily. The WhatsApp Android client does not yet support encrypted messaging for group chat or media messages, but we’ll be rolling out support for those next, in addition to support for more client platforms. We’ll also be surfacing options for key verification in clients as the protocol integrations are completed. WhatsApp runs on an incredible number of mobile platforms, so full deployment will be an incremental process as we add TextSecure protocol support into each WhatsApp client platform. We have a ways to go until all mobile platforms are fully supported, but we are moving quickly towards a world where all WhatsApp users will get end-to-end encryption by default. It sounds like this project started prior to the Facebook acquisition, so it's great to see it continue to move forward either way. Just recently, the EFF rated various messaging apps for their security (which resulted in some controversy...), and WhatsApp didn't score all that well, while TextSecure got a perfect score. Making messaging more and more secure is incredibly important, so it's great to see it happening here.Permalink | Comments | Email This Story

Read More...
posted 29 days ago on techdirt
As the cloture vote is set to happen tonight on the Senate version of the USA Freedom Act, the hysterics are getting... well, more hysterical. Michael Hayden (former NSA and CIA director) and Michael Mukasey (former Attorney General) have an opinion piece in the Wall Street Journal dubbing the bill "NSA Reform That Only ISIS Could Love," which is kind of hilarious given that current Director of National Intelligence, James Clapper (who usually sings in perfect harmony with Hayden) has come out in support of the bill. While the bill has some problems, it is still a step forward (and yes, I'm aware that not everyone agrees with that). But Hayden/Mukasey make a bunch of statements that are just not at all accurate. It starts off with the usual FUD about ISIS and then questions why Reid would present this bill given that: In that threat environment, one would think that the last thing on the “to do” list of the 113th Congress would be to add to the grim news. Yet Senate Majority Leader Harry Reid has announced that he will bring to the floor the extravagantly misnamed USA Freedom Act, a major new bill exquisitely crafted to hobble the gathering of electronic intelligence. Except that's not true. The bill is not designed to "hobble" electronic intelligence, but to respect at least some of our 4th Amendment rights, and to bar mass collection of the information without limits. Then there's this: For starters, the bill ends the National Security Agency’s bulk collection of what is called telephone metadata. This includes the date, time, duration and telephone numbers for all calls, but not their content or the identity of the caller or called, and is information already held by telephone companies. The bill would substitute a cumbersome and untried process that would require the NSA, when it seeks to check on which telephone numbers have called or been called by a number reasonably associated with terrorist activity, to obtain a warrant from the Foreign Intelligence Surveillance Court, or FISA court, and then scurry to each of the nation’s telephone-service providers to comb through the information that remains in their hands rather than in the NSA’s. First off, they're simply wrong. It doesn't require a warrant, but a FISA court order under Section 215. It just limits how broad those orders can be. The reason it's not a warrant is you can't get such a broad warrant. Second, the "cumbersome and untried process" is neither cumbersome nor untried. It's how lots of investigations work today. When law enforcement needs info, it goes to court, gets a court order, and voila. And does anyone actually believe, in this digital age, that there's any actual "scurrying"? Hell, to make this process easier for the DEA in the past, AT&T was willing to embed employees with the DEA to give them faster access to the database. If anything, these are reasons why the bill doesn't go far enough. The idea that it somehow takes away US intelligence capabilities is ludicrous. Furthermore, it's already been noted that ISIS knows how to evade such surveillance: by not using electronic communications. So this has nothing to do with ISIS at all. At all. Nothing in the bill requires the telephone companies to preserve the metadata for any prescribed period. Current Federal Communications Commission regulations impose an 18-month retention requirement, but administrative regulations are subject to change. It isn’t hard to envision companies that wish to offer subscribers the attraction of rapid destruction of these records, or a complaisant bureaucracy that lets them do it. So we shouldn't pass this bill because at some future date the FCC might possibly allow companies not to keep these records? Really? The bill’s imposition of the warrant requirement on the NSA would be more burdensome than what any assistant U.S. attorney must do to get metadata in a routine criminal case, which is simply to aver that the information is needed in connection with a criminal investigation—period. Again, misleading in the extreme. When the DOJ is seeking metadata in a criminal case, it's seeking specific metadata concerning the crime being investigated. This is about stopping the collection of all phone records. Notice that Hayden and Mukasey never bother to explain this distinction. Because they're being incredibly dishonest. There's much more in there, but nearly all of it is dishonest. It claims that "there is no immediate or emergency need" for the bill, totally leaving out the systematic violation of Americans' 4th Amendment rights and an independent review board finding the program illegal and unconstitutional and a President who asked Congress to end the program. Yet, Hayden and Mukasey insist this program -- which has yet to show a single successful example of being used to prevent terrorism -- has to remain in place? Really? And, of course, Hayden and Mukasey have friends. Incoming Senate Majority Leader Mitch McConnell similarly called out the specter of ISIS, despite the fact it's widely acknowledged that ISIS already knows how to avoid our surveillance efforts (and is focused on the middle east, while the USA Freedom Act is just about domestic phone records inside the US). The USA Freedom Act has its problems, but it also has some important and useful aspects. The claim that it will somehow help ISIS by preventing such bulk data collection is simply ridiculous and untrue.Permalink | Comments | Email This Story

Read More...