From rforno at infowarrior.org Mon Jul 2 12:48:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 13:48:35 -0400 Subject: [Infowarrior] - U.S. Army CID Targets Bradley Manning Support Network Message-ID: U.S. Army CID Targets Bradley Manning Support Network In response to a FOIA request, the United States Army Criminal Investigative Division announced that it was engaged in ?an active investigation ? in progress with an undetermined completion date,? of the Bradley Manning Support Network. As a consequence of this investigation, the Army CID would not release any material responsive to FOIA requests at this time. The US Army CID has invoked (b)(7)(f) to justify, in part, their denial. This means that US Army CID believes that release of these records will risk the physical well-being of individuals involved with the case. With WikiLeaks records being withheld, in part, on (b)(7)(f) exemptions grounds, it seems that Army CID has decided that both WikiLeaks supporters and members of allied organizations are a threat to commit physical violence either against investigators or those who cooperate with the investigations. http://historyanarchy.blogspot.ch/2012/07/us-army-cid-targets-bradley-manning.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 2 12:40:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 13:40:35 -0400 Subject: [Infowarrior] - Charles Carreon Keeps Digging & Digging Message-ID: (This guy makes the RIAA/MPAA lawyers look competent by contrast. --rick) Charles Carreon Keeps Digging & Digging: Inman And IndieGoGo Hit Back from the and-hit-back-hard dept Well, they don't call it the Carreon Effect for nothing. The lawyer who keeps on digging has decided to... keep on digging. Last week he filed an amended complaint pretty quickly after his original complaint -- specifically with the goal of adding California's Attorney General to the case. Why? Well, as we noted in our original post about his lawsuit, Carreon himself donated to Inman's campaign, in what appears to be a ridiculously weak attempt to get "standing" to sue, but he may be realizing that said "standing" is unlikely to hold up in court -- so perhaps he thinks that dragging the AG into the case will actually make the case go somewhere. Of course, it's also worth noting that Carreon finally realized that "incitement to cybervandalism" was a dead end, and dropped that charge. Of course, as with nearly all things Carreon, the weakness of almost everything in the case likely dooms the entire thing (and may leave Carreon wishing he had just decided to do something else). That's because a few days later, Carreon filed for a temporary restraining order trying to get IndieGoGo not to give the money raised to Inman (in order to fulfill his plan of taking a photo with the money before giving it to the two charities in question), but rather demanding that IndieGoGo give the money directly to the charities. Yes, his entire argument is basically that he wants to skip the part where Inman gets to take a photo with the money, which he seems to think would mock him (even though it was always designed to mock Funnyjunk, not Carreon). Thankfully, both IndieGoGo and Inman have hit back on the whole thing pretty hard. IndieGoGo, I'm thrilled to learn, has brought on one of my favorite law firms, Durie Tangri, to represent him, and both Ragesh Tangri and Mark Lemley appear to be helping out. When those two are involved, you know the response is going to be good, and this one does not disappoint (pdf and embedded below). Among other things, they point out that Carreon's request for a temporary restraining order is moot, because the money has already been distributed -- but also that Carreon already knew this and waited to file the TRO: < big snip> http://www.techdirt.com/articles/20120702/03105019548/charles-carreon-keeps-digging-digging-inman-indiegogo-hit-back.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 2 12:40:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 13:40:42 -0400 Subject: [Infowarrior] - UK.gov proposes massive copyright land snatch Message-ID: <273D62FC-BC30-402E-A53F-1DD11CE405E2@infowarrior.org> UK.gov proposes massive copyright land snatch By Andrew Orlowski ? Get more from this author Posted in Music and Media, 2nd July 2012 15:05 GMT http://www.theregister.co.uk/2012/07/02/govt_copyright_white_paper/ Analysis Photographers, illustrators and authors will be amongst those to lose their digital rights under radical new proposals published by the Government today. New legislation is proposed that would effectively introduce a compulsory purchase order, but without compensation, across an unlimited range of creative works, for commercial use. Millions of amateurs who today post their images to Flickr and automatically receive the full protection of the law, would also lose, unless they opted-out. The changes involve orphan works reform - floated as Clause 43 of the Digital Economy Act in 2010 but killed off by photographers - and an Extended Collective Licensing (ECL) program. The white paper follows intense lobbying by the culture sector and large corporate users of copyright works, such as Google, who wish to lower their costs. It would operate roughly like this. A new agency, let's call it 'Bastard Ltd' could apply to become a licensing authority for a given class of work, for example, cartoons or poems. It could then license any work in that class without the rightsholder's permission, for any fee it cares to set, so long as it was "significantly representative of rights holders affected by the scheme". Amazingly, Bastard Ltd would have no obligation to return revenue gained to the rightsholder, if it couldn't find them. The obligation would fall upon the rightsholder to keep the agency updated at all times - the reverse of the law today. The Government calls the proposals 'voluntary', but it's actually anything but: if you don't like it, you too will have to opt out. It's certainly great news for large publishers, and wannabe-publishing empires such as the British Library, and other large corporate interests, but that freedom comes at a price. The fundamental presumption of international copyright agreements is turned upside down by the proposal, and this assures a bumpy ahead for the Government. How so? Copyright is internationally recognised as a basic individual, exclusive property right. Weakening this means the individual loses the ability to protect their work, and destroys markets. So in order to protect the individual, all the major treaties and international agreements (WIPO, TRIPS, the Berne Convention and the EU's copyright directive) have a 'three step test' against which new legislation must be measured. Limitations are only permitted "that do not conflict with the normal exploitation of the work" and "that do not unreasonably prejudice the legitimate interests of the author / right-holder." One might think that the Government can afford world-class legal advice, but as with the rush to Iraq nine years ago, it doesn't seem to want to listen to the advice it's been given. An expert on collective licensing consulted by the IPO told Parliament in May that the proposals were illegal. It's pushing ahead regardless. ?Now somebody has told those very nice people at the IPO that ?This is the answer that has to be provided'. I was left asking myself ? I wonder where that decision comes from?? Hubert Best told the All Party Parliamentary IP Group's enquiry into the IPO in May. The proposals go much further than the EU's copyright directive, in explicitly allowing broad commercial use. "The Government wants to get its own scheme into law before the Directive lands and limits what can be done," one rightsholder told us. So what happens next? The Government wants primary legislation to allow the new copyright regime - and it will want it in a hurry to head off Europe. If legislation succeeds, then a Judicial Review into the way that officials dealt with the legal advice they received - which clearly states the proposals are illegal - can be expected. Given the precedent, ministers and officials feel it's worth the risk. You can find the White Paper on the IPO's Hargreaves pages here, and some good deep background here. ? Bootnote You may be wondering why you haven't heard of such a radical scheme before. And with good reason. When the Hargreaves Review was published in May last year, the ECL was omitted from both the Executive Summary, and the main bullet points in the press release. It was was buried deep in the text. It's left as an exercise for the reader to speculate why. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 2 12:40:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 13:40:25 -0400 Subject: [Infowarrior] - Facebook Email problem WORSE than you think! Message-ID: <997A1C29-3AB8-4F89-BBCB-2844EA017815@infowarrior.org> (c/o ajr) The Facebook Email Fiasco Might Be Worse Than We Thought (Updated) Sam Biddle Remember when Facebook changed all of our default email accounts to their own, unused system, without informing any of us? That was fun! But it looks like the problem could be much wider and more damaging than it first seemed. CNET reports a multitude of user complaints after the big obnoxious switch-over, citing claims that Facebook is "changing their address books while intercepting and losing unknown amounts of e-mail." Some Facebookers are seeing messages (inadvertently) sent to their @facebook accounts vanishing into nothing, while others have noticed every email address in their phone overwritten by Facebook: < - BIG SNIP - > http://gizmodo.com/5922836/is-the-facebook-email-fiasco-worse-than-we-all-thought --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 2 21:45:32 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 22:45:32 -0400 Subject: [Infowarrior] - =?windows-1252?q?OT=3A_The_=91Busy=92_Trap?= Message-ID: <2E308FED-04FE-41CF-831E-9B2410F36783@infowarrior.org> June 30, 2012, 3:15 am The ?Busy? Trap By TIM KREIDER http://opinionator.blogs.nytimes.com/2012/06/30/the-busy-trap/?smid=tw-share&pagewanted=print If you live in America in the 21st century you've probably had to listen to a lot of people tell you how busy they are. It's become the default response when you ask anyone how they're doing: "Busy!" "So busy." "Crazy busy." It is, pretty obviously, a boast disguised as a complaint. And the stock response is a kind of congratulation: "That's a good problem to have," or "Better than the opposite." Notice it isn't generally people pulling back-to-back shifts in the I.C.U. or commuting by bus to three minimum-wage jobs who tell you how busy they are; what those people are is not busy but tired. Exhausted. Dead on their feet. It's almost always people whose lamented busyness is purely self-imposed: work and obligations they've taken on voluntarily, classes and activities they've "encouraged" their kids to participate in. They're busy because of their own ambition or drive or anxiety, because they're addicted to busyness and dread what they might have to face in its absence. Almost everyone I know is busy. They feel anxious and guilty when they aren't either working or doing something to promote their work. They schedule in time with friends the way students with 4.0 G.P.A.'s make sure to sign up for community service because it looks good on their college applications. I recently wrote a friend to ask if he wanted to do something this week, and he answered that he didn't have a lot of time but if something was going on to let him know and maybe he could ditch work for a few hours. I wanted to clarify that my question had not been a preliminary heads-up to some future invitation; this was the invitation. But his busyness was like some vast churning noise through which he was shouting out at me, and I gave up trying to shout back over it. Even children are busy now, scheduled down to the half-hour with classes and extracurricular activities. They come home at the end of the day as tired as grown-ups. I was a member of the latchkey generation and had three hours of totally unstructured, largely unsupervised time every afternoon, time I used to do everything from surfing the World Book Encyclopedia to making animated films to getting together with friends in the woods to chuck dirt clods directly into one another's eyes, all of which provided me with important skills and insights that remain valuable to this day. Those free hours became the model for how I wanted to live the rest of my life. The present hysteria is not a necessary or inevitable condition of life; it's something we've chosen, if only by our acquiescence to it. Not long ago I Skyped with a friend who was driven out of the city by high rent and now has an artist's residency in a small town in the south of France. She described herself as happy and relaxed for the first time in years. She still gets her work done, but it doesn't consume her entire day and brain. She says it feels like college - she has a big circle of friends who all go out to the cafe together every night. She has a boyfriend again. (She once ruefully summarized dating in New York: "Everyone's too busy and everyone thinks they can do better.") What she had mistakenly assumed was her personality - driven, cranky, anxious and sad - turned out to be a deformative effect of her environment. It's not as if any of us wants to live like this, any more than any one person wants to be part of a traffic jam or stadium trampling or the hierarchy of cruelty in high school - it's something we collectively force one another to do. Busyness serves as a kind of existential reassurance, a hedge against emptiness; obviously your life cannot possibly be silly or trivial or meaningless if you are so busy, completely booked, in demand every hour of the day. I once knew a woman who interned at a magazine where she wasn't allowed to take lunch hours out, lest she be urgently needed for some reason. This was an entertainment magazine whose raison d'?tre was obviated when "menu" buttons appeared on remotes, so it's hard to see this pretense of indispensability as anything other than a form of institutional self-delusion. More and more people in this country no longer make or do anything tangible; if your job wasn't performed by a cat or a boa constrictor in a Richard Scarry book I'm not sure I believe it's necessary. I can't help but wonder whether all this histrionic exhaustion isn't a way of covering up the fact that most of what we do doesn't matter. I am not busy. I am the laziest ambitious person I know. Like most writers, I feel like a reprobate who does not deserve to live on any day that I do not write, but I also feel that four or five hours is enough to earn my stay on the planet for one more day. On the best ordinary days of my life, I write in the morning, go for a long bike ride and run errands in the afternoon, and in the evening I see friends, read or watch a movie. This, it seems to me, is a sane and pleasant pace for a day. And if you call me up and ask whether I won't maybe blow off work and check out the new American Wing at the Met or ogle girls in Central Park or just drink chilled pink minty cocktails all day long, I will say, what time? But just in the last few months, I've insidiously started, because of professional obligations, to become busy. For the first time I was able to tell people, with a straight face, that I was "too busy" to do this or that thing they wanted me to do. I could see why people enjoy this complaint; it makes you feel important, sought-after and put-upon. Except that I hate actually being busy. Every morning my in-box was full of e-mails asking me to do things I did not want to do or presenting me with problems that I now had to solve. It got more and more intolerable until finally I fled town to the Undisclosed Location from which I'm writing this. Here I am largely unmolested by obligations. There is no TV. To check e-mail I have to drive to the library. I go a week at a time without seeing anyone I know. I've remembered about buttercups, stink bugs and the stars. I read. And I'm finally getting some real writing done for the first time in months. It's hard to find anything to say about life without immersing yourself in the world, but it's also just about impossible to figure out what it might be, or how best to say it, without getting the hell out of it again. Idleness is not just a vacation, an indulgence or a vice; it is as indispensable to the brain as vitamin D is to the body, and deprived of it we suffer a mental affliction as disfiguring as rickets. The space and quiet that idleness provides is a necessary condition for standing back from life and seeing it whole, for making unexpected connections and waiting for the wild summer lightning strikes of inspiration - it is, paradoxically, necessary to getting any work done. "Idle dreaming is often of the essence of what we do," wrote Thomas Pynchon in his essay on sloth. Archimedes' "Eureka" in the bath, Newton's apple, Jekyll & Hyde and the benzene ring: history is full of stories of inspirations that come in idle moments and dreams. It almost makes you wonder whether loafers, goldbricks and no-accounts aren't responsible for more of the world's great ideas, inventions and masterpieces than the hardworking. "The goal of the future is full unemployment, so we can play. That's why we have to destroy the present politico-economic system." This may sound like the pronouncement of some bong-smoking anarchist, but it was actually Arthur C. Clarke, who found time between scuba diving and pinball games to write "Childhood's End" and think up communications satellites. My old colleague Ted Rall recently wrote a column proposing that we divorce income from work and give each citizen a guaranteed paycheck, which sounds like the kind of lunatic notion that'll be considered a basic human right in about a century, like abolition, universal suffrage and eight-hour workdays. The Puritans turned work into a virtue, evidently forgetting that God invented it as a punishment. Perhaps the world would soon slide to ruin if everyone behaved as I do. But I would suggest that an ideal human life lies somewhere between my own defiant indolence and the rest of the world's endless frenetic hustle. My role is just to be a bad influence, the kid standing outside the classroom window making faces at you at your desk, urging you to just this once make some excuse and get out of there, come outside and play. My own resolute idleness has mostly been a luxury rather than a virtue, but I did make a conscious decision, a long time ago, to choose time over money, since I've always understood that the best investment of my limited time on earth was to spend it with people I love. I suppose it's possible I'll lie on my deathbed regretting that I didn't work harder and say everything I had to say, but I think what I'll really wish is that I could have one more beer with Chris, another long talk with Megan, one last good hard laugh with Boyd. Life is too short to be busy. (Anxiety welcomes submissions at anxiety at nytimes.com.) Tim Kreider is the author of "We Learn Nothing," a collection of essays and cartoons. His cartoon, "The Pain - When Will It End?" has been collected in three books by Fantagraphics. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 2 21:50:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jul 2012 22:50:14 -0400 Subject: [Infowarrior] - Drone hijacked by hackers from Texas college with $1, 000 spoofer Message-ID: Drone hijacked by hackers from Texas college with $1,000 spoofer by Lisa Vaas on July 2, 2012 | Comments (7) Filed Under: Featured, Vulnerability Researchers at the University of Texas at Austin hacked and hijacked a drone in front of the dismayed Department of Homeland Security officials who had dared them $1,000 to do it. According to exclusive coverage of the event from Fox News, the researchers flew the small surveillance drone over the Austin stadium last Monday. The drone followed a series of GPS waypoints programmed into its flight computer in what initially looked like a routine flight. At one point, the drone veered off course from its intended flight path. It banked hard to the right, "streaking" toward the south, before it turned to hurtle at the ground in what looked like imminent drone suicide, according to Fox's description. A safety pilot radioed the drone - which was owned by the university, according to Reuters - and forced it to pull up just a few feet before it would have crashed into the field. The demonstration of the near-disaster, led by Professor Todd Humphreys and his team at the UTA's Radionavigation Laboratory, points to a "gaping hole" in the US's plan to open US airspace to thousands of drones, Fox noted: namely, drones can be turned into weapons, given the right equipment. The researchers managed to hack the drone with a spoofer they put together with about $1,000 worth of parts. The Department of Homeland Security traditionally has been concerned with GPS jammers - the method of interference that some believe Iran used to bring down a US spy drone in December. But others, including an anonymous Iranian engineer quoted by the Christian Science Monitor, say that Iran actually used the same spoofing technique that the Texas researchers demonstrated. Spoofing allows a hacker to take control of a GPS-guided drone and force it to do whatever the attacker commands. < -- > http://nakedsecurity.sophos.com/2012/07/02/drone-hackedwith-1000-spoofer/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 3 07:07:27 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jul 2012 08:07:27 -0400 Subject: [Infowarrior] - Twitter: 5K tweets removed this year over copyright complaints Message-ID: <789AD3CC-8EDE-444E-BF95-305CA86069F5@infowarrior.org> Twitter: 5K tweets removed this year over copyright complaints In a new report, Twitter provides statistics on government and other requests for user data, copyright takedowns, and content removal. < - > Twitter will be releasing the report twice a year. The company also said it is partnering with Herdict, a site developed by the Berkman Center for Internet & Society at Harvard University where people can report Web sites that appear to be blocked or suffering from denial-of-service attacks. < - > http://news.cnet.com/8301-1023_3-57465334-93/twitter-5k-tweets-removed-this-year-over-copyright-complaints/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 3 07:16:45 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jul 2012 08:16:45 -0400 Subject: [Infowarrior] - Carreon: New day, must keep digging! Message-ID: Charles Carreon Tries To Intimidate Parodist With Bizarre List Of Demands Plus DMCA Takedown Threat http://www.techdirt.com/articles/20120702/18282219557/charles-carreon-tries-to-intimidate-parodist-with-bizarre-list-demands-plus-dmca-takedown-threat.shtml This just in: Here's a summary extract from Charles Carreon's Summer 2012 Daily Calendar 6:30AM Wake up. 6:45AM Breakfast 7:00AM Dig 5:00PM Stop Digging. 7:00PM Think about new methods of excavation to use in the future 10:00PM Sleep 6:30AM Wake up. 6:45AM Breakfast 7:00AM Expriment with new digging method 5:00PM Stop Digging 7:00PM Think about new methods of excavation to use in the future 10:00PM Sleep ....lather, rinse, repeat, dig. At this point, Im beginning to wonder if this absolutely brilliant and highly-competent lawyer is just out for his 15 minutes of Internet fame.... --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 3 08:42:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jul 2012 09:42:50 -0400 Subject: [Infowarrior] - =?windows-1252?q?Feds_Look_to_Fight_Leaks_With_?= =?windows-1252?q?=91Fog_of_Disinformation=92?= Message-ID: Feds Look to Fight Leaks With ?Fog of Disinformation? ? By Noah Shachtman ? http://www.wired.com/dangerroom/2012/07/fog-computing/all/ ? July 3, 2012 | ? 6:30 am | ? Categories: Info War Pentagon-funded researchers have come up with a new plan for busting leakers: Spot them by how they search, and then entice the secret-spillers with decoy documents that will give them away. Computer scientists call it it ?Fog Computing? ? a play on today?s cloud computing craze. And in a recent paper for Darpa, the Pentagon?s premiere research arm, researchers say they?ve built ?a prototype for automatically generating and distributing believable misinformation ? and then tracking access and attempted misuse of it. We call this ?disinformation technology.?? Two small problems: Some of the researchers? techniques are barely distinguishable from spammers? tricks. And they could wind up undermining trust among the nation?s secret-keepers, rather than restoring it. The Fog Computing project is part of a broader assault on so-called ?insider threats,? launched by Darpa in 2010 after the WikiLeaks imbroglio. Today, Washington is gripped by another frenzy over leaks ? this time over disclosures about U.S. cyber sabotage and drone warfare programs. But the reactions to these leaks has been schizophrenic, to put it generously. The nation?s top spy says America?s intelligence agencies will be strapping suspected leakers to lie detectors ? even though the polygraph machines are famously flawed. An investigation into who spilled secrets about the Stuxnet cyber weapon and the drone ?kill list? has already ensnared hundreds of officials ? even though the reporters who disclosed the info patrolled the halls of power with the White House?s blessing. That leaves electronic tracking as the best means of shutting leakers down. And while you can be sure that counterintelligence and Justice Department officials are going through the e-mails and phone calls of suspected leakers, such methods have their limitations. Hence the interest in Fog Computing. The first goal of Fog Computing is to bury potentially valuable information in a pile of worthless data, making it harder for a leaker to figure out what to disclose. ?Imagine if some chemist invented some new formula for whatever that was of great value, growing hair, and they then placed the true [formula] in the midst of a hundred bogus ones,? explains Salvatore Stolfo, the Columbia University computer science professor who coined the Fog Computing term. ?Then anybody who steals the set of documents would have to test each formula to see which one actually works. It raises the bar against the adversary. They may not really get what they?re trying to steal.? The next step: Track those decoy docs as they cross the firewall. For that, Stolfo and his colleagues embed documents with covert beacons called ?web bugs,? which can monitor users? activities without their knowledge. They?re popular with online ad networks. ?When rendered as HTML, a web bug triggers a server update which allows the sender to note when and where the web bug was viewed,? the researchers write. ?Typically they will be embedded in the HTML portion of an email message as a non-visible white on white image, but they have also been demonstrated in other forms such as Microsoft Word, Excel, and PowerPoint documents.? ?Unfortunately, they have been most closely associated with unscrupulous operators, such as spammers, virus writers, and spyware authors who have used them to violate users privacy,? the researchers admit. ?Our work leverages the same ideas, but extends them to other document classes and is more sophisticated in the methods used to draw attention. In addition, our targets are insiders who should have no expectation of privacy on a system they violate.? Steven Aftergood, who studies classification policies for the Federation of American Scientists, wonders whether the whole approach isn?t a little off base, given Washington?s funhouse system for determining what should be secret. In June, for example, the National Security Agency refused to disclose how many Americans it had wiretapped without a warrant. The reason? It would violate Americans? privacy to say so. ?If only researchers devoted as much ingenuity to combating spurious secrecy and needless classification. Shrinking the universe of secret information would be a better way to simplify the task of securing the remainder,? Aftergood tells Danger Room in an e-mail. ?The Darpa approach seems to be based on an assumption that whatever is classified is properly classified and that leaks may occur randomly throughout the system. But neither of those assumptions is likely to be true.? Stolfo, for his part, insists that he?s merely doing ?basic research,? and nothing Pentagon-specific. What Darpa, the Office of Naval Research, and other military technology organizations do with the decoy work is ?not my area of expertise,? he adds. However, Stolfo has set up a firm, Allure Security Technology Inc., ?to create industrial strength software a company can actually use,? as he puts it. That software should be ready to implement by the end of the year. It will include more than bugged documents. Stolfo and his colleagues have also been working on what they call a ?misbehavior detection? system. It includes some standard network security tools, like an intrusion detection system that watches out for unauthorized exfiltration of data. And it has some rather non-standard components ? like an alert if a person searches his computer for something surprising. ?Each user searches their own file system in a unique manner. They may use only a few specific system functions to find what they are looking for. Furthermore, it is unlikely a masquerader will have full knowledge of the victim user?s file system and hence may search wider and deeper and in a less targeted manner than would the victim user. Hence, we believe search behavior is a viable indicator for detecting malicious intentions,? Stolfo and his colleagues write. In their initial experiments, the researchers claim, they were about to ?model all search actions of a user? in a mere 10 seconds. They then gave 14 students unlimited access to the same file system for 15 minutes each. The students were told to comb the machine for anything that might be used to financial gain. The researchers say they caught all 14 searchers. ?We can detect all masquerader activity with 100 percent accuracy, with a false positive rate of 0.1 percent.? Grad students may be a little easier to model than national security professionals, who have to radically alter their search patterns in the wake of major events. Consider the elevated interest in al-Qaida after 9/11, or the desire to know more about WikiLeaks after Bradley Manning allegedly disclosed hundreds of thousands of documents to the group. Other Darpa-backed attempts to find a signature for squirrely behavior are either just getting underway, or haven?t fared particularly well. In December, the agency recently handed out $9 million to a Georgia Tech-led consortium with the goal of mining 250 million e-mails, IMs and file transfers a day for potential leakers. The following month, a Pentagon-funded research paper (.pdf) noted the promise of ?keystroke dynamics ? technology to distinguish people based on their typing rhythms ? [which] could revolutionize insider-threat detection. ? Well, in theory. In practice, such systems? ?error rates vary from 0 percent to 63 percent, depending on the user. Impostors triple their chance of evading detection if they touch type.? For more reliable results, Stolfo aims to marry his misbehavior-modeling with the decoy documents and with other so-called ?enticing information.? Stolfo and his colleagues also use ?honeytokens? ? small strings of tempting information, like online bank accounts or server passwords ? as bait. They?ll get a one-time credit card number, link it to a PayPal account, and see if any charges are mysteriously rung up. They?ll generate a Gmail account, and see who starts spamming. Most intriguingly, perhaps, is Stolfo?s suggestion in a separate paper (.pdf) to fill up social networks with decoy accounts ? and inject poisonous information into people?s otherwise benign social network profiles. ?Think of advanced privacy settings [in sites like Facebook] where I choose to include my real data to my closest friends [but] everybody else gets access to a different profile with information that is bogus. And I would be alerted when bad guys try to get that info about me,? Stolfo tells Danger Room. ?This is a way to create fog so that now you no longer know the truth abut a person through this artificial avatars or artificial profiles.? So sure, Fog Computing could eventually become a way to keep those Facebooked pictures of your cat free from prying eyes. If you?re in the U.S. government, on the other hand, the system could be a method for hiding the truth about something far more substantive. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 3 15:48:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jul 2012 16:48:18 -0400 Subject: [Infowarrior] - US proposes new copyright provision in major international treaty Message-ID: <1EA43753-B2E5-4E2F-9D5E-4B16A5D2131A@infowarrior.org> US proposes new copyright provision in major international treaty Observers of Trans-Pacific Partnership express cautious optimism at the move. by Cyrus Farivar - July 3 2012, 4:30pm EDT http://arstechnica.com/tech-policy/2012/07/us-proposes-new-copyright-provision-in-major-international-treaty/ The United States Trade Representative (URTR) has proposed a new copyright provision that would address some intellectual property concerns found in the Trans-Pacific Partnership, a massive trade agreement currently being negotiated amongst nine Pacific Rim countries in San Diego this week. Canada was recently extended an invitation, but its formal membership has yet to be approved by the existing nine countries, including the United States. In a statement emailed to reporters on Tuesday, the USTR appears to be addressing exceptions to copyright restrictions, which had not been included in a TPP draft leaked a year ago. "For the first time in any US trade agreement, the United States is proposing a new provision, consistent with the internationally recognized ?3-step test,? that will obligate Parties to seek to achieve an appropriate balance in their copyright systems in providing copyright exceptions and limitations for purposes such as criticism, comment, news reporting, teaching, scholarship, and research," wrote Carol Guthrie, the spokesperson for the USTR, in an e-mail sent to Ars. "These principles are critical aspects of the US copyright system, and appear in both our law and jurisprudence. The balance sought by the US TPP proposal recognizes and promotes respect for the important interests of individuals, businesses, and institutions who rely on appropriate exceptions and limitations in the TPP region.? Historically, major intellectual property holders, such as the RIAA and MPAA?who both support the TPP?have called for stronger international copyright protection. Skeptical optimism That three-step test, which was established in international law in 1967, generally allows for exceptions to copyright restrictions that do not "conflict with a normal exploitation of the work and does not unreasonably prejudice the legitimate interests of the author." American IP law is, of course, imperfect. However, it does attempt to maintain a balance between strong enforcement mechanisms while also allowing for robust fair use and the public domain. But in IP treaties, all that tends to get exported from the American model are the restrictions, rather than the exemptions. As such, TPP watchers have cautiously applauded the move. "Recognizing the limitations and exceptions is generally a very positive development," said Rashmi Rangnath, a staff attorney at Public Knowledge, but she said that her and others' concerns would "depend on [the proposal?s] wording." Jonathan Band, a Washington, DC-based intellectual property attorney, concurred. "This is a very positive development," he wrote to Ars in an e-mail on Tuesday. "This is the first time that the US has sought language of this sort in an international agreement. From the blog one can't discern the precise language, which of course makes a big difference in how effective it will be on the ground. Nonetheless, this appears to be a big step in the right direction. Hopefully it will be well received by the other negotiating partners, and perhaps they will make it even stronger." The specific language here, like the entire treaty itself, has yet to be made officially public. Devil remains in the details Fundamentally, interested parties have generally criticized the TPP?s secrecy, as no official draft has ever been made public. The "intellectual property chapter" of the TPP was leaked last year, but no one is sure if the current draft being discussed matches it or not. Last week, a San Diego County congressman asked to sit in on this week?s round of negotiations?a move that has been thus far ignored. A separate letter from 130 congressional Democrats illustrates political anxiety that many politicians have with such opaque free-trade agreements, despite the fact that, as Reuters points out, "Congress last year overwhelmingly approved three such pacts?with South Korea, Colombia and Panama." But beyond the secrecy of the treaty itself, experts have honed in on several problematic aspects to the leaked draft. Among the most important are a lack of definition of fair use and public domain rights, extension of copyright to "life plus 70" (putting it in line with American law), treating temporary copies (such as in a cache or a video buffer on streaming sites) as copyrightable, and a ban on the circumvention of digital locks, among others. Earlier this year, the Electronic Frontier Foundation called it "ACTA-plus," referring to the oft-protested proposed copyright treaty that seems to be on its deathbed. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 3 21:09:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jul 2012 22:09:30 -0400 Subject: [Infowarrior] - Carreon Drops Bogus Lawsuit Against The Oatmeal Creator Message-ID: <0B6E6FEF-CA0D-487B-B74B-BA9A9CF41C25@infowarrior.org> Wow?.he stopped digging? -- rick July 3, 2012 Charles Carreon Drops Bogus Lawsuit Against The Oatmeal Creator Suit Was Blatant Retaliation Against a Public Critic https://www.eff.org/press/releases/charles-carreon-drops-bogus-lawsuit-against-oatmeal-creator San Francisco - Attorney Charles Carreon dropped his bizarre lawsuit against The Oatmeal creator Matthew Inman today, ending his strange legal campaign against Inman's humorous and creative public criticism of a frivolous cease and desist letter that Carreon wrote on behalf of his client Funny Junk. The Electronic Frontier Foundation (EFF) and co-counsel Venkat Balasubramani represented Inman in the case. While Carreon's lawsuit was purportedly about whether Inman's online fundraising campaign for the American Cancer Society and the National Wildlife Federation complies with California regulations, it was really a classic SLAPP ? a strategic lawsuit against public participation. "Matthew Inman spoke out against Carreon's threat of a frivolous lawsuit, in a very popular and very public way," said EFF Senior Staff Attorney Kurt Opsahl. "This was nothing more than a meritless attempt to punish Inman for calling attention to his legal bullying. We called him out on this in our briefs, so it's no surprise that Carreon was left with no choice but to dismiss." The extraordinarily public dispute between Inman and Carreon started in 2011, when Inman published a blog post condemning the website FunnyJunk for posting hundreds of his comics without crediting or linking back to The Oatmeal. A year later, Carreon ? the attorney for FunnyJunk ? served Inman with a letter claiming the post was defamatory and demanding The Oatmeal pay $20,000 and agree to never speak the words Funny Junk again. Inman publicly annotated the cease and desist letter with a scathing critique of its facts and logic and posted it on The Oatmeal. Furthermore, instead of paying Carreon's baseless demand for $20,000, Inman decided instead to start a fundraising campaign called Operation BearLove Good, Cancer Bad through the Indiegogo fundraising platform to benefit the American Cancer Society and the National Wildlife Federation. The fundraiser's goal was $20,000, to match Carreon's demand, but the final total was over $200,000. "Inman sparked a flood of charity donations, and yet Carreon still tried to punish him for making fun of his baseless legal threats by dragging him through the court system," said EFF Intellectual Property Director Corynne McSherry. "We're very pleased that Carreon has seen that his lawsuit had no merit, and hope that this is the end of his abuse of the legal system." For the notice of voluntary dismissal: https://www.eff.org/node/71150 For more on this case: https://www.eff.org/cases/carreon-v-inman Contacts: Kurt Opsahl Senior Staff Attorney Electronic Frontier Foundation kurt at eff.org Corynne McSherry Intellectual Property Director Electronic Frontier Foundation corynne at eff.org --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 4 07:14:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 08:14:36 -0400 Subject: [Infowarrior] - European Parliament rejects ACTA in 478 to 39 vote. Message-ID: <1609C94F-D166-4369-A976-E718AC9FEC47@infowarrior.org> European Parliament rejects ACTA in 478 to 39 vote Ben Kersey, Jul 4th 2012 Discuss [0] http://www.slashgear.com/european-parliament-rejects-acta-in-478-to-39-vote-04237034/ ACTA, the controversial anti-counterfeiting trade agreement, has been rejected by the European Parliament by a staggering majority. The law was smacked down by a 478 to 39 vote, and has now been completely killed in Europe. Internet activists rallied against ACTA when it was seen to be a legislative act that was far too broad, with criminal sanctions also found in the trade agreement. While ACTA has been killed in Europe, it could still come to the United States. Still, it would need congressional approval, something which is unlikely to pass given the furore surrounding the act in Europe. Meanwhile, Karel de Gucht, the European Commission responsible for ACTA, says that he keep submitting it before the European Parliament until it passes, but TorrentFreak believes that?s something the body won?t stand for. ACTA first came into existence in October 2011 following on from SOPA, another controversial anti-piracy bill. While ACTA was presented as a trade agreement designed to combat counterfeit goods, it blurred the lines between piracy and counterfeiting, as well as working in criminal charges for those who fell foul of the law. Anti-ACTA advocates believed that criminal charges for copyright infringement were unnecessary when civil sanctions are already in place, and that the bill would restrict governments from creating their own copyright law if swayed by trade agreements. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 4 07:00:27 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 08:00:27 -0400 Subject: [Infowarrior] - ACTA Is DEAD After European Parliament Vote Message-ID: <9E2E098E-431D-4F17-9668-A42766ACC305@infowarrior.org> ACTA Is DEAD After European Parliament Vote ? Rick Falkvinge ? July 4, 2012 http://torrentfreak.com/acta-is-dead-after-european-parliament-vote-120704/ Today at 12:56 CET, the European Parliament decided whether ACTA would be ultimately rejected or whether it would drag on into uncertainty. In a 478 to 39 vote, the Parliament decided to reject ACTA once and for all. This means that the deceptive treaty is now dead globally. This is a day of celebration. This is the day when citizens of Europe and the world won over unelected bureaucrats who were being wooed and lobbied by the richest corporations of the planet. The battleground wasn?t some administrative office, but the representatives of the people ? the European Parliament ? which decided in the end to do its job beautifully, and represent the people against special interests. The road to today?s victory was hard and by no means certain. 478 against, 39 in favor and 165 abstentions What lead us here? Six months ago, the situation looked very dark. It was all but certain that ACTA would pass unnoticed in silence. The forces fighting for citizens? rights tried to have it referred to the European Court of Justice in order to test its legality and to buy some time. But then, something happened. A monster by the name of SOPA appeared in the United States. Thousands of websites went dark on January 18 and millions of voices cried out, leaving Congress shell-shocked over the fact that citizens can get that level of pissed off at corporate special interests. SOPA was killed. In the wake of this, as citizens realized that they don?t need to take that kind of corporate abuse lying down and asking for more, the community floodlights centered on ACTA. The activism carried over beautifully to defeat this monster. Early February, there were rallies all over Europe, leaving the European Parliament equally shell-shocked. The party groups turned on a cent and declared their opposition to ACTA in solidarity with the citizen rallies all over the continent, after having realized what a piece of shameless mail-order legislation it really was, to the horrors of the corporate shills who thought this was a done deal. Those shills tried, tried hard, tried right up until today, to postpone the vote on ACTA past the attention of the public and the activists. Alas, they don?t understand the net. And there?s one key thing right there: the net doesn?t forget. But the key takeaway here is that it was us, the activists, that made this happen. Everyone in the European Parliament are taking turns to praise all the activists across Europe and the world for drawing their attention to what utter garbage this really was, not some run-of-the-mill rubberstamp paper, but actually a really dangerous piece of proposed legislation. Everybody thanks the activists for that. Yes, that?s you. You should lean back, smile, and pat yourself on the back here. Each and every one of us has every reason to feel proud today. What comes next? In theory, ACTA could still come into force between the United States and a number of smaller states. Ten states have been negotiating it, and six of those need to ratify it to have it come into force. In theory, this could become a treaty between the United States, Morocco, Mexico, New Zealand, Australia, and Switzerland. (But wait, the Mexican Senate has already rejected ACTA. As has Australia and Switzerland in practice. Oh well? a treaty between the United States and Morocco, then, in the unlikely event that the United States will actually and formally ratify it. You can see where this is going.) As described before on TorrentFreak, without the support of the European Union, ACTA is dead. Doesn?t exist. The European Commissioner responsible for the treaty, Karel de Gucht, has said that he will ignore any rejections and re-table it before the European Parliament until it passes. That?s not going to happen. Parliament takes its dignity very seriously and does not tolerate that kind of contempt, fortunately. This is something relatively new in the history of the European Union?s democracy ? the first time I saw Parliament stand up for its dignity was during the Telecoms Package, where the Commission also tried to ram through three-strikes provisions. (Instead, Parliament made ?three strikes? schemes illegal in the entire European Union.) That said, many of the bad things in ACTA will return under other names. For the lobbyists, this is a nine-to-five job of jabbing against the legislation until it gives way. Just another day at work. We need to remain vigilant against special interests who will return again, again, and again, until we make sure that the legislative road for them is completely blocked. We must remain watchful. But not today. Today, we celebrate a job extraordinarily well done. Today, on July 4, Europe celebrates a day of independence from American special interests. Today, we stood up for our most basic rights against corporate giants, and won. Congratulations to all of us, and thanks to all brothers and sisters on the barricades across the world who made this happen. From rforno at infowarrior.org Wed Jul 4 06:52:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 07:52:17 -0400 Subject: [Infowarrior] - European Parliament rejects ACTA in 478 to 39 vote Message-ID: European Parliament rejects ACTA in 478 to 39 vote Ben Kersey, Jul 4th 2012 Discuss [0] http://www.slashgear.com/european-parliament-rejects-acta-in-478-to-39-vote-04237034/ ACTA, the controversial anti-counterfeiting trade agreement, has been rejected by the European Parliament by a staggering majority. The law was smacked down by a 478 to 39 vote, and has now been completely killed in Europe. Internet activists rallied against ACTA when it was seen to be a legislative act that was far too broad, with criminal sanctions also found in the trade agreement. While ACTA has been killed in Europe, it could still come to the United States. Still, it would need congressional approval, something which is unlikely to pass given the furore surrounding the act in Europe. Meanwhile, Karel de Gucht, the European Commission responsible for ACTA, says that he keep submitting it before the European Parliament until it passes, but TorrentFreak believes that?s something the body won?t stand for. ACTA first came into existence in October 2011 following on from SOPA, another controversial anti-piracy bill. While ACTA was presented as a trade agreement designed to combat counterfeit goods, it blurred the lines between piracy and counterfeiting, as well as working in criminal charges for those who fell foul of the law. Anti-ACTA advocates believed that criminal charges for copyright infringement were unnecessary when civil sanctions are already in place, and that the bill would restrict governments from creating their own copyright law if swayed by trade agreements. From rforno at infowarrior.org Wed Jul 4 09:11:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 10:11:42 -0400 Subject: [Infowarrior] - ACLU-NJ Launches Smartphone App That Lets Users Secretly Record Police Stops Message-ID: <8A952161-ED86-42AF-90F2-4E02E23EF369@infowarrior.org> ACLU-NJ Launches Smartphone App That Lets Users Secretly Record Police Stops http://newyork.cbslocal.com/2012/07/03/aclu-nj-launches-smartphone-app-that-lets-users-secretly-record-police-stops/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 4 09:21:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 10:21:06 -0400 Subject: [Infowarrior] - Fans Howl After Weather Site Buys Out Rival Message-ID: Fans Howl After Weather Site Buys Out Rival By JOHN SCHWARTZ and BRIAN STELTER Published: July 3, 2012 http://www.nytimes.com/2012/07/04/us/as-weather-channel-buys-weather-underground-fans-fear-change.html?_r=1&hpw It?s stormy out there. The announcement on Monday that the Weather Channel Companies, owners of television?s Weather Channel and weather.com, would buy one of its rivals, Weather Underground, set off howls of displeasure on social media platforms and around water coolers across the nation. The purchase price was not disclosed. In the eyes of Weather Underground?s ardent fans, the Weather Channel appears to represent the wrong kind of weather information: personality-driven sunniness and hype, they say, rather than the pure science of data. As Mike Tucker, a computer professional in New Hampshire, put it on Facebook, reacting to news of the deal: ?Nooooooooooooooooo! Waaaaaaaaaaaaaaaaaaah!? The controversy illustrates the deep national divide between those people who just want to know if it?s going to rain, and people who really, really, care about the data underlying the weather. Christopher Maxwell, a manager at a solar energy company in Richmond, Va., is in the really-really-cares-about-the-weather camp. He said he saw the Weather Channel deal as a sad sellout for Weather Underground. ?It seems to happen all the time,? he said. ?Something great gets invented and sold in the United States, and it gets bought up and destroyed.? Weather Underground was founded in 1995 in Ann Arbor, where it grew out of the University of Michigan?s online weather database. The name was a winking reference to the radical group that also had its roots in Ann Arbor. Mr. Maxwell said he appreciated Weather Underground?s fanatical devotion to data, and how it drew information from so many thousands of weather stations run by users that he is able to determine ?microclimates? of variation that can prove important in getting the most out of a new solar installation. In other words, as he put it on Facebook, ?I liked that Wunderground was indy and for weather geeks and not so much ?normies.? ? For Mr. Tucker, the ?Nooooooooooooooooo!? response was a reaction to what he sees as the Weather Channel?s penchant for the commercialization of weather. In a telephone interview, he said: ?I?m looking at the site right now, and it?s laden with ads, and promotional things for their shows. I don?t really care about all that stuff. I only care what the weather is.? Mr. Tucker called the Weather Underground site ?simple and somewhat elegant? by comparison. Paul Baginski, a visiting assistant professor of mathematics at Smith College, said that when he assigned his students to run their hometown temperature data through a series of calculus functions, he pointed them toward Weather Underground instead of Weather.com because it was so much easier to track down historical data on the independent site. ?It seemed with every update to their Web site, weather.com added another obstacle? with advertisements and extra tabs and clicks, he said. Weather Underground?s devotion to weather data has brought the site about 10 million unique visitors a month, according to the measurement firm ComScore, and has helped it to remain an independent company for the better part of two decades. A similar site, WeatherBug, draws 21 million visitors a month. (WeatherBug is owned by Earth Networks.) Both sites, however, are dwarfed by Weather.com and the other properties owned by the Weather Channel, which is owned by a consortium that includes Comcast, Bain Capital and the Blackstone Group. The Weather Channel sites draw almost 50 million visitors a month. But only half of Weather Underground?s users also use Weather.com in a given month, which might be considered a silent protest of sorts. Every so often one of the bosses of the Weather Channel had tried to buy Weather Underground, company officials said, and every so often the site politely declined. But this time was different. ?In the past three years, we?ve gotten our act together and become a mature company,? Weather Underground?s president, Alan Steremberg, said in a telephone interview. ?We?ve had amazing growth.? Now, he said, it was time to get help from a bigger company. Which very well may be. But why would the Weather Channel want to acquire a site loved by people who hate the Weather Channel? When a reporter asked this very question on Monday, the newly acquired Mr. Steremberg, on a conference call interview with David Kenny, the chairman and chief executive of the Weather Channel Companies, tried to be a good corporate citizen. In what might best be described as aspirational thinking, he began to say, ?I don?t know if anyone hates the Weather Channel.? Mr. Kenny brightly contradicted him. ?Oh, they do!? he said. Mr. Kenny explained that he and his colleagues had been reading the angry online reactions to the acquisition. But, he added, ?I think that once they see that we?re only investing in the product, not changing it or dumbing it down or altering it in some way, then I think that will go away.? Mr. Steremberg insisted, ?This will be a better change, a good change.? Weather Underground will have more money to build weather models and to invest in Web design improvements. It will stay online as its own brand, he said, one that will be complementary to the Weather Channel?s. A small but vocal minority of people, he said glumly, are ?resistant to change in general.? They should know, he said, that ?change is inevitable.? If nothing else, the weather teaches us that much. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 4 14:41:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 15:41:25 -0400 Subject: [Infowarrior] - more on ... ACLU-NJ Launches Smartphone App That Lets Users Secretly Record Police Stops References: <9DC7E257-B584-4FBA-A42B-13B5F3370687@me.com> Message-ID: <848ADCB3-7949-40E5-87EB-389A5E6630AC@infowarrior.org> Begin forwarded message: > From: Jon > > > On the iPhone there is also "Cop Recorder!" that has stealth recording and network upload. It's done in conjunction with OpenWatch.net. > > There is also "FlyRights" made by the Sikh Coalition that automates filing TSA/DHS complaints. From rforno at infowarrior.org Wed Jul 4 22:01:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jul 2012 23:01:40 -0400 Subject: [Infowarrior] - More on ... Cisco's new ToS for home networking routers Message-ID: (c/o KM) Cisco updates their firmware; bricks devices unless you sign up for their cloud service that tracks and monitors you, and you agree not to see porn or use bittorrent. http://www.neowin.net/news/cisco-locks-users-out-of-their-routers-requires-invasive-cloud-service --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 5 08:57:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jul 2012 09:57:26 -0400 Subject: [Infowarrior] - Mac App Store Pushing Out Corrupted App Downloads Message-ID: <389A2BF4-1B0A-4804-B743-56AA0A5E9345@infowarrior.org> App Store Pushing Out Corrupted App Downloads http://www.macrumors.com/2012/07/05/app-store-pushing-out-corrupted-app-downloads/ Instapaper developer Marco Arment notes that Apple's App Store is apparently pushing out corrupted app binaries of a number of different applications to users. The issue, which renders the apps unusable, has apparently been triggered on app updates approved over the past few days. < - > Arment has collected a list of nearly two dozen apps that have been affected by the issue, and while Apple begin distributing a corrected version of Instapaper within a few hours yesterday, it remains unclear whether all affected apps have been fixed. For those who already downloaded corrupted versions of affected apps, the apps must be deleted and reinstalled. < - > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 5 08:50:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jul 2012 09:50:02 -0400 Subject: [Infowarrior] - Passengers could be asked to give drink samples to TSA Message-ID: <1DD893F2-AAC3-4341-8934-93B0AD60B90E@infowarrior.org> Isn't TSA supposed to be screening things like food/packages/drinks that are sold at airports behind security? What's the true reason here? Is there something credible reported? Is TSA trying to show its relevance during the summer travel season during an election year? Or did TSA drop the ball on something? (again) We have become a nation that believes not in effective risk management but idiotic and ineffective actions in pursuit of total risk aversion locked away from any semblance of competent accountability by a cloak of secrecy. -- rick Passenger could be asked to give drink samples to TSA The TSA would not say what they are testing for or why they are doing it, but travelers say they have a right to know Author: Janelle Ericsson, Reporter, Jericsson at kjct8.com http://www.kjct8.com/news/Passenger-could-be-asked-to-give-drink-samples-to-TSA/-/163152/15394098/-/2eprat/-/index.html POSTED: 06:45 PM MDT Jul 03, 2012 GRAND JUNCTION, Colo. - Passengers say their problem is not with the rules at the airport. They understand why drinks are not allowed through security, but when they buy one while they wait for their flight, they say the TSA should not ask to test it. Passengers say traveling is a big enough stress, but now some are worried the drinks they are getting are not safe. The TSA would not say what they are testing for or why they are doing it, but travelers say they have a right to know. "I'm always glad that my safety is a priority, I just think testing drinks after they've already been bought might be a little extreme," infrequent flyer Jennifer Smart said. "The water or or the juices or anything you buy here in the airport, TSA is going to come over and look and check and test it? That's just ridiculous," world traveler Thomas Burgard said. We asked the TSA about the drink testings and they said, "TSA employees have many layers of security throughout airports. Passengers may be randomly selected for additional screening measures at the checkpoint or in the gate at any time." Passengers we spoke to also said they think the price of drinks are too expensive. If security is going to test them, it should be before they are purchased, so they do not waste their money. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 5 16:19:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jul 2012 17:19:22 -0400 Subject: [Infowarrior] - more on... Mac App Store Pushing Out Corrupted App Downloads References: Message-ID: <8DECE802-3B9D-4120-A7DB-AA8206B33124@infowarrior.org> (C/O Dan. Yet another reason to bypass the App Store where possible! --rick) Recent iOS, Mac app crashes linked to botched FairPlay DRM Independence Day brought app crashes galore, and problems are still ongoing. by Chris Foresman - July 5 2012, 11:45am EDT http://arstechnica.com/apple/2012/07/recent-ios-mac-app-crashes-linked-to-botched-fairplay-drm/ iOS and OS X users are experiencing crashes due to corrupted binaries pushed out by Apple's servers over the Fourth of July holiday, according to Instapaper developer Marco Arment. The problem appears to be linked to Apple's FairPlay DRM scheme, which is added to apps downloaded via the iOS App Store or Mac App Store. While Apple appears to be working to correct the issue, the problem is ongoing as of Thursday. Arment discovered the problem late Tuesday night after pushing an update to his Instapaper app to the App Store. "I was deluged by support e-mail and Twitter messages from customers saying that it crashed immediately on launch, even with a clean install," Arment wrote on his blog. The problem appears to be caused by the addition of FairPlay DRM after the updated binary is submitted to Apple for distribution. An error in encoding the DRM causes the binary to become corrupt, causing the affected app to immediately crash on launch. Error logs point to a failure in the "AppleFairplayTextCrypterSession::fairplayOpen()" function, the first step in running any app distributed via the App Store or Mac App Store. According to Arment's research, users are affected in some regions, but not others. Apple appears to be attempting to fix the problem on a case-by-case basis, as later downloads of the same Instapaper update function normally. However, developers that have submitted updates on July 3, 4, or 5 may still be affected by the problem. "I'll repeat my warning to developers: if you can help it, do not release app updates today," Arment said via Twitter. "The corruption is widespread and ongoing." Unfortunately for developers, users assume the problem is shoddy coding and are leaving negative reviews on affected apps. If you're getting update notices via the App Store or Mac App Store, it may be wise to hold off on updating until Apple can sort the problem out. Apple was not able to respond to our request for comment on Thursday regarding the cause of the problem, or when a permanent fix might be in place. From rforno at infowarrior.org Thu Jul 5 22:07:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jul 2012 23:07:59 -0400 Subject: [Infowarrior] - OT: Olympian Arrogance Message-ID: Olympian Arrogance James Graham By JULES BOYKOFF and ALAN TOMLINSON Published: July 4, 2012 Brighton, England http://www.nytimes.com/2012/07/05/opinion/no-medal-for-the-international-olympic-committee.html WHILE Europe roils in economic turmoil, London is preparing for a lavish jamboree of international good will: in a few weeks, the city will host the 2012 Summer Olympics. But behind the spectacle of athletic prowess and global harmony, brass-knuckle politics and brute economics reign. At this nexus sits the International Olympic Committee, which promotes the games and decides where they will be held. Though the I.O.C. has been periodically tarnished by scandal ? usually involving the bribing and illegitimate wooing of delegates ? those embarrassments divert us from a deeper problem: the organization is elitist, domineering and crassly commercial at its core. The I.O.C., which champions itself as a democratic ?catalyst for collaboration between all parties of the Olympic family,? is nonetheless run by a privileged sliver of the global 1 percent. This has always been the case: when Baron Pierre de Coubertin revived the Olympics in the 1890s, he assembled a hodgepodge of princes, barons, counts and lords to coordinate the games. Eventually the I.O.C. opened its hallowed halls to wealthy business leaders and former Olympians. Not until 1981 were women allowed in. Even today, royalty make up a disproportionate share of the body; among the 105 I.O.C. members are the likes of Princess Nora of Liechtenstein, Crown Prince Frederik of Denmark and Prince Nawaf Faisal Fahd Abdulaziz of Saudi Arabia. The United States has only three representatives, two of them former Olympic athletes. Then there are the excessive demands that the I.O.C. makes on host cities. For instance, the host cities have had to change their laws to comply with the Olympic Charter, which states that ?no kind of demonstration or political, religious or racial propaganda is permitted in any Olympic sites, venues or other areas.? When Vancouver, British Columbia, hosted the Winter Games in 2010, the city passed a bylaw that outlawed signs and banners that did not ?celebrate? the Olympics. Placards that criticized the Olympics were forbidden, and the law even empowered Canadian authorities to remove such signs from private property. The I.O.C. also makes host cities police Olympics-related intellectual property rights. So Parliament adopted the London Olympic Games and Paralympic Games Act of 2006, which defines as a trademark infringement the commercial use of words like ?games,? ?2012? and ?London? in proximity. Such monomaniacal brand micromanagement points to another problem: the I.O.C. has turned the Olympics into a commercial bonanza. In London, more than 250 miles of V.I.P. traffic lanes are reserved not just for athletes and I.O.C. luminaries but also for corporate sponsors. Even the signature torch relay has been commercialized: the I.O.C. and its corporate partners snapped up 10 percent of the torchbearer slots for I.O.C. stakeholders and members of the commercial sponsors? information technology and marketing staffs. Michael R. Payne, a former marketing director for the committee, has called the Olympics ?the world?s longest commercial.? Most worrisome, perhaps, is that the I.O.C. creates perverse incentives for security officials in host cities to overspend and to militarize public space. The I.O.C. tends to look kindly on bids that assure security, and host cities too often use the games as a once-in-a-lifetime opportunity to stock police warehouses with the best weapons money can buy. Visitors to London, where the games are scheduled to run from July 27 to Aug. 12, would be forgiven for thinking they had dropped in on a military hardware convention. Helicopters, fighter jets and bomb-disposal units will be at the ready. About 13,500 British military personnel will be on patrol ? 4,000 more than are currently serving in Afghanistan. Security officials have acquired Starstreak and Rapier surface-to-air missiles. Even the Olympic mascots look like two-legged surveillance cameras. Let us be clear: the concern about ensuring a terror-free Olympics is tragically warranted. In 1972, members of the Palestinian militant group Black September killed 11 Israeli athletes and coaches at the Olympics in Munich ? after which the I.O.C. president notoriously insisted that ?the games must go on? ? and in 1996, a bomb at the Atlanta Olympics killed a spectator and injured more than 100 other people. Yet there is such a thing as excess ? and surveillance and weaponry are not a panacea. Security measures can also be counterproductive: London residents who learned that the Ministry of Defense was attaching missile launchers to the roofs of their apartment buildings can?t be blamed for wondering if they?ve unwillingly become a prime target for terrorists. And, symbolically, at a certain point it gets hard to square the image of the militarized state with the Olympic ideals of peace and understanding. What can be done? The I.O.C. has acknowledged that the escalating scale of the games ? ?gigantism? ? is a real issue. Competitions drenched in privilege, like the equestrian events, should be ditched (with apologies to Ann Romney?s horse Rafalca, who will be competing in dressage in London). Pseudo-historical events like Greco-Roman wrestling, concocted in the 19th century, could also go. Events with high start-up costs could be swapped for those requiring fewer resources. Why not bring back tug-of-war (a hotly contested event in the early 20th century) and add more running events, like trail running and cross-country? Governance is another challenge. After the bribery scandal surrounding the selection of Salt Lake City to host the 2002 Winter Olympics, and under pressure from Congress, the I.O.C. created an ethics commission to monitor the bid process ? but it reports to the I.O.C.?s executive board, which still has the final say. Other measures worth considering are to streamline committee membership and to provide greater representation for the international sports federations that administer athletic competitions ? though either approach would continue to pose accountability problems. In these bleak economic times, the world could use a little athletic transcendence. Sadly, the arrogance and aloofness of the organization behind the spectacle are all too ordinary. Jules Boykoff, an associate professor of political science at Pacific University, is writing a book on dissent and the Olympics. Alan Tomlinson is a professor of leisure studies at the University of Brighton. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 08:03:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 09:03:38 -0400 Subject: [Infowarrior] - If Hackers Didn't Exist, Governments Would Have to Invent Them Message-ID: (c/o ferg) If Hackers Didn't Exist, Governments Would Have to Invent Them By Molly Sauter Jul 5 2012, 4:29 PM ET 17 The myth of malicious adolescents out to wreak havoc on our technology spurs Internet regulations that are far more stringent than is reasonable. http://www.theatlantic.com/technology/archive/2012/07/if-hackers-didnt-exist-governments-would-have-to-invent-them/259463/ The hackers who dominate news coverage and popular culture -- malicious, adolescent techno-wizards, willing and able to do great harm to innocent civilians and society at large -- don't exist The perceived threat landscape is a warped one, which directs attention and resources to battling phantoms, rather than toward preventing much more common data-security problems. According to the Privacy Rights Clearinghouse, the loss or improper disposal of paper records, portable devices like laptops or memory sticks, and desktop computers have accounted for more than 1,400 data-breach incidents since 2005 -- almost half of all the incidents reported. More than 180,000,000 individual records were compromised in these breaches, which included individuals' names, Social Security numbers, addresses, credit-card information and more. This is compared to the 631 incidents from the same period that the Clearinghouse assigns generically to "hacking or malware." Your private data is more likely to be put at risk by a factotum leaving a laptop on a train than by a wired teen with too much time on his hands. Insider threats, otherwise known as frustrated grown-ups with real jobs, also constitute a significant challenge for information security. The Wall Street Journal recently reported on a survey which showed that 71 percent of IT managers and executives believe insider threats present the greatest risk to their companies. And the recent high-profile security breach at LinkedIn shows that one of the greatest risks to our personal security is ourselves: more than two-thirds of the leaked LinkedIn passwords were eight characters or fewer in length, and only one percent used the mix of upper- and lower-case characters, numbers, and symbols that makes passwords difficult to crack. But these more serious threats don't seem to loom as large as hackers in the minds of those who make the laws and regulations that shape the Internet. It is the hacker -- a sort of modern folk devil who personifies our anxieties about technology -- who gets all the attention. The result is a set of increasingly paranoid and restrictive laws and regulations affecting our abilities to communicate freely and privately online, to use and control our own technology, and which puts users at risk for overzealous prosecutions and invasive electronic search and seizure practices. The Computer Fraud and Abuse Act, the cornerstone of domestic computer-crime legislation, is overly broad and poorly defined. Since its passage in 1986, it has created a pile of confused caselaw and overzealous prosecutions. The Departments of Defense and Homeland Security manipulate fears of techno-disasters to garner funding and support for laws and initiatives, such as the recently proposed Cyber Intelligence Sharing and Protection Act, that could have horrific implications for user rights. In order to protect our rights to free speech and privacy on the internet, we need to seriously reconsider those laws and the shadowy figure used to rationalize them. * * * The hacker character in mainstream culture has evolved as our relationship with the technology has changed. When Matthew Broderick starred in War Games in 1983, the hacker character was childish, driven by curiosity and benign self-interest, and sowed his mayhem largely by accident. Subsequent incarnations, like those in Hackers, Sneakers, GoldenEye, and Live Free or Die Hard became more dangerous and more intentional in their actions, gleefully breaking into protected networks and machines and causing casual destruction incomprehensible to techno have-nots. The hacker in American film, almost always white, middle class, and male, is immature, socially alienated, vindictive, and motivated by selfish goals or personality problems. The plots of such films are built on apocalyptic techno-paranoia, reflecting a belief that hackers have supreme control over the technologies that make the world run. News coverage parallels the pop culture frame. Basement-dwelling hackers remain a primary villain on the evening news and the front page, even at the cost of an accurate and rational portrayal of current events. "Hacking" is used as a catch-all term to describe almost any computer-related crime or "bad" action, no matter the skills or techniques involved. Coverage often confuses what could happen with what is actually happening, reporting on theoretical exploits of the type often presented at security conferences as if they were a clear and present danger. Recent media and government fixation on the prankster-protesters of Anonymous has stoked the fires of techno-paranoia and, as Yochai Benkler pointed out in a recent article in Foreign Affairs, has conflated modes of electronic civil disobedience with outright cybercriminality in ways that damage the cause of political speech online. The hacker lurks in the network, a decentralized threat, able to cause harm far from his actual location. His relationship with technology is pathological, he is compulsive in his hacking activities, and therefore cannot be reformed. Because he is socially alienated, he lacks the normal social checks on his behavior, and is instead stuck in a feedback loop with other hackers, each trying to outdo the other in juvenile mayhem on the public internet. Add to all this the hacker's superhuman ability to manipulate anything running code, and you have a terrifying modern boogeyman that society must be protected from at all costs. * * * In the effort to protect society and the state from the ravages of this imagined hacker, the US government has adopted overbroad, vaguely worded laws and regulations which severely undermine internet freedom and threaten the Internet's role as a place of political and creative expression. In an effort to stay ahead of the wily hacker, laws like the Computer Fraud and Abuse Act (CFAA) focus on electronic conduct or actions, rather than the intent of or actual harm caused by those actions. This leads to a wide range of seemingly innocuous digital activities potentially being treated as criminal acts. Distrust for the hacker politics of Internet freedom, privacy, and access abets the development of ever-stricter copyright regimes, or laws like the proposed Cyber Intelligence Sharing and Protection Act, which if passed would have disastrous implications for personal privacy online. The hacker folk devil as depicted in popular culture and news coverage is the target of and the justification for these laws and regulations. But rather than catching that phantom, these laws invite guilt by association, confusing skill with computers with intent to harm. They snag individuals involved with non-criminal activities online, as happened in the case of Bret McDanel, who served 16 months in prison for sending a few emails, and leave the rest of us with legally crippled technology and a confused picture of our rights online. Crafting governmental and corporate policy in reaction to a stereotyped social ghoul lurking in the tubes is ineffective at best, and actively malignant at worst. There are real threats in the online space, from the banal reality of leaving a laptop on the bus and sloppy personal security habits to the growing reality of inter-state cyberwar. However, focusing on the boys-in-the-basement hacker threat model drains attention and resources from discovering what and where the actual threats are. Taking down file lockers, criminalizing jail breaking, modding, and terms-of-service violations, and casting legal aspersions on anonymous and pseudonymous speech online is distracting fear mongering and wastes governmental and corporate resources. Recent court decisions, like the opinion handed down by the Ninth Circuit in US v. Nosal, work to narrow the scope of the CFAA, which gives hope to the idea that it is possible to regulate the Internet in a more reality-driven way. In order to achieve that regulation, though, we must discard the hacker stereotype as a central social villain and legal driver. The past few years have seen the internet emerge as a central haven for political speech, domestically and internationally. The internet has been used to exchange ideas, organize protests, and overthrow dictators. We hold the right to free political speech dearly in this country, and, for better or for worse, the laws we pass regarding the regulation of the internet have a disproportionally large impact on the way this international resource operates. The question that we must ask ourselves is, do we want the next Arab Spring regulated out of existence by our fear of hackers who don't even exist? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 09:03:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 10:03:08 -0400 Subject: [Infowarrior] - FBI Continues To Insist There's No Reason For Kim Dotcom To Be Able To See The Evidence Against Him Message-ID: <42D121C9-C8B0-4ED8-B829-3B1513ED9641@infowarrior.org> FBI Continues To Insist There's No Reason For Kim Dotcom To Be Able To See The Evidence Against Him from the of-course-not dept http://www.techdirt.com/articles/20120705/01494319582/fbi-continues-to-insist-theres-no-reason-kim-dotcom-to-be-able-to-see-evidence-against-him.shtml We already noted that the New Zealand judicial system apparently isn't as willing as the US expected to rubberstamp approval of the extradition of Kim Dotcom. Part of that ruling was a requirement that the US turn over the evidence they're using against Dotcom, so that he can counter it in fighting against the extradition. However, it appears that the US is still fighting this, having the New Zealand prosecutor (who is fighting on their behalf) argue that Dotcom should only be allowed to see a single document out of the 22 million emails the FBI collected and that this really isn't a matter for the New Zealand courts to concern themselves with, as they should just let the Americans handle it. "Crown lawyer John Pike argued that there was no need for Dotcom to have access because he was not being tried in New Zealand. The judge in the extradition case needed only to decide if there was a case for him to answer in the US, Mr Pike said, and that question was answered by the record of case." That's kind of amazing when you think about it. He shouldn't be allowed to even see the evidence against him... even if it might prove that there is no "case for him to answer to in the US." That's what's so troubling about the US position on cases like this one and the O'Dwyer/TVshack case. They seem to assume that it shouldn't be of any concern if they drag someone thousands of miles across oceans to face trumped up charges in the US. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 10:44:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 11:44:31 -0400 Subject: [Infowarrior] - Pentagon Digs In On Cyberwar Front Message-ID: http://online.wsj.com/article/SB10001424052702303684004577508850690121634.html?mod=googlenews_wsj Wall Street Journal July 6, 2012 Pg. 4 Pentagon Digs In On Cyberwar Front Elite School Run by Air Force Trains Officers to Hunt Down Hackers and Launch Electronic Attacks By Julian E. Barnes The U.S. military is accelerating its cyberwarfare training programs in an aggressive expansion of its preparations for conflict on an emerging battlefield. The renewed emphasis on building up cyberwarfare capabilities comes even as other defense programs have been trimmed. Along with unmanned aircraft and special operations, cyberwarfare is among the newer, more high-tech and often more secretive capabilities favored by the Pentagon's current leadership. In June, the U.S. Air Force's elite Weapons School?the Air Force version of the Navy's famed "Top Gun" program?graduated its first class of six airmen trained to fight in cyberspace. The new course, at Nellis Air Force Base in Nevada, trains airmen working at computer terminals how to hunt down electronic intruders, defend networks and launch cyberattacks. "While cyber may not look or smell exactly like a fighter aircraft or a bomber aircraft, the relevancy in any potential conflict in 2012 is the same," said Air Force Col. Robert Garland, commandant of the Weapons School. "We have to be able to succeed against an enemy that wants to attack us in any way." The training effort comes amid a push by the Obama administration to rapidly deploy offensive and defensive techniques across the government, including at the Central Intelligence Agency, other intelligence agencies and the Department of Homeland Security. Cyberwarfare techniques have been deployed in an apparent U.S. and Israeli campaign to undermine Iran's nuclear program, elements of which were reported last month by the New York Times. The U.S. also contemplated using cyberweapons to incapacitate Libyan air defenses in 2011, before the start of U.S. airstrikes. The military's cyber buildup began in 2008, leading to creation of a formal "U.S. Cyber Command." The command marshals computer-warfare capabilities from across the military and integrates them with expertise at the National Security Agency. Some of the defenses could someday be extended to the private sector. Overall the Air Force spends about $4 billion a year on its cyber programs, though the training initiatives are a fraction of that cost. Other military services also are taking steps to strengthen cyberwarfare capabilities and training. The Navy is revamping courses for 24,000 people trained each year at the Center for Information Dominance each year. "It is that full span, from peace time to war and everything in between," said Capt. Susan Cerovsky, commander of the Center for Information Dominance. James Cartwright, a retired Marine general and former vice chairman of the U.S. Joint Chiefs of Staff, argues the new emphasis on cyber training is critical. But he said the military should do a better job publicizing that it is working to hone all of its cyber capabilities?both defensive and offensive. "For cyber deterrence to work, you have to believe a few things: One, that we have the intent; two, that we have the capability; and three, that we practice?and people know that we practice," Gen. Cartwright said. The full range of U.S. cyberweapons is a closely guarded secret. U.S. officials have said the military is developing weapons aimed at cutting off power to precise, limited locations. "Our curriculum is based on attack, exploit and defense of the cyber domain," said Lt. Col. Bob Reeves, who oversees the cyber course as commander of the 328th Weapons Squadron. The U.S. also has acknowledged it has cyberweapons that could help suppress enemy air and sea defenses. Israel used cyber techniques to hide its aircraft in a 2007 attack on a Syrian nuclear facility, according to current and former officials. Such methods are taught at Weapons School, officials acknowledge. The course focuses on combining cyber power with more traditional combat, said Lt. Col. Reeves. That includes "affecting an adversary's computer system in a way that allows us to fly in an airstrike more effectively, with less resistance," he said. Lt. Col. Steven Lindquist, one of the inaugural students, said the course asks officers to study how an attacker could launch a cyberattack against an Air Force command center or an individual airplane, and to construct defenses. An Air Force "aggressor" team at Nellis then tests the defenses. "The Air Force aggressor acts as a hacker coming against us and we see how our defensive plan measured up," said Lt. Col. Lindquist. The Air Force Weapons School provides advanced training for a handful of elite officers each year in traditional skills, like teaching aerial combat, reconnaissance and bombing, and also for the growing ranks of drone pilots. Adding the cyberwarfare course to the most elite school, officials say, is important to changing the mind-set of the military, where many still regard radios, telephones and computers as communications tools?not targets and weapons. "We know this is a contested domain," said Lt. Col. Timothy Franz, staff director for the Air Force Office of Cyberspace Operations. "There are people out there trying to get into your telephones and networks for military purposes, and we recognize that having similar capabilities is imperative for the future fight." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 10:48:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 11:48:17 -0400 Subject: [Infowarrior] - Airline Plans to Google Passengers Ahead of Flights Message-ID: Airline Plans to Google Passengers Ahead of Flights July 6, 2012 http://mashable.com/2012/07/06/british-airways-google/ British Airways wants to give its customers a more personalized travel experience by creating dossiers on them, and many have raised questions about the privacy implications in doing this. The information will include not only data the airline already possesses ? like previous complaints or delays ? but also information from Google Image searches. Theoretically, the flight crew can apologize for mistakes and be able to identify passengers in order to do so. ?We?re essentially trying to recreate the feeling of recognition you get in a favourite restaurant when you?re welcomed there, but in our case it will be delivered by thousands of staff to millions of customers. This is just the start ? the system has a myriad of possibilities for the future,? Jo Boswell, head of customer analysis at BA, told the London Evening Standard. Check out the video above to learn more about the program. Do you think this is a smart business initiative, or should the airline ask for your personal information instead? Tell us in the comments what you think. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 13:38:27 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 14:38:27 -0400 Subject: [Infowarrior] - USTR Starts To Get Clue, MPAA/RIAA Still In Denial. Message-ID: <1FBBC993-D681-4E48-9EDF-EB5F2545E948@infowarrior.org> EU Parliament Rejects ACTA Defeat; USTR Starts To Get Clue, MPAA/RIAA Still In Denial. By Harold | July 5, 2012 http://tales-of-the-sausage-factory.wetmachine.com/eu-parliament-rejects-acta-defeat-ustr-starts-to-get-clue-mpaariaa-still-in-denial/ Well, it?s been a fun week on the international trade agreement front. Monday began yet another negotiating round for the Trans-Pacific Partnership (TPP) trade agreement, this time in San Diego. To the amazement of everyone, the U.S. Trade Representative (USTR) announced on July 3 it would now include a provision in the intellectual property (IP) chapter recognizing the importance of ?limitations and exceptions? to copyright and embracing the international 3-part test for what constitutes suitable limitations and exceptions. (For those not familiar with this term of art, ?limitations and exceptions? are things like Fair Use and and First Sale Doctrine in the United States. As the name implies, limitations and exceptions to copyright limit the rights of the copyright holder and create exceptions to the general rule against copying without permission.) It is difficult to convey to people who don?t routinely deal with USTR and the copyright maximalists that dominate trade negotiations just how stunning a turn around this is, given the fairly well-established limitations and exceptions in U.S. law and the fact that ? as USTR acknowledged in its announcement ? the three-part test for what constitutes suitable limitations and exceptions is already well-established and incorporated into international law. Indeed, given all this, the incredible thing is that this is, as USTR acknowledges, the first time USTR has included any explicit reference to limitations and exceptions. In addition, as my colleague Rashmi Rangnath points out over at the Public Knowledge blog, while this is a positive step for USTR, we have not seen the new draft TPP text, so the actual implementation of these principles in the TPP draft could still be a major step backward from existing U.S. law. More . . . . Let me use an analogy to explain why this is, nevertheless, a big deal. For USTR to publicly embrace limitations and exceptions as ?an important part of the copyright echosystem? is the equivalent of The Pope saying: ?in some cases, birth control is a good thing because it allows married couples to have sex without procreation, deepening their emotional bond with one another.? What Happened? ACTA. So even if this is just public posturing, it marks a dramatic departure from the USTR?s traditional position ? which is to avoid the entire subject of limitations and exceptions as much as possible while implying, without actually saying, that the very existence of the concept of ?limitations and exceptions to copyright? makes the universe a less perfect place. Such things do not happen by chance. Ron Kirk did not wake up Tuesday morning July 3 and say ?I had a dream of a world with no limitations and exceptions to copyright and learned a Very Important Lesson In Life.? Mind you, I am not questioning the sincerity of USTR. This is about shaping policy, not building a relationship or going on a date. I am totally down with people doing the right thing for the wrong reason. But success also depends on understanding why USTR felt compelled to change their public position. The next day, on July 4, we got what I consider the most likely explanation. The European Parliament utterly rejected the Anti-Counterfeiting Trade Agreement (ACTA). And while supporters within the European Commission may still plot to keep it alive, the short term result is that the insistence on serving the interests of the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) by trying to force copyright maximalism on other countries killed the treaty after about 6 years of negotiation. That?s a lot of wasted time and effort. Worse, a lot of U.S. industry outside of Hollywood and the recording industry wanted ACTA to actually fight real counterfeiting. So not only did everyone end up wasting time on a treaty no one wants to sign anymore, businesses hoping to use the agreement to fight the folks making warehouses full of fake Rolex watches and such what are totally out of luck. And why? Because the MPAA/RIAA insisted ACTA needed lots of crazy stuff on intellectual property, and no one wanted to say no to the MPAA/RIAA. Oh, if only some wise public interest advocate had warned them that including all this crazy stuff around IP in ACTA put getting a real trade agreement to address real counterfeiting at risk! Oh wait . . . . True, ACTA might have slipped through without much public notice or discussion, like nearly every other international trade agreement, but for the consciousness raising exercise that was the fight against SOPA. Europeans and others who thought copyright maximalism was a uniquely American disease suddenly took an interest in what their own governments were doing and experienced a collective freak out. Critically, folks got quite upset that ACTA would apparently require them to change their copyright laws in ways they regarded as inimical to recognized limitations and exceptions and that therefore violated fundamental human rights principles. The usual blandishments and arrogant dismissals of these criticisms by ACTA supporters as ill-informed, driven by pirates and profiteers such as Google, and necessary to protect poor starving artists failed to sooth the opposition. To the contrary, it only aroused further fury that ACTA supporters. As a result, the EU vote rejecting ACTA was one of the most lopsided votes in its history (478-39). USTR Starts To Get A Clue. IP Mafia Still In Denial. All of this, combined with new objections to the TPP process by a growing number of Congressmen, has apparently prompted USTR to get a clue. As ACTA?s resounding rejection proves, the old playbook of whittling away limitations and exceptions to copyright both here and abroad by refusing to acknowledge their existence or importance just doesn?t cut it in a post-SOPA. At a minimum, international agreements must at least pay lip service to the vital role of limitations and exceptions in ?the copyright ecosystem.? Of course, the actual language of the treaty might still undermine limitations and exceptions in practice while pretending to acknowledge their importance on the surface. In addition, the recognized international 3-part test USTR refers to is pretty vague, since it constitutes the minimum standard that all countries must acknowledge (even if they?d rather not) under accepted norms of international law. So a treaty provision can be totally complaint with the international 3-part test and still represent a major step forward for copyright maximalism by reducing existing limitations and exceptions as incorporated in the law of the United States and many other countries. Mind you, despite the fact that this acknowledgement does not give up much practical ground, MPAA and RIAA are reportedly furious with the announcement and latest draft of the TPP IP chapter. Since selected industry representatives get full access to the proposed text, it may well be that the new text contains some real policy shifts as well as a change in rhetoric. But I suspect the fury of the MPAA and RIAA comes from the fact that they appear to believe that Wikipedia and Google are responsible for all this, and no real world evidence will tell them otherwise. As a result, they regard even a rhetorical shift by USTR acknowledging the importance of limitations and exceptions as a betrayal and as caving in to ?Big Knowledge? bullies like Wikipedia. Also, even if USTR turns out to be merely paying lip service to the concept, MPAA/RIAA have definitely lost a major round here. To have limitations and exceptions openly in the room and acknowledged as a critical element in any trade agreement rather than treated as something questionable to be ignored changes the tenor of negotiations and makes it harder for the IP Mafia to push for unilateral expansion of copyright at the continuing expense of long-established limitations and exceptions. For a lobby unused to losing, this change in position from a previously rock-solid ally ? no matter how politically necessary in the short-term ? represents another galling lose in a year marked by several unanticipated reversals. So How Should The Opponents of Copyright Maximalism Respond. I have many rules of advocacy. One is: ?Always make it easy for other people to agree with you.? This is doubly true when believe the other side is making the concession grudgingly. So the first response is to thank USTR and acknowledge its significant shift in position. The second step is to help USTR move down the path of wisdom by refining the text ? aware that the IP Mafia will do everything in its power to reverse course and shift USTR back to its traditional position. Keep in mind that the majority of people working for USTR don?t like to waste effort any more than the rest of us, and the realization that a significant portion of the rest of the world may reject whatever final deal negotiators agree to if it goes too far on copyright is no doubt causing many to rethink their positions. In addition, USTR has many other industries it services besides Hollywood. They need trade agreements ? and USTR is required to negotiate these. The Hollywood crazy train on intellectual property enforcement now very visibly threatens the ability to get future trade agreements ratified by Congress or by foreign governments. The manufacturing sector, the retail sector, and others that have until now tolerated Hollywood?s demands in the interest of maintaining a united industry front will not sacrifice their own international trade interests for the Entertainment industry ? and will push USTR to negotiate agreements that actually have a chance at ratification. All this creates a positive opportunity going forward. For the first time, civil society has something USTR needs ? an ability to legitimize the treaty text. The global lobbying muscle of the MPAA/RIAA is no longer enough. While that does not make civil society equals in the negotiations by any stretch of the imagination, it is a much stronger bargaining position than ever before. This is not to say that people long convinced of the rightness of copyright maximalism which rejects limitations and exceptions will change their minds on the merits (although this may come too, in time). But policy is not about getting people to do the right thing for the right reasons, it is about getting them to do the right thing for their own reasons. In this case, USTR has excellent reasons to shift position and bring civil society more strongly into the mix. The job for civil society is continuing to enhance the value of what we offer by keeping the pressure on for substantive language that genuinely embraces existing limitations and exceptions. MPAA/RIAA have excellent incentive for this as well, although I expect them to take much longer to recognize this. Conclusion All in all, 2012 continues to be a landmark year for intellectual property policy. The anti-SOPA campaign has genuinely changed the way in which IP policy gets negotiated, rather than fading away as memory of the legislation recedes. No, that doesn?t mean everything is now hunky-dory and we now go home. But did anyone ever think it would? What the ACTA defeat in Europe and the pressure on USTR to shift position show is that the campaign to prevent the further erosion of free expression in the name of copryight maximalism has staying power. It now falls to all of us to ensure that we keep moving things in the right direction. Stay tuned . . . --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 13:43:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 14:43:13 -0400 Subject: [Infowarrior] - Def Leppard Covers Its Own Songs With 'Forgeries' To Fight Back Against Universal Music Message-ID: <3AAB144E-4733-4B38-919D-81E856F51999@infowarrior.org> (Even though I have their entire catalogue and then some, I will buy their 'forgeries' to support their efforts and stand on principle. ---rick) Def Leppard Covers Its Own Songs With 'Forgeries' To Fight Back Against Universal Music from the well,-that's-one-way-to-do-things dept http://www.techdirt.com/articles/20120706/04162619600/def-leppard-covers-its-own-songs-with-forgeries-to-fight-back-against-universal-music.shtml As we recently noted, there are compulsory licenses for doing cover song recordings, such that you don't need to ask for permission. It appears that the band Def Leppard is now taking advantage of that in an attempt to fight back against Universal Music (who they feel owe them royalties) by re-recording their entire back catalog (sent in by a bunch of you) and re-releasing them. They're referring to their own re-recordings as "forgeries." < - > With newly recorded "forgeries" of "Pour Some Sugar on Me" and "Rock of Ages" now available, the quintet has begun a series of re-recordings of its catalog material and "wrestled control of our career back" from the Universal Music Group, which frontman Joe Elliott says the band refuses to deal with "until we come up with some kind of arrangement" over compensation, especially for digital downloads. "When you're at loggerheads with an ex-record label who...is not prepared to pay you a fair amount of money and we have the right to say, 'Well, you're not doing it,' that's the way it's going to be," Elliott tells Billboard.com. "Our contract is such that they can't do anything with our music without our permission, not a thing. So we just sent them a letter saying, 'No matter what you want, you are going to get "no" as an answer, so don't ask.' That's the way we've left it. We'll just replace our back catalog with brand new, exact same versions of what we did." < - > Of course, you'd have to imagine that someone else still holds the publishing rights, but if the new "forgeries" -- which apparently take quite some time to get exactly right -- sell well, the band could end up keeping a much larger share of the money. Either way, this seems like yet another story in a very, very long line of such stories, of bands reporting on the many ways in which the major labels have screwed them over. Makes you wonder if there are any acts who feel they weren't screwed over by their major label... --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 17:19:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 18:19:56 -0400 Subject: [Infowarrior] - Cisco apologizes for privacy 'confusion, ' makes cloud service an opt-in feature Message-ID: Cisco apologizes for privacy 'confusion,' makes cloud service an opt-in feature http://www.cio.com.au/article/print/429857/cisco_apologizes_privacy_confusion_makes_cloud_service_an_opt-in_feature/ Customers had complained about automatic updates and a policy document that said Cisco might track Internet use ? Stephen Lawson (IDG News Service) ? 06 July, 2012 18:58 Cisco Systems has taken a step back from its Cisco Connect Cloud service, removing it as the default setting for management of its Linksys EA Series Wi-Fi routers after a firestorm of complaints from customers about automatic firmware updates and the service's terms of service. The default method for managing the high-end Linksys routers has been changed to traditional setup and management over the local network, Cisco said in a blog entry posted on Thursday. When the company brought Cisco Connect Cloud online last week, it made the Internet-based administration service into the default tool for the routers. Now, users who want the features of Cisco Connect Cloud will have to choose on their own to use it. This is a major step back from a service that the company had promoted as part of its vision of the future of home Wi-Fi routers. In a previous response to complaints, Cisco had stepped in to help users return to the older management system if they wanted, but the latest move makes users actively choose the new service. In the blog post announcing the change, Cisco also apologized twice and repeatedly sought to extinguish customers' concerns about privacy and automatic firmware updates. "We believe lack of clarity in our own terms of service has contributed to many of our customers' concerns, and we apologize for the confusion and inconvenience this has caused," wrote Brett Wingo, vice president and general manager of Cisco Home Networking. "Cisco Connect Cloud and Cisco Linksys routers do not monitor or store information about how our customers are using the Internet and we do not arbitrarily disconnect customers from the Internet. The Cisco Connect Cloud Service has never monitored customers' Internet usage, nor was it designed to do so," Wingo wrote. "Cisco will not push software updates to customers' Linksys routers when the auto-update setting is turned off," he wrote. The blog entry said Cisco would update its terms of service and related documentation as quickly as possible, though that would not be the first time the company has done so during the crisis. Changes announced last Friday failed to quell some vocal users' concerns. Cisco Connect Cloud was announced in April alongside a new generation of Wi-Fi routers for homes, the Linksys EA2700, EA3500 and EA4500. Cisco said it would allow users to manage their wireless LANs remotely via a Web browser or a smartphone app, and it announced six third-party apps to work with the service and opened up the platform to other developers. When the cloud service went live last week, some owners of the EA3500 and EA4500 routers complained on user forums that Cisco had updated their routers' firmware overnight and effectively forced them to move to cloud-based management. A LAN-based option was made available, but the users said it lacked many of the features that came with the previous LAN-based management. Even worse, disgruntled customers looked into Cisco Connect Cloud's terms of service and found that Cisco said it might collect information about use of the service, including users' Internet history. The terms also said Cisco might share "aggregated and anonymous user experience information" with third parties. That language sparked outrage among customers, some of whom said they would stop using the Linksys routers. After the complaints, Cisco rewrote the privacy policy and took steps to help users roll back their router firmware to the previous version and opt out of automatic updates. But complaints continued. The updated privacy policy raised concerns among some customers that Cisco might take their routers offline based on the terms of service. While changing the default status of Cisco Connect Cloud, Cisco stood by cloud-based router management in Thursday's blog post. "We are committed to providing both Cloud-enabled and local management software," Wingo wrote. Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson at idg.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 6 18:18:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jul 2012 19:18:08 -0400 Subject: [Infowarrior] - First Apple App Store malware found by Kaspersky Message-ID: First Apple App Store malware found by Kaspersky Find and Call steals IOS users' phone book data and spams contacts with ads http://www.theinquirer.net/inquirer/news/2189908/apple-app-store-malware-kaspersky By Lee Bell Fri Jul 06 2012, 16:12 THE FIRST EVER piece of malware has been discovered in Apple's App Store by Russian security firm Kaspersky. The malicious app called Find and Call steals IOS users' phone book data and spams the contacts with advertisements. Originally brought to Kaspersky's attention by a mobile carrier named Megafon, the app was also found in Google Play, but has since been removed from both Google's and Apple's app stores. "At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself," Kaspersky senior malware analyst Denis Maslennikov said in a blog post on Thursday. "However, our analysis of the IOS and Android versions of the same application showed that it's not an SMS worm but a Trojan that uploads a user's phonebook to a remote server." Maslennikov said that this replication was done by the server, which sends each contact an SMS message with a link to the download location of the app. "If a user launches this application he will be asked to register in the app using his email address and cell phone number (both fields won't be checked for validity)," Maslennikov said. If the user wants to 'find friends in a phone book' his phone book data will be secretly uploaded to remote server." Those infected by the app will have their phone book entries spammed with SMS messages offering to click on the URL and download this 'Find and Call' application. If a contact follows the URL, it requests them to sign up to the web site, asking them to enter their social networking accounts, email accounts and even Paypal details to add money to the account. Kaspersky explained that if a user tries to add some amount of money, they will notice that the malware transfers money to a company called 'LABWEALTH.COM PTE. LTD.' "If you check their website, 'labwealth.com', you'll find a company based in Singapore named 'Wealth Creation Laboratory'. Yeah, right! This company, by the way, has really nice motto: 'Let's create together the world of plenty and prosperity!'" Maslennikov said. However, senior technology consultant at Sophos, Graham Cluley said he didn't agree with Kaspersky's judgment that the finding was malware. "It would probably be more accurate to say that the app is 'spammy' - as it leaks data all over the place in plain text over http, which means the data could be intercepted and sniffed," he said. "It sounds like somebody realised the value of having a lot of data and they thought of a perfect way to collect it, and perhaps imagined that this technique is probably legit. Similar to some spammers not thinking that sending spam is a bad thing, 'It is just direct marketing after all'." Cluley added that "Apple's rigorous screening of apps" wasn't quite rigorous enough when this one slipped through the net, but was pleased to hear that Apple haa removed the app so it's no longer available. Regardless of whether the app has has been removed or not, the finding marks somewhat of a watershed moment for Apple, which, unlike Google, had remained unscathed by vulnerabilities in its app store. ? Source: The Inquirer (http://s.tt/1h4ft) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Jul 7 22:14:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 7 Jul 2012 23:14:56 -0400 Subject: [Infowarrior] - DHS: The biodefender that cries wolf Message-ID: <07DD4B49-1360-46A2-BCC0-96994C68D591@infowarrior.org> The biodefender that cries wolf The Department of Homeland Security's BioWatch air samplers, meant to detect a terrorist biological attack, have been plagued by false alarms and other failures. July 7, 2012 http://www.latimes.com/news/nationworld/nation/la-na-biowatch-20120708,0,1751272,full.story DENVER? As Chris Lindley drove to work that morning in August 2008, a call set his heart pounding. The Democratic National Convention was being held in Denver, and Barack Obama was to accept his party's presidential nomination before a crowd of 80,000 people that night. The phone call was from one of Lindley's colleagues at Colorado's emergency preparedness agency. The deadly bacterium that causes tularemia ? long feared as a possible biological weapon ? had been detected at the convention site. Should they order an evacuation, the state officials wondered? Send inspectors in moon suits? Distribute antibiotics? Delay or move Obama's speech? Another question loomed: Could they trust the source of the alert, a billion-dollar government system for detecting biological attacks known as BioWatch? Six tense hours later, Lindley and his colleagues had reached a verdict: false alarm. BioWatch had failed ? again. President George W. Bush announced the system's deployment in his 2003 State of the Union address, saying it would "protect our people and our homeland." Since then, BioWatch air samplers have been installed inconspicuously at street level and atop buildings in cities across the country ? ready, in theory, to detect pathogens that cause anthrax, tularemia, smallpox, plague and other deadly diseases. But the system has not lived up to its billing. It has repeatedly cried wolf, producing dozens of false alarms in Los Angeles, Detroit, St. Louis, Phoenix, San Diego, the San Francisco Bay Area and elsewhere, a Los Angeles Times investigation found. Worse, BioWatch cannot be counted on to detect a real attack, according to confidential government test results and computer modeling. The false alarms have threatened to disrupt not only the 2008 Democratic convention, but also the 2004 and 2008 Super Bowls and the 2006 National League baseball playoffs. In 2005, a false alarm in Washington prompted officials to consider closing the National Mall. Federal agencies documented 56 BioWatch false alarms ? most of them never disclosed to the public ? through 2008. More followed. The ultimate verdict on BioWatch is that state and local health officials have shown no confidence in it. Not once have they ordered evacuations or distributed emergency medicines in response to a positive reading. Federal officials have not established the cause of the false alarms, but scientists familiar with BioWatch say they appear to stem from its inability to distinguish between dangerous pathogens and closely related but nonlethal germs. BioWatch has yet to face an actual biological attack. Field tests and computer modeling, however, suggest it would have difficulty detecting one. In an attack by terrorists or a rogue state, disease organisms could well be widely dispersed, at concentrations too low to trigger BioWatch but high enough to infect thousands of people, according to scientists with knowledge of the test data who spoke on condition of anonymity. Even in a massive release, air currents would scatter the germs in unpredictable ways. Huge numbers of air samplers would have to be deployed to reliably detect an attack in a given area, the scientists said. Many who have worked with BioWatch ? from the Army general who oversaw its initial deployment to state and local health officials who have seen its repeated failures up close ? call it ill-conceived or unworkable. "I can't find anyone in my peer group who believes in BioWatch," said Dr. Ned Calonge, chief medical officer for the Colorado Department of Public Health and Environment from 2002 to 2010. "The only times it goes off, it's wrong. I just think it's a colossal waste of money. It's a stupid program." Officials at the Centers for Disease Control and Prevention, the federal agency that would be chiefly responsible for rushing medications to the site of an attack, told White House aides at a meeting Nov. 21 that they would not do so unless a BioWatch warning was confirmed by follow-up sampling and analysis, several attendees said in interviews. Those extra steps would undercut BioWatch's rationale: to enable swift treatment of those exposed. Federal officials also have shelved long-standing plans to expand the system to the nation's airports for fear that false alarms could trigger evacuations of terminals, grounding of flights and needless panic. Officials from the Department of Homeland Security, which oversees BioWatch, insist that the system's many alerts were not false alarms. Each time, BioWatch accurately detected some organism in the environment, even if it was not the result of an attack and posed no threat to the public, officials said. At the same time, department officials have assured Congress that newer technology will make BioWatch more reliable and cheaper to operate. The current samplers are vacuum-powered collection devices, about the size of an office printer, that pull air through filters that trap any airborne materials. In more than 30 cities each day, technicians collect the filters and deliver them to state or local health labs for genetic analysis. Lab personnel look for DNA matches with at least half a dozen targeted pathogens. The new, larger units would be automated labs in a box. Samples could be analyzed far more quickly and with no need for manual collection. Buying and operating the new technology, known as Generation 3, would cost about $3.1 billion over the next five years, on top of the roughly $1 billion that BioWatch already has cost taxpayers. The Obama administration is weighing whether to award a multiyear contract. Generation 3 "is imperative to saving thousands of lives," Dr. Alexander Garza, Homeland Security's chief medical officer, told a House subcommittee on March 29. But field and lab tests of automated units have raised doubts about their effectiveness. A prototype installed in the New York subway system in 2007 and 2008 produced multiple false readings, according to interviews with scientists. Field tests last year in Chicago found that a second prototype could not operate independently for more than a week at a time. Most worrisome, testing at the Pacific Northwest National Laboratory in Washington state and at the Army's Dugway Proving Ground in Utah found that Generation 3 units could detect a biological agent only if exposed to extremely high concentrations: hundreds of thousands of organisms per cubic meter of air over a six-hour period. Most of the pathogens targeted by BioWatch, scientists said, can cause sickness or death at much lower levels. A confidential Homeland Security analysis prepared in January said these "failures were so significant" that the department had proposed that Northrop Grumman Corp., the leading competitor for the Generation 3 contract, make "major engineering modifications." A spokesman for the department, Peter Boogaard, defended the performance of BioWatch. Responding to written questions, he said the department "takes all precautions necessary to minimize the occurrence of both false positive and false negative results." "Rigorous testing and evaluation" will guide the department's decisions about whether to buy the Generation 3 technology, he said. Representatives of Northrop Grumman said in interviews that some test results had prompted efforts to improve the automated units' sensitivity and overall performance. "We had an issue that affected the consistency of the performance of the system," said Dave Tilles, the company's project director. "We resolved it. We fixed it.... We feel like we're ready for the next phase of the program." In congressional testimony, officials responsible for BioWatch in both the Bush and Obama administrations have made only fleeting references to the system's documented failures. "BioWatch, as you know, has been an enormous success story," Jay M. Cohen, a Homeland Security undersecretary, told a House subcommittee in 2007. In June 2009, Homeland Security's then-chief medical officer, Dr. Jon Krohmer, told a House panel: "Without these detectors, the nation has no ability to detect biological attacks until individuals start to show clinical symptoms." Without BioWatch, "needless deaths" could result, he said. Garza, the current chief medical officer, was asked during his March 29 testimony whether Generation 3 was on track. "My professional opinion is, it's right where it needs to be," he said. After hearing such assurances, bipartisan majorities of Congress have unfailingly supported additional spending for BioWatch. Olympic prototype The problems inherent in what would become BioWatch appeared early. In February 2002, scientists and technicians from Lawrence Livermore National Laboratory deployed a prototype in and around Salt Lake City in preparation for the Winter Olympics. The scientists were aware that false alarms could "cause immense disruptions and panic" and were determined to prevent them, they later wrote in the lab's quarterly magazine. Sixteen air samplers were positioned at Olympic venues, as well as in downtown Salt Lake City and at the airport. About 5:30 p.m. on Feb. 12, a sample from the airport's C concourse tested positive for anthrax. Utah Gov. Mike Leavitt was at an Olympic figure skating competition when the state's public safety director, Bob Flowers, called with the news. "He told me that they had a positive lead on anthrax at the airport," Leavitt recalled. "I asked if they'd retested it. He said they had ? not just once, but four times. And each time it tested positive." The Olympics marked the first major international gathering since the Sept. 11, 2001, airliner hijackings and the deadly anthrax mailings that fall. "It didn't take a lot of imagination to say, 'This could be the real thing,'" Leavitt said. But sealing off the airport would disrupt the Olympics. And "the federal government would have stopped transportation all over the country," as it had after Sept. 11, Leavitt said. Leavitt ordered hazardous-materials crews to stand by at the airport, though without lights and sirens or conspicuous protective gear. "He was ready to close the airport and call the National Guard," recalled Richard Meyer, then a federal scientist assisting with the detection technology at the Olympics. After consulting Meyer and other officials, Leavitt decided to wait until a final round of testing was completed. By 9 p.m., when the results were negative, the governor decided not to order any further response. "It was a false positive," Leavitt said. "But it was a live-fire exercise, I'll tell you that." Pressing ahead The implication ? that BioWatch could deliver a highly disruptive false alarm ? went unheeded. After the Olympics, Meyer and others who had worked with the air samplers attended meetings at the Pentagon, where Deputy Defense Secretary Paul D. Wolfowitz was building a case for rapidly deploying the technology nationwide. On Jan. 28, 2003, Bush unveiled BioWatch in his State of the Union address, calling it "the nation's first early-warning network of sensors to detect biological attack." The next month, a group of science and technology advisors to the Defense Department, including Sidney Drell, the noted Stanford University physicist, expressed surprise that "no formal study has been undertaken" of the Salt Lake City incident. The cause of that false alarm has never been identified. "It is not realistic to undertake a nationwide, blanket deployment of biosensors," the advisory panel, named the JASON group, concluded. The warning was ignored in the rush to deploy BioWatch. Administration officials also disbanded a separate working group of prominent scientists with expertise in the pathogens. That group, established by the Pentagon, had been working to determine how often certain germs appear in nature, members of the panel said in interviews. The answer would be key to avoiding false alarms. The idea was to establish a baseline to distinguish between the natural presence of disease organisms and an attack. The failure to conduct that work has hobbled the system ever since, particularly in regard to tularemia, which has been involved in nearly all of BioWatch's false alarms. The bacterium that causes tularemia, or rabbit fever, got its formal name, Francisella tularensis, after being found in squirrels in the early 20th century in Central California's Tulare County. About 200 naturally occurring infections in humans are reported every year in the U.S. The disease can be deadly but is readily curable when treated promptly with antibiotics. Before BioWatch, scientists knew that the tularemia bacterium existed in soil and water. What the scientists who designed BioWatch did not know ? because the fieldwork wasn't done ? was that nature is rife with close cousins to it. The false alarms for tularemia appear to have been triggered by those nonlethal cousins, according to scientists with knowledge of the system. That BioWatch is sensitive enough to register repeated false alarms but not sensitive enough to reliably detect an attack may seem contradictory. But the two tasks involve different challenges. Any detection system is likely to encounter naturally occurring organisms like the tularemia bacterium and its cousins. Those encounters have the potential to trigger alerts unless the system can distinguish between benign organisms and harmful ones. Detecting an attack requires a system that is not only discriminating but also highly sensitive ? to guarantee that it won't miss traces of deadly germs that might have been dispersed over a large area. BioWatch is neither discriminating enough for the one task nor sensitive enough for the other. The system's inherent flaws and the missing scientific work did not slow its deployment. After Bush's speech, the White House assigned Army Maj. Gen. Stephen Reeves, whose office was responsible for developing defenses against chemical and biological attacks, to get BioWatch up and running. Over the previous year, Reeves had overseen placement of units similar to the BioWatch samplers throughout the Washington area, including the Pentagon, where several false alarms for anthrax and plague later occurred. Based on that work and computer modeling of the technology's capabilities, Reeves did not see how BioWatch could reliably detect attacks smaller than, for example, a mass-volume spraying from a crop duster. Nevertheless, the priority was to carry out Bush's directive, swiftly. "In the senior-level discussions, the issue of efficacy really wasn't on the table," recalled Reeves, who has since retired from the Army. "It was get it done, tell the president we did good, tell the nation that they're protected.? I thought at the time this was good PR, to calm the nation down. But an effective system? Not a chance." Why no illness? It wasn't long before there was a false alarm. Over a three-day period in October 2003, three BioWatch units detected the tularemia bacterium in Houston. Public health officials were puzzled: The region's hospitals were not reporting anyone sick with the disease. Dr. Mary desVignes-Kendrick, the city's health director, wanted to question hospital officials in detail to make sure early symptoms of tularemia were not being missed or masked by a flu outbreak. But to desVignes-Kendrick's dismay, Homeland Security officials told her not to tell the doctors and nurses what she was looking for. "We were hampered by how much we could share on this quote-unquote secret initiative," she said. After a week, it was clear that the BioWatch alarm was false. In early 2004, on the eve of the Super Bowl in Houston, BioWatch once again signaled tularemia, desVignes-Kendrick said. The sample was from a location two blocks from Reliant Stadium, where the game was to be played Feb. 1. DesVignes-Kendrick was skeptical but she and other officials again checked with hospitals before dismissing the warning as another false alarm. The football game was played without interruption. Nonetheless, three weeks later, Charles E. McQueary, then Homeland Security's undersecretary for science and technology, told a House subcommittee that BioWatch was performing flawlessly. "I am very pleased with the manner in which BioWatch has worked," he said. "We've had well over half a million samples that have been taken by those sensors. We have yet to have our first false alarm." Asked in an interview about that statement, McQueary said his denial of any false alarm was based on his belief that the tularemia bacterium had been detected in Houston, albeit not from an attack. "You can't tell the machine, 'I only want you to detect the one that comes from a terrorist,'" he said. Whether the Houston alarms involved actual tularemia has never been determined, but researchers later reported the presence of benign relatives of the pathogen in the metropolitan area. Fear in the capital In late September 2005, nearly two years after the first cluster of false alarms in Houston, analysis of filters from BioWatch units on and near the National Mall in Washington indicated the presence of tularemia. Tens of thousands of people had visited the Mall that weekend for a book festival and a protest against the Iraq War. Anyone who had been infected would need antibiotics promptly. For days, officials from the White House and Homeland Security and other federal agencies privately discussed whether to assume the signal was another false alarm and do nothing, or quarantine the Mall and urge those who had been there to get checked for tularemia. As they waited for further tests, federal officials decided not to alert local healthcare providers to be on the lookout for symptoms, for fear of creating a panic. Homeland Security officials now say findings from lab analysis of the filters did not meet BioWatch standards for declaring an alert. Six days after the first results, however, CDC scientists broke ranks and began alerting hospitals and clinics. That was little help to visitors who already had left town, however. "There were 100 people on one conference call ? scientists from all over, public health officials ? trying to sort out what it meant," recalled Dr. Gregg Pane, director of Washington's health department at the time. Discussing the incident soon thereafter, Jeffrey Stiefel, then chief BioWatch administrator for Homeland Security, said agency officials were keenly aware that false alarms could damage the system's credibility. "If I tell a city that they've got a biological event, and it's not a biological event, you no longer trust that system, and the system is useless," Stiefel said on videotape at a biodefense seminar at the National Institutes of Health on Oct. 6, 2005. "It has to have a high reliability." Ultimately, no one turned up sick with tularemia. Culture of silence Homeland Security officials have said little publicly about the false positives. And, citing national security and the classification of information, they have insisted that their local counterparts remain mum as well. Dr. Jonathan Fielding, Los Angeles County's public health director, whose department has presided over several BioWatch false positives, referred questions to Homeland Security officials. Dr. Takashi Wada, health officer for Pasadena from 2003 to 2010, was guarded in discussing the BioWatch false positive that occurred on his watch. Wada confirmed that the detection was made, in February 2007, but would not say where in the 23-square-mile city. "We've been told not to discuss it," he said in an interview. Dr. Karen Relucio, medical director for the San Mateo County Health Department, acknowledged there was a false positive there in 2008, but declined to elaborate. "I'm not sure it's OK for me to talk about that," said Relucio, who referred further questions to officials in Washington. In Arizona, officials kept quiet when BioWatch air samplers detected the anthrax pathogen at Super Bowl XLII in February 2008. Nothing had turned up when technicians checked the enclosed University of Phoenix Stadium before kickoff. But airborne material collected during the first half of the game tested positive for anthrax, said Lt. Col. Jack W. Beasley Jr., chief of the Arizona National Guard's weapons of mass destruction unit. The Guard rushed some of the genetic material to the state's central BioWatch lab in Phoenix for further testing. Federal and state officials convened a 2 a.m. conference call, only to be told that it was another false alarm. Although it never made the news, the incident "caused quite a stir," Beasley said. The director of the state lab, Victor Waddell, said he had been instructed by Homeland Security officials not to discuss the test results. "That's considered national security," he said. The dreaded call In the months before the 2008 Democratic National Convention, local, state and federal officials planned for a worst-case event in Denver, including a biological attack. Shortly before 9 a.m. on Aug. 28, the convention's final day, that frightening scenario seemed to have come true. That's when Chris Lindley, of the Colorado health department, got the phone call from a colleague, saying BioWatch had detected the tularemia pathogen at the convention site. Lindley, an epidemiologist who had led a team of Army preventive-medicine specialists in Iraq, had faced crises, but nothing like a bioterrorism attack. Within minutes, chief medical officer Ned Calonge arrived. Calonge had little faith in BioWatch. A couple of years earlier, the health department had been turned upside down responding to what turned out to be a false alarm for Brucella, a bacterium that primarily affects cattle, on Denver's western outskirts. "The idea behind BioWatch ? that you could put out these ambient air filters and they would provide you with the information to save people exposed to a biological attack ? it's a concept that you could only put together in theory," Calonge said in an interview. "It's a poorly conceived strategy for doing early detection that is inherently going to pick up false positives." Lindley and his team arranged a conference call with scores of officials, including representatives from Homeland Security, the Environmental Protection Agency, the Department of Health and Human Services, the Secret Service and the White House. None of the BioWatch samplers operated by the state had registered a positive, and no unusual cases of infection appeared to have been diagnosed at area hospitals, Lindley said. The alert had come from a Secret Service-installed sampler on the grounds of the arena where the convention was taking place. The unit was next to an area filled with satellite trucks broadcasting live news reports on the Democratic gathering. Soon, thousands of conventioneers would be walking from Pepsi Center to nearby Invesco Field to hear Obama's acceptance speech. Had Lindley and Calonge been asked, they said in interviews, they wouldn't have put the BioWatch unit at this spot, where foot and vehicle traffic could stir up dust and contaminants that might set off a false alarm. As it turned out, a shade tree 12 yards from the sampler had attracted squirrels, potential carriers of tularemia. The location near the media trailers posed another problem: how to conduct additional tests without setting off a panic. EPA officials "said on the phone, 'We have a team standing by, ready to go,'" Lindley recalled. But the technicians would have to wear elaborate protective gear. The sight of emergency responders in moon suits "would have derailed the convention," Calonge said. On the other hand, sending personnel in street clothes would risk exposing them to the pathogen. "This was the biggest decision we ever had to make," Lindley said. When the conference call resumed, Lindley said the state would collect its own samples, without using conspicuous safety gear. "No one was willing to say, 'That's the right response, Colorado,'" Lindley recalled. "Everybody was frozen. We were on our own." State workers discreetly gathered samples of soil, water and other items for immediate DNA analysis. No pathogen was found. At 3 p.m., Lindley told participants in another national conference call that his agency was satisfied there was no threat. "I said: 'We are doing no more sampling. We are closing up this issue,'" Lindley recalled. Lindley and Calonge, having staked their reputations on not believing BioWatch, were vindicated: Barack Obama gave his acceptance speech on schedule. No one turned up sick with tularemia. And, to their surprise, news of the false alarm never became public. 'An opportunity' Officials responsible for BioWatch insist that the false alarms, which they refer to as "BioWatch actionable results," or BARs, have been beneficial. Each incident "has provided local, state and federal government personnel an opportunity to exercise its preparedness plans and coordination activities," three senior Homeland Security BioWatch administrators told a House subcommittee in a statement in July 2008. "These real-world events have been a catalyst for collaboration." Biologist David M. Engelthaler, who led responses to several BioWatch false positives while serving as Arizona's bioterrorism coordinator, is one of the many public health officials who see it differently. "A Homeland Security or national security pipe dream," he said, "became our nightmare." david.willman at latimes.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 8 16:58:41 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jul 2012 17:58:41 -0400 Subject: [Infowarrior] - Jailed for $280: The Return of Debtors' Prisons Message-ID: Jailed for $280: The Return of Debtors' Prisons By Alain Sherter | CBS MoneyWatch ? Mon, Apr 23, 2012 1:40 PM EDT http://finance.yahoo.com/news/jailed-for--280--the-return-of-debtors--prisons.html How did breast cancer survivor Lisa Lindsay end up behind bars? She didn't pay a medical bill -- one the Herrin, Ill., teaching assistant was told she didn't owe. "She got a $280 medical bill in error and was told she didn't have to pay it," The Associated Press reports. "But the bill was turned over to a collection agency, and eventually state troopers showed up at her home and took her to jail in handcuffs." Although the U.S. abolished debtors' prisons in the 1830s, more than a third of U.S. states allow the police to haul people in who don't pay all manner of debts, from bills for health care services to credit card and auto loans. In parts of Illinois, debt collectors commonly use publicly funded courts, sheriff's deputies, and country jails to pressure people who owe even small amounts to pay up, according to the AP. Under the law, debtors aren't arrested for nonpayment, but rather for failing to respond to court hearings, pay legal fines, or otherwise showing "contempt of court" in connection with a creditor lawsuit. That loophole has lawmakers in the Illinois House of Representatives concerned enough to pass a bill in March that would make it illegal to send residents of the state to jail if they can't pay a debt. The measure awaits action in the senate. "Creditors have been manipulating the court system to extract money from the unemployed, veterans, even seniors who rely solely on their benefits to get by each month," Illinois Attorney General Lisa Madigan said last month in a statement voicing support for the legislation. "Too many people have been thrown in jail simply because they're too poor to pay their debts. We cannot allow these illegal abuses to continue." Debt collectors typically avoid filing suit against debtors, a representative with the Illinois Collectors Association tells the AP. "A consumer that has been arrested or jailed can't pay a debt. We want to work with consumers to resolve issues," he said. Yet Illinois isn't the only state where residents get locked up for owing money. A 2010 report by the American Civil Liberties Union that focused on only five states -- Georgia, Louisiana, Michigan, Ohio, and Washington -- found that people were being jailed at "increasingly alarming rates" over legal debts. Cases ranged from a woman who was arrested four separate times for failing to pay $251 in fines and court costs related to a fourth-degree misdemeanor conviction, to a mentally ill juvenile jailed by a judge over a previous conviction for stealing school supplies. According to the ACLU: "The sad truth is that debtors' prisons are flourishing today, more than two decades after the Supreme Court prohibited imprisoning those who are too poor to pay their legal debts. In this era of shrinking budgets, state and local governments have turned aggressively to using the threat and reality of imprisonment to squeeze revenue out of the poorest defendants who appear in their courts." Some states also apply "poverty penalties," including late fees, payment plan fees, and interest when people are unable to pay all their debts at once, according to a report by the New York University's Brennan Center for Justice. Alabama charges a 30 percent collection fee, for instance, while Florida allows private debt collectors to add a 40 percent surcharge on the original debt. Some Florida counties also use so-called collection courts, where debtors can be jailed but have no right to a public defender. "Many states are imposing new and often onerous 'user fees' on individuals with criminal convictions," the authors of the Brennan Center report wrote. "Yet far from being easy money, these fees impose severe -- and often hidden -- costs on communities, taxpayers, and indigent people convicted of crimes. They create new paths to prison for those unable to pay their debts and make it harder to find employment and housing as well to meet child-support obligations." Such practices, heightened in recent years by the effects of the recession, amount to criminalizing poverty, say critics in urging federal authorities to intervene. "More people are unemployed, more people are struggling financially, and more creditors are trying to get their debt paid," Madigan told the AP. From rforno at infowarrior.org Sun Jul 8 17:39:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jul 2012 18:39:20 -0400 Subject: [Infowarrior] - Ernest Borgnine, Oscar-Winning Actor, Dies at 95 Message-ID: <55C031F3-74BF-4C82-AB52-D8F78AE8AF32@infowarrior.org> I had the opportunity to meet him years ago -- he twas a nice and genuine person who made you feel instantly comfortable talking with him. -- rick July 8, 2012 Ernest Borgnine, Oscar-Winning Actor, Dies at 95 By ANITA GATES http://www.nytimes.com/2012/07/09/movies/ernest-borgnine-tough-but-tender-actor-is-dead-at-95.html Ernest Borgnine, the rough-hewn actor who seemed destined for tough-guy characters but won an Academy Award for embodying the gentlest of souls, a lonely Bronx butcher, in the 1955 film ?Marty,? died Sunday in Los Angeles. He was 95. His death, at Cedars-Sinai Medical Center, was announced by Harry Flynn, his longtime spokesman. Mr. Borgnine made his first memorable impression in films at the age of 37, appearing in ?From Here to Eternity? (1953) as Fatso Judson, the sadistic stockade sergeant who beats Frank Sinatra?s character, Private Maggio, to death. But Paddy Chayefsky, who wrote ?Marty? as a television play, and Delbert Mann, who directed it (Rod Steiger was the star of that version), saw something beyond brutality in Mr. Borgnine and offered him the title role when it was made into a feature film. The 1950s had emerged as the decade of the common man, with Willy Loman of ?Death of a Salesman? on Broadway and the likes of the bus driver Ralph Kramden (?The Honeymooners?) and the factory worker Chester Riley (?The Life of Riley?) on television. Mr. Borgnine?s Marty Pilletti, a 34-year-old blue-collar bachelor who still lives with his mother, fit right in, showing the tender side of the average, unglamorous guy next door. Marty?s awakening, as he unexpectedly falls in love, was described by Bosley Crowther in The New York Times as ?a beautiful blend of the crude and the strangely gentle and sensitive in a monosyllabic man.? Mr. Borgnine received the Oscar for best actor for ?Marty.? For the same performance he also received a Golden Globe and awards from the New York Film Critics Circle, the National Board of Review and the British Academy of Film and Television Arts. Mr. Borgnine won even wider fame as the star of the ABC sitcom ?McHale?s Navy? (1962-66), originating the role of an irreverent con man of a PT boat skipper. (The cast also included a young Tim Conway.) He wrote in his autobiography, ?Ernie? (Citadel Press, 2008), that he had turned down the role because he refused to do a television series but changed his mind when a boy came to his door selling candy and said, although he knew who James Arness of ?Gunsmoke? and Richard Boone of ?Have Gun, Will Travel? were, he had never heard of Ernest Borgnine. Over a career that lasted more than six decades the burly, big-voiced Mr. Borgnine was never able to escape typecasting completely, at least in films. Although he did another Chayefsky screenplay, starring with Bette Davis as a working-class father of the bride in ?The Catered Affair? (1956), and even appeared in a musical, ?The Best Things in Life Are Free? (1956), playing a Broadway showman, the vast majority of the characters he played were villains. Military roles continued to beckon. One of his best known was as Lee Marvin?s commanding officer in ?The Dirty Dozen? (1967), about hardened prisoners on a World War II commando mission. He also starred in three television-movie sequels. But he worked in virtually every genre. Filmmakers cast him as a gangster, even in satirical movies like ?Spike of Bensonhurst? (1988). He was in westerns like ?Bad Day at Black Rock? (1955) and Sam Peckinpah?s blood-soaked classic ?The Wild Bunch? (1969). He played gruff police officers, like his character in the disaster blockbuster ?The Poseidon Adventure? (1972), and bosses from hell, as in the horror movie ?Willard? (1971). Twice he played a manager of gladiators, in ?Demetrius and the Gladiators? (1954) and in the 1984 mini-series ?The Last Days of Pompeii.? Mr. Borgnine?s menacing features seemed to disappear when he flashed his trademark gaptoothed smile, and later in life he began to find good-guy roles, like the helpful taxi driver in ?Escape From New York? (1981) and the title role in ?A Grandpa for Christmas,? a 2007 television movie. ?McHale?s Navy? and the 1964 film inspired by it were his most notable forays into comedy, but in 1999 he began doing the voice of a recurring character, the elderly ex-superhero Mermaid Man, in the animated series ?SpongeBob SquarePants.? Unlike many of his fellow actors who began on the stage, Mr. Borgnine professed to have no burning desire to return there. ?Once you create a character for the stage, you become like a machine,? he told The Washington Post in 1969. In films, he said, ?you?re always creating something new.? Ermes Effron Borgnino was born on Jan. 24, 1917, in Hamden, Conn., near New Haven. His father was a railroad brakeman. His mother was said to be the daughter of a count, Paolo Boselli, an adviser to King Victor Emmanuel of Italy. The boy spent several years of his childhood in Italy, where his mother returned during a long separation from her husband. But they returned to Connecticut, and he graduated from high school there. He joined the Navy at 18 and served for 10 years. During World War II he was a gunner?s mate. After the war he considered factory jobs, but his mother suggested that he try acting. Her reasoning, he reported, was, ?You?ve always liked making a damned fool of yourself.? He studied at the Randall School of Drama in Hartford, then moved to Virginia, where he became a member of the Barter Theater in Abingdon and worked his way up from painting scenery to playing the Gentleman Caller in ?The Glass Menagerie.? In the late 1940s he headed for New York, where by 1952 he was appearing on Broadway as a bodyguard in the comic fantasy ?Mrs. McThing,? starring Helen Hayes. He had already made his movie debut playing a Chinese shopkeeper in the 1951 adventure ?China Corsair.? Mr. Borgnine never retired from acting. In the 1980s he starred in another television series, the adventure drama ?Airwolf,? playing a helicopter pilot. He took a supporting role as a bubbly doorman in the 1990s sitcom ?The Single Guy.? His other films included ?The Vikings? (1958); ?Ice Station Zebra? (1968); ?Hoover? (2000), in which he played J. Edgar Hoover; and ?Gattaca? (1997). His last film appearance was in ?The Man Who Shook the Hand of Vicente Fernandez,? scheduled to be released this year, in which he played an elderly man who becomes a celebrity to Latino employees at the nursing home where he lives. On television, he was in the series finale of ?ER? in 2009; appeared in a cable film, ?Love?s Christmas Journey,? in 2011; and continued to do the voice of the washed-up superhero Mermaidman on ?SpongeBob SquarePants? until last year. Mr. Borgnine, who lived in Los Angeles, had five wives. In 1949 he married Rhoda Kemins, whom he had met when they were both in the Navy. They had a daughter but divorced in 1958. On New Year?s Eve 1959 he and the Mexican-born actress Katy Jurado were married; they divorced in 1962. His third marriage was his most notorious because of its brevity. He and the Broadway musical star Ethel Merman married in late June 1964 but split up in early August. Mr. Borgnine later contended that Ms. Merman left because she was upset that on an international honeymoon trip he was recognized and she wasn?t. In 1965 he married Donna Rancourt; they had two children before divorcing in 1972. In 1973 he married for the fifth and last time, to Tova Traesnaes, who under the name Tova Borgnine became a cosmetics entrepreneur. She survives him, as do his children, Christofer, Nancee and Sharon Borgnine; a stepson, David Johnson; six grandchildren; and his sister, Evelyn Verlardi. Asked about his acting methods in 1973, Mr. Borgnine told The New York Times: ?No Stanislavsky. I don?t chart out the life histories of the people I play. If I did, I?d be in trouble. I work with my heart and my head, and naturally emotions follow.? Sometimes he prayed, he said, or just reflected on character-appropriate thoughts. ?If none of that works,? he added, ?I think to myself of the money I?m making.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 9 09:09:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jul 2012 10:09:12 -0400 Subject: [Infowarrior] - More Demands on Cell Carriers in Surveillance Message-ID: July 8, 2012 More Demands on Cell Carriers in Surveillance By ERIC LICHTBLAU http://www.nytimes.com/2012/07/09/us/cell-carriers-see-uptick-in-requests-to-aid-surveillance.html WASHINGTON ? In the first public accounting of its kind, cellphone carriers reported that they responded to a startling 1.3 million demands for subscriber information last year from law enforcement agencies seeking text messages, caller locations and other information in the course of investigations. The cellphone carriers? reports, which come in response to a Congressional inquiry, document an explosion in cellphone surveillance in the last five years, with the companies turning over records thousands of times a day in response to police emergencies, court orders, law enforcement subpoenas and other requests. The reports also reveal a sometimes uneasy partnership with law enforcement agencies, with the carriers frequently rejecting demands that they considered legally questionable or unjustified. At least one carrier even referred some inappropriate requests to the F.B.I. The information represents the first time data have been collected nationally on the frequency of cell surveillance by law enforcement. The volume of the requests reported by the carriers ? which most likely involve several million subscribers ? surprised even some officials who have closely followed the growth of cell surveillance. ?I never expected it to be this massive,? said Representative Edward J. Markey, a Massachusetts Democrat who requested the reports from nine carriers, including AT&T, Sprint, T-Mobile and Verizon, in response to an article in April in The New York Times on law enforcement?s expanded use of cell tracking. Mr. Markey, who is the co-chairman of the Bipartisan Congressional Privacy Caucus, made the carriers? responses available to The Times. While the cell companies did not break down the types of law enforcement agencies collecting the data, they made clear that the widened cell surveillance cut across all levels of government ? from run-of-the-mill street crimes handled by local police departments to financial crimes and intelligence investigations at the state and federal levels. AT&T alone now responds to an average of more than 700 requests a day, with about 230 of them regarded as emergencies that do not require the normal court orders and subpoena. That is roughly triple the number it fielded in 2007, the company said. Law enforcement requests of all kinds have been rising among the other carriers as well, with annual increases of between 12 percent and 16 percent in the last five years. Sprint, which did not break down its figures in as much detail as other carriers, led all companies last year in reporting what amounted to at least 1,500 data requests on average a day. With the rapid expansion of cell surveillance have come rising concerns ? including among carriers ? about what legal safeguards are in place to balance law enforcement agencies? needs for quick data against the privacy rights of consumers. Legal conflicts between those competing needs have flared before, but usually on national security matters. In 2006, phone companies that cooperated in the Bush administration?s secret program of eavesdropping on suspicious international communications without court warrants were sued, and ultimately were given immunity by Congress with the backing of the courts. The next year, the F.B.I. was widely criticized for improperly using emergency letters to the phone companies to gather records on thousands of phone numbers in counterterrorism investigations that did not involve emergencies. Under federal law, the carriers said they generally required a search warrant, a court order or a formal subpoena to release information about a subscriber. But in cases that law enforcement officials deem an emergency, a less formal request is often enough. Moreover, rapid technological changes in cellphones have blurred the lines on what is legally required to get data ? particularly the use of GPS systems to identify the location of phones. As cell surveillance becomes a seemingly routine part of police work, Mr. Markey said in an interview that he worried that ?digital dragnets? threatened to compromise the privacy of many customers. ?There?s a real danger we?ve already crossed the line,? he said. With the rising prevalence of cellphones, officials at all levels of law enforcement say cell tracking represents a powerful tool to find suspects, follow leads, identify associates and cull information on a wide range of crimes. ?At every crime scene, there?s some type of mobile device,? said Peter Modafferi, chief of detectives for the Rockland County district attorney?s office in New York, who also works on investigative policies and operations with the International Association of Chiefs of Police. The need for the police to exploit that technology ?has grown tremendously, and it?s absolutely vital,? he said in an interview. The surging use of cell surveillance was also reflected in the bills the wireless carriers reported sending to law enforcement agencies to cover their costs in some of the tracking operations. AT&T, for one, said it collected $8.3 million last year compared with $2.8 million in 2007, and other carriers reported similar increases in billings. Federal law allows the companies to be reimbursed for ?reasonable? costs for providing a number of surveillance operations. Still, several companies maintained that they lost money on the operations, and Cricket, a small wireless carrier that received 42,500 law enforcement requests last year, or an average of 116 a day, complained that it ?is frequently not paid on the invoices it submits.? Because of incomplete record-keeping, the total number of law enforcement requests last year was almost certainly much higher than the 1.3 million the carriers reported to Mr. Markey. Also, the total number of people whose customer information was turned over could be several times higher than the number of requests because a single request often involves multiple callers. For instance, when a police agency asks for a cell tower ?dump? for data on subscribers who were near a tower during a certain period of time, it may get back hundreds or even thousands of names. As cell surveillance increased, warrants for wiretapping by federal and local officials ? eavesdropping on conversations ? declined 14 percent last year to 2,732, according to a recent report from the Administrative Office of the United States Courts. The diverging numbers suggest that law enforcement officials are shifting away from wiretaps in favor of other forms of cell tracking that are generally less legally burdensome, less time consuming and less costly. (Most carriers reported charging agencies between $50 and $75 an hour for cellphone tower ?dumps.?) To handle the demands, most cell carriers reported employing large teams of in-house lawyers, data technicians, phone ?cloning specialists? and others around the clock to take requests from law enforcement agencies, review the legality and provide the data. With the demands so voluminous and systematic, some carriers have resorted to outsourcing the job. Cricket said it turned over its compliance duties to a third party in April. The outside provider, Neustar, said it handled law enforcement compliance for about 400 phone and Internet companies. But a number of carriers reported that as they sought to balance legitimate law enforcement needs against their customers? privacy rights, they denied some data demands because they were judged to be overreaching or unauthorized under federal surveillance laws. Sometimes, the carriers said, they determined that a true emergency did not exist. At other times, police agencies neglected to get the required court orders for surveillance measures, left subpoenas unsigned or failed to submit formal requests. C Spire Wireless, a small carrier, estimated that of about 12,500 law enforcement demands it received in the last five years, it rejected 15 percent of them in whole or in part. (Most carriers did not provide figures on rejections.) At TracFone, another small carrier providing prepaid service, an executive told Mr. Markey that the company ?shares your concerns regarding the unauthorized tracking of wireless phones by law enforcement with little or no judicial oversight, and I assure you that TracFone does not participate in or condone such unauthorized tracking.? T-Mobile, meanwhile, said it had sent two law enforcement demands to the F.B.I. because it considered them ?inappropriate.? The company declined to provide further details. Requests from law enforcement officials to identify the location of a particular cellphone using GPS technology have caused particular confusion, carriers said. A Supreme Court ruling in January further muddled the issue when it found that the authorities should have obtained a search warrant before tracking a suspect?s movements by attaching a GPS unit to his car. Law enforcement officials say the GPS technology built into many phones has proved particularly critical in responding to kidnappings, attempted suicides, shootings, cases of missing people and other emergencies. But Sprint and other carriers called on Congress to set clearer legal standards for turning over location data, particularly to resolve contradictions in the law. While the carriers said they always required proper legal orders before turning over nonemergency information, their assurances were somewhat at odds with anecdotal evidence recently gathered by the American Civil Liberties Union from more than 200 law enforcement agencies nationwide. The reports provided to the A.C.L.U. showed that many local and state police agencies claimed broad discretion to obtain cell records without court orders, and that some departments specifically warned officers about the past misuse of cellphone surveillance in nonemergency situations. Chris Calabrese, a lawyer for the A.C.L.U., said he was concerned not only about officials gathering phone data on people with no real connection to crimes but also about the agencies then keeping those records indefinitely in internal databases. ?The standards really are all over the place,? Mr. Calabrese said. ?Nobody is saying don?t use these tools. What we?re saying is do it with consistent standards and in a way that recognizes that these are tools that really can impact people?s privacy.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 9 10:18:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jul 2012 11:18:00 -0400 Subject: [Infowarrior] - Good Read: Infosec-v-Investing Message-ID: (This is well worth a few minutes of time. Gunnar makes some excellent points and echo similar things I and others have said in recent years both publicly and privately. Definitely some good food for thought! --rick) I am a better Security Pr?o because I am an Investor & I am a better Investor Because I am a Security Pro. - Why investing is important, and why Security Pros are uniquely suited to it Society of Information Risk Analysts Conference By Gunnar Peterson May 7, 2012 Thanks to Jay Jacobs for allowing me to speak on this topic. I am going to take you a little off track but I hope the journey will be worthwhile from personal and professional development standpoint, we will return in due time to infosec topics. Effective information security and investing require similar skills - risk management is the obvious one but it goes way deeper than that. First, good investors foster a defensive mindset - they know they are playing a losers game and act accordingly. Next, investors deal with data ( but only to a point) - investors have great historical data and next to nothing about the future risks - sound familiar? Last, "Hacking the system" mentality pays off - good investors find obscure features nobody cares to see and figure out how to exploit it. What I really want to talk about is the shared mindset of successful investors and what infosec can learn from it. I would like to offer my thoughts on this and leave plenty of time for Q&A and open discussion. Learning about and practicing investing offers security pros concrete benefits - on a personal level protecting money (always welcome), but really we're used to thinking in terms of retirement pensions and this is no longer the case. Most everyone will need to manage their own retirement, start now; finally there is a professional benefit in the sense that once you understand the capital dynamics of certain business decisions that formerly made zero sense become crystal clear with an capital allocation hat on. < - BIG SNIP - > http://1raindrop.typepad.com/1_raindrop/2012/05/i-am-a-better-security-pro-because-i-am-an-investor-i-am-a-better-investor-because-i-am-a-security-p.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 9 15:38:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jul 2012 16:38:54 -0400 Subject: [Infowarrior] - Lamer Smith is at it again #SOPA Message-ID: Lamar Smith Looking To Sneak Through SOPA In Bits & Pieces, Starting With Expanding Hollywood's Global Police Force from the learned-anything? dept http://www.techdirt.com/articles/20120709/12574819634/lamar-smith-looking-to-sneak-through-sopa-bits-pieces-starting-with-expanding-hollywoods-global-police-force.shtml While it didn't get nearly as much attention as other parts of SOPA, one section in the bill that greatly concerned us was the massive expansion of the diplomatic corp.'s "IP attaches." If you're unfamiliar with the program, basically IP attaches are "diplomats" (and I use the term loosely) who go around the globe pushing a copyright maximalist position on pretty much every other country. Their role is not to support more effective or more reasonable IP policy. It is solely to increase expansion, and basically act as Hollywood's personal thugs pressuring other countries to do the will of the major studios and labels. The role is literally defined as pushing for "aggressive support for enforcement action" throughout the world. A few years ago, we detailed how, at a meeting of these attaches, they bitched and complained about how copyright "activists" were making their lives difficult and were a "threat" who needed to be dealt with. In other words, these people are not neutral. They do not have the best interests of the public or the country in mind. Their job is solely to push the copyright maximalist views of the legacy entertainment industry around the globe, and position it as the will of the US government. It was good that this was defeated as a part of SOPA... but now comes the news that Lamar Smith is introducing a new bill that not only brings back this part, but appears to expand it and make it an even bigger deal. Politico has a short blurb: <-> SMITH, OTHERS UNVEIL IP BILL -- House Judiciary Committee chief Lamar Smith and other members are unveiling today their new Intellectual Property Attache Act, which realigns the Commerce Department a bit. The measure as proposed would move the current attache program housed with the USPTO to the full agency, complete with an assistant secretary of Commerce for Intellectual Property. The proposal is slated for full committee markup on Tuesday. Named as supporters on the measure are a number of panel Dems and Republicans: Reps. Bob Goodlatte, Mel Watt, Darrell Issa, Howard Berman, Howard Coble, Steve Chabot, Jason Chaffetz and Adam Schiff <-> You can see the current draft of the bill (pdf and embedded below), but it has not yet been officially introduced. However, the House Judiciary Committee is scheduled to mark it up in the morning, suggesting that it's on the fast track, with almost no public scrutiny. In fact, I've heard from people worried about this bill that they were only told of its existence on Saturday. The specifics of the bill appear to go further than the version in SOPA. It is clear that the bill itself is framed from the maximalist perspective. There is nothing about the rights of the public, or of other countries to design their own IP regimes. It notes that the role of the attaches is: <-> to advance the intellectual property rights of United States persons and their licensees; <-> The bill also "elevates" the IP attaches out of the US Patent and Trademark Office, and sets them up as their own agency, including a new role: the Assistant Secretary of Commerce for Intellectual Property. Yes, we'll get another IP Czar, this time focused in the Commerce Department. When even the USTR is recognizing the importance of limitations and exceptions to copyright, to have Congress push a bill that basically ignores limitations and exceptions and only looks to expand Hollywood's special thugs within the diplomatic corp. seems like a huge problem. But the even bigger issue is a simple one of process. Shouldn't Lamar Smith have learned by now that you don't try to sneak through SOPA or any of its components without first getting widespread public opinion on these things? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 07:36:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 08:36:37 -0400 Subject: [Infowarrior] - OT: Another big brokerage failure Message-ID: <7913AF13-D4A0-4824-BEBC-49B96C175F83@infowarrior.org> UPDATE 2-US broker PFGBest freezes funds after founder's suicide attempt Mon Jul 9, 2012 7:01pm EDT By Tom Polansek and David Sheppard http://www.reuters.com/article/2012/07/09/broker-pfgbest-idUSL2E8I9E5620120709 (Reuters) - Independent U.S. futures broker PFGBest said it had effectively frozen customer accounts on Monday after a suicide attempt by the company's founder set off an investigation into possible "accounting irregularities." In a dramatic turn that may trigger a new round of anxiety over the stability of the brokerage industry less than a year after the collapse of much larger MF Global, the Cedar Falls, Iowa-based firm told customers that they would be limited to liquidating open positions until further notice. The disclosure came hours after owner Russell R. Wasendorf Sr, a 40-year veteran of commodity markets, was found in his car near the company's new headquarters, having apparently attempted to commit suicide. He is in critical condition at the University of Iowa Hospitals, according to local news reports. PFGBest, which brokered trades in U.S. commodity and foreign exchange futures and options, told clients that the National Futures Association (NFA) and other officials had put its funds on hold, and that it was in "liquidation-only" status with its futures commission merchant (FCM), which clears its trades. "What this means is no customers are able to trade except to liquidate positions. Until further notice, PFGBEST is not authorized to release any funds," the note said. PFGBest officials were not immediately available to comment. Messages and emails to NFA were not returned. With about $400 million in segregated customer accounts, less than a tenth the amount MF Global had when it filed for bankruptcy, the fallout will likely be less severe. But news of more financial troubles in the brokerage sector still threatens to further erode confidence. There was no indication that segregated funds had been breached, as is suspected with MF Global. "WE'RE DOOMED" One broker at the firm said that Wasendorf's son, Russ Wasendorf Jr, briefed employees about the events earlier in the day, saying that a suicide note had been found alluding to some kind of financial troubles with the company. The younger Wasendorf "sounded like he was in another world." "Everybody here is obviously in shock," said the broker, adding that some employees had begun packing up shortly after the announcements. "Pretty much everybody around here said we're doomed." One former employee of the firm said he had grown concerned that Wasendorf didn't do more to distance the company from a massive $194 million forex-trading Ponzi scheme run by Trevor Cook in Minnesota, who admitted defrauding more than 700 investors. Cook is serving 25 years in prison. In February PFGBest, which had acted as Cook's broker, was fined $700,000 by the NFA for failing to notice the scheme. The company was subsequently sued for $48 million by the receiver rounding up the assets from Cook's scheme. FROM BASEMENT TO COMPOUND PFGBest is far smaller than the big investment banks that dominate the brokerage business, but was among a dozen or so well-known independent firms that tended to cater to local traders, farmers or smaller market players. Russell R. Wasendorf Sr started as a commodities trader in the basement of his Cedar Falls home in 1972, offering seminars and educational programs to other traders. In 1990 he launched Peregrine Financial Group, which would become PFGBest, and was an early promoter of electronic trading systems. He expanded the business in the late 1980s after making a windfall profit for himself and customers by advising them to short the financial futures market 10 days before the "Black Monday" stock market crash of 1987, the firm's website says. The firm grew significantly over the past decade, opening offices in Canada and Shanghai, and buying smaller rival Alaron in 2009. It also moved its headquarters from Chicago back to Wasendorf's hometown of Cedar Falls. "It's obviously a lot cheaper to hire someone in Iowa than it is in Chicago," said the former employee. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 07:40:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 08:40:13 -0400 Subject: [Infowarrior] - ACTA Lives: How the EU & Canada Are Using CETA as Backdoor Mechanism To Revive ACTA Message-ID: <1AD2B293-D6D2-48C8-8E44-D247E14BC82D@infowarrior.org> (Note there is a really handy chart at the website that shows the two bills' provisions side-by-side. --rick) ACTA Lives: How the EU & Canada Are Using CETA as Backdoor Mechanism To Revive ACTA Monday July 09, 2012 http://www.michaelgeist.ca/content/view/6580/135/ Last week, the European Parliament voted overwhelmingly to reject ACTA, striking a major blow to the hopes of supporters who envisioned a landmark agreement that would set a new standard for intellectual property rights enforcement. The European Commission, which negotiates trade deals such as ACTA on behalf of the European Union, has vowed to revive the badly damaged agreement. Its most high-profile move has been to ask the European Court of Justice to rule on ACTA's compatibility with fundamental European freedoms with the hope that a favourable ruling could allow the European Parliament to reconsider the issue. While the court referral has attracted the lion share of attention, my weekly technology law column (Toronto Star version, homepage version) reports that there is an alternate secret strategy in which Canada plays a key role. According to recently leaked documents, the EU plans to use the Canada - EU Trade Agreement (CETA), which is nearing its final stages of negotiation, as a backdoor mechanism to implement the ACTA provisions. The CETA IP chapter has already attracted attention due to EU pharmaceutical patent demands that could add billions to provincial health care costs, but the bigger story may be that the same chapter features a near word-for-word replica of ACTA. According to the leaked document, dated February 2012, Canada and the EU have already agreed to incorporate many of the ACTA enforcement provisions into CETA, including the rules on general obligations on enforcement, preserving evidence, damages, injunctions, and border measure rules. One of these provisions even specifically references ACTA. A comparison table of ACTA and the leaked CETA chapter is posted below. The EU has also proposed incorporating ACTA's criminal enforcement and co-operation chapters into CETA. The criminal provisions were the target of European Parliament criticism for their lack of proportionality and uncertain application. Canada has similarly pushed for the inclusion of ACTA provisions, proposing identical digital lock rules as well as ACTA-style Internet service provider provisions that raised privacy concerns from the European Data Protection Supervisor. In fact, Canada would like to extend ACTA by mandating an anti-camcording provision (a similar provision is currently voluntary in ACTA). The European Commission strategy appears to be to use CETA as the new ACTA, burying its provisions in a broader Canadian trade agreement with the hope that the European Parliament accepts the same provisions it just rejected with the ACTA framework. If successful, it would likely then argue that ACTA poses no new concerns since the same rules were approved within the Canadian trade deal. The backdoor ACTA approach creates enormous risks for Canada's trade ambitions. Given the huge anti-ACTA movement, the Canada - EU trade deal could face widespread European opposition with CETA becoming swept up in similar protests. With anti-ACTA sentiment spreading across Europe, Canada should push to remove the intellectual property chapter from CETA altogether. The move would not be unprecedented. Many of Canada's free trade agreements feature only limited IP provisions and last year a Canadian parliamentary committee recommended that "domestic copyright policies are not part of any present or future trade negotiations." Meanwhile, the U.S. and EU recently announced their own plans to negotiate a trade deal but agreed to keep intellectual property issues out of the talks. If CETA becomes known as ACTA II, the future of the Canada - EU trade deal may hinge on adopting a similar approach. < - > http://www.michaelgeist.ca/content/view/6580/135/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 07:41:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 08:41:39 -0400 Subject: [Infowarrior] - The Oatmeal mails pics of cash, Kodiak bear seduction to lawyer Message-ID: <4B6968A2-ADDD-46D3-BA27-D102119A51BB@infowarrior.org> The Oatmeal mails pics of cash, Kodiak bear seduction to lawyer This year's most absurd online face-off may?finally?have ended. by Nate Anderson - July 10 2012, 5:05am EDT http://arstechnica.com/tech-policy/2012/07/the-oatmeal-mails-pics-of-cash-kodiak-bear-seduction-to-lawyer/ The FunnyJunk/Oatmeal/Carreon circus?which raised issues of online defamation, copyright compliance, "cyber-vandalism," and the ethics of online fundraising, and which drew in groups as disparate as the American Cancer Society, the Electronic Frontier Foundation, and Public Citizen?finally looks set to pack up the big top and ride the rails out of town. Matt Inman, the online cartoonist behind The Oatmeal, has now done what he set out to do: take a photo of all the cash he raised for charity and mail it to Tucson lawyer Charles Carreon. Along with the photo of the money goes a picture of FunnyJunk's mother seducing a Kodiak bear, as promised. Inman posted the photos last night, about two weeks after Carreon filed a lawsuit over the entire fundraising campaign. Because of the suit, Inman actually withdrew and photographed his own money, with the fundraiser cash sent directly to the target charities. With the mailing of the photos, the entire farcical proceeding should, if this world has any justice, come at last to an end. But there are no guarantees. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 07:43:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 08:43:01 -0400 Subject: [Infowarrior] - Twitter follows Facebook down the walled garden path Message-ID: <2F508E30-09A4-43FA-A038-C2FC238B14C8@infowarrior.org> Twitter follows Facebook down the walled garden path By Ben Popper on July 9, 2012 10:42 am 159Comments Twitter set off alarm bells across the web in recent weeks when it ended its partnership with LinkedIn and reiterated its warning that it would be cracking down on the terms of its API. The company didn't offer any explanation for why it removed tweets from LinkedIn, but speaking with sources familiar with the company's plans, The Verge has learned that major changes are coming in the next few months which will move Twitter from an open platform popular among independent developers towards a walled garden more akin to Facebook. The moves were not unexpected, as Twitter had announced in March of 2011 that it would not allow services which "mimic or reproduce the mainstream Twitter consumer client experience." Still, it had largely done nothing to the numerous clients ? like Tweetbot, Tweetie and Twittelator ? which replicate its basic experience. Developers had been hoping for the best and waiting for the other shoe to drop. Last week's news sounded like those dire footsteps. "Whatever perceived gains that might be achieved by eliminating the third parties should be weighed against the lingering public perception that Twitter got greedy," said Andrew Stone, founder of Twittelator. "And like the mythological Greek Titan Cronos, began eating each of his children as they were born." < - snip - > http://www.theverge.com/2012/7/9/3135406/twitter-api-open-closed-facebook-walled-garden --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 07:46:32 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 08:46:32 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google_Remakes_Online_Empire_Wit?= =?windows-1252?q?h_=91Colossus=92?= Message-ID: <874F0AB0-646C-4860-A2ED-6698EE714222@infowarrior.org> Google Remakes Online Empire With ?Colossus? ? By Cade Metz ? Email Author ? July 10, 2012 | ? 6:30 am | ? Categories: Data Centers, Database Software, Software http://www.wired.com/wiredenterprise/2012/07/google-colossus/ More than a decade ago, Google built a new foundation for its search engine. It was called the Google File System ? GFS, for short ? and it ran across a sweeping army of computer servers, turning an entire data center into something that behaved a lot like a single machine. As Google crawled the world?s webpages, grabbing data for use in its search engine, it could spread this massive collection of data over all those servers, before using the chips on these machines to crunch everything into a single, searchable index. GFS was so successful, it soon reinvented the rest of the web. After Google released research papers describing GFS and a sister software platform called MapReduce ? the piece that crunches the data ? Yahoo, Facebook, and others built their own version of the Google foundation. It was called Hadoop, and this open source platform is now driving a revolution across the world of business software as well. But Google no longer uses GFS. Two years ago, the company moved its search to a new software foundation based on a revamped file system known as Colossus, and Urs H?lzle ? the man who oversees Google?s worldwide network of data centers ? tells Wired that Colossus now underpins virtually all of Google?s web services, from Gmail, Google Docs, and YouTube to the Google Cloud Storage service the company offers to third-party developers. Whereas GFS was built for batch operations ? i.e., operations that happen in the background before they?re actually applied to a live website ? Colossus is specifically built for ?realtime? services, where the processing happens almost instantly. In the past, for instance, Google would use GFS and MapReduce to build a new search index every few days and ? as the system matured ? every few hours. But with Colossus and its new search infrastructure ? known as Caffeine ? Google needn?t rebuild the index from scratch. It can constantly update the existing index with new information in real time. The move to Colossus foretells a similar move across the rest of the web ? and beyond ? as is so often the case with the hardware and software that underpins Google?s massively popular web services. Because its services are used by so many people ? and it?s juggling so much data ? Google is often forced to solve very large problems before the rest of the world, but then others will follow. Colossus is already echoed by recent changes to Hadoop, a platform now used by everyone from Facebook to Twitter and eBay. So that it?s better suited for realtime applications, Colossus eliminates a ?single point of failure? that plagued the original Google File System. With GFS, a ?master node? ? or master server ? oversaw data that was spread across an army of ?chunkservers.? These chunkservers stored chunks of data, each about 64 megabytes in size. The problem was that if the master node went down, the whole system went down ? at least temporarily. Colossus solved this problem by adding multiple master nodes. ?A single point of failure may not have been a disaster for batch-oriented applications,? Googler Sean Quinlan said, just before Colossus was rolled out, ?but it was certainly unacceptable for latency-sensitive applications, such as video serving.? The new file system also reduces the size of the data chunks down to 1MB. Together with the addition of multiple master nodes, this lets Google store far more far more files across a far larger number of machines. H?lzle calls Colossus ?similar to GFS ? but done better after ten years of experience.? With its search engine, Google has not only dropped GFS. It has dropped MapReduce. Rather than using MapReduce to build a new index every so often, it uses a new platform called ?Caffeine? that operates more like a database, where you can read and write data whenever you like. In similar fashion, Hadoop developers are working to eliminate single points of failure and tweak the platform for use with realtime services. A company called MapR has built a new proprietary version of Hadoop that includes an entirely new file system, while others have worked to remove single points of failure in the open source version of the platform. And in much the same way Google uses distributed databases atop Colossus, Hadoop dovetails with a database called Hbase that?s better suited to realtime services. Jan Gelin ? vice president of technical operations for the Rubicon Project, a realtime trading platform for online ads ? recently moved his service to MapR?s proprietary version of Hadoop in part because it eliminated a ?single point of failure? that plagued earlier open source versions of the platform. As with GFS, the original incarnation of Hadoop used a single machine ? known as the name node ? to oversee all other servers in a cluster, and if that one machine went down, the entire process would stop. ?We had a lot of those issues,? Gelin says. ?We have roughly a petabyte of data inside of Hadoop, and it was always nerve-wracking when the name node didn?t check-point and you?re wondering if you?re going to lose all your storage or all the pointers to where your data is. ?That?s OK if you?re doing research stuff, but if you?re depending on your data in the way we?re going to be now, it?s not.? During a recent event in Silicon Valley, Mike Olson ? the CEO Cloudera, another Hadoop outfit ? said that this problem has also been fixed in the open source version of Hadoop. Though Google has not open sourced the code behind Colossus, outside developers can still make use of the file system. As H?lzle points out, Colossus underpins Google Cloud Storage, the online storage service Google offers to developers across the globe in much the same way Amazon offers its S3 storage service. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 10 11:52:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 12:52:59 -0400 Subject: [Infowarrior] - NRO accused of illegally collecting personal data via polygraph Message-ID: <6966CB17-064A-4048-8F12-ECD402B1F4A1@infowarrior.org> National Reconnaissance Office accused of illegally collecting personal data By Marisa Taylor | McClatchy Newspapers http://www.mcclatchydc.com/2012/07/10/155587/national-reconnaissance-office.html WASHINGTON ? One of the nation?s most secretive intelligence agencies is pressuring its polygraphers to obtain intimate details of the private lives of thousands of job applicants and employees, pushing the ethical and legal boundaries of a program that?s designed instead to catch spies and terrorists. The National Reconnaissance Office is so intent on extracting confessions of personal or illicit behavior that officials have admonished polygraphers who refused to go after them and rewarded those who did, sometimes with cash bonuses, a McClatchy investigation found. The disclosures include a wide range of behavior and private thoughts such as drug use, child abuse, suicide attempts, depression and sexual deviancy. The agency, which oversees the nation?s spy satellites, records the sessions that were required for security clearances and stores them in a database. Even though it?s aggressively collecting the private disclosures, when people confess to serious crimes such as child molestation they?re not always arrested or prosecuted. ?You?ve got to wonder what the point of all of this is if we?re not even going after child molesters,? said Mark Phillips, a veteran polygrapher who resigned from the agency in late May after, he says, he was retaliated against for resisting abusive techniques. ?This is bureaucracy run amok. These practices violate the rights of Americans, and it?s not even for a good reason.? The agency refused to answer McClatchy?s questions about its practices. However, it?s acknowledged in internal documents that it?s not supposed to directly ask more personal questions but says it legally collects the information when people spontaneously confess, often at the beginning of the polygraph test. After a legal review of Phillips? assertions, the agency?s assistant general counsel Mark Land concluded in April that it did nothing wrong. ?My opinion, based on all of the facts, is that management?s action is legally supportable and corrective action is not required,? he wrote. But McClatchy?s review of hundreds of documents ? including internal policy documents, memos and agency emails ? indicates that the National Reconnaissance Office is pushing ethical and possibly legal limits by: ? Establishing a system that tracks the number of personal confessions, which then are used in polygraphers? annual performance reviews. ? Summoning employees and job applicants for multiple polygraph tests to ask about a wide array of personal behavior. ? Altering results of the tests in what some polygraphers say is an effort to justify more probing of employees? and applicants? private lives. Various national security experts, including those who support the use of polygraph in general for security screening, said they were disturbed by what McClatchy found, especially considering that the number of polygraph screenings has spiked in the last decade. ?There?s a narrow jurisdiction for a polygraph program, which is to promote security,? said Steven Aftergood, a senior analyst with the Federation of American Scientists, a nonpartisan research center that tracks intelligence policies. ?When agencies exceed their authority, they not only violate the privacy of employees, they corrupt the entire process.? The dispute is part of a long-running debate over the proper use of polygraph by the federal government in screening employees, when it?s not known whether the machine can detect the difference between a lie and the truth or simply registers an emotional response. In 2002, the National Academies, the nonprofit institute that includes the National Academy of Sciences, concluded that the federal government shouldn?t use polygraph screening because it was too unreliable. Yet since then, in the Defense Department alone, the number of national-security polygraph tests has increased fivefold, to almost 46,000 annually. Many of those who are required to undergo the tests aren?t just bureaucrats in Washington but also private contractors across the country. < - BIG SNIP - > http://www.mcclatchydc.com/2012/07/10/155587/national-reconnaissance-office.html From rforno at infowarrior.org Tue Jul 10 13:52:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jul 2012 14:52:31 -0400 Subject: [Infowarrior] - EFF: The NSA's warrantless wiretapping is a crime, not a state secret Message-ID: The NSA's warrantless wiretapping is a crime, not a state secret As the US will neither affirm nor deny its vast dragnet of phone calls and emails, we must sue to protect our privacy and liberty ? Cindy Cohn and Trevor Timm ? guardian.co.uk, Tuesday 10 July 2012 13.54 EDT http://www.guardian.co.uk/commentisfree/2012/jul/10/nsa-warrantless-wiretapping-crime This week, cellphone carriers publicly reported that US law enforcement made an astounding 1.3m demands for customer text messages, caller locations, and other information last year. The disclosure has sparked a flood of press coverage and consumer outrage, given much of the information was obtained without a warrant. But this is only one way that communications and communications records are being monitored by the government. Since 2006, Americans have known that the National Security Agency (NSA), in league with telecommunications carriers like AT&T, has been engaging in mass warrantless surveillance of millions of ordinary Americans. And since shortly thereafter, the Electronic Frontier Foundation has been suing to stop it. Despite the fact that the mass wiretapping was first exposed by the New York Times in 2005, and subsequently reported on by dozens of news organizations, the government continues to maintain that the "state secrets" privilege should prevent the courts from even the basic determination of whether the NSA's actions are legal or constitutional. This position isn't correct legally, since, in 1978, Congress created the Foreign Intelligence Surveillance law specifically requiring the courts to determine the legality of electronic surveillance. But it also isn't the right answer for a country founded on the supremacy of law and the constitutional protections against untargeted searches and seizures. Now, three longtime NSA employees ? William E Binney, Thomas A Drake, and J Kirk Wiebe ? have come forward and offered additional inside evidence to support the lawsuit, all of which confirms what an increasing mountain of evidence shows: that the US government is engaging in mass dragnet surveillance of innocent, untargeted American people, as well as foreigners whose messages are routed through the US. As Binney states, "the NSA is storing all personal electronic communications." Our lawsuits ? first, against the telecommunications carriers, and now, against the government directly ? also included other undisputed evidence from a former AT&T technician named Mark Klein. He provided blueprints and photographs showing an NSA-installed "secret room" in an AT&T facility less than a mile from EFF's San Francisco office, which experts say siphons massive amounts of internet usage data, phone calls and records flowing through the facility directly to the NSA. The surveillance has not stopped, either. In 2009, after President George W Bush left office, the New York Times reported that the NSA was still collecting purely domestic communications of Americans' in a "significant and systemic" way. In 2010, the Washington Post reported: "Every day, collection systems at the National Security Agency intercept and store 1.7bn emails, phone calls and other types of communications." And a Wired investigation published in March revealed the NSA is currently constructing a huge data center in Utah, meant to store and analyze "vast swaths of the world's communications" from foreign and domestic networks. The government's response? A preposterous claim that no court can consider the legality of this surveillance unless the government formally admits it. In fact, the government maintains that even if all the allegations are true, the case should be thrown out under the state secret privilege. The courts should not participate in this charade, nor should the American people or Congress. We are currently asking the court to rule that the 1978 FISA law supersedes the government's claim of state secrets and requires the court to rule on the legality of the surveillance. And in Congress, two US senators, Ron Wyden and Mark Udall, have been asking the NSA for a year simply for a ballpark figure of how many Americans have had their communications surveilled by the spy agency. The NSA finally responded two weeks ago, claiming it did not have the capacity to find such number. Apparently unaware of the irony, the NSA argued that releasing an estimate of how many people's emails they read would violate Americans' privacy. Sadly, the UK government seems to be following suit, proposing its own mass surveillance plan, asking Parliament to pass a law allowing the government to monitor every email, text and phone call in the country. But at least in the UK, the plan is now public ? after an earlier secret one was inadvertently revealed. Whether the threat comes from the warrantless surveillance of our cell phone location data by the local police, or the wholesale collection of our emails and phone calls by the NSA, all citizens deserve reasonable privacy in our communications. And we assert the right to hold the government accountable for violating that privacy. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 07:32:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 08:32:26 -0400 Subject: [Infowarrior] - DOD pondering new "Distinguished Warfare Medal' Message-ID: <5CD57409-9A37-4BC6-B2F8-23619B727566@infowarrior.org> Remote-control heroism http://www.washingtonpost.com/politics/the-tsa-follies/2012/07/09/gJQAi3LQaW_story.html?hpid=z15 The Pentagon is considering awarding a Distinguished Warfare Medal to drone pilots who work on military bases often far removed from the battlefield. Pentagon officials have been briefed on the medal?s ?unique concept,? Charles V. Mugno, head of the Army Institute of Heraldry, told a recent meeting of the Commission of Fine Arts, according to a report in Coin World by our former colleague Bill McAllister. Mugno said most combat decorations require ?boots on the ground? in a combat zone, but he noted that ?emerging technologies? such as drones and cyber-combat missions are now handled by troops far removed from the war zone. The Pentagon has not formally endorsed the medal, but Mugno?s institute has completed six alternative designs for commission approval. The notion of greater recognition for drone pilots has been percolating for some time. Air Force Maj. Dave Blair, writing in the May-June issue of the Air & Space Power Journal, asked how much difference there is in terms of risk ?between 10,000 feet and 10,000 miles.? A ?manned aircraft . . . that scrapes the top of a combat zone, well outside the range of any realistic threat,? is deemed in ?combat,? Blair writes, but a Predator firing a missile is considered ?combat support.? The proposed medal would rank between the Distinguished Flying Cross and the Soldier?s Medal for exceptional conduct outside a combat zone. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 07:49:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 08:49:43 -0400 Subject: [Infowarrior] - NBC and Facebook to Announce Olympics Partnership Message-ID: Running FB content on TV "just because it's cool" may well be viewed as artificial corporate attempt to foster community and fail. Forcing FB content down viewers' throats on live TV may well backfire. Just because you can and think it's cool, doesn't mean you should. -- rick NBC and Facebook to Announce Olympics Partnership By BRIAN STELTER Published: July 10, 2012 http://www.nytimes.com/2012/07/11/business/media/nbc-and-facebook-announce-facebook-partnership.html?_r=1&hpw Users of Facebook, later this summer, will be reminded about NBC?s coverage of the Olympic Games in London. And viewers of NBC?s coverage, at the same time, will be nudged to talk about the Games on Facebook. The virtuous circle is part of a collaboration, to be announced Wednesday, between NBCUniversal?s NBC Olympics division and Facebook, the social networking Web site. Data from Facebook will inform television coverage on NBC and on the other channels that will carry portions of the Summer Games starting on July 27. The specific uses will vary, but there will be a ?Facebook Talk Meter? occasionally shown on TV to reflect what is being said online. ?We know that a social conversation will surround the Olympics,? said Gary Zenkel, the president of NBC Olympics. The work with Facebook, he added, is part of the division?s plan to listen and to talk back. The connections between television and social media have come a long way since 2008, when the world last gathered for a Summer Olympics. Then, Facebook had 100 million users; now, it is said to have 900 million. In the intervening years, the notion of a ?second screen? ? the TV being the first, the computer or phone being the second ? has been commercialized; it?s normal now for TV shows to encourage viewers to chat online about the show while watching it. Even without encouragement, some viewers are sure to be doing it anyway as the two mediums, TV and the Web, continue to inch closer and closer. ?Facebook has the attention of a large portion of the American audience,? particularly among younger demographics, Mr. Zenkel said in a telephone interview from London. He portrayed the Facebook collaboration as a piece of ?our continuing efforts to reassemble the audience? that has fragmented in countless ways in recent decades. Facebook and NBC Olympics executives said the arrangement was not an advertising deal, and they indicated that no money was changing hands. (NBC does not expect its Olympic broadcasts to turn a profit this year.) In effect, the companies will be marketing each other?s products, possibly encouraging even more simultaneous viewing and chatting. ?It?s terrific exposure,? said Andy Mitchell, a former executive at CNN who now manages partnerships at Facebook. On Facebook, the NBC Olympics page will be frequently updated with what the companies call ?exclusive content? for fans only, a common marketing maneuver. Fans will be able to let Facebook friends know that they are watching videos and reading articles on the network?s Olympics Web site, possibly encouraging more viewing and reading by their friends. NBC will be streaming every Olympic event this summer on its Web site, though users will have to verify that they subscribe to a participating cable or satellite provider. It will add up to thousands of hours ? a veritable hurdle for people who are trying to figure out what to watch. With that in mind, the ability to share on Facebook will be ?a great way to discover new games, athletes and events,? Mr. Mitchell said. Perhaps the more intriguing part of the partnership, for traditional television viewers, involves Facebook?s data-crunching about user conversations related to the Olympics. With the assistance of a small team of Facebook staff members in London, ?NBC is going to turn that data into stories,? Mr. Mitchell said. The television segments with the ?Talk Meter? inspired by social media chatter will be shown in prime time and at other times of the day. ?We think it will be very interesting and informative for our audience to let them know, from time to time, what is hot and what people are talking about? online, Mr. Zenkel said. The prime-time broadcast on NBC will also promote a daily poll on Facebook about the Olympics. With tens of millions of viewers watching each night, the broadcast is some of the most valuable real estate on television. Mr. Zenkel said that the Facebook integration would come on ?when the information warrants it and when it is compelling.? There is a danger, of course, in talking about Facebook just for the sake of Facebook. But as many viewers (not to mention many television executives) have discovered over the last few years, Web sites like Facebook and Twitter can turn solitary viewing into something akin to a communal experience. Nielsen studies have shown that nearly half of tablet computer owners and smartphone owners use their devices while watching television daily. Checking sports scores is one of the top uses for both groups. Online chatter around TV events is a trend most closely associated with Twitter, a smaller Facebook competitor. Twitter has worked with a variety of television networks to amplify the ?second screen? behavior of users and viewers. In the spring, the company announced a multiyear collaboration with one of NBCUniversal?s competitors, ESPN, around major sporting events like the N.B.A. Finals. NBC has not announced a deal with Twitter around its Olympics telecasts, but it is likely to do so before the Games start. In 2010, when the network televised the Winter Games in Vancouver, it introduced something it called a ?Twitter Tracker? that visualized Twitter messages about the events. The tracker will be back this time, Mr. Zenkel said. And one can only imagine how many more messages there will be. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 08:16:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 09:16:38 -0400 Subject: [Infowarrior] - DHS teams hunt for weaknesses in federal cyber networks Message-ID: <960565AD-C3BC-41B5-B340-0B9C7C6A47BF@infowarrior.org> DHS teams hunt for weaknesses in federal cyber networks Wednesday - 7/11/2012, 5:55am ET By Jason Miller http://www.federalnewsradio.com/241/2938488/DHS-teams-hunt-for-weaknesses-in-federal-cyber-networks The Homeland Security Department is going into agency networks to find the soft spots-places where cybersecurity defenses are weakest and pose the greatest risks. DHS' Federal Network Security branch, under the National Protection and Programs Directorate, is having little trouble finding agencies' soft cyber underbelly. Take one agency who asked DHS to perform a "Red Team" exercise, it thought it had 2,000 to 3,000 computers on a specific network, but Homeland Security's team stopped counting at 9,000. Rob Karas, the program manager of the risk evaluation program, or Red Teaming initiative, at DHS, said until the agency understood its network better it wasn't worth continuing. "We worked with them and helped them identify why they had so many hosts on their network and how they could architect and design it better," he said in an interview with Federal News Radio. "We worked with them to remove hosts or close off networks that shouldn't have been there." Another agency had 500 public-facing Web servers, and through DHS' analysis, it is reducing that number to about 100 and thus shrinking its attack surface. These are but two examples of a growing list of how DHS Federal Network Security (FNS) branch is helping agencies harden systems and networks. "Ideally, our Red and Blue team services is designed to be a proactive engagement with agencies to improve their posture," said Don Benack, the program manager for DHS' cybersecurity assurance program within FNS. "We provide free specialized access to skills and services that are not readily available or are in high demand across the dot-gov to promote a healthy and resilient cyber infrastructure. That's the goal to do risk-based analysis and gap analysis of capabilities and drive improvements." DHS taking different Red Team approach Congress appropriated $35 million for the FNS branch, of which about $7.6 million can be used for these red team analyses. In 2013, Congress so far has appropriated a little less for these Red Team efforts. Typically Red Teams try to hack into a network to highlight its vulnerabilities. But Benack said DHS is taking a different tact that gets to the heart of the problem more quickly. "The Red Teams rather than focusing on system compromise, focus on risk evaluation, which allows us to optimize the process a little bit," he said. "Instead of spending time breaking into the system and then using that as proof to an agency that they have a problem, the idea is to identify threats and vulnerabilities actively working against their agencies. What are the threat vectors they have to worry about? What are the active actionable vulnerabilities on their network? We then marry that together with an agency specific point of view so they can address those risks first and foremost." DHS FNS also provides Blue Teaming exercises, which have been going on for a few years. Benack said the Blue Teams look at how agencies are meeting the requirements under the Trusted Internet Connections (TIC) initiative to consolidate public Web gateways. "Our Blue Teams take a proactive look at the capabilities in place. Do you have the foundational elements to your program to defend against an attack, to respond and recover from an attack, and hopefully prevent an attack up front?" he said. "They also assess and validate agency implementation of technical controls, tools and technologies-people, processes and program maturity." DHS also is expanding the Blue Teaming efforts beyond TIC to ensure agencies' cyber capabilities are aligned with requirements established by the Obama administration's cross agency priority goal for cybersecurity and continuous monitoring efforts. New service for agencies The branch launched the Red Teaming exercise in late February after Congress approved the fiscal 2012 budget. Over the last four months, DHS has conducted five Red Team evaluations and has five more scheduled for the rest of the year. Karas said the goal is to perform 26-to-30 Red Team engagements annually. DHS also has done 28 Blue Team assessments with six more agencies on tap. The Red Team exercises take about two weeks for the average agency. Karas said the five-person team, which is usually made up of a federal manager and four contractors, spends a week doing external analysis of the customer agency's system and a week doing internal analysis. "Right now, it's up to an agency's chief information security officer or chief information officer to determine if they want or need Red Team services," Benack said. "We work with them to determine the system or group of systems that are most important to look at." He said DHS also promotes the service if an agency comes to the U.S. Computer Emergency Response Team (U.S. CERT) for help with an immediate attack or threat. U.S. CERT helps the agency address the pressing risk, and then FNS offers the follow-on Red Team service. "We have rules of engagement that our Office of General Counsel worked with us and we created," Karas said. "We sit down with the agency, they select the services and get it signed by CIO, CISO and legal counsel. Then we have a scoping meeting." Under the Red Team services, FNS offers a variety of services: ? Network mapping ? Network vulnerability scanning for wired and wireless ? Threat identification ? Social engineering where it sends spear phishing attacks ? Web applications tests ? Databases testing ? Operating system testing. Karas said DHS also brings in experts depending on the agency's services. For instance, the branch would have a database expert looking at the cybersecurity of such a system or an expert on Linux or Windows to look at specific operating systems. The end result of these exercises is making recommendations categorized as critical, high, medium and low. Benefits from Red Teaming are clear The branch can point to real results from the Red Teaming efforts because of the two-pronged approach they are taking. The first method is typical network scans, but FNS also lets its experts poke around inside the network. Karas said they have found holes in one agency's Virtual Private Network thanks to the expert reviewing its set up. Benack said it's up to the agency to implement the recommendations, and the branch does not share the recommendations with anyone but their agency contact. "The trust relationship is working really good," he said. "By keeping the risk evaluation optional and at their discretion to engage with us ? and we hope they do choose to engage with us because we get maximum benefit when we can get cross sampling of data from across the government that we can anonymize and do national level trending to identify what are the emerging threats affecting all agencies, what are the common vulnerabilities so we can help prioritize and shift resources to address the definable and quantifiable problems across dot-gov ? we get a big win." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 09:07:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 10:07:28 -0400 Subject: [Infowarrior] - More on: Decorating our Drone Pilots Message-ID: <07032DD5-C1D3-4A87-9BA5-56D275E8E97D@infowarrior.org> (the comments are Greenwalds. --rick) http://www.salon.com/2012/07/10/bravery_and_drone_pilots/ July 10, 2012 Bravery and Drone Pilots The Pentagon considers awarding war medals to those who operate America's death-delivering video games BY GLENN GREENWALD The effort to depict drone warfare as some sort of courageous and noble act is intensifying: > The Pentagon is considering awarding a Distinguished Warfare Medal to drone > pilots who work on military bases often far removed from the battlefield. . . > . > > [Army Institute of Heraldry chief Charles] Mugno said most combat decorations > require ?boots on the ground? in a combat zone, but he noted that ?emerging > technologies? such as drones and cyber combat missions are now handled by > troops far removed from combat. > > The Pentagon has not formally endorsed the medal, but Mugno?s institute has > completed six alternate designs for commission approval. . . . > > The proposed medal would rank between the Distinguished Flying Cross and the > Soldier?s Medal for exceptional conduct outside a combat zone. So medals would be awarded for sitting safely ensconced in a bunker on U.S. soil and launching bombs with a video joystick at human beings thousands of miles away. Justifying drone warfare requires pretending that the act entails some sort of bravery, so the U.S. military is increasingly taking steps to create the facade of warrior courage for drone pilots: > The Air Force has been working to bridge the divide between these two groups > of fliers. First off, drone operators are called pilots, and they wear the > same green flight suits as fighter pilots, even though they never get in a > plane. Their operating stations look like dashboards in a cockpit. And drone pilots themselves are propagating boasts of their own bravery more and more: > Luther (Trey) Turner III, a retired colonel who flew combat missions during > the gulf war before he switched to flying Predators in 2003, said that he > doesn?t view his combat experience flying drones as ?valorous.? ?My > understanding of the term is that you are faced with danger. And, when I am > sitting in a ground-control station thousands of miles away from the > battlefield, that?s just not the case.? But, he said, ?I firmly believe it > takes bravery to fly a U.A.V.? ? unmanned aerial vehicle ? ?particularly when > you?re called upon to take someone?s life. In some cases, you are watching it > play out live and in color.? As more than one pilot at Holloman told me, a bit > defensively, ?We?re not just playing video games here.? Whatever one thinks of the justifiability of drone attacks, it?s one of the least ?brave? or courageous modes of warfare ever invented. It?s one thing to call it just, but to pretend it?s ?brave? is Orwellian in the extreme. Indeed, the whole point of it is to allow large numbers of human beings to be killed without the slightest physical risk to those doing the killing. Killing while sheltering yourself from all risk is the definitional opposite of bravery. This is why the rapid proliferation of drones, beyond their own ethical and legal quandaries, makes violence and aggression so much easier (and cheaper) to perpetrate and therefore so much more likely. In the New York Times today, Thomas Ricks, echoing Gen. Stanely McChrystal, calls for the re-instatement of real conscription because subjecting all of the nation to the risks of combat is the only way to finally restrain America?s posture of Endless War (?having a draft might, as General McChrystal said, make Americans think more carefully before going to war?); conversely, cost-free, risk-free drone warfare does the opposite. If the mere act of taking steps that will result in the death of others makes one ?brave,? consider all the killers who now merit that term: dictators who order protesters executed, tyrants who send others off to war, prison guards who activate electric chairs. As for the claim that drone ?pilots? are not engaged in the extinguishing of human life via video games, the military?s own term for its drone kills ? ?bug splat,? which happens to be the name of a children?s video game ? and other evidence negates that. From Michael Hastings in Rolling Stone: > At first, many pilots resisted the advance of drones, viewing them as nothing > but a robotic replacement for highly trained fighter jocks. . . . Now, given > the high profile and future prospects of drones, pilots are lining up to > operate them, volunteering for an intensive, one-year training course that > includes simulated missions. ?There is more enthusiasm for the job,? says Lt. > Gen. David Deptula, a fighter pilot who ran the Air Force?s surveillance drone > program until 2010. ?Many pilots are excited about operating these things.? > > For a new generation of young guns, the experience of piloting a drone is not > unlike the video games they grew up on. Unlike traditional pilots, who > physically fly their payloads to a target, drone operators kill at the touch > of a button, without ever leaving their base ? a remove that only serves to > further desensitize the taking of human life. (The military slang for a man > killed by a drone strike is ?bug splat,? since viewing the body through a > grainy-green video image gives the sense of an insect being crushed.) > > As drone pilot Lt. Col. Matt Martin recounts in his book Predator, operating a > drone is ?almost like playing the computer game Civilization? ? something > straight out of ?a sci-fi novel.? After one mission, in which he navigated a > drone to target a technical college being occupied by insurgents in Iraq, > Martin felt ?electrified? and ?adrenalized,? exulting that ?we had shot the > technical college full of holes, destroying large portions of it and killing > only God knew how many people.? Only later did the reality of what he had done > sink in. ?I had yet to realize the horror,? Martin recalls. > Human rights lawyer Jennifer Robinson recently recounted numerous cases of horrifying civilian deaths involving Pakistani teenagers whose lives were ended by drones, and she observed that ?this PlayStation warfare is only risk-free for operators of these remote-controlled killers.? She added that the use of the term ?bug splat? for drone victims ?is deliberately employed as a psychological tactic to dehumanise targets so operatives overcome their inhibition to kill; and so the public remains apathetic and unmoved to act,? and that ?the phrase has far more sinister origins and historical use: In dehumanising their Pakistani targets, the US resorts to Nazi semantics. Their targets are not just computer game-like targets, but pesky or harmful bugs that must be killed.? I don?t doubt that some drone attackers experience some psychological stress from knowing that they are eradicating human beings with their joysticks and red buttons (though if it?s only ?bugs? who are being splattered, why would the stress be particularly burdensome?). But that stress is nothing compared to the terror routinely imposed on the populations in numerous Muslim countries who are being targeted with these attacks. And whatever else is true, drone warfare is already so exceedingly cheap and easy that the temptation to use it regularly is virtually irresistible. Collectively venerating it as an act of ?bravery? (of all things), deserving of war medals, is only likely to shield it even further from critical scrutiny and challenge. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 09:09:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 10:09:08 -0400 Subject: [Infowarrior] - Fact-Check: How the NYPD Overstated Its Counterterrorism Record Message-ID: <88E7A33D-CE71-4D25-842C-A0DFE9775EE0@infowarrior.org> Fact-Check: How the NYPD Overstated Its Counterterrorism Record by Justin Elliott ProPublica, July 10, 2012, 11:33 a.m. The NYPD is regularly held up as one of the most sophisticated and significant counterterrorism operations in the country. As evidence of the NYPD's excellence, the department, its allies and the media have repeatedly said the department has thwarted or helped thwart 14 terrorist plots against New York since Sept 11. In a glowing profile of Commissioner Ray Kelly published in Newsweek last month, for example, journalist Christopher Dickey wrote of the commissioner's tenure since taking office in 2002: The record "is hard to argue with: at least 14 full-blown terrorist attacks have been prevented or failed on Kelly's watch." The figure has been cited repeatedly in the media, by New York congressmen, and by Kelly himself. The NYPD itself has published the full list, saying terrorists have "attempted to kill New Yorkers in 14 different plots." As Mayor Michael Bloomberg said in March: "We have the best police department in the world and I think they show that every single day and we have stopped 14 attacks since 9/11 fortunately without anybody dying." Is it true? In a word, no. A review of the list shows a much more complicated reality ? that the 14 figure overstates both the number of serious, developed terrorist plots against New York and exaggerates the NYPD's role in stopping attacks. < - BIG SNIP - > http://www.propublica.org/article/fact-check-how-the-nypd-overstated-its-counterterrorism-record --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 11:28:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 12:28:42 -0400 Subject: [Infowarrior] - 'Security' as pretext for patent enforcement Message-ID: <33267FE9-4AD9-41B5-8F34-E02B2D3507D5@infowarrior.org> Instead of calling it what it is, Sprint calls it a "security fix" -- which again reinforces the belief that "security" doesn't always refer to hackers, theives, and criminals, but rather securing the profits and rights of others. Funny how semantics change, eh? --rick Sprint Cripples Galaxy S III Via ?Security Update?: Bye, Bye Universal Search By Daniel Ionescu, PCWorld Jul 11, 2012 5:53 AM http://www.pcworld.com/article/259080/sprint_cripples_galaxy_s_iii_via_security_update_bye_bye_universal_search.html Samsung Galaxy S III users on Sprint are reporting that a ?security update? for their phones has removed the universal search feature from Android. The home screen search bar now only returns results from Google search, without searching through apps, contacts, and emails among other data. The unannounced change follows a temporary sales ban on the Google Galaxy Nexus, manufactured by Samsung. This was due to the ongoing legal fight between Apple and Samsung, among other Android manufacturers, including HTC, over patent infringements. Universal search allows you to search through your entire phone?s data from the Google search bar on the home screen. You just type in what you would like to find, and it returns results from your music, contacts, apps, email, contacts and the Web. On iOS, you access this by swiping right from the home screen. What the Sprint software update does is remove searching through data on your phone and brings up only Web search results. Voice commands are not currently affected. The Galaxy Nexus sales injunction was based on a patent relating to universal search on the phone, among three other patents, including slide to unlock, and word recommendations and auto correct. Last week Google said it was working with Samsung on a software update that would remove universal search in order to bypass the sales ban, but this has yet to be released. However, this security update for the Sprint Galaxy S III does seem to address the exact same patent issue relating to the Galaxy Nexus, and is probably a pre-emptive move from Samsung ahead of a wider rollout of the Android update that strips the universal search capabilities. Google previously detailed that the Android update bypassing the patent issue will be rolled out to all Galaxy Nexus devices in the United States regardless or carrier. Given the Galaxy S III has similar functionality, it?s possible, though not confirmed, the change will also apply to all Galaxy S III phones within the U.S., where the patent dispute is currently limited to. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 14:37:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 15:37:48 -0400 Subject: [Infowarrior] - New Homeland Security Laser Scanner Reads People At Molecular Level Message-ID: <77E29A8A-F36D-4CC2-A03D-22990328E8C2@infowarrior.org> New Homeland Security Laser Scanner Reads People At Molecular Level July 11, 2012 11:01 AM http://washington.cbslocal.com/2012/07/11/new-homeland-security-laser-scanner-reads-people-at-molecular-level/ WASHINGTON (CBSDC) ? The Department of Homeland Security will soon be using a laser at airports that can detect everything about you from over 160-feet away. Gizmodo reports a scanner that could read people at the molecular level has been invented. This laser-based scanner ? which can be used 164-feet away ? could read everything from a person?s adrenaline levels, to traces of gun powder on a person?s clothes, to illegal substances ? and it can all be done without a physical search. It also could be used on multiple people at a time, eliminating random searches at airports. The laser-based scanner is expected to be used in airports as soon as 2013, Gizmodo reports. The scanner is called the Picosecond Programmable Laser. The device works by blasting its target with lasers which vibrate molecules that are then read by the machine that determine what substances a person has been exposed to. This could be Semtex explosives to the bacon and egg sandwich they had for breakfast that morning. The inventor of this invasive technology is Genia Photonics. Active since 2009, they hold 30 patents on laser technology designed for scanning. In 2011, they formed a partnership with In-Q-Tel, a company chartered by the CIA and Congress to build ?a bridge between the Agency and a new set of technology innovators.? Genia Photonics wouldn?t be the only ones with similar technology as George Washington University developed something similar in 2008, according to Gizmodo. The Russians also developed something akin to the Picosecond Programmable laser. The creators of that scanner claim that ?it is even able to detect traces of explosives left by fingerprints.? But what makes Genia Photonics? version so special is that the machine is more compact compared to the other devices and can still maintain its incredible range. Although the technology could be used by ?Big Brother,? Genia Photonics states that the device could be far more beneficial being used for medical purposes to check for cancer in real time, lipids detection, and patient monitoring. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 14:37:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 15:37:42 -0400 Subject: [Infowarrior] - As ITC mulls Xbox, iPhone import bans, Senators target patent system Message-ID: <6F6EA4D9-31FF-4EDD-84B6-2A170EE83182@infowarrior.org> As ITC mulls Xbox, iPhone import bans, Senators target patent system Senators ask if injunctions based on standard-essential patents should be valid. by Jon Brodkin - July 11 2012, 1:30pm EDT http://arstechnica.com/tech-policy/2012/07/as-itc-mulls-xbox-iphone-import-bans-senators-target-patent-system/ The International Trade Commission is currently considering whether to ban imports of Microsoft's Xbox 360 game console and Apple's iPhone. With that in mind, the US Senate Judiciary Committee this morning asked if more can be done to prevent tech companies from blocking sales of rival products by asserting patents that are critical to industry standards. Judiciary Committee Chairman Sen. Patrick Leahy (D-VT) called representatives of the Federal Trade Commission and Department of Justice to the hearing. Leahy said in an announcement that the goal is to "further explore the competitive impact of ITC exclusion orders and whether more needs to be done to ensure consumers are not the victims of the tech patent wars." His statement specifically mentions the Xbox and iPhone, and the hearing occurred as the ITC is deciding whether to stop imports of those products based on the assertion of standards-essential patents by the Google-owned Motorola Mobility. Why the ITC itself didn't appear at the hearing?or whether legislation will be filed to prevent the ITC from issuing injunctions based on standard-essential patents?isn't clear. Leahy hasn't filed any legislation on the matter. Today's hearing was an early step toward seeing if Congress can and should weigh in officially on the matter. While non-industry-standard patents have been used to get sales bans against products like Android devices, the senators' concern is mostly about patents tech companies pledged to standards-setting organizations and then use to block sales of competing products. When a patent is accepted into an industry standard, the holder of the patent is obligated to license its technology to rivals under fair, reasonable, and non-discriminatory terms (FRAND). The trouble is that FRAND terms haven't really been defined properly. Litigants can ask for what some might call unreasonable amounts of money. Motorola has demanded Microsoft pay royalties of 2.25 percent of the retail price of each Xbox 360 for the use of WiFi and video streaming patents. This is instead of applying that percentage only to the portion of the device using the infringing technologies, or simply asking for a lower rate. As senators today noted, tech companies are basically forced to build products that comply with industry standards. They shouldn't have to face import bans when patent holders ask for unreasonable amounts of money, too. Leahy said a company could develop products assuming it will be able to get a license to all the relevant patents, and then "get the door slammed in your face." "When inventors and developers are willing to license their technologies to one another at reasonable rates, the cross-fertilization of ideas benefits us all," Leahy said. "But I am concerned that the recent trend of seeking exclusion orders from the International Trade Commission, rather than negotiating and seeking license fees, may have the opposite effect." FTC Commissioner Edith Ramirez noted that standards make it possible for smartphones to be compatible with cellular networks, connect to WiFi, and stream video. That makes them valuable. "Patents that cover technology adapted into a standard can empower their owners to demand higher licensing rates than if their patents weren't accepted into a standard," she said. The FTC is investigating Google's Motorola unit over its use of standards-essential patents. The Supreme Court's 2006 decision in eBay v. MercExchange limited the circumstances in which injunctions can be issued against products that infringe patents. However, Ramirez said this decision applies to federal courts, and not the International Trade Commission. This explains why companies like Motorola turn to the ITC. In fact, the ITC can't award damages, so going to the ITC is a means of getting exclusion orders to ban imports of a product. Still, Ramirez said the ITC is already empowered to consider FRAND commitments as a mitigating factor in such cases under public interest clauses. DOJ Acting Assistant Attorney General Joseph Wayland told the Senate Committee he agreed the ITC can consider FRAND obligations under its existing authority. Senators asked if companies that pledge patents to industry standards groups should have to waive their right to use those patents to get injunctions. After all, making FRAND commitments implies the acceptance of money as the appropriate remedy. However, both Ramirez and Wayland said there may be circumstances in which injunctions are appropriate?for example, when a company refuses to pay any licensing fee or is outside US jurisdiction. Those are rare, though. "We do think in most cases an exclusion order (in FRAND cases) would be inappropriate," Ramirez said. While the patent wars have been busy for quite some time, Wayland said the DOJ is not concerned so much about the volume of patent cases but about the type?namely, those that seek injunctions. "Blocking a particular cell phone application could cause consumer harm across millions and millions of people," Wayland said. "It's the type of the practice we're concerned about, and not just the volume." The standards-setting bodies involved in blessing FRAND patents?such as the IEEE, ITU, and ISO?are private organizations, Ramirez noted. "There are thousands of SSOs [standards-setting organizations], and we do monitor what is happening," she said. While she didn't say how the value of standards-essential patents should be calculated, she argued that the FRAND licensing prices should be negotiated prior to a standard being approved. Although the topic of the hearing was FRAND patents, Leahy said he wonders if lawmakers can also stop harassment by patent trolls, companies that don't make technology of their own but buy patents to assert in lawsuits. "People who invent should be compensated," Leahy said. "I don't have a lot of sympathy for people who buy patents." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 16:27:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 17:27:51 -0400 Subject: [Infowarrior] - Any cybersecurity bill is better than no bill, senate panel told Message-ID: <872C948E-6585-48A8-BC32-730C5FFCA717@infowarrior.org> (care/of DG ? one almost feels the panic/desperation on the Hill to "do something, anything" about cybersecurity this year. ---rick) Any cybersecurity bill is better than no bill, senate panel told By Josh Smith National Journal 3:49 PM ET 0 Comments http://www.nextgov.com/cybersecurity/2012/07/any-cybersecurity-bill-better-no-bill-senate-panel-told/56730/ A panel of security experts urged Congress on Wednesday to do something?anything?to combat cyberthreats to the United States. The panel of witnesses before the Senate Homeland Security and Governmental Affairs Committee had specific recommendations, but with a nearly unified voice they all agreed that moving ahead with any current legislative proposals is better than doing nothing. ?If we don?t act now, I can assure you that whatever comes after something bad happens will be much more draconian and not as constructive as it could be,? Frank Cilluffo, director of George Washington University's Homeland Security Policy Institute, told the committee. Senate Majority Leader Harry Reid, D-Nev., has said he wants to move forward with floor debate on the Cybersecurity Act of 2012 by the end of July. The bill is championed by leaders of the Senate Intelligence, Commerce, and Homeland Security committees, including Homeland Security panel Chairman Joe Lieberman, ID-Conn. But the bill has been delayed for months because some Republicans don?t want the Homeland Security Department to have the authority to help set security standards for some private networks. But former National Security Agency and Central Intelligence Agency Director Michael Hayden said all the proposals on the table, including standards, information sharing between businesses and government, and a potential increased role for U.S. intelligence agencies, should be enacted. Any potential problems can be ironed out later, he said. ?I?d do them all. And I would keep an open mind a adjust fire in a year or two.? Earlier this week, the head of the U.S. Cyber Command, Gen. Keith Alexander, urged lawmakers in a speech to enact a bill before a catastrophic attack leads to an overreaction. RAND Corp. terrorism analyst Brian Michael Jenkins said any bill won?t be 100 percent right. But, he said, ?It?s important to get these things moving rather than finding the absolute perfect legislation." That did not sit well with Senate Armed Services Committee ranking member John McCain, R-Ariz., who is a chief critic of Lieberman?s Cybersecurity Act and who has introduced competing cybersecurity legislation of his own. Invoking the Hippocratic oath, McCain rebuked the witnesses for not acknowledging the potential harms he sees in giving government officials the authority to set security standards. ?The first principle is do no harm,? McCain said. ?The thing we don?t want to do is do something wrong.? McCain and other Republican committee leaders are pushing their own bill, which mirrors many of the Cybersecurity Act?s proposals such as encouraging businesses and government to share cyberthreat information with each other, but leaves out any new authority to set standards. Several compromise proposals are in the works that would soften some of the standards proposals. But many of the proposals are still eliciting pushback from businesses, which don?t want new regulations, and civil liberties advocates, who fear information sharing could undermine privacy. The latest United Technologies/National Journal Congressional Connection Poll found that despite expressing concern over cyberthreats, a majority of Americans don?t favor information sharing because of privacy concerns, and are opposed to government-set standards. Homeland Security Committee ranking member Susan Collins, R-Maine, has held on as the lone GOP cosponsor of the Cybersecurity Act. She said the protection of critical networks such as those connected to electric grids and water-treatment plants can?t be left up to voluntary measures. Waiting to act, Collins said, is risking a catastrophic cyberattack. ?I can think of no other area where the threat is greater and we?ve done less to counter it,? she said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 18:15:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 19:15:12 -0400 Subject: [Infowarrior] - =?windows-1252?q?Alzheimer=92s_Findings_Offer_New?= =?windows-1252?q?_Direction_on_When=2C_How_to_Treat?= Message-ID: <98DEB8C8-ABED-4C62-9597-8A862BBD263E@infowarrior.org> Alzheimer?s Findings Offer New Direction on When, How to Treat By Elizabeth Lopatto - Jul 11, 2012 http://www.bloomberg.com/news/print/2012-07-11/alzheimer-s-findings-offer-new-direction-on-when-how-to-treat.html In separate probes into the roots of Alzheimer?s, scientists have uncovered a rare gene mutation that keeps plaque from forming in the brain and found the disease may take hold 25 years before symptoms appear. The DNA variant slows production of an enzyme called beta secretase-1 that helps form the hallmark brain tangles. The finding, reported in the journal Nature, supports the validity of drugs being developed by Merck & Co., Eli Lilly & Co. (LLY) and other companies designed to slow release of the enzyme, said Kari Stefansson, a report author. The second study, published in the New England Journal of Medicine, involved people with DNA that predisposed them to the disease before age 60. That research found changes in spinal fluid 25 years before symptoms began, and brain volume differences 15 years earlier. Together, the reports may lay groundwork allowing scientists to identify when it may be best to start treating patients and, perhaps, hold off the disease. ?These are steps on the pathway, really high-quality ones,? said William Thies, chief medical and scientific officer for the Chicago-based Alzheimer?s Association. Though today?s findings won?t lead directly to drugs and diagnostics, they may provide a foundation for them, he said. More than 5 million Americans have Alzheimer?s, which is the most-common type of dementia, according to the Alzheimer?s Association. Global dementia cases are expected to double within 20 years to as many as 65.7 million people, the Geneva-based World Health Organization said in April. DIAN Group The New England Journal study focused on a group called the Dominantly Inherited Alzheimer Network, or DIAN. People in this group have a dominant gene mutation inherited from their parents guaranteeing they?ll get Alzheimer?s and suffer dementia before age 60, said Randall Bateman, a study author and a professor of neurology at Washington University School of Medicine in St. Louis. That makes them an ideal to study the disease?s progress, he said in a telephone interview. ?This may mean there?s a window of opportunity to potentially intervene,? Bateman said. ?The symptoms may represent a brain failure after damage has been going on for decades.? The researchers used the DIAN group to estimate the time to the onsets of symptoms by comparing them with their parents? data. A 35-year-old whose parent was 45 when the symptoms began was thought to be 10 years away from onset, the report said. Certain signs, or biomarkers, found in spinal fluid or the brain let scientists track disease progression, said Laurie Ryan, the program director for Alzheimer?s disease clinical trials at the National Institute on Aging in Bethesda, Maryland. Changes Tracked The researchers noted when changes occurred and accrued over time, she said. If tests can be developed to determine whether a person is at risk for the disease it may aid diagnosis, help improve treatment and speed drug development, the Alzheimer?s Association?s Thies said. ?Getting to the point where we can do a biomarker endpoint for phase 3 clinical trials, that?s going to take a while,? Thies said. ?But we?re on the road to that.? The first sign of impending Alzheimer?s in the DIAN patients -- found 25 years before the expected beginnings of symptoms -- was a drop in beta amyloid in the cerebrospinal fluid. That indicates the protein isn?t getting cleared out of the brain, Ryan said. While healthy brains break down and eliminate beta amyloid, the protein fragments accumulate and start to clump in the brains of people with Alzheimer?s. Brain Atrophy The next changes, observed 15 years before the expected symptomatic illness, showed abnormal deposits of beta amyloid and increased levels of tau, another characteristic Alzheimer?s protein, as well as brain atrophy. Five years after that, patients start to experience memory problems, and three years later, patients meet the diagnostic criteria for dementia, according to the study. Bateman?s group is planning an extension of the study that looks at three yet-to-be-determined experimental drugs, to see if treating patients earlier will help stave off the effects of the mind-robbing illnesses. Because the DIAN group has an early-onset form of the illness, meaning before age 60, Bateman and other scientists urged caution in stretching the finding to the more-common late onset type of Alzheimer?s. ?We don?t know if this is exactly what we?d see in late- onset Alzheimer?s disease,? in the course of the disease in people without the mutation, Ryan said. ?But we have data that suggests similar patterns.? Mutation Discovery In the Nature paper, scientists from deCode Genetics Inc. discovered the mutation that prevents an enzyme called beta secretase 1, or BACE-1, from helping create the characteristic beta amyloid tangles in the brains of Alzheimer?s patients. Drugs that mimic this action are in development from Merck & Co. (MRK), Eli Lilly & Co. and Eisai Co. (4523) The variant points to a mechanism that?s different from the experimental therapies from Johnson & Johnson, Pfizer Inc. and Lilly that are designed to clear beta amyloid from the brain by binding directly to the protein. Instead, it was associated with a 40 percent reduction in beta amyloid in those people carrying it, the paper said. The discovery signals that beta secretase inhibitors such as Merck?s, expected this year to start the second of three phases of clinical testing generally needed for marketing approval, might be on the right track. ?It provides encouraging evidence that reducing the production of amyloid, and in particular through beta secretase activity matters for preclinical disease,? said Eric Reiman, chief executive officer of Banner Research, a Phoenix-based medical research institute, and a professor of psychiatry at the University of Arizona in a telephone interview. ?The question is, how early do you need to start?? To contact the reporter on this story: Elizabeth Lopatto in New York at elopatto at bloomberg.net. To contact the editor responsible for this story: Reg Gale at rgale5 at bloomberg.net. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 11 22:08:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jul 2012 23:08:38 -0400 Subject: [Infowarrior] - Congress considers prosecutions of reporters over leaked information Message-ID: http://www.mcclatchydc.com/2012/07/11/155833/congress-considers-prosecutions.html#storylink=rss Posted on Wednesday, July 11, 2012 Congress considers prosecutions of reporters over leaked information By Annika McGinnis | McClatchy Newspapers WASHINGTON ? In response to New York Times stories that relied on leaks of sensitive national-security information, a House of Representatives panel on Wednesday discussed legislation that could allow journalists to be prosecuted for disclosing such information. Army Col. Ken Allard testified to a House Judiciary subcommittee that the extent of national security leaks is ?unprecedented? in American history. Recent examples include the Times? investigations of President Barack Obama?s terrorist ?kill list? and American cyberattacks on Iran. According to Allard, such investigations threaten national security and serve only to promote the news media?s self-interest. He charged that such investigations were carefully planned to help Obama?s re-election chances and to advance the media?s own agenda. An example, he said, was New York Times reporter David Sanger?s new book, ?Confront and Conceal,? which details American cyberattacks on Iranian nuclear facilities. Allard testified that Sanger was ?systematically penetrating the Obama White House as effectively as any foreign agent,? which he said exposed vital secrets to Iran and put the U.S. in danger of retaliation. ?Far from advancing our rights as citizens ? as a free press should ? Mr. Sanger deliberately placed his country at significant risk for his own profit,? Allard charged. Leaks of this nature expose details of crucial security operations, including the people involved in them, lawyer Kenneth L. Wainstein testified. He said they also informed the nation?s adversaries of U.S. methods, compromised the well-being of government personnel and U.S. alliances, and undermined the integrity of government services. Nathan Sales, a law assistant professor at George Mason University, also stressed the importance of protecting national-security information. ?If it leaks, we can?t wiretap Osama bin Laden,? he said. ?If it leaks, sources get caught, incriminated and killed.? As the committee considers revising legislation that would prosecute leakers, Rep. Trey Gowdy, R-S.C., also urged criminal prosecutions of reporters. ?Why not send a subpoena to the reporter?? Gowdy said. ?Put them in front of a grand jury. You either answer a question or you?re going to be held in contempt and go to jail, which is what I thought all reporters aspire to anyway.? Other committee members said the First Amendment protected the media?s right to publish such information. They also talked about the media?s watchdog role, helping to hold the government accountable for illegal actions. Rep. James Sensenbrenner, R-Wis., the chairman of the subcommittee, said whistleblower laws enabled holding the government accountable without going to the media, however. Such laws allow citizens to go directly to the federal government about instances of government wrongdoing. The committee won?t have time in this session of Congress to revise the laws that define actions that are subject to prosecution for those involved in disseminating leaked information, Sensenbrenner said. In the next session, however, he said, the committee aims to revamp the Espionage Act, a 1917 law that sets up methods for prosecuting people who divulge sensitive information. Sensenbrenner said when the legislation was revamped it must address the over-classification of government information and create a standard of liability for those who leak classified information to someone without a security clearance. He said the potential to prosecute reporters also must be considered. ?We?ve got the constitutional issue about the First Amendment protecting the freedom of the press, but there has to be a balance,? he said. ?I feel that there has to be some self-restraint on the part of the press, saying we have this information but it would be tremendously damaging to our nation if it was published.? Lucy Dalglish, the executive director of the Reporters Committee for Freedom of the Press, said in an email after the hearing that reporters took care to consider national security concerns when they were writing stories. "I?m not in a position to know what the threat might be from those particular stories,? she said of the stories discussed in the hearing. ?I do know, however, that the Times and other experienced reporters do their best to minimize harm to the public.? She added: "There is no need for a new law, and certainly not a new law that was rushed through Congress without careful consideration of the First Amendment interests of the media and other members of the public who share national security information." A representative for the Times couldn?t be reached for comment Wednesday. Email: amcginnis at mcclatchydc.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 12 07:54:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jul 2012 08:54:23 -0400 Subject: [Infowarrior] - Sovereignty RIP? USG officers have powers to make arrests in Canada Message-ID: (Again, something highly controversial to the domestic population is buried in a must-pass spending bill. Of course, that's the whole idea, to keep such things away from public eye, because in a modern democracy, public debate is frowned upon. My Canadian friends are apoplectic this morning. --rick) Cross-border policing provokes sovereignty worries U.S. officers have powers to make arrests in Canada By Mark Gollom, CBC News Posted: Jul 11, 2012 5:27 AM ET Last Updated: Jul 11, 2012 11:05 AM ET http://www.cbc.ca/news/canada/story/2012/07/10/cross-border-policing-integration-sovereignty.html?cmp=rss When the Conservative government passed its controversial omnibus budget bill last month, it included new powers for certain U.S. law enforcement agents that critics say could have ramifications for Canadian sovereignty. The Integrated Cross Border Law Enforcement Operations Act now makes it possible for American officers to cross the border into Canada where, as the act states, they have "the same power to enforce an act of Parliament as a member of the Royal Canadian Mounted Police." This means they'll be armed and have the powers to arrest suspects in Canadian territory. Now, small crews, made up of Canadian and U.S. officers specially designated and trained for cross-border policing, can go back and forth across the maritime border, all the while subject to the laws of the country they are in. < - > Although the law deals with Canadian and U.S. waters, some are raising concerns that the next phase of the plan, a land-based version of integrated policing, could be more problematic. < - > http://www.cbc.ca/news/canada/story/2012/07/10/cross-border-policing-integration-sovereignty.html?cmp=rss --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 12 08:09:57 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jul 2012 09:09:57 -0400 Subject: [Infowarrior] - How Amazon is killing retail chains Message-ID: <6C162489-7849-4ABF-9DEA-AB65219B6694@infowarrior.org> (Good for them: I have never had a problem Amazon products, returns, customer service, or competitive pricing matches -- unlike other brick-and-mortar' stores. So in their quest to force Amazon to play by their rules, the traditional retailers may well be digging their own graves. Oh, well, ye reap what ye sow. -- rick) I Want It Today How Amazon?s ambitious new push for same-day delivery will destroy local retail. By Farhad Manjoo|Posted Wednesday, July 11, 2012, at 5:53 PM ET http://www.slate.com/articles/business/small_business/2012/07/amazon_same_day_delivery_how_the_e_commerce_giant_will_destroy_local_retail_.html?tid=sm_tw_button_toolbar Amazon has long enjoyed an unbeatable price advantage over its physical rivals. When I buy a $1,000 laptop from Wal-Mart, the company is required to collect local sales tax from me, so I pay almost $1,100 at checkout. In most states, Amazon is exempt from that rule. According to a 1992 Supreme Court ruling, only firms with a physical presence in a state are required to collect taxes from residents. Technically, when I buy a $1,000 laptop from Amazon, I?m supposed to pay a $100 ?use tax? when I file my annual return with my home state of California. But nobody does that. For most people, then, most items at Amazon are significantly cheaper than the same, identically priced items at other stores. In response to pressure from local businesses, many states have passed laws that aim to force Amazon to collect sales taxes (the laws do so by broadening what it means for a company to have a physical presence in the state). Amazon hasn?t taken kindly to these efforts. It has filed numerous legal challenges, and fired all of its marketing affiliates in Colorado, North Carolina, Rhode Island, and California. It also launched a $5 million political campaign to get voters to turn back the California law. And when Texas? comptroller presented Amazon with a $269 million sales tax bill last year, the company shut down its distribution center in Dallas. But suddenly, Amazon has stopped fighting the sales-tax war. Last fall it dropped its repeal campaign in California and instead signed a deal with lawmakers to begin collecting sales taxes later this year. That was followed by several more tax deals?over the course of the next couple years, Amazon will begin collecting sales tax from residents of Nevada, New Jersey, Indiana, Tennessee, Virginia, and on July 1, it began collecting taxes from Texans. It also currently collects taxes from residents of Kansas, Kentucky, New York, North Dakota, and its home state of Washington. After all the tax deals go into effect, the company will be collecting taxes from the majority of its American customers. Why would Amazon give up its precious tax advantage? This week, as part of an excellent investigative series on the firm, the Financial Times? Barney Jopson reports that Amazon?s tax capitulation is part of a major shift in the company?s operations. Amazon?s grand strategy has been to set up distribution centers in faraway, low-cost states and then ship stuff to people in more populous, high-cost states. When I order stuff from Amazon, for instance, it gets shipped to California from one of the company?s massive warehouses in Kentucky or Nevada. But now Amazon has a new game. Now that it has agreed to collect sales taxes, the company can legally set up warehouses right inside some of the largest metropolitan areas in the nation. Why would it want to do that? Because Amazon?s new goal is to get stuff to you immediately?as soon as a few hours after you hit Buy. (Disclosure: Slate participates in Amazon Associates, an "affiliate" advertising plan that rewards websites for sending customers to the online store. This means that if you click on an Amazon link from Slate?including a link in this story?and you end up buying something, Amazon will send Slate a percentage of your final purchase price.) It?s hard to overstate how thoroughly this move will shake up the retail industry. Same-day delivery has long been the holy grail of Internet retailers, something that dozens of startups have tried and failed to accomplish. (Remember Kozmo.com?) But Amazon is investing billions to make next-day delivery standard, and same-day delivery an option for lots of customers. If it can pull that off, the company will permanently alter how we shop. To put it more bluntly: Physical retailers will be hosed. Can Amazon pull it off? It?s sure spending a lot of money to try, and it has already come up with a few creative ways to speed up deliveries. In each of the deals it has signed with states, the company has promised to build at least one?and sometimes many?new local warehouses. Some of these facilities are very close to huge swaths of the population. Amazon is investing $130 million in new facilities in New Jersey that will bring it into the backyard of New York City; another $135 to build two centers in Virginia that will allow it to service much of the mid-Atlantic; $200 million in Texas; and more than $150 million in Tennessee and $150 million in Indiana to serve the middle of the country. Its plans for California are the grandest of all. This year, Amazon will open two huge distribution centers near Los Angeles and the San Francisco Bay Area, and over the next three years it might open as many as 10 more in the state. In total, Amazon will spend $500 million and hire 10,000 people at its new California warehouses. But Amazon isn?t simply opening up a lot of new shipping centers. It?s also investing in making those centers much more efficient. Earlier this year, it purchased Kiva Systems, a company that makes cute, amazingly productive ?picking robots? that improve shipping times while reducing errors. Another effort will allow the company to get stuff to you even faster. In Seattle, New York, and the United Kingdom, the firm has set up automated ?lockers? in drug stores and convenience stores. If you order something from Amazon and you work near one of these lockers, the company will offer to drop off your item there. On your way home from work, you can just stop by Rite Aid, punch in a security code, and get your stuff. All these efforts seem to be paying off. I?m a frequent Amazon shopper, and over the last few months I?ve noticed a significant improvement in its shipping times. As a subscriber to Amazon?s Prime subscription service, I?m used to getting two-day shipping on most items for free. But on about a third of my purchases, my package arrives after just one day for no extra charge. Sometimes the service is so speedy it seems almost magical. One Friday afternoon last month, I ordered three smoke alarms, and I debated paying extra for shipping so that I could install them over the weekend. The $9 per item that Amazon charges for Saturday delivery seemed too steep, though, so I went with standard two-day service. The next morning, the delivery guy arrived with my smoke detectors. I?d gotten next-day Saturday service for free. I have no idea how Amazon made any money on my order (the whole bill was less than $30) but several people on Twitter told me that they?ve experienced similarly delightful service. If Amazon can send me stuff overnight for free without a distribution center nearby, it?s not hard to guess what it can do once it has lots of warehouses within driving distance of my house. Instead of surprising me by getting something to me the next day, I suspect that, over the next few years, next-day service will become its default shipping method on most of its items. Meanwhile it will offer same-day service as a cheap upgrade. For $5 extra, you can have that laptop waiting for you when you get home from work. Wouldn?t you take that deal? I bet you would. Physical retailers have long argued that once Amazon plays fairly on taxes, the company wouldn?t look like such a great deal to most consumers. If prices were equal, you?d always go with the ?instant gratification? of shopping in the real world. The trouble with that argument is that shopping offline isn?t really ?instant??it takes time to get in the car, go to the store, find what you want, stand in line, and drive back home. Getting something shipped to your house offers gratification that?s even more instant: Order something in the morning and get it later in the day, without doing anything else. Why would you ever shop anywhere else? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 12 15:51:11 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jul 2012 16:51:11 -0400 Subject: [Infowarrior] - FBI Wants To Make It Easier For You To Tell Your Customers They Might Be Felonious Pirates Message-ID: FBI Wants To Make It Easier For You To Tell Your Customers They Might Be Felonious Pirates http://www.techdirt.com/articles/20120712/11195219675/fbi-wants-to-make-it-easier-you-to-tell-your-customers-they-might-be-felonious-pirates.shtml It's the FBI's special "anti-piracy" warning. For the past few years, under a special "pilot" program, the FBI has allowed the RIAA, MPAA, BSA, ESA and SIIA (basically, the big record labels, movie studios, video game makers and software companies) to make use of the logo to warn all of their customers that they just might be felons and the FBI might show up at any moment. It's pure FUD. It also makes no difference. Is there seriously anyone anywhere in the world who sees this logo and suddenly changes their behavior? However, this program is about to expand in a big, big way. The FBI is about to release new rules (pdf and embedded below) that expand the program so that any copyright holder will be allowed to slap this logo on their product. Expect to start seeing it everywhere... and to feel that much more like the content creator you're legitimately buying from thinks you're a crook subject to federal law enforcement action. Way to "connect" with fans, huh? The document from the FBI discussing this repeats a few times that the FBI really feels like this program is effective and important. Could they be any more out of touch? < - > Finally, notice that nowhere does the FBI provide any data on how effective this program has been. Because there isn't any. The MPAA shows this logo before movies, and it's not like there has been any less infringement. In fact, the FBI and ICE recently decided to double up and extend the warnings on DVDs , and it's not like that made a difference either. No, instead, all it's done is piss off tons of legitimate customers, who paid good money for the content, only to be interrupted by a giant FBI logo warning them that they may be criminals facing federal charges. The FBI even admits: "it is difficult to measure the effectiveness of the APW Seal program at preventing piracy," but apparently that won't stop it from expanding it. Who in their right mind thinks this is a sensible strategy? < - > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 12 15:54:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jul 2012 16:54:06 -0400 Subject: [Infowarrior] - Dear Lamer Smith & House Judiciary: Have You Learned Nothing From SOPA? Message-ID: <8B35EBC0-A6EE-4F40-9F8B-3DA6741A9BCE@infowarrior.org> (Note: In accordance with the spirit of my views on the matter, I corrected the spelling of Smith's name in the subject line. --rick) Dear Lamar Smith & House Judiciary: Have You Learned Nothing From SOPA? from the ridiculous dept I've been hearing for a few months now that the staffers on the House Judiciary Committee, who were the main supporters of SOPA, haven't been able to let go of what happened (or even understand it). That's been pretty obvious from the few public statements they've made since SOPA failed. And now it's been made doubly clear. On Monday, we wrote about how Lamar Smith and the House Judiciary Committee that he chairs were looking to rush through a piece of SOPA embedded in another bill. It wasn't one of the most controversial bits, but it was an issue we had raised with SOPA, even if it took a back seat to some of the bigger problems. What was stunning was that the SOPA protests were largely about process -- backroom deals, without public input or scrutiny -- and in this case, with this new bill (officially dubbed the Intellectual Property Attache Act) they not only did the same thing, but were trying to rush it through on a fast track significantly more extreme than SOPA. That is, they only shared the draft on Saturday and announced that there would be a markup on the bill (which they never even introduced) on Tuesday morning. That's rare. Normally, you officially introduce the bill, hold various hearings that involve experts, make some adjustments, and then hold a markup hearing to allow for additional amendments. In this case, they jumped right to that last step -- completely skipping over some rather major steps that would allow for public input and scrutiny. In other words, they did the exact opposite of what the SOPA experience told them they should do. < - > http://www.techdirt.com/articles/20120711/18211719667/dear-lamar-smith-house-judiciary-have-you-learned-nothing-sopa.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 12 21:34:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jul 2012 22:34:39 -0400 Subject: [Infowarrior] - RIAA Presentation: Copyright Alert System and Voluntary Initiatives to Combat Piracy Message-ID: <5A1C6D17-110E-49C1-8CE6-DC3B9791EBFF@infowarrior.org> There are several dubious claims / statements in this document. Moreover, it's interesting to see that the *only* page marked "Confidential" is the slide of statistics regarding (alleged) sources of music piracy. Wonder why. --- rick RIAA Presentation: Copyright Alert System and Voluntary Initiatives to Combat Piracy July 13, 2012 in Corporate The following presentation from Victoria Sheckler, Deputy General Counsel of the Recording Industry Association of America, was presented at an International Federation of the Phonographic Industry meeting in Panama in April 2012. It contains information on an upcoming effort by internet service providers to police their users? sharing of copyrighted material called the Copyright Alert System. The presentation also discusses other voluntary measures such as agreements by payment processors to stop doing business with sites that are ?repeat offenders? and efforts to encourage domain name registrars to enforce stricter ?whois? policies. PDF @ http://publicintelligence.net/riaa-copyright-alert-system/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 06:14:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 07:14:17 -0400 Subject: [Infowarrior] - =?windows-1252?q?Can_you_envision_a_=93successful?= =?windows-1252?q?_failure=94=3F?= Message-ID: (c/o MM) July 13, 2012 Can you envision a ?successful failure?? Filed under: Catastrophes,Risk Assessment,Strategy ? by Philip J. Palin on July 13, 2012 http://www.hlswatch.com/2012/07/13/can-you-envision-a-successful-failure/ In the movie Apollo 13 ? recounting the nearly deadly 1970 moon mission ? the heroic NASA mission director says, ?Failure is not an option.? The real hero ? Gene Kranz ? never said this. It?s a scriptwriter?s creation. After the movie?s success, Mr. Kranz did use the phrase as the title of his memoir. Failure is always an option. We recently received several reminders of this reality: The final report on Air France Flight 447 found that ?the crew was in a state of near-total loss of control? because of inconsistent data reports. A Japanese parliamentary commission found the Fukushima nuclear emergency was a ?profoundly man-made disaster.? (See a good summary from the BBC.) Last week from Columbus, Ohio to Charleston, West Virginia to Washington DC the best laid plans of intelligent people and competent organizations unraveled before an unexpected strong storm. There was failure. There was passivity, fear, denial, selfishness and greed. At Fukushima and in response to the derecho there was also creativity, courage, patience, generosity, self-sacrifice and resilience. We don?t know enough about what happened over the South Atlantic to be sure, but I expect even in those horrific 3 minutes, 30 seconds the full range of humanity could be found. Across all these situations there was uncertainty. Some level of uncertainty is innate to nearly every context. But we are increasingly adept at self-creating even more. Responding to the Air France Final Report, William Voss, President of the Flight Safety Foundation, told The Guardian, ?Pilots a generation ago would have? understood what was going on, but [the AF447 pilots] were so conditioned to rely on the automation that they were unable to do this,? he said. ?This is a problem not just limited to Air France or Airbus, it?s a problem we?re seeing around the world because pilots are being conditioned to treat automated processed data as truth, and not compare it with the raw information that lies underneath.? It?s a problem well-beyond commercial aviation. We organize much of our lives around the assumption that automated processes will persist and critical information will be available. We expect to be warned of a threat, about the location and condition of our family and friends, and about when a crisis will be over. We expect to be able to access our credit and cash accounts. We expect to be able to travel from here to there to purchase what we need and reunite with those we love. If necessary, we expect to be able to call 911 and quickly get professional help. Over the last two generations everyday life has ? increasingly ? demonstrated these are reasonable expectations. We are habituated to success. But like the Air France pilots, when our information habit is not being fed our response can be self-destructive. In the absence of information we tend to continue as usual or focus on restoring access to information. Both behaviors can significantly increase our risk by ignoring rapidly changing conditions and/or delaying thoughtful engagement with changed conditions. The Apollo 13 Review Board found the accident, ??resulted from an unusual combination of mistakes, coupled with a somewhat deficient and unforgiving design.? The deficient and unforgiving design that many of us ? private citizens as well as public safety agencies ? have adopted is dependence on just-in-time information. My twenty-something children seldom pre-plan in any significant way. They expect cell phones, text messaging, Facebook, and email to allow them to seize the best opportunities that unfold. It works and I envy them. Except when it does not work. Except when these digital networks fail. Much of our consumer culture is built around the same approach. We have become an economy, a society optimized for just-in-time. It can be a beautiful dance of wonderful possibilities emerging in a moment and rapidly synchronized across time and space. Until the music stops. In the three examples above (not all catastrophic) there is a shared over-confidence in the fail-safe capabilities of protective design and effective communications. In each of these cases the design bias increased risk exposure, communications was confusing or worse, and both the design and the communications protocols complicated effective human response once risk was experienced. There are several contending definitions of resilience. Something that all the definitions I have encountered share is an expectation of failure. Resilience is in many cases the learned-response to failure. If it doesn?t kill you, you can learn from it. The good news ? and the bad news ? is that catastrophes are sufficiently rare that we don?t get many opportunities to learn about catastrophic resilience. What is a ?forgiving design? for encountering catastrophe? In April 2010 Jim Lovell, the commander of Apollo 13, called the mission a ?successful failure.? Lovell explained that while Apollo 13 never reached the moon, there was ?a great success in the ability of people to take an almost certain catastrophe and turn it into a successful recovery.? Envision a complete blackout of telecommunications (voice and data) across a region, say, extending from the mouth of the Susquehanna River south to the Potomac River and from about the Bull Run Mountains in the West to the Chesapeake Bay in the East. This encompasses roughly 5 million residents. Such a blackout for any sustained period is an ?an almost certain catastrophe?. Can we envision how to ?turn it into a successful recovery?? What could be done? What should be done? What does the mental exercise (more?) tell us about our dependencies, our operational options, mitigation opportunities, and creativity? I know, I know? such an event is wildly unlikely? nearly unimaginable. Just about as silly as a bad thermostat undoing a mission to the moon. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 06:18:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 07:18:42 -0400 Subject: [Infowarrior] - OT: No, the markets aren't rigged. Message-ID: <21A7A594-9549-419F-BCB8-8C5595D6978D@infowarrior.org> Market Savior? Stocks Might Be 50% Lower Without Fed http://www.cnbc.com/id/48165921 A report from the Federal Reserve Bank of New York suggests that the bulk of equity returns for more than a decade are due to actions by the US central bank. < - > For example, the market has a tendency to rise in the 24-hour period before the release of the Fed?s statement on interest rates and the economy, presumably on expectations Chairman Ben Bernanke and his predecessor, Alan Greenspan, would discuss or implement a stimulus measure to lift asset prices. The FOMC has released eight announcements a year at 2:15 ET since 1994. The study took the gains in the S&P 500 from 2 pm the day before the announcement to 2 pm the day of the statement and subtracted that market move from the S&P 500?s total return over that time span. Without the gains in anticipation of a positive Fed action, the S&P 500 would stand at just 600 today, rather than above 1300. < - > http://www.cnbc.com/id/48165921 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 06:21:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 07:21:06 -0400 Subject: [Infowarrior] - How Google products go from creepy to cool Message-ID: How Google products go from creepy to cool In the psychological evolution of Google products for people who rely on them every day, convenience regularly trumps privacy concerns. Are you cool with that? < - > http://news.cnet.com/8301-1009_3-57470750-83/how-google-products-go-from-creepy-to-cool/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 07:02:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 08:02:30 -0400 Subject: [Infowarrior] - Tech: Storage Suckers Message-ID: <44D04B3B-A7F5-41F9-A8D5-7A42DE308F44@infowarrior.org> Buying an iPhone? Get the Smallest Possible Amount of Storage. By Farhad Manjoo | Posted Thursday, July 12, 2012, at 6:11 PM ET | Posted Thursday, July 12, 2012, at 6:11 PM ET Slate.com Storage Suckers http://www.slate.com/articles/technology/technology/2012/07/apple_profit_margins_you_re_paying_way_way_too_much_to_get_a_little_more_space_on_your_ipad_and_iphone_.single.html You?re paying way, way too much to get a little more space on your iPad and iPhone. When Google unveiled its new tablet computer earlier this month, the company disclosed that it wouldn?t be making much of a profit on the device. That?s partly true. This week iSuppli, a research firm that specializes in breaking down devices to determine the cost of their constituent parts, reported that Google and its hardware partner Asus spend about $159 to make the entry-level Nexus 7. That model holds 8GB of data and sells for $199. When you consider all the additional costs of selling the gadget?software, marketing, licensing, packaging, and the $25 of Google Play credits that come with the tablet?it?s quite likely that Google is making very little on every 8GB Nexus 7 it sells. It might even be losing money. But that?s only half of the story. Google also offers a higher-end model of the Nexus 7, this one with 16GB of storage that goes for $249. According to iSuppli, doubling the storage capacity of the tablet costs Google and Asus just $7.50. By charging you a premium price for a low-cost upgrade, Google turns its cheap tablet into a nice moneymaker. If you fall for the 16GB model, you?re Google?s sucker. It?s not just Google. Charging a lot of money for extra storage on phones and tablets has become a significant source of the tech industry?s profits. There?s only one company to blame (or credit) for this trend: Apple, of course. Ever since the days of the iPod, Apple has boosted its bottom line through upgrades. The company offers the entry-level versions of its devices at a price that seems reasonable to many people. This entry-level price functions as a marketing come-on?a way to get you in the store. Once you?re there, your eye wanders to the next level. Is 16GB really enough space on my beautiful new iPad?won?t I feel cramped on a year or two? Shouldn?t I spring for more? It?s only $100 ? . That?s exactly what Apple wants you think. Once you decide to move beyond the entry-level iPad, the company?s profits soar. According to iSuppli, it costs Apple about $316 to make the low-end 16GB iPad, which the company sells for $499?a margin of about 37 percent, not including non-manufacturing costs. Doubling the storage space to 32GB costs Apple $17 more, but it charges you $599 for that model, boosting its margin to 45 percent. On the high-end Wi-Fi model, which offers you 64GB of space for $699, Apple?s non-manufacturing profit margin shoots up to 48 percent. But that?s not all! If you get an iPad with 4G cellular connectivity, you?re really in for it. The very top-end iPad, a 64GB model with 4G, will set you back $829 for a device that costs Apple $408 to make?a margin of 51 percent, or twice what Apple makes on the cheapest iPad. There may be other popular products that carry such a breathtaking markup, but I bet most of them are monitored by the DEA. These enormous profit margins prompt two questions. First, why do tech companies charge so much for just a few dollars of extra stuff? Second, are they ripping you off? The answers are pretty simple: They gouge you because they can. And of course you?re getting ripped off! Try to remember this when you find yourself giving in to upgrade temptation. These days, for most people, upgrading to get extra space is usually overkill. It?s easy to understand why storage upgrades are so tempting. Unlike PCs, phones and tablets are self-contained, locked-up devices. They carry the threat of obsolescence. If you run out of space on your desktop, you can always get an external hard drive. You can?t do that on your phone: Once you find yourself with too many photos, apps, videos, and songs, you might have to start deleting stuff, and nobody wants to do that. ?I think that they want you to realize that since they?re giving you enough horsepower and resolution and features, you?ll find that 8GB probably isn?t going to cut it, and you?ll make the impulse upgrade,? says Andrew Rassweiler, an analyst at iSuppli. ?I don?t want to call [the entry-level model] a false offering, but they expect a lot of people to upgrade out of necessity so that it improves their margins.? The 8GB of storage that come with the Nexus 7?s entry-level tablet doesn?t sound like a lot, but I suspect it?s enough for most people. The 16GB of storage available on the cheapest iPad, meanwhile, should be more than plenty. You?ll almost always use these devices when they?re connected to a broadband line?when you?re at home, work, or a coffee shop?or when you?re in between those locations. This means you?ll always be pretty close to virtually unlimited online storage?the splendors of Dropbox, Netflix, Spotify, iCloud, Flickr, Facebook, et al?so you won?t need to keep all of your media on your tablet. On your cheap 16GB iPad, you?ll be able to keep the most important stuff with you all the time. For everything else, look to the cloud. Now, I bet that more than a few readers will chime in to testify about their unquenchable appetite for more gigs. Perhaps your music collection is overwhelming. Perhaps you can never stand to be without tens of thousands of photos of your kid. Perhaps you?re in the movie business and you need lots and lots of room for various cuts of your next blockbuster. I?ll concede that the cloud just isn?t good enough yet?networks aren?t fast or reliable enough?to satisfy some power users, and for those people, paying $100 or $200 for extra space, even at a high markup, might be well worth it. But I?m imploring you to take a minute to examine your needs. Don?t upgrade on impulse. Chances are you?re not a power user, especially if your tablet is meant to be a secondary device. If you?re mostly using it around the house to browse the Web, even the Nexus 7?s paltry-sounding 8GB should suit you. Apple and other device makers probably recognize this as well. They?re making a lot of money from jacking up the price of storage now, but that party can?t last forever. For one thing, as Rassweiler points out, the cost of Flash memory is sliding. Earlier this year, Apple acquired Anobit, a startup that will likely reduce storage prices even further. (One theory is that Anobit?s technology will allow Apple to cram more data on each Flash chip, letting it make a 24GB iPad with a 16GB chip.) Today, Flash memory chips cost about $1 per gigabyte, but as tech improvements slash these prices, Apple and its rivals will feel pressure to bump up the base level of storage. Once that happens?if Apple?s entry-level iPad offers 24GB or 32GB?upgrading will become even less attractive, especially if broadband networks and cloud-enabled apps keep improving. You should keep this future in mind when you?re at the Apple Store. How long are you going to keep your new iPad, anyway? Better phones and tablets come out every year. The one you?re buying now isn?t going to be with you forever. At best, you?ll get three years out of it before it becomes obsolete. Modern gadgets are meant to be disposable machines, not eternal repositories of all your stuff. So buy just as much as you need?and if you find yourself running out of room someday, well, Apple will be happy to take your money for whatever it?s peddling then. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 07:53:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 08:53:25 -0400 Subject: [Infowarrior] - Feds: We need priority access to cloud resources Message-ID: <6B3CC9FE-32BD-4EB9-86CF-4D4BD676533E@infowarrior.org> http://www.networkworld.com/news/2012/071212-feds-cloud-260847.html Feds: We need priority access to cloud resources Federal report says before national security and emergency response workloads can be placed in commercial clouds, the government needs assurance resources will be available during emergencies By Brandon Butler, Network World July 12, 2012 10:43 AM ET Federal agencies must be assured priority and uninterrupted access to public cloud resources before fully embracing the technology for national security and emergency response IT functions, a recent report finds. The government's "Cloud First" policy mandates that as many applications and workloads be moved to the cloud as possible, but a report from the President's National Security Telecommunications Advisory Committee finds that cloud technologies related to service uptime, interoperability and security are largely not yet mature enough to handle some of the government's most sensitive workloads. LESSONS LEARNED: The 7 most common challenges to cloud computing SCIENCE CLOUD: Higgs boson researchers consider move to cloud computing Will the federal government eventually move those national security and emergency preparedness (NS/EP) functions to the cloud? "If and when cloud computing can demonstrate a regime of policy, legal authority, security and oversight that is comparably rigorous, complete and trustworthy relative to those currently in place for NS/EP activities via legacy means, then the response is 'yes,'" the report states. But first, the cloud market needs to mature a little bit more. No doubt there are benefits to embracing the cloud, the report states. Outsourcing IT functions to commercial cloud providers can reduce IT capital expenditures and the ability to scale up workloads creates more agility. But for NS/EP IT functions, cost savings are secondary. The priority is improved mission performance and being assured those resources are available during a national emergency. Downtime is unacceptable. "Fundamental requirements of NS/EP include a high degree of assured availability under any condition of stress; high measures of system and content integrity; confidentiality as required by specific missions; and mechanisms for priority access to resources in the performance of NS/EP functions," the report states. The report's findings resonate as outages from major cloud providers have impacted customers in recent weeks. Amazon Web Services, for example, experienced a power outage during an electrical storm, knocking out service to some customers in late June. Salesforce.com, the major software-as-a-service (SaaS) provider, has had two outages in as many weeks. The report lists some qualities of service level agreements (SLAs) that should be addressed for NS/EP functions to be moved to the public cloud. These include continuous monitoring of the cloud infrastructure by the provider, third-party audits, data encryption and various certifications and accreditations, including continuously evolving accreditation requirements from the Federal Risk and Authorization Management Program (FedRAMP). Jamie Dos Santos, president of Terremark Federal Cloud and a member of the NSTAC, runs an infrastructure-as-a-service (IaaS) offering aimed specifically at public agencies and she says the government is in a unique position to push public cloud providers to meet the security standards needed to host NS/EP functions. She says it's a constant work in progress. "Government agencies need to work with cloud service providers to design and implement business continuity plans that will ensure the availability of mission-critical data during national security and emergency situations," she says. "Ensuring that the cloud service provider has achieved and exceeded regulatory compliance for the security and reliability of the infrastructure powering their cloud environments is critical." One way to ensure availability is to spread the workloads across multiple cloud providers, but that's difficult at this point, the report notes. Even if the federal government does encourage providers to meet certain security criteria, there is no guarantee those will be adopted across the entire industry. The lack of standards in the industry prevents the portability of workloads across various cloud providers, the report states. So will the public cloud ever get to the point of being able to host critical government information? The report says federal government processes related to NS/EP will be ready to move to the cloud "if and when cloud computing can demonstrate a regime of policy, legal authority, security, and oversight that is comparably rigorous, complete, and trustworthy relative to those currently in place for NS/EP activities." Dos Santos says many federal agencies are already moving swiftly to cloud infrastructures, such as the General Services Administration's email services and many of the Veterans Affairs IT functions. But there is a large portion of sensitive information that is not yet in the cloud, and the cloud market needs continuing maturation before it is. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 13 08:16:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jul 2012 09:16:12 -0400 Subject: [Infowarrior] - Facebook Monitors Your Chats for Criminal Activity Message-ID: Not surprising, and certainly to be expected. --rick (c/o JC) Facebook Monitors Your Chats for Criminal Activity http://mashable.com/2012/07/12/facebook-scanning-chats/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 16 20:26:09 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 16 Jul 2012 21:26:09 -0400 Subject: [Infowarrior] - Olympics Can't Hire Enough Actual Security, But Fully Staffed With 'Brand Police' Message-ID: <6D13F041-9B73-491F-9975-F89E1E536456@infowarrior.org> Olympics Can't Hire Enough Actual Security, But Fully Staffed With 'Brand Police' from the that'll-work dept http://www.techdirt.com/articles/20120716/11465719713/olympics-cant-hire-enough-actual-security-fully-staffed-with-brand-police.shtml We've talked about how the Olympics are so focused on hiding any non-sponsor brand that they had officials in Beijing during the last Olympics tape over bathroom fixtures from non-sponsoring companies. And it was clear that this same sort of activity was set to continue this time around in London, including a specific law against "ambush marketing." You may have heard the reports in London about the terrible security for the London Olympics that has left things in "absolute chaos," due to a failure to hire enough security personnel. In fact, there's talk of soldiers having to be called in to help. Given all that, it's interesting to find out that the Olympics do have a fully-staffed "brand police" force, which is heading around the city to carefully block any non-sponsor brands, and try to track down and kill off any kind of unpaid-for marketing. <-> Almost 300 enforcement officers will be seen across the country checking firms to ensure they are not staging "ambush marketing" or illegally associating themselves with the Games at the expense of official sponsors such as Adidas, McDonald's, Coca-Cola and BP.... Wearing purple caps and tops, the experts in trading and advertising working for the Olympic Delivery Authority (ODA) are heading the biggest brand protection operation staged in the UK. Under legislation specially introduced for the London Games, they have the right to enter shops and offices and bring court action with fines of up to ?20,000. <-> So, if a terrorist attack happens to hit London over the next few weeks, at least we'll know that it wasn't sponsored by some non-paying brand. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 17 07:38:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jul 2012 08:38:01 -0400 Subject: [Infowarrior] - NSA Mimics Google, Annoys Senate Message-ID: <0117DCBC-E80F-4B9E-8F55-50ABAB71C39A@infowarrior.org> (note: article title changed slightly to avoid idiotic mail-filter problems on your end. --rick) NSA Mimics Google, Annoys Senate ? By Cade Metz ? http://www.wired.com/wiredenterprise/2012/07/nsa-accumulo-google-bigtable/ ? July 17, 2012 | ? 6:30 am | ? Categories: Database Software In 2008, a team of software coders inside the National Security Agency started reverse-engineering the database that ran Google. They closely followed the Google research paper describing BigTable ? the sweeping database that underpinned many of the Google?s online services, running across tens of thousands of computer servers ? but they also went a little further. In rebuilding this massive database, they beefed up the security. After all, this was the NSA. Like Google, the agency needed a way of storing and retrieving massive amounts of data across an army of servers, but it also needed extra tools for protecting all that data from prying eyes. They added ?cell level? software controls that could separate various classifications of data, ensuring that each user could only access the information they were authorized to access. It was akey part of the NSA?s effort to improve the security of its own networks. But the NSA also saw the database as something that could improve security across the federal government ? and beyond. Last September, the agency open sourced its Google mimic, releasing the code as the Accumulo project. It?s a common open source story ? except that the Senate Armed Services Committee wants to put the brakes on the project. In a bill recently introduced on Capitol Hill, the committee questions whether Accumulo runs afoul of a government policy that prevents federal agencies from building their own software when they have access to commercial alternatives. The bill could ban the Department of Defense from using the NSA?s database ? and it could force the NSA to meld the project?s security tools with other open source projects that mimic Google?s BigTable. The NSA, you see, is just one of many organizations that have open sourced code that seeks tomimic the Google infrastructure. Like other commercial outfits, the agency not only wants to share the database with other government organizations and companies, it aimed to improve the platform by encouraging other developers to contribute code. But when the government?s involved, there?s often a twist. The U.S. government has a long history with open source software, but there are times when policy and politics bump up against efforts to freely share software code ? just as they do in the corporate world. In recent years, the most famous example is NASA?s Nebula project, which overcame myriad bureaucratic hurdles before busting out of the space agency in a big way, seeding the popular OpenStack platform. That said, the Accumulo kerfuffle is a little different. In trying to determine whether Accumulo duplicates existing projects, the bill floated by the Senate Armed Services committee uses such specific language, some believe it could set a dangerous precedent for the use of other open source projects inside the federal government. The NSA at ?Internet Scale? Originally called Cloudbase by the NSA, Accumulo is already used inside the agency, according to a speech given last fall by Gen. Keith Alexander, the director of the NSA. Basically, it allows the NSA to store enormous amounts of data in a single software platform, rather than spread it across a wide range of disparate databases that must be accessed separately. Accumulo is what?s commonly known as a ?NoSQL? database. Unlike a traditional SQL relational database ? which is designed to run on a single machine, storing data in neat rows and columns ? a NoSQL database is meant for storing much larger amounts of data across a vast array of machines. These databases have become increasingly important in the internet age, as more and more data streams into modern businesses ? and government agencies. With BigTable, Google was at the forefront of the NoSQL movement, and since the company published its paper describing BigTable in 2006, several organizations have built open source platforms mimicking its design. Before the NSA released Accumulo, a search outfit called Powerset ? now owned by Microsoft ? built a platform called Hbase, while social networking giant Facebook fashioned a similar platform dubbed Cassandra. And this is what bothers the Senate Armed Services Committee. The Senate Armed Services Committee oversees the U.S. military, including the Department of Defense and the NSA, which is part of the DoD. With Senate bill 3254 ? National Defense Authorization Act for Fiscal Year 2013 ? the committee lays out the U.S. military budget for the coming year, and at one point, the 600-page bill targets Accumulo by name. The bill bars the DoD from using the database unless the department can show that the software is sufficiently different from other databases that mimic BigTable. But at the same time, the bill orders the director of the NSA to work with outside organizations to merge the Accumulo security tools with alternative databases, specifically naming Hbase and Cassandra. The bill indicates that Accumulo may violate OMB Circular A-130, a government policy that bars agencies from building software if it?s less expensive to use commercial software that?s already available. And according to one congressional staffer who worked on the bill, this is indeed the case. He asked that his name not be used in this story, as he?s not authorized to speak with the press. At this point, the staffer says, the committee isn?t concerned with the man power the NSA required to built the database. But it doesn?t want the government using Accumulo if there are larger, more active communities developing projects such as a Hbase and Cassandra. He says that the committee encouraged the NSA to build its security controls into existing open source projects, but that the agency declined to do so. The NSA press office could not immediately provide someone to officially discuss the matter. But for Gunnar Hellekson ? the chief technology strategist in U.S. Public Sector group at Red Hat, the open source software outfit ? the committee has gone too far. He was pleased to see a senate bill that has such intimate knowledge of open source software ? a rarity on Capitol Hill ? but he argues that since Accumulo has already been built and open sourced, the committee has no business intervening. ?When Accumulo was written, it was definitely doing new work,? he tells Wired. ?Some of its differentiating features are being handled by other pieces of software. But other core concepts are unique, including the cell-level security?. That?s are incredibly important feature, and to do it properly is incredibly complicated.? Not All Open Source Projects Are Created Equal The bill benefits Hbase and Cassandra ? two very popular open source projects. But it certainly undermines the progress of Accumulo, and that?s a particular worry for Oren Falkowitz, one of the developers of the database, who has left the NSA to start Sqrrl, a company that seeks to build a business around Accumulo in much the same way Red Hat built one around the Linux operating system. Like Hellekson, Falkowitz argues that since Accumulo already open source ? and its backed by the Apache Software Foundation, a major open source steward ? it doesn?t violate government policy. ?The launch of sqrrl validates the success of Apache Accumulo as a project,? he says, pointing out that sqrrl has received funding from two well-known venture capital firms. ?Accumulo?s technical strengths are not limited to government use cases, and already, we?ve seen interest and adoption of Accumulo by financial, healthcare, and a broad range of other commercial firms.? He also argues that Accumulo is still quite different from other BigTable mimics. BigTable and other similar database splits massive amounts of data into tiny pieces and spreads them across potentially tens of thousands of servers. But unlike any other platform, Falkowitz says, Accumulo lets you tag each tiny piece of data so that it can only be accessed by certain outside servers. This is useful not only to the NSA, he says, but to other government organizations and health care outfits legally required to separate data in this way. ?Basically, each [data object] has an extra label that?s attached to it, and you can use that to authenticate and authorize users against each object,? Falkowitz says. ?Most systems do that at the columns or the rows level of the database.? Red Hat?s Hellekson ? who has blogged about the issue on multiple occasions ? goes further, arguing that the bill could undermine the progress of open source projects well beyond Accumulo. The bill doesn?t just ask that the DoD prove that the Accumulo project is no more costly than the likes of Hbase and Cassandra. It wants proof that Accumulo is a ?successful Apache Foundation open source database with adequate industry support and diversification.? ?It doesn?t take much imagination to see that same ?adequacy criteria? applied to all open source software projects,? Hellekson writes. ?Got a favorite open source project on your DoD program, but no commercial vendor? Inadequate. Only one vendor for the package? Lacks diversity. Proprietary software doesn?t have a burden like this.? If the bill passed with the current Accumulo language intact, the onus is on the chief information officer of the Department of Defense to determine whether Accumulo can be used within the department. But whatever the verdict, it would not bar the NSA from using the database ? just the rest of the DoD. Open source is a complicated thing. Especially inside the government. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 17 07:56:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jul 2012 08:56:08 -0400 Subject: [Infowarrior] - Sony BMG issues takedown notice to kill Romney ad Message-ID: <52EAB17A-53F4-48FB-A7A5-6636DA292348@infowarrior.org> Sony BMG issues takedown notice to kill Romney ad By Rob Beschizza at 5:20 pm Monday, Jul 16 http://boingboing.net/2012/07/16/sony-bmg-issues-takedown-notic.html A couple of days ago, the Obama campaign released this surprisingly effective attack ad: Mitt's dreadful singing of America The Beautiful played over stock visuals of empty factories. But Romney's counter?an ad ridiculing Obama's singing of Al Green's Let Stay Together at a campaign stop?isn't working out. Why? Because BMG, the song's intellectual proprietor, issued a copyright claim to kill it. Romney's campaign claims that this is bulls--t, because their deployment of the Obama footage is fair use. You know what? They are damned right about that. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 17 09:18:45 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jul 2012 10:18:45 -0400 Subject: [Infowarrior] - U.S. Tightens Security for Economic Data Message-ID: July 16, 2012 U.S. Tightens Security for Economic Data By JOHN H. CUSHMAN Jr. http://www.nytimes.com/2012/07/17/business/labor-dept-tightens-security-for-market-sensitive-data.html WASHINGTON ? On Tuesday morning at precisely 8:30, after a 10-second countdown synchronized to the Naval Observatory?s atomic clock, a Labor Department official flipped a master switch in the agency?s battened-down pressroom and computers blurted out the monthly Consumer Price Index. Until that moment, the market-sensitive data was guarded with launch-code secrecy, a precaution against anyone who might try to take advantage of an accidental or a surreptitious leak to gain an insider?s edge in the financial markets, turning milliseconds into millions. Yet for all the rituals of high security, government officials have become increasingly nervous that their process is vulnerable, and are now overhauling it. After a yearlong review that included scrutiny by anti-hacking specialists from Sandia National Laboratories, officials at the Labor Department revoked the credentials of a few little-known news organizations that appeared to serve financial clients rather than the public at large. The government has also ordered other media groups to replace their computers in the lockup room with new computers under tighter controls. The efforts stem from the newfound importance of high-speed trading, which began to grow significantly in the middle of the last decade and is now a central part of some hedge funds? investment strategies. By gaining information seconds or minutes before others, high-speed traders ? sometimes known as high-frequency or algorithmic traders ? can use the computerized nature of modern finance to make quick profits or, if a bet goes wrong, take large losses. In addition to the inflation numbers, the lockup process, in use at several agencies, covers releases on economic growth, home sales, gas prices, corn yields and the unemployment rate, among other things. The Labor Department?s overhaul was ignited by inquiries starting in 2007 from the F.B.I., the Securities and Exchange Commission and the department?s own inspector general. Officials did not cite any specific major breach of security, but they had grown concerned that one was possible. Two instances in 2008, when Reuters accidentally released data a few seconds too early, heightened concerns. The clampdown has strained the Labor Department?s relations with some of the world?s biggest news agencies, including Reuters and Bloomberg News. In negotiations with the department and at a fractious Congressional hearing, the companies suggested the government was taking extreme measures against an imagined threat. At the center of the Labor Department?s effort was a so-called Red Team from Sandia Labs, a federally financed research group operated by a subsidiary of Lockheed Martin, which has half a century of experience in computer security, including work on the military?s command and control networks. The ?root cause? for the review, the team noted, was the possibility of traders or their agents working inside the lockup. Acting on the team?s recommendations, Labor Department officials sought a wholesale replacement of the computer equipment in the lockup room. The replacement is scheduled to happen by September, although further steps to shield against surreptitious transmissions are possible later. At a hearing of the House Committee on Oversight and Government Reform last month, the former Bureau of Labor Statistics commissioner Keith Hall explained the main worry, which is that the growing reliance on high-speed trading had created the potential for participants in the media lockup to give an unfair advantage to traders. ?Lockup participants may now have access to specialized computer equipment and software that links them directly toautomated trading models,? he noted. ?This effectively allows financial market transactions to be driven from inside lockups.? Carl Fillichio, the Labor Department official in charge of the overhaul, described a series of malfunctions and violations over the last few years, including the installation of fiber optic cables in the lockup room without permission or the use of BlackBerrys or mobile phone cameras. Media companies themselves have complained about competitors who ?may have gained unfair advantage in speed of transmission or have surreptitiously broken embargoes,? Mr. Fillichio added in his testimony. Some members of the media, however, say the crackdown is unnecessary. (The New York Times does not participate in the Labor Department lockup.) ?What is the problem you think, you imagine that this will prevent?? asked Daniel Moss, an executive editor at Bloomberg News, in an April conference call between Mr. Fillichio and news organizations. Mr. Moss, plainly exasperated, repeated the question several times but got no clear answer. Government officials consider the potential security problems to be real. After a five-member team from Sandia Labs visited the lockup room last July, it identified ?verified vulnerabilities in processes, procedures and systems used to protect? embargoed data, according to the summary of its report. The team warned about methods of sneaking information out, such as by hidden transmitters, or bypassing the black boxes and master switches that keep the lockup room under electronic quarantine through other means, like wireless Internet. The team noted that ?likely adversaries? had the technical and financial resources and possibly the willingness ?to bend and potentially violate rules and laws.? But it said any culprits were unlikely to ?employ violent means to meet their goal of exfiltrating embargoed data prior to the official release time.? At the oversight hearing, Mr. Moss of Bloomberg News argued that traditional media outlets were not the problem and suggested that the Labor Department instead expel those groups connected to algorithmic traders from the lockup. Ultimately, the Labor Department did pull the credentials of a few organizations ? including Need to Know News, a small enterprise owned by the German exchange. Its data goes directly from the lockups to specialized trading programs. Mr. Fillichio explained that they were not ?primarily journalistic? and did not ?disseminate their information to a wide audience.? Chris Rhea, chief executive of Need to Know News, referred questions to a spokesman, who did not respond. In the initial stages of the crackdown, Mr. Fillichio ordered lockup participants to use government computers, transmission lines and even pens and pencils and paper while inside the lockup. Media groups objected. ?This proposal threatens the First Amendment,? Mr. Moss said at the oversight hearing, adding that it would give the government ?access to a reporters? thoughts, drafts or notes as a condition for covering the news.? After another round of negotiations, the government backed off a bit. For now, some equipment owned by media companies is expected to stay. But over the next few months they will have to deliver new, shrink-wrapped terminals, which will be subject to inspection and maintenance by Labor Department technicians. One question that is still unresolved is how many seats each organization will be allowed. Space is tight in the lockup. And paradoxically, all the attention to this obscure room on a drab corridor has brought newcomers knocking, as if at the door of a speakeasy. This article has been revised to reflect the following correction: Correction: July 16, 2012 An earlier version of this article misstated Mr. Moss?s title at Bloomberg News as executive director. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 17 19:47:04 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jul 2012 20:47:04 -0400 Subject: [Infowarrior] - Jon Stewart Blasts Viacom For Stupid Blackout; Viacom gives in Message-ID: <2198106F-0650-46A5-A7A4-4807CD995C13@infowarrior.org> These old-school entertainment companies just....don't.....get.......it. --rick Jon Stewart Blasts Viacom For Stupid Blackout; Viacom Sheepishly Turns Web Streams Back On < -- > "You're pulling the shows from the internet?!? What are you, China?!? And by the way, you don't think the kids already have a workaround? This morning, when I woke up, my 8-year-old son was watching Dark Knight Rises in 3D. They're already figuring it out. So basically you're blocking old people from watching the show, and just giving people a chance to discover that there's other entertaining s**t in the world...." http://www.techdirt.com/articles/20120717/11403219732/jon-stewart-blasts-viacom-stupid-blackout-viacom-sheepishly-turns-web-streams-back.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 17 22:31:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jul 2012 23:31:46 -0400 Subject: [Infowarrior] - How to get smart: News literacy programs train readers to look beyond infotainment Message-ID: How to get smart: News literacy programs train readers to look beyond infotainment By Kathleen Parker, Tuesday, July 17, 7:23 PM http://www.washingtonpost.com/opinions/kathleen-parker-how-to-get-smart-news-literacy-programs-train-readers-to-look-beyond-infotainment/2012/07/17/gJQAY1m2rW_print.html Few instances are more refreshing than the sound of a politician leaving office. This isn?t because we want to see them go, necessarily (though this, too, can be delicious), but because they tend to speak truthfully upon their departure. One such delectable nugget tumbled recently from the lips of retiring Democratic Rep. Gary L. Ackerman of New York. Reflecting on his 30 years in Washington, Ackerman was asked to comment on the relative lack of comity on Capitol Hill. Did it ever exist? Not really, he said, but at least Democrats and Republicans used to be friends. Today, crossing the aisle is tantamount to treason. The problem isn?t only Washington but society as a whole. ?I think the people have gotten dumber.? Let?s pause for a moment to savor that rare morsel. Even Ackerman acknowledged that ?I don?t know that I would?ve said that out loud pre-my announcement that I was going to be leaving.? Extrapolating, might we conclude that extreme partisanship is a function of .?.?. dumbness? If so, then whose fault is that? Education?s? Surely, at least in part. But the problem is broader than a single institution. Dumbness permeates every aspect of our lives, including, dangerously, our media. Ackerman put it well: ?We now give broadcast licenses to philosophies instead of people. People get confused and think there is no difference between news and entertainment. People who project themselves as journalists on television don?t know the first thing about journalism. They are just there stirring up a hockey game.? I may have to lie down for a few minutes to regain my composure. Oh, if only more Congress folk would retire so that we might wallow in such forthrightness. Ackerman is, of course, correct. Most political talk shows have little to do with journalism ? getting at objective truth ? and everything to do with advancing an agenda. Many, if not most, talking heads come not from the reportorial trenches but from politics, think tanks or, increasingly, a prosecutor?s office somewhere. (Does anyone actually practice law anymore, or are law degrees merely licenses for ?experts??) This isn?t to say that such people shouldn?t have a voice or a forum. Many make valuable contributions to our understanding. But the distinctions should be made clear, and viewers (and readers) need to be better informed about sources and the integrity of their contributions. Not so easily done. People of a certain age, who may also have read a book or two, are more likely to recognize the difference. But what about rising generations who have spent a frightening percentage of their lives consuming data in a random world of tweets, blogs and food-fight commentators, for whom fame is a goal and reality a show? Once accustomed to such high-velocity infotainment, how does one develop tolerance for the harder reads and the deeper conversations? These questions are at the forefront of a growing news literacy movement aimed at teaching young people how to think critically and judge the quality of information. Two leaders in the movement are the News Literacy Project (NLP), led by Alan Miller, a Pulitzer Prize-winning former Los Angeles Times investigative journalist, and the Center for News Literacy (CNL) at Stony Brook University. The NLP (whose board I recently joined) focuses on school programs for middle and high school students. The group?s staff includes 22 news organizations and 200 journalists who donate their time and talents to work with students. Both groups try to answer the question: How do you find the truth?, and the CNL identifies news as ?the oxygen of democracy.? Indeed, without a well-informed public, you get .?.?. what we have: a culture that rewards ignorance and treats discourse as a blood sport. All freedoms depend first on freedom of speech, but not all speech is equivalent, no matter how many hits a Web site boasts or how many viewers ages 25-54 tune in to a given TV show. By such measures, the sensational will always trump substance. Unfortunately, the so-called ?mainstream media? ? that is, old media ? have suffered a crisis of confidence, deservedly in some cases. But in most real journalism institutions resides a dedication to providing reliable information according to universally accepted standards and practices. Without them, our news would be limited to stories about sex, lies and the madam next door. News literacy programs provide some hope at least for a more sophisticated consumer. It?s a modest start, but learning to read critically is no less important than reading itself ? a simple truth with which even incumbent politicians could agree. kathleenparker at washpost.com ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 18 06:47:24 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 18 Jul 2012 07:47:24 -0400 Subject: [Infowarrior] - AT&T to raise data rates with share option Message-ID: <590CCA0A-0A3C-4FCA-9051-AFD5453A77A2@infowarrior.org> More American wireless plan hijinks. I still think the idea of a surcharge/tax/fee on each device on your account is a bit over-the-top, though. -- rick AT&T to raise data rates with share option Reuters ? 38 mins ago http://news.yahoo.com/t-raise-data-rates-share-option-110658101--sector.html NEW YORK (Reuters) - AT&T Inc is following bigger rival Verizon Wireless with a new type of family plan that comes with a sharp increase in its fees for data services such mobile Internet. But unlike its rival, AT&T says the plan will be an option rather than a requirement for new customers and subscribers upgrading to a new phone. Late next month AT&T, the No. 2 U.S. mobile provider, will launch the new offering, which allows its customers to buy a single data plan for up to 10 devices and includes unlimited phone calls and text messages for these customers. The hope is that the new plan, similar to one kicked off by Verizon Wireless in June, will entice individuals and families to connect more devices such as tablet computers to the AT&T network because they will no longer have to buy a separate monthly data allowance for each mobile device. Since young consumers are making fewer phone calls in favor of communicating via data services, AT&T, like Verizon Wireless, is overhauling its pricing in a bid to boost revenue from data services and to avoid a future decline in voice revenue. Under the new plan, which will be launched in late August, AT&T's data price will be as much as four times higher than its current fee. For example it will charge $40 for 1 gigabyte of data per month, compared with its current rate of $30 for 3 gigabytes. LOWER RATES REQUIRE BULK BUY AT&T hopes the plan leads people to buy data in bulk because the bigger the data plan, the cheaper the per gigabyte rate. A customer who wants 20 gigabytes of data, would pay $200 every month, or $10 per gigabyte - level with its current $30 plan. "We think there's really great flexibility for these plans," David Christopher, AT&T's chief marketing officer for mobile told Reuters. For example, he said a customer could use more data on their tablet one month and switch their heaviest usage to their smartphone the next month without adjusting their plan. Or if some family members tend to use less data than others, the heavier users would be less likely to go over their limit and incur hefty overage fees under the new plan. But if the higher price for each gigabyte of data is off-putting for some consumers, there is one key difference between AT&T and Verizon Wireless. AT&T will keep offering its existing plans whereas Verizon Wireless offers no choice to new customers and customers upgrading to a subsidized phone. "If shared data is not for you then we'd love for you to stay on our existing plans. We know the existing plans make sense for lots of situations," Christopher told Reuters in what appeared to be a veiled dig at Verizon Wireless. The executive declined to disclose the company's expectations for the impact on revenue and customer growth. When Verizon Wireless announced its data share plan on June 12 some customers complained loudly that they did not want unlimited phone calls or higher data fees. Under the new plan an AT&T customer with one smartphone would pay a $45 monthly fee for unlimited calling and texting and a $40 fee for one gigabyte of data. The voice and texting fee per smartphone drops to $40 for customers who pay $70 a month for 4 gigabytes of data. An AT&T customer buying 20 gigabytes for $200 a month would pay $30 for voice and texting for each smartphone, leading to a total bill of $350 for a family of 5 people. In comparison, a Verizon Wireless customer would pay $150 for 20 gigabytes of data and $40 per smartphone, also leading to a total bill of $350 for a family of 5. Their next biggest rival, Sprint Nextel Corp , does not offer family plans for data, but instead offers unlimited data usage for a flat monthly fee. Verizon Wireless is a venture of Verizon Communications Inc and Vodafone Group Plc . (Reporting By Sinead Carew; editing by Andre Grenon) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 18 06:48:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 18 Jul 2012 07:48:18 -0400 Subject: [Infowarrior] - Pro-Copyright Judges Never Drop Cases Over Conflicts, So Why Does Megaupload Judge Have To Step Down? Message-ID: <4B2ED2CF-18D6-4D20-AB02-A652489BD5A7@infowarrior.org> Pro-Copyright Judges Never Drop Cases Over Conflicts, So Why Does Megaupload Judge Have To Step Down? from the doesn't-make-sense dept http://www.techdirt.com/articles/20120718/00503119739/pro-copyright-judges-never-drop-cases-over-conflicts-so-why-does-megaupload-judge-have-to-step-down.shtml This isn't a huge surprise, but yesterday, we wrote about some comments by Judge David Harvey in New Zealand concerning region coding on DVDs and the New Zealand/US negotiations over the TPP agreement. None of this had anything to do with Megaupload or the Dotcom case, but at one point he referred to a tweet that did a slight satire on the famous saying, and noted that "we have met the enemy and he is [the] US." The press was already blowing this out of proportion -- suggesting, totally incorrectly, that he had "called the US an enemy" when it came to copyright law. That's not true at all. Beyond the fact that he was paraphrasing a common saying in a clearly hyperbolistic manner, the issue he was talking about was very specific to anti-circumvention issues related DVD region coding, and nothing, whatsoever to do with the direct issue in the case. That said... as many people are noting, Judge Harvey, recognizing the press furor about all this has stepped down from the case and will allow another judge to pick up the extradition issue down the road. This is unfortunate, as Judge Harvey is noted as one of New Zealand's key internet law experts, who really understood these issues at a deep level. Still, it's unclear if this change will have a huge impact on the case. The judge taking over for Harvey, Judge Nevin Dawson, has also been involved in the Megaupload case, and was the judge who released Dotcom on bail, despite pressure from the US to keep him locked up. Furthermore, Harvey and Dawson are district court judges, and it seems likely that, in the end, this will involve New Zealand's High Court, which is already engaged and has already ruled against the US. But, here's the bigger issue: we see stories of judges in big copyright cases all the time who have strong ties to pro-copyright or copyright maximalist organizations... and people shrug and move on. Let's just say, for example, if Judge Harvey had said that he agreed with New Zealand's efforts to join the TPP because he thought that New Zealand needed stronger anti-circumvention rules to protect DVDs, would anyone even blink an eye? I doubt it. Furthermore, travel around the globe, and you find the exact opposite situation in many cases, where the judges did not step down. Most famously, over in Sweden, the judge who heard The Pirate Bay trial had close ties to the copyright lobby, and was a member of a few organizations that worked towards promoting stronger copyright law. It seems like that would be a much more direct and obvious conflict than Judge Harvey's... yet that Swedish judge stayed on. Similarly, here in the US, Judge Beryl Howell, who bucked the trend in copyright trolling cases, by allowing cases to move forward on questionable theories, was just recently an RIAA lobbyist, and prior to that had helped write the DMCA, while a Congressional staffer. And, yet, she remained on the case. It seems that there's a pretty clear double standard at work here. If you're strongly pro-copyright, no one blinks an eye if you are hearing copyright cases. But, if you make an offhand joking comment that's marginally critical of US copyright policy in one specific area, totally unrelated to the case at hand... you step down. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 19 07:52:09 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 19 Jul 2012 08:52:09 -0400 Subject: [Infowarrior] - DOJ Sues Telecom for Challenging National Security Letter Message-ID: <79AECC18-158F-46AE-A47F-90E9C05429FC@infowarrior.org> Kafka was a genius. -- rick Justice Department Sues Telecom for Challenging National Security Letter ? By Kim Zetter ? http://www.wired.com/threatlevel/2012/07/doj-sues-telecom-over-nsl/ ? July 18, 2012 | ? 8:21 pm | ? Categories: National Security, Sunshine and Secrecy, The Courts Last year, when a telecommunications company received an ultra-secret demand letter from the FBI seeking information about a customer or customers, the telecom took an extraordinary step ? it challenged the underlying authority of the FBI?s National Security Letter, as well as the legitimacy of the gag order that came with it. Both challenges are allowed under a federal law that governs NSLs, a power greatly expanded under the Patriot Act that allows the government to get detailed information on Americans? finances and communications without oversight from a judge. The FBI has issued hundreds of thousands of NSLs and been reprimanded for abusing them ? though almost none of the requests have been challenged by the recipients. After the telecom challenged its NSL last year, the Justice Department took its own extraordinary measure: It sued the company, arguing in court documents that the company was violating the law by challenging its authority. That?s a pretty intense charge, according to Matt Zimmerman, an attorney for the Electronic Frontier Foundation, which is representing the anonymous telecom. ?It?s a huge deal to say you are in violation of federal law having to do with a national security investigation,? says Zimmerman. ?That is extraordinarily aggressive from my standpoint. They?re saying you are violating the law by challenging our authority here.? The government?s ?Jabberwocky? argument ? accusing the company of violating the law when it was actually complying with the law ? appears in redacted court documents that were released on Wednesday by EFF with the government?s approval. Prior to their release, the organization provided them to the Wall Street Journal, which first reported on the case Tuesday night. The case is a significant challenge to the government and its efforts to obtain documents in a manner that the EFF says violates the First Amendment rights of free speech and association. It?s only the second time that such a serious and fundamental challenge to NSLs has arisen. The first occurred in 2004 in the case of a small ISP owner named Nicholas Merrill, who challenged an NSL seeking info on an organization that was using his network. He asserted that customer records were constitutionally protected information. But that issue never got a chance to play out in court before the government dropped its demand for documents. With this new case, civil libertarians are getting a second opportunity to fight NSLs head-on in court. NSLs are written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more. NSLs are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL. An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the Special Agent in Charge of their office. The FBI has to merely assert that the information is ?relevant? to an investigation into international terrorism or clandestine intelligence activities. The lack of court oversight raises the possibility for extensive abuse of NSLs under the cover of secrecy, which the gag order only exacerbates. In 2007 a Justice Department Inspector General audit found that the FBI had indeed abused its authority and misused NSLs on many occasions. After 9/11, for example, the FBI paid multimillion-dollar contracts to AT&T and Verizon requiring the companies to station employees inside the FBI and to give these employees access to the telecom databases so they could immediately service FBI requests for telephone records. The IG found that the employees let FBI agents illegally look at customer records without paperwork and even wrote NSLs for the FBI. Before Merrill filed his challenge to NSLs in 2004, ISPs and other companies that wanted to challenge NSLs had to file suit in secret in court ? a burden that many were unwilling or unable to assume. But after he challenged the one he received, a court found that the never-ending, hard-to-challenge gag orders were unconstitutional, leading Congress to amend the law to allow recipients to challenge NSLs more easily as well as gag orders. Now companies can simply notify the FBI in writing that they oppose the gag order, leaving the burden on the FBI to prove in court that disclosure of an NSL would harm a national security case. The case also led to changes in Justice Department procedures. Since Feb. 2009, NSLs must include express notification to recipients that they have a right to challenge the built-in gag order that prevents them from disclosing to anyone that the government is seeking customer records. Few recipients, however, have ever used this right to challenge the letters or gag orders. The FBI has sent out nearly 300,000 NSLs since 2000, about 50,000 of which have been sent out since the new policy for challenging NSL gag orders went into effect. Last year alone, the FBI sent out 16,511 NSLs requesting information pertaining to 7,201 U.S. persons, a technical term that includes citizens and legal aliens. But in a 2010 letter (.pdf) from Attorney General Eric Holder to Senator Patrick Leahy (D-Vermont), Holder said that there had ?been only four challenges,? and those involved challenges to the gag order, not to the fundamental legality of NSLs. At least one other challenge was filed earlier this year in a secret case revealed by Wired. But the party in that case challenged only the gag order, not the underlying authority of the NSL. When recipients have challenged NSLs, the proceedings have occurred mostly in secret, with court documents either sealed or redacted heavily to cover the name of the recipient and other identifying details about the case. The latest case is remarkable then for a number of reasons, among them the fact that a telecom challenged the NSL in the first place, and that EFF got the government to agree to release some of the documents to the public. The organization provided them to the Wall Street Journal, before releasing them on its web site, with the name of the telecom and other details redacted. The Journal, however, using details left in the court records, narrowed the likely plaintiffs down to one, a small San-Francisco-based telecom named Credo. The company?s CEO, Michael Kieschnick, didn?t confirm or deny that his company is the unidentified recipient of the NSL. The case began sometime in 2011, when Credo or another telecom received an NSL from the FBI. EFF filed a challenge on behalf of the telecom (.pdf) in May that year on First Amendment grounds, asserting first that the gag order amounted to unconstitutional prior restraint and, second, that the NSL statute itself ?violates the anonymous speech and associational rights of Americans? by forcing companies to hand over data about their customers. Instead of responding directly to that challenge and filing a motion to compel compliance in the way the Justice Department has responded to past challenges, government attorneys instead filed a lawsuit against the telecom, arguing that by refusing to comply with the NSL and hand over the information it was requesting, the telecom was violating the law, since it was ?interfer[ing] with the United States? vindication of its sovereign interests in law enforcement, counterintelligence, and protecting national security.? They did this, even though courts have allowed recipients who challenge an NSL to withhold government-requested data until the court compels them to hand it over. The Justice Department argued in its lawsuit that recipients cannot use their legal right to challenge an individual NSL to contest the fundamental NSL law itself. ?It was eye-opening to us that they followed that approach,? Zimmerman says. After heated negotiations with EFF, the Justice Department agreed to stay the civil suit and let the telecom?s challenge play out in court. The Justice Department subsequently filed a motion to compel in the challenge case, but has never dropped the civil suit. ?So there?s still this live complaint that they have refused to drop saying that our client was in violation of the law,? Zimmerman says, ?presumably in the event that they lose, or something goes bad with the [challenge case].? Justice Department spokesman Wyn Hornbuckle declined to comment on the case. The redacted documents don?t indicate the exact information the government was seeking from the telecom, and EFF won?t disclose the details. But by way of general explanation, Zimmerman said that the NSL statute allows the government to compel an ISP or web site to hand over information about someone who posted anonymously to a message board or to compel a phone company to hand over ?calling circle? information, that is, information about who has communicated with someone by phone. An FBI agent could give a telecom a name or a phone number, for example, and ask for the numbers and identities of anyone who has communicated with that person. ?They?re asking for association information ? who do you hang out with, who do you communicate with, [in order] to get information about previously unknown people. ?That?s the fatal flaw with this [law],? Zimmerman says. ?Once the FBI is able to do this snooping, to find out who Americans are communicating with and associating with, there?s no remedy that makes them whole after the fact. So there needs to be some process in place so the court has the ability ahead of time to step in [on behalf of Americans].? It remains to be seen, however, whether that issue will finally get its day in court. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 19 08:10:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 19 Jul 2012 09:10:23 -0400 Subject: [Infowarrior] - More USOC censorship nuttery Message-ID: <6E6BB555-B5D2-4305-99B7-3D10A33EDDB5@infowarrior.org> US Olympic Committee Forces 30 Year Old Philidelphia Gyro Restaraunt To Change Its Name from the its-all-Greek-to-me dept http://www.techdirt.com/articles/20120713/06513919689/us-olympic-committee-forces-30-year-old-philidelphia-gyro-restaraunt-to-change-its-name.shtml Ah, the Olympics. The spirit of cooperation. Of athletic competition. Of the essence of global feel-good-ness, where all the Olympic committees of the world come together to put on a spectacle made of the most brilliant athletes in the world. Oh, and they also like to stifle links to critical pieces (do we have your attention, boys?), by banning their fans from sharing their experiences via social media, and threatening ICANN for refusing to block Olympic-related terms. And, now, Steve M shares a story from the Philadelphia Daily News about how the United States Olympic Committee has won a 30 year battle they didn't know they were fighting with a gyro shop. < - > Yup, the USOC asserted that it needs to protect the rights of their sponsors (which means they're protecting themselves, by the way) from these no-good gyro shop owners who have apparently been harming McDonald's and Coca-Cola for the past thirty damned years, but with some kind of stealth cloaking device that keeps any such harm from being realized. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 19 13:21:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 19 Jul 2012 14:21:12 -0400 Subject: [Infowarrior] - Sprint: Data is data, regardless of the application used Message-ID: Sprint commits to no additional charge for 3G FaceTime updated 03:00 am EDT, Thu July 19, 2012 AT&T could face net neutrality charges for 3G FaceTime fees http://www.ipodnn.com/articles/12/07/19/att.could.face.net.neutrality.charges.for.3g.facetime.fees/ In the wake of the discovery of a dialog box implying AT&T will charge for FaceTime over 3G above and beyond existing wireless fees, Sprint has gone on record opposing the move. Sprint remains "committed to our unlimited data, and that means not charging for data consumption based on the application." When queried earlier this week, AT&T CEO Randall L. Stephenson said that it was "too early" to address FaceTime fees, and AT&T was working closely with Apple on the developer build of iOS 6. Verizon's statement was even more terse, saying only that "the timing of any pricing conversations related to future versions of iOS is premature.? Both Verizon and AT&T have recently introduced controversial data-sharing plans. Both companies state that the intention is to simplify and possibly reduce the cost of smartphone billing -- but with both carriers, most users will see an increase in costs and a decrease in shareable data. Testing performed by MacNN showed a data usage rate of 6.1 megabytes per minute with a five-minute Wi-Fi connection call throttled at the router to simulate a 3G connection in a well-provisioned area. Assuming the lowest Verizon shared data plan tier with 1GB per month for $50 per month and $40 per smartphone sharing the data, users on the plan performing a 3G FaceTime call with each other for five minutes total per day would theoretically exceed their allotments in 16 days. As users approach data caps, speed is generally throttled downwards. FaceTime technology changes call bitrate on-the-fly, adjusting to either congested network traffic, or provider throttling, so only persistent users would likely exceed limits with FaceTime. AT&T, should it choose to charge extra for FaceTime, potentially stands in violation of November's new net neutrality rules which the company helped craft. The net neutrality rules prevent ISPs from blocking unwanted services, and require them to disclose how they handle network congestion. Mobile carriers are prohibited from interfering with non-carrier communication apps, such as iMessage or Skype that compete with the wireless provider's offerings. ?The protections we have today for wireless Internet access are woefully inadequate, but this kind of double-charging is one of the few things they do prohibit," said Matt Wood, the policy director for Free Press,an advocacy group that opposes the rate hike. "If carriers like AT&T can throw up tollbooths for applications on top of their already outrageous charges for data, then innovation and competition in the wireless market will be stopped dead in its tracks." MacNN spoke with the FCC about this issue, and an official at the commission said that the agency is "monitoring any and all developments in this matter involving AT&T and a competing communications protocol. If events warrant, we will make a further statement." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 19 13:55:57 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 19 Jul 2012 14:55:57 -0400 Subject: [Infowarrior] - Judge OKs Nudity at TSA Checkpoint Message-ID: Judge OKs Nudity at TSA Checkpoint ? By David Kravets ? Email Author ? July 19, 2012 | ? 1:45 pm | ? Categories: The Courts, The Ridiculous http://www.wired.com/threatlevel/2012/07/tsa-checkpoint-nudity/ An Oregon man was cleared of indecent exposure charges Wednesday when a local judge said his protest of Transportation Security Administration screening procedures was constitutionally protected speech under state law. John Brennan, a 50-year-old technology consultant, was charged with the infraction after taking his clothes off at Portland International Airport in April, on a way to a business trip to San Jose. ?I was mostly motivated by the absurdity of it all. The irony that they wanna see me naked. But I don?t get to take my clothes off?? he said after being cleared. The incident began when Brennan refused to go through the so-called ?nude? scanners and instead opted for a pat-down. A TSA officer detected nitrates on his gloves after the pat down. Nitrates are used in explosives. That, Brennan said, was the last straw. He took his clothes off and proceeded through the checkpoint. He was subsequently arrested. Multnomah County Circuit Judge David Rees said nudity laws don?t apply when it comes to protest. ?It is the speech itself that the state is seeking to punish, and that it cannot do,? Rees said from the bench. Screenshot: Youtube In an unrelated case, a 21-year-old Virginia man was arrested last year at an Richmond International Airport screening checkpoint after he began removing clothing to display on his chest a magic-marker protest of airport security measures. He had the Fourth Amendment written on his body. He sued. The case was largely dismissed, and is on appeal. In 2006, however, the TSA reluctantly conceded that the screening area remained open to free speech so that fliers could wear slogans on their shirts, or even put them on their toiletry bags. ?There is no policy that restricts passengers from expressing their opinion as long as they are not threatening,? the TSA said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 06:42:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 07:42:31 -0400 Subject: [Infowarrior] - Newest U.S. Counterterrorism Strategy: Trolling Message-ID: Newest U.S. Counterterrorism Strategy: Trolling ? By Spencer Ackerman ? July 18, 2012 | ? 4:00 am | ? Categories: Info War, Terrorists, Guerillas, Pirates http://www.wired.com/dangerroom/2012/07/counterterrorism-trolls/all/ A brainstorming session at the State Department?s new ?Viral Peace? initiative, which seeks to troll online would-be terrorists, Kuala Lumpur, Malaysia, April 30. Photo: Humera Khan In the decade since 9/11, the U.S. government has used a wide variety of tactics against terrorists. It?s invaded countries where they operated (and ones where they didn?t). It?s tried to win the backing of foreign populations in which the terrorists hide. And it?s sent commandos and deadly flying robots to kill them one by one. One thing it hasn?t done, until now: troll them. Within the State Department, a Silicon Valley veteran has quietly launched an improbable new initiative to annoy, frustrate and humiliate denizens of online extremist forums. It?s so new that it hasn?t fully taken shape: Even its architects concede it hasn?t fleshed out an actual strategy yet, and accordingly can?t point to any results it?s yielded. Its annual budget is a rounding error. The Pentagon will spend more in Afghanistan in the time it takes you to finish reading this sentence. But it also represents, in the mind of its creator, a chance to discourage impressionable youth from becoming terrorists ? all in an idiom they firmly understand. And if it actually works, it might stand a chance of cutting off al-Qaida?s ability to replenish its ranks at a time when it looks to be reeling. The program, called Viral Peace, seeks to occupy the virtual space that extremists fill, one thread or Twitter exchange at a time. Shahed Amanullah, a senior technology adviser to the State Department and Viral Peace?s creator, tells Danger Room he wants to use ?logic, humor, satire, [and] religious arguments, not just to confront [extremists], but to undermine and demoralize them.? Think of it as strategic trolling, in pursuit of geopolitical pwnage. Al-Qaida?s influence has waxed and waned during the past decade, but its adherents, both current and potential, have gradually drifted online. Forums like the password-protected Shumukh site host extremist bulletin boards, where regulars debate the finer points of jihadist theory and boast of grandiose plans to assassinate senior U.S. officials. The denizens of those forums might be scrubs. But the online havens are, increasingly, the town square for extremism, especially as drones and commandos batter the terrorists? physical sanctuaries. Al-Qaida?s Yemen branch publishes an English-language web magazine; its Somali branch recently joined Twitter. The U.S. has thought of several strategies for confronting the not-so-new wave of online extremism, from apparent DDoS attacks on extremist websites to infiltrating them using fake jihadi personas. The White House?s broad counterterrorism strategy, meanwhile, all but ignores the internet. Amanullah has a different view. You don?t necessarily need to deface the forums if you can troll them to the point where their most malign influences are neutralized. In an interview at a Washington coffee shop near his State Department office, Amanullah explains that online extremists have ?an energy, they?ve got a vitality that frankly attracts some of these at-risk people,? Amanullah says. ?It appeals to macho, it appeals to people?s rebellious nature, it appeals to people who feel downtrodden.? Creating a comparable passion on the other side is difficult. But it?s easier if the average online would-be jihadi has his mystique challenged through the trial by fire that is online ridicule. To Jarret Brachman, it?s an idea with promise. Brachman is one of the leading researchers of online jihadism. The people who post to the forums are ?are massive narcissists [who] need constant ego boosts,? Brachman says ? and, like other online blowhards, they tend to talk outside their areas of presumed expertise. Omar Farouk Abdulmutallab, the would-be Christmas bomber, used to bloviate on an Islamic forum about ?love and marriage? while simultaneously complaining about his moribund love life. And that makes Abdulmutallab?s virtual contemporaries vulnerable to trolling ? hopefully, before they can command attract an audience. The jihadi braggarts ?keep the momentum, the anger and the virulence going in forums, and they have a disproportionate impact, so if you can get rid of them, it?ll pay dividends,? Brachman says. But not every extremist forum is alike. Will McCants, a former State Department official now at the CNA think tank and another scholar of online jihadism, argues Amanullah?s pupils can?t focus on the hardcore extremist forums like Shumukh. ?The admins will immediately take down? posts that challenge the jihadi narrative, McCants tells Danger Room. ?For something like that to work, it would have to be in more mainstream fora where extremists are trying to recruit,? like the conservative muslm.net, where ?you can engage and the admins wouldn?t necessarily take you offline.? But all that is several steps ahead of Viral Peace at the moment. Viral Peace doesn?t have a strategy yet. And to hear Amanullah and his colleagues tell it, the State Department won?t be the ones who come up with one. It?s better, they argue, to let Muslims in various foreign countries figure out which message boards to troll and how to properly troll them. Americans won?t know, say, the Tagalog-language Internet better than Filipinos; and as outsiders, they won?t have the credibility necessary to actually make an impact. The best the State Department can do is train good trolls ? which Amanullah began to do this spring. That means taking a big risk. If Viral Peace works as intended, with the trainees taking control of the program, Amanullah and the State Department will have little control over how the program actuallytrolls the terrorists. And the first wave of meetings in Muslim countries shows how far the program has to go. It makes sense that someone like Amanullah would think about pwning terrorists. A 44-year old proud Muslim and proud California geek, he was the editor-in-chief of the web magazine Altmuslim; started an online restaurant-rating service called Zabihah that?s like a Halal version of Yelp; and launched a business service called Halalfire to drive advertising to the Muslim consumer market. Long before he arrived at the State Department in October 2010, he was profiled in Newsweek, which described the bookshelves at his El Cerrito home as ?lined with copies of Wired magazine and Jack Kerouac novels.? In April, Amanullah dispatched two young associates, Humera Khan of the U.S.-based counter-radicalization think tank Muflehun and the playwright and essayist Wajahat Ali, to set the idea into practice. They took a quickie tour of Muslim nations to meet young local leaders who might be interested in confronting extremism. It was a pilot program for Viral Peace and a related program of Amanullah?s called Generation Change. The idea was to connect notable people ? rising stars in the arts, business and culture fields, who had an online following ? with one another and to people who focused on counterterrorism. ?You don?t need to teach this generation how to use social media. They know how to use Twitter. They know how to use Facebook,? says Khan, who participated in Viral Peace in her individual capacity. ?The whole [Viral Peace] curriculum is about learning what strategy is.? Except that the first wave of Viral Peace didn?t yield a strategy. In Singapore, Malaysia, the Philippines and Indonesia ? Ali went to Pakistan as well ? the opening meetings brought together about 30 people per country, selected by the State Department and Amanullah?s own social networks, for sprawling brainstorming sessions. Some of them were just about how Muslim communities are perceived in their own countries. And some participants didn?t place counterterrorism at the top of their agendas. ?Yes, there were issues of extremism? discussed, Khan says. ?But by and large, the people felt that if you could deal with economics, education, making sure the rights of the underprivileged were maintained, it would take care of a lot of the other problems.? That may be, but it?s also far afield from trolling the trolls. Amanullah accepts that mission creep is a risk. But, he contends, if you want to get the most effective people denouncing jihadis online, it?s a risk worth accepting. And unlike the U.S. government, they stand the better chance of getting lurkers to think of them as ?actually a cool group of people to be in,? as Amanullah puts it. What?s more, Amanullah has basically no budget. Viral Peace, a global program, has mere thousands of dollars in annual seed money so far; the Obama administration is asking for about $85 billion for the Afghanistan war next year. Participants are staying connected via Facebook, with minimal U.S. government presence as a middleman; Amanullah wants to expand to more countries soon. But it?s not clear where Viral Peace fits in Obama?s broader counterterrorism strategy: White House officials declined repeated requests to comment for this story. Amanullah sees it as a supplement to existing counterterrorism efforts ? not a replacement for, say, drone strikes in Yemen ? and he also concedes that his project will take a long time before it starts to pay counterterrorism dividends. But Amanullah doesn?t view that as an unconquerable obstacle. He thinks of counterterrorism like a venture capitalist might. ?I come from Silicon Valley, from the start-up environment. I want to prove you can do small, inexpensive, high-impact projects that don?t just talk about the problem but solve the problem,? he says. ?And solve it the right way: not with the government?s heavy hand but by empowering local people to do what they already know to do but don?t know how.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 06:45:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 07:45:12 -0400 Subject: [Infowarrior] - Resolution to make CRS Research Public Message-ID: <2C4674DB-69E6-4A67-98DB-E0F44D0F6A92@infowarrior.org> (I will put this in the "nice to have but no way it will be allowed to pass" category. As the article notes, Congress doesn't like anyone peering under its kimono and questioning its view of the world.... --rick) Resolution Introduced To Make Public Domain Congressional Research Finally Accessible To The Public from the that-would-be-good dept http://www.techdirt.com/articles/20120717/00381219722/resolution-introduced-to-make-public-domain-congressional-research-finally-accessible-to-public.shtml For years, we've been noting the absurdity of how Congress keeps the output of the Congressional Research Service (CRS) totally secret. As you hopefully know, works produced by the federal government are mostly not subject to copyright, and are in the public domain. Of course, just because something is in the public domain doesn't mean anyone has a requirement to make it available -- and Congress has long used that loophole to keep CRS reports very, very secret. Often this is because the CRS -- who has a very strong reputation for quality, non-biased, non-partisan, non-lobbying-influenced work -- produces research that shows that various Congressional proposals are a joke. And Congress doesn't want that info let out. Three years ago, Wikileaks jumpstarted some discussion by releasing thousands of CRS reports, but many think that the information, as public domain, should be more widely available. Last year, we wrote about a bunch of groups sending a letter to Congress asking them to support making CRS reports public -- and it looks like some in Congress may actually be paying attention. Rep. Leonard Lance has introduced (with Reps. Quigley, Johnson, Cooper and Schiff) a resolution to make certain CRS publications available to the public. It's unclear if this has any chance of going anywhere, but it's good to see some interest in this issue. The resolution asks the Clerk of the House to work with CRS to "establish and maintain a centralized, searchable, bulk downloadable, electronic database" which will include a bunch of CRS documents. Specifically: (A) Congressional Research Service Issue Briefs. (B) Congressional Research Service Reports. (C) Congressional Research Service Authorization of Appropriations Products and Appropriations Products. (D) Materials intended or available for general congressional distribution that are the same or substantially similar in content to CRS Reports, Issue Briefs, and Appropriations Products. Having this info public would be a huge boon for the public. Hopefully Congress actually pays attention. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 06:48:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 07:48:01 -0400 Subject: [Infowarrior] - Protect privacy from drones at home, lawmakers say Message-ID: <84E724D2-E8C9-49EB-9419-E9EC4D7253CB@infowarrior.org> Protect privacy from drones at home, lawmakers say By JOAN LOWY | Associated Press ? 15 hrs ago http://news.yahoo.com/protect-privacy-drones-home-lawmakers-164015329.html WASHINGTON (AP) ? Before thousands of civilian drones begin flying in U.S. skies, Congress should take steps to protect the public's privacy and prevent terrorists from hacking or jamming signals that control the aircraft, lawmakers said Thursday. House members from both parties said at an oversight hearing that they're worried about potential privacy and security threats as the use of small unmanned aircraft becomes widespread. The Federal Aviation Administration forecasts an estimated 10,000 civilian drones will be in use in the U.S. within five years. Even Rep. Henry Cuellar, D-Texas, co-chair of bipartisan group of lawmakers promoting greater domestic use of drones, acknowledged that legislation to protect privacy may be necessary. There is tremendous demand to use drones at home for all kinds of tasks that are too dirty, dull or dangerous for manned aircraft. Drones also are often cheaper than manned aircraft. The biggest market is expected to be state and local police departments. Industry experts predict the takeoff of a multi-billion dollar market for civilian drones as soon as the FAA completes regulations to make sure they don't pose a safety hazard to other aircraft. But the agency's focus and expertise is safety, not security or privacy. Rep. Michael McCaul, R-Texas, chairman of a House Homeland Security subcommittee, complained that no federal agency has been willing to tackle the issue of drones and privacy. He said Department of Homeland Security officials refused a request to testify at the hearing, saying regulating civilian use of drones wasn't the department's responsibility. McCaul said he is considering seeking a subpoena to force officials to testify at a future hearing or asking the White House to issue an executive order requiring the department take responsibility for the matter. "This is an evolving field and we have thousands of these things that could be deployed in the sky," McCaul said. "I think it's incumbent on the Department of Homeland Security to come up with a policy ... Local law enforcement does need that guidance." Homeland Security officials didn't immediately reply to a request for comment. Among the dangers, witnesses said, is that the signals used to guide civilian drones can be hacked or jammed, causing them to crash. Military drones use encrypted GPS signals for navigation, which protects them from hacking, but the GPS signals used by civilian drones don't have that protection, said Todd Humphreys, an assistant professor of orbital mechanics at the University of Texas-Austin. In an experiment, Humphreys said he and his students were able to successfully hack the signals of a sophisticated drone, getting it to change altitude or position through "spoofing" ? sending the drone incorrect information on its location. He acknowledged that it would be very difficult for an ordinary person to spoof a drone, although it might be within the capability of a terrorist or criminal network. GPS signal jammers available for sale on the Internet for as little as $50 could also be used to cause a civilian drone to crash, said Gerald Dillingham of the Government Accountability Office. Michael Toscano, president of the Association for Unmanned Vehicles Systems International, pointed out in written comments submitted to the committee that government and industry officials have long been aware that spoofing is a concern for any technology that relies on GPS for guidance and timing, not just unmanned aircraft. "That said, the industry takes the potential for spoofing very seriously and is already advancing technologies ... to prevent it," he said. The GAO recommended in 2008 that the Transportation Security Administration, which is part of the homeland security department, examine the security implications of civilian use of drones. Not only has TSA not done that, but the agency has ignored questions from the GAO about why the recommendations aren't being implemented, Dillingham said. ___ Follow Joan Lowy at http://www.twitter.com/AP_Joan_Lowy --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 06:55:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 07:55:50 -0400 Subject: [Infowarrior] - Senate introduces revised version of the Cybersecurity Act of 2012 Message-ID: <41D84720-663B-4C71-AAA4-9604DAEDE4DC@infowarrior.org> I have to ask about the "inventory of critical assets" cited -- 11 years after 9/11, almost 15 since PCCIP, and how many billions spent, why don't companies or the government have such a listing already? Or security 'standards'? One wonders if this is another case of reinventing the wheel in an effort to demonstrate activity and 'progress' in 'addressing' this general issue. *shrug* -- rick Senate introduces revised version of the Cybersecurity Act of 2012 The measure features more toned-down language than its original draft did. by Megan Geuss - July 19 2012, 10:05pm EDT http://arstechnica.com/tech-policy/2012/07/senate-introduces-revised-version-of-the-cybersecurity-act-of-2012/ Five senators, including Senator Joe Lieberman, introduced a modified version of the Cybersecurity Act of 2012 (PDF) today, hoping to revitalize lagging support for the bill, especially among Republicans. The act, which was first introduced in February of 2012, calls for the creation of a council chaired by the Secretary of Homeland Security, and aims to promote the hardening of infrastructure critical to the US (and it's not to be confused with SOPA, CISPA, PIPA, or ACTA; each of which made a claim to "enhancing cybersecurity" in its own way). The revised version of the act makes the originally mandatory, government-dictated, security standards optional, but still establishes a "National Cybersecurity Council" to "coordinate with owners and operators of critical infrastructure." If the measure is enacted, the Council would take an inventory of high-risk infrastructure, and would ask the owners of that infrastructure to come up with voluntary measures the could mitigate risks. "A federal agency with responsibilities for regulating a critical infrastructure sector may adopt the practices as mandatory," a summary of the bill (PDF) noted. The measure goes on to imply that enforcement will be loose: "Owners of critical infrastructure may apply for certification in the program by self-certifying to the Council that the owner is satisfying the cybersecurity practices developed under section 103 or submitting to the Council a third party assessment verifying that the owner is satisfying the cybersecurity practices." But owners of critical infrastructure that self-certify with the council will be granted benefits for their participation, including liability protection if the infrastructure sustains damage while the voluntary risk-management measures were in place, expedited security clearance to employees, priority assistance on "cyber issues," and warnings on relevant threat information that other companies may report. The new language also includes a number of rules that have been applauded by the ACLU, including prohibiting the Federal government, "from compelling the disclosure of information from a private entity relating to an incident unless otherwise authorized by law and from intercepting a wire, oral, or electronic communication relating to an incident unless otherwise authorized by law." The authors of the Cybersecurity Act went out of their way in the original document to avoid new regulation over individuals and networks, some say to stay away from the blacklash created by SOPA and CISPA, so the additions seem like a bid to find support among privacy experts. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 08:22:07 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 09:22:07 -0400 Subject: [Infowarrior] - YouTube restores Obama videos, refuses to explain takedown policies Message-ID: <6766F3E9-E085-4E02-AF38-0E268CBB5BFA@infowarrior.org> YouTube restores Obama videos, refuses to explain takedown policies Critics charge Content ID takedown process fails to protect fair use rights. by Timothy B. Lee - July 19 2012, 10:25pm EDT http://arstechnica.com/tech-policy/2012/07/youtube-restores-obama-videos-refuses-to-explain-takedown-policies/ Four YouTube videos that had apparently been taken down earlier this week due to dubious copyright claims by the music publisher BMG Rights Management have once again become available to American audiences. The videos showed President Obama singing the opening line of Al Green's "Let's Stay Together." One of the videos, released by the Mitt Romney campaign, used the clip to portray President Obama as too friendly with political donors. The others were news coverage of his appearance at the Apollo Theater earlier this year. "When we're notified that a particular video uploaded to our site infringes another's copyright, we remove the material in accordance with the law," a YouTube spokeswoman told Ars by email. "We have a counter notification process in place if a user believes a content owner has misidentified their video, and we reinstate content if a user prevails in that process. We also reinstate videos in cases where we are confident that the material is not infringing, or where there is abuse of our copyright tools." But in a telephone interview with Ars, the spokeswoman declined to elaborate, at least on the record, about why the videos were taken down and what safeguards are in place to prevent abusive takedown requests in the future. Indeed, she refused to even provide an on-the-record explanation of whether the videos in question had been taken down via a standard DMCA takedown request or with YouTube's proprietary Content ID system. YouTube's takedown system has a long history of abuse by major copyright holders. Last December, Universal Music Group removed a music video produced by Megaupload and featuring some of the recording industry's biggest stars. When challenged, UMG stated that its contracts with YouTube gave it the "right to block or remove" videos even if they didn't contain UMG's copyrighted material. YouTube eventually restored the video but refused to disclose the details of UMG's agreement with YouTube. In March, a music licensing firm used the Content ID system to take down a video that contained no music in it at all. When the video's owner disputed the takedown, the dispute was reportedly rejected by the same firm that had sent the original takedown. That suggests that Content ID appeals are sent right back to the same company that submitted the takedown in the first place. Indeed, critics claim that YouTube gives ordinary users no recourse at all if a copyright holder persists in wrongfully blocking their videos. Our YouTube spokeswoman refused to comment on these allegations on the record. When a presidential campaign's ad is blocked, that will cause enough of a fuss that YouTube's lawyers can take a look themselves. But YouTube's legal department isn't going to give that level of attention to every dispute. So ordinary users need better procedural safeguards. A good solution would be to require rightsholders whose Content ID blocks are disputed to submit a standard DMCA takedown notice. That would allow uploaders to respond with a DMCA counter-notice and force rightsholders to actually go to court if they believe their copyrights are being infringed. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 08:23:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 09:23:51 -0400 Subject: [Infowarrior] - Apple Yanks Privacy App From The App Store Message-ID: Apple Yanks Privacy App From The App Store By Mike Lennon on July 19, 2012 http://www.securityweek.com/apple-yanks-privacy-app-app-store Back in May of this year, Internet security firm Bitdefender launched an App and service designed to help iOS users get a grip on what the apps installed on their mobile devices may be up to. Dubbed ?Clueful? by Bucharest, Romania-based Bitdefender, the App tells owners of iOS devices which applications may be accessing more information than they need, and identifies potentially ?misbehaving? apps, giving users an inside look at all the information app developers can gather about a user. In simple terms, Clueful identifies potentially intrusive applications and shows users what they do behind their back. Seems legit, right? Apple doesn?t think so. Or at least they have an issue with something behind the App that sparked them to pull it from the App Store this week. After initially reviewing and approving the App that was released on May 22, and has been available in the App store for months, Apple has had a change of heart and has removed the App from the AppStore. ?Apple informed Bitdefender's product development team of the removal -- for reasons the company is studying -- after initial approval and sale in the App Store,? the company said in a statement Wednesday. So why would Apple pull such an App from the App store? It?s unclear, and Bitdefender told SecurityWeek that the company is under NDA as far as explanations for the removal. "App developers can ask for, and receive, access to your precise location, your contact list and more information about you when you install their products on your iPhone," Catalin Cosoi, chief security researcher at Bitdefender said in a statement when the App was originally released. "Your iPhone is probably the most personal device you own, holding vast amounts of information about what you do, who you are and where you go." "While most app developers use this information for legitimate purposes, others might not," Cosoi said. "Clueful was the best way for iPhone owners to know what data apps are actually accessing.? It?s unclear why Apple would remove such an app from the App store, but perhaps the tech titan didn?t like the fact that the folks at Bitdefender were coughing up details on thousands of iOS apps and potentially scaring users away from purchasing Apps and dipping into sales. But that seems a bit far-fetched, as given Apple?s massive revenues, any App of the sort is not likely to materially affect sales of other apps. Perhaps Apple was able to call-out the company on a technicality that violates its terms of service. We don't know. SecurityWeek has reached out to Apple for comment, but we?re not holding our breath, as the tight-lipped company rarely responds to media inquiries. Interestingly, Bitdefender did share some data that they gathered based on Clueful's analysis of more than 65,000 popular iOS apps so far: ? 42.5 percent of apps do not encrypt users' personal data, even when accessed via public Wi-Fi ? 41.4 percent of apps were shown to track a user's location unbeknownst to them ? Almost one in five of the apps analyzed can access a user's entire Address Book, with some even sending user information to the cloud without notification ?iPhone owners need to know which apps they have installed may be using their personal data in ways that are not expected,? the company said. ?The Clueful team is committed to raising awareness about app privacy on the iOS platform and will continue to develop Clueful for resubmission.? ?While Clueful remains off the App Store, we are working toward building data privacy awareness and will continue to develop products that help consumers remain secure regardless of platform,? Cosoi said. Users who have already downloaded Clueful may continue to use it. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 10:27:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 11:27:56 -0400 Subject: [Infowarrior] - Shadow Boxing: Cyber Warfare and Strategic Economic Attack Message-ID: Shadow Boxing: Cyber Warfare and Strategic Economic Attack By Soren Olson Abstract Cyber threats make sitting ducks of U.S. critical resources and infrastructure. They could be especially deleterious to the petroleum supply chain. Safety nets such as USCYBERCOM have the appearance of providing cyber security, but the tendency is to stress what we can do to the enemy and downplay the ways the enemy can affect us. Along with a faddish approach to security, there is a peril in overlooking the degree to which cyber methods will be adversaries? first choice within the changing character of war. Accordingly, protecting domestic infrastructure and crucial economic targets must claim as high a priority in strategic planning as nuclear weapons. Yet the difference is that the anonymity and decentralization of cyberwar could make deterrence impotent. Thus in place of active defense, we should focus on finding passive measures that evaluate friendly vulnerabilities, forming backup systems, discovering adversary cyber capabilities, and assigning attribution for cyber aggression. http://www.ndu.edu/press/shadow-boxing.html#.UAl2KWayfqI.twitter --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 20 12:37:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jul 2012 13:37:55 -0400 Subject: [Infowarrior] - iCloud is Apple's biggest failure before Google Message-ID: (Agree completely. --rick) Original URL: http://www.theregister.co.uk/2012/07/20/apple_fails_at_cloud_leaving_market_open_to_android/ 'Sacrifice another goat!: iCloud is Apple's biggest failure before Google 'Cloud in, not device out' the best policy By Matt Asay Posted in CIO, 20th July 2012 16:32 GMT Open ... and Shut For a company that prides itself on craftsmanship and a beautiful user experience, Apple's cloud services continue to be more than a blemish on the company's reputation. They are a serious black hole. Google, meanwhile, was born in the cloud, and it shows: things like document and calendar synchronisation just work, and across a dizzying breadth of devices. Ditto for Amazon. Even desktop-bound Microsoft groks and executes the cloud better than Apple. Indeed, it is this fundamental flaw in Apple's end-to-end product strategy that ultimately paves the way for a host of competitors to set up shop on its wonderful hardware and steal the future of computing out from under its feet. Again. Even as Google's Android swallows the lion's share of smartphone market share, and begins to seriously nip at Apple's heels in tablets, the real battle is brewing in the cloud. In a hyper-connected world, devices continue to matter, but the services that connect those devices will come to matter more. This is reflected in Amazon's quick rise to 14 per cent of the overall tablet market. While things have recently cooled somewhat [1] for Amazon's Kindle Fire, the company's end-to-end ecosystem message resonates with consumers, whether they're buying Kindle Fires or iPads. I know when I buy from Amazon, whatever the device, that content will be immediately available on every other device I own - or even on devices I don't yet own. And when I stop reading in the Kindle app on my iPad 2 and pick up my Kindle Fire, I won't miss a beat. That's power of the cloud, and Amazon gets it. So does Google, which has been my primary calendaring and contacts service for years. I've flirted with Apple's MobileMe (yikes!) and iCloud (not much better), because I figured with my home full of Macs, iPads, and iPhones a complete Apple experience would be seamless. But I was wrong. While third-party Google managed to sync everything flawlessly across Apple's devices, Apple couldn't manage the feat. At all. Jason Maynard [2], Software and Internet analyst for Wells Fargo Securities, points out [3]: "Evernote, Dropbox, etc. all make great software that lives above a single device. [I'd] much rather use that than MobileMe." It would seem that these companies that are born on the web understand the concept of cloud much better than Apple, where cloud feels like a bolt-on strategy to help users stitch together their various Apple products. That would be something, but the promise butts up against a harsh reality: Apple's cloud services don't work. Or, at least, not well enough to be trusted [4]. Tom Dale [5], co-founder of HTML5 web company Tilde [6], and formerly a software engineer working on MobileMe and iCloud at Apple, puts it this way [7]: "I have seen the man behind the curtain, and it is not pretty." Not very encouraging. It's not a question of lock-in [8]: many would be just fine ceding all control to Apple. But even for an Apple-heavy household like mine (five Macs, two iPads, and four iPhones all running the latest OSes), things fall apart when we try to give Apple control of syncing between the devices. The only way we've found to make things work is to use my iCloud account as the master for purchasing new content, and then use iTunes Match to generate the horrendously slow torture of downloading others' purchased items onto our individual devices. (Yes, I know downloading others' purchases can be automated, but after the tenth Tinie Tempah song of my son's showing up on my devices, I declared his content off-limits to my Mac and iPhone and turned it off.) Yes, it's nice that Apple now enables me to download songs that have been purchased on other devices. But man, is it sloooowwwwww. It also reflects a thought well-articulated by Neil Levine [9], vice president of Product at Fluidinfo. He suggested that the right way to think about cloud is "cloud in, not device out." In other words, you start with the cloud as the source and distribute to devices. In Apple's hardware-centric world, small wonder that this idea doesn't really gain much purchase, which shows in its execution of iCloud and MobileMe. Which is why Manek Dubash is correct to point to Google [10] as the model for cloud, not Apple, opining that Apple's iCloud requires "a good deal of chicanery, goat sacrifices and widdershins dancing" to get it to work properly. But of course Google is going to do cloud sync better than Apple: Google is at heart a systems company, not a search or an advertising company, as Benjy Weinberger argues [11]: The tricky parts of search were crawling the web, indexing the content and retrieving relevant results very quickly. These problems required an ability to run complex computations in parallel on large numbers of computers, while being resilient to failure of any one of them. In other words, web search is fundamentally a distributed systems problem, as well as, more obviously, an Information Retrieval (IR) problem. As a result, Google focused on systems from day one?.The outcome was that distributed systems are a core part of Google?s DNA, even more so than search. In other words, while it's nice that Apple finally grudgingly admits non-Apple devices exist [12] and supports them with iCloud (as it did before with iTunes, eventually), it still gets cloud services wrong [13] because it starts from the wrong place - the device - rather than starting from the cloud, as Google does. Will this spell the end of Apple? No. I and many others will continue to buy [14] its premium hardware, and happily so. But Apple risks ceding the bulk of the computer, tablet, and smartphone markets to those companies that grok the cloud. Steve Jobs was wrong: things like Dropbox are not merely "features", as Jobs famously told Dropbox founder Drew Houston [15], which Apple will build into its device-centric worldview. Apple has tried that approach, and largely failed. No, it turns out that cloud sync is a big selling point for consumers and enterprises as devices multiply. We might continue to buy our Apple gear, but every time we buy a Samsung or Amazon or Google device, we're going to be reminded why we don't keep our content in iCloud, but instead keep it with Amazon or Google or Microsoft SkyDrive. These other services "just work." Apple's cloud? Not so much. Matt Asay is senior vice president of business development at Nodeable, offering systems management for managing and analysing cloud-based data. He was formerly SVP of biz dev at HTML5 start-up Strobe and chief operating officer of Ubuntu commercial operation Canonical. With more than a decade spent in open source, Asay served as Alfresco's general manager for the Americas and vice president of business development, and he helped put Novell on its open source track. Asay is an emeritus board member of the Open Source Initiative (OSI). His column, Open...and Shut, appears three times a week on The Register. Links ? http://www.bgr.com/2012/05/03/kindle-fire-market-share-q1/ ? https://twitter.com/jasonamaynard ? https://twitter.com/jasonamaynard/status/223812531779674114 ? http://bettermess.com/icloud-it-just-doesnt-work/ ? https://twitter.com/tomdale ? http://www.tilde.io/ ? https://twitter.com/tomdale/status/226008250896744449 ? http://www.topbits.com/cloud-ecosystem-lock-in-doesnt-really-exist.html ? https://twitter.com/neilwlevine ? http://www.zdnet.com/cloud-update-and-how-apple-still-doesnt-get-it-4010026446/ ? http://techcrunch.com/2012/07/15/what-google-is/ ? http://www.apple.com/icloud/setup/ ? http://www.appleinsider.com/articles/11/10/19/users_report_file_syncing_issues_with_apples_icloudios_5.html ? http://www.dailyfinance.com/2012/04/11/does-cloud-computing-hurt-apple/ ? http://www.forbes.com/sites/victoriabarret/2011/10/18/dropbox-the-inside-story-of-techs-hottest-startup/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Jul 21 16:51:58 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 21 Jul 2012 17:51:58 -0400 Subject: [Infowarrior] - Rupert Murdoch steps down from NI boards Message-ID: <59692FD7-C378-44E1-BA5A-0AA60C404C2A@infowarrior.org> Rupert Murdoch steps down from NI boards By Katherine Rushton, Media, telecoms and technology editor 7:00PM BST 21 Jul 2012 http://www.telegraph.co.uk/finance/newsbysector/mediatechnologyandtelecoms/media/9417815/Rupert-Murdoch-steps-down-from-NI-boards.html Rupert Murdoch has resigned as a director of a string of companies behind The Sun, The Times and The Sunday Times, fuelling expectations that he is preparing to sell the newspaper group. Companies House filings show that Mr Murdoch stepped down from the boards of the NI Group, Times Newspaper Holdings and News Corp Investments in the UK last week. He also quit a number of News Corp?s US boards, the details of which have yet to be disclosed by the US Securities and Exchange Commission. News Corporation played down the significance of the resignations as ?nothing more than a corporate housecleaning exercise prior to the company split?. The media giant took a similar line when James Murdoch resigned a string of directorships at News International last November, pouring cold water on suggestions that he was walking away from the UK newspaper arm. He quit as chairman three months later. News Corporation has already said it will split into two separately listed companies, distancing its embattled newspaper and book publishing interests from its rapidly growing film and television operations, which account for nearly 90pc of News Corp?s $4.2bn (?2.7bn) annual revenues. Mr Murdoch has repeatedly insisted that he remains committed to the UK newspaper business. He vowed at the time of the announcement to remain a ?very active chairman? of the publishing business. But his surprise resignation of directorships on both sides of the Atlantic has raised expectations that he is gearing up to sever all ties with the company. Splitting News Corp would also put some much-needed distance between its film and television assets and the newspaper business, whose reputation is threatening the whole News Corp empire. Claire Enders at Enders Analysis said Mr Murdoch?s resignations were part of the ?slow fade of Rupert and James from the UK? that began last year and will be ?complete and permanent?. ?The grip of the Murdochs, finger by finger, has been loosened and it?s not in order to return triumphantly. It?s a permanent shift. ?James and Rupert have decided that they are not welcome in the UK, and they?re right. there is an enforced emotional withdrawal from these assets because they are no longer useful [in terms of influence]," she said. Sources close to News Corp say that its executives have discussed the possibility that, after the split, the Murdochs could sell down their stake in the publishing division altogether and use the equity to help fund a leveraged buyout of the film and entertainment division. It is unclear whether the business still plans to pursue this course of action, but doing so would allow Mr Murdoch to shake off shareholder pressures and revive a long-held plan eventually to appoint his son James Murdoch as his successor. However, some analysts claim that News Corp investors want the Murdochs to buy the publishing assets outright. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Jul 21 22:13:57 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 21 Jul 2012 23:13:57 -0400 Subject: [Infowarrior] - =?windows-1252?q?Ex-federal_official_calls_U=2ES?= =?windows-1252?q?=2E_classification_system_=91dysfunctional=92?= Message-ID: Ex-federal official calls U.S. classification system ?dysfunctional? By Ellen Nakashima, Saturday, July 21, 5:34 PM http://www.washingtonpost.com/politics/ex-federal-official-calls-us-classification-system-dysfunctional/2012/07/21/gJQAfJ1o0W_print.html When the government?s espionage case against former National Security Agency official Thomas A. Drake collapsed last year, it meant that a key defense witness didn?t get to take the stand. The witness, J. William Leonard, the government?s former classification czar, planned to testify about the harm to democracy represented by the case ? not from Drake leaking information about a troubled counterterrorism technology program at the NSA, but from what Leonard viewed as the government?s needless classification of information. Leonard?s views, outlined in an affidavit, got some support with the release of a memo that formed part of the evidence against Drake. The Washington Post received the memo in response to a Freedom of Information Act request. The now-declassified two-page memo is titled ?What a Wonderful Success,? and it contains praise from Gen. Keith B. Alexander, director of the NSA, for agency employees involved in the program. Two paragraphs were marked ?secret.? One of them praised the merits of the program and spoke of getting members of Congress to see how it worked. In the other, a team member was lauded for ?an excellent job? of briefing Alexander on the program. The memo also referred to the program?s use in combating a Chinese cyber-espionage effort, known as Byzantine Hades. Leonard, who saw the memo in preparation for Drake?s trial, said in his affidavit that it ?contained no information which met the standards of the classification system.? Until January 2008, Leonard was the director of the Information Security Oversight Office, which has policy oversight of the executive branch?s national security information classification system. In 34 years of federal service, he said, ?I have never seen a more willful example? of inappropriate classification of information. In an e-mail Friday, Leonard, speaking generally, said the system for classifying information is ?becoming dysfunctional? and ?clearly lacks the ability to differentiate between trivial information and that which can truly damage our nation?s well-being.? The NSA did not respond to a request for comment. Drake was charged with 10 felony counts for passing information to a Baltimore Sun reporter in 2006 and 2007 that raised questions about waste and abuse at the NSA, including within the technology program known as Turbulence. He faced up to 35 years in prison for espionage and obstruction of justice. The case collapsed in June 2011 after federal prosecutors withdrew key documents to keep from disclosing at trial what they said was sensitive information. In a setback to the Obama administration?s efforts to prosecute alleged leakers, Drake agreed to plead guilty to a single misdemeanor of exceeding the authorized use of his government computer. He was not sentenced to any prison time. Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists, also received the declassified memo from the NSA and said its disclosure reinforced questions raised about the prosecution. ?It?s utterly innocuous and practically devoid of meaningful content,? he said of the memo in an interview. ?The idea that someone risked decades of prison over this document is an indictment of the agency and its classification policy.? ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 22 08:57:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 22 Jul 2012 09:57:44 -0400 Subject: [Infowarrior] - OT: The end of trust in America Message-ID: <8064F126-1218-4430-A84E-4DAC0B28539D@infowarrior.org> Romney?s tax returns, Obama?s birth certificate and the end of trust By Marc Fisher, Published: July 20 http://www.washingtonpost.com/opinions/romneys-tax-returns-obamas-birth-certificate-and-the-end-of-trust/2012/07/20/gJQA2eZbyW_print.html The more Americans mistrust politics, the news media, business and virtually every other major institution, the more demand there is for the documents, the proof, the evidence we need to get to the ?real truth.? But we never quite get there. Does anyone believe that questions about Mitt Romney?s wealth and his ability to connect with middle-class voters would somehow be settled if he released a raft of tax returns in addition to his 2010 return, which showed taxes of $3 million paid on income of $21.6 million? Conversely, would those disclosures really damage the Republican presidential candidate more than the video of his car elevator, stories about his wife?s horses, or his awkward remarks about firing people and making $10,000 bets? For many months, President Obama resisted releasing his birth certificate to prove that he was born in this country. When he finally did so last year, many Americans who had been skeptical of the president?s origins had their doubts allayed: In a Washington Post poll, the portion of Americans who said they believed that Obama was born in Hawaii jumped to 70 percent, compared with 48 percent in 2010. Among Republicans, the share who said Obama was not born in the United States fell from 31 percent in 2010 to 14 percent. But doubts about Obama?s ?American-ness? persist. Just this past week, former New Hampshire governorJohn Sununu, speaking on behalf of Romney on a campaign conference call, said, ?I wish this president would learn how to be an American.? Sununu later apologized, but his comment was hardly a slip of the tongue: The same day, on Fox News, he said that Obama ?has no idea how the American system functions, and we shouldn?t be surprised about that because he spent his early years in Hawaii smoking something, spent the next set of years in Indonesia.? These are not random campaign controversies. Almost without exception, squabbles over a candidate?s resistance to release personal documents reflect some essential doubt that voters have about the politician. The clamor for George W. Bush?s draft records grew out of questions about whether he was a lazy son of a privileged politician or had the smarts and drive to serve in high office. The long search for documents detailing the Clintons? real estate doings in Arkansas was part of an effort by voters to figure out whether Bill Clinton?s bad-boy behavior was limited to his personal urges or had leached into his political dealings. When Obama?s birth certificate, passport records and medical files remain an issue for some voters through his presidency, it means that some people are still trying to resolve doubts about his exotic background ? his role as a racial pioneer and his biography as the child of a father from Africa and a mother who took her son across the globe. And when Romney?s tax records become a political albatross, that dispute is not so much about the merits of running a transparent campaign as about the discomfort some voters feel toward the candidate?s wealth and whether he understands the lives of those who have less. Document battles ? whether trumped-up election-season kerfuffles or genuine quests for important information ? have been a mainstay of every national campaign since 2000. That should tell us that the hunger for proof stems from something much deeper than our search for the immaculate candidate. It?s part of our larger national neurosis, the corrosion of the sense that whatever our political leanings, we all share a common fact base. The fraying of that consensus has led increasingly to an entrenched popular skepticism, a stance toward politicians and institutions of all kinds that?s not just an arched-eyebrow ?Show me,? but an obstinate and insistent ?I don?t believe you.? Not only do Americans increasingly segregate themselves in information silos arranged by political ideology, but even when we?re ensconced in the comforting echo chamber of Fox/Drudge World or MSNBC/NPR Land, we?re cynical about the very nature of facts. Since 1996, Alex Jones, a hard-core libertarian with a penchant for conspiracy theories, has hosted a talk show that now runs on more than 100 radio stations and on XM satellite radio. His listeners have long shared his mistrust of the government, but in recent years, Jones has found, it?s become increasingly difficult to convince many people of, well, anything. ?People don?t trust government, major corporations or even their neighbors anymore,? he says from his studios in Austin. ?It?s a complete loss of trust, so people seek bona fide proof of any claim. The Internet has opened up huge new worlds of communication, from the absurd to good, thought-provoking information, but people just don?t know what to believe, so they don?t believe a word of it. They don?t believe a word Mitt Romney says, and they don?t believe what Barack Obama says.? Even when proof is forthcoming, it?s hard to get people to change their minds. Jones himself clamored for many months for Obama to release his birth certificate; when the White House finally did, he says, ?I knew in two hours it was a fake. I blew them up, and it was clearly made with a font designed to look like a typewriter.? Jones has also been on the receiving end of such resolute disbelief. When some listeners expressed doubts about his biography, he was startled to learn that some of them traveled to suburban Dallas to look up his high school yearbooks. ?People just don?t believe anything,? he says. You needn?t agree with Jones?s conclusion that we now live in ?an Alice in Wonderland, Max Headroom, Philip K. Dick, Blade Runner society? to recognize that Americans have become chronic disbelievers of politicians, retailers, corporate bosses and even their friends. ?The Post Modern Consumer just doesn?t believe us anymore. They have endured too many empty promises, too many exaggerated benefits, and too many artful disclaimers.? So concludes Flint McGlaughlin, a Florida-based marketing researcher whose firm, Meclabs, has conducted thousands of experiments aimed at figuring out what kinds of messages can still get through to skeptical Americans. ?The predisposition now is to doubt every claim,? he says. That?s true whether you?re selling soap or hope. But politicians have it worse than most businesses because the electoral process is almost perfectly designed to undermine trust. Campaigns devote a good deal of energy to rooting out and exposing an opponent?s inconsistencies ? gotchas that are magnified by the news media?s passion for conflict and controversy. Political ads on TV consist largely of claims that the other person lied, flip-flopped or pretended to be something other than what he or she really is. The sound bites, instant response ads and focus-grouped phraseology of the modern political campaign ?can create the perception of inconsistency very quickly,? McGlaughlin says. Building trust, however, requires time and a chance to make mistakes and demonstrate resiliency ? exactly what a campaign doesn?t afford a candidate. Bill Clinton?s relatively quick return to popularity and respect after the Monica Lewinsky scandal and his impeachment would be almost unimaginable in today?s environment, where reputations are shattered with the speed of a single Internet meme. No wonder we demand documentary proof from our leaders. Character alone no longer suffices. McGlaughlin now advises his corporate clients to present consumers with quantifiable claims rather than mere expressions of quality. But such advice comes with a dire warning: McGlaughlin, a theologian before he went into marketing, quotes the philosopher Soren Kierkegaard, who said that the more we demand evidence, the more we create doubt. Even official records don?t put doubts entirely to rest. ?There comes a point when you just have to move on with the credibility you have built up over your career,? McGlaughlin says. ?You?re not going to solve problems by producing evidence.? But Obama did slice the number of disbelievers in half by releasing his birth certificate. And in the public realm, there is merit in disclosure for its own sake, says Ellen Miller, a co-founder of the Sunlight Foundation, which works for more transparency in government and politics. ?In the 21st century, access to information and documents is expected,? she says. ?People expect to be able to inspect documents themselves, online and immediately.? Voters are more skeptical than ever, but that demands greater accountability, Miller argues. ?Democracy is messy,? she says. ?But disclosure opens society to a more robust debate.? Debate is of course essential to an effective democracy, but so is trust, the foundation of any compromise or consensus. Putting documents out there is always a good move; Romney?s father, George, released 12 years of his tax returns when he ran for president nearly half a century ago, and the past 20 years have brought a sort of tax-return-disclosure arms race in which candidates have released five, 10, 20 or more years? worth of records. But without a basic compact of belief between the governed and the government, even towering stacks of paper won?t clear the air. Right now, that compact just isn?t there. marcfisher at washpost.com Marc Fisher is a senior editor at The Washington Post. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 22 14:32:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 22 Jul 2012 15:32:30 -0400 Subject: [Infowarrior] - Skype Won't Say Whether It Can Eavesdrop on Your Conversations Message-ID: <082A4602-C0AD-4F30-81B2-739FD42F7B28@infowarrior.org> Skype Won't Say Whether It Can Eavesdrop on Your Conversations By Ryan Gallagher Posted Friday, July 20, 2012, at 4:37 PM ET http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html?google_editors_picks=true New surveillance laws being proposed in countries from the United States to Australia would force makers of online chat software to build in backdoors for wiretapping. For years, the popular video chat service Skype has resisted taking part in online surveillance?but that may have changed. And if it has, Skype?s not telling. Historically, Skype has been a major barrier to law enforcement agencies. Using strong encryption and complex peer-to-peer network connections, Skype was considered by most to be virtually impossible to intercept. Police forces in Germany complained in 2007 that they couldn?t spy on Skype calls and even hired a company to develop covert Trojans to record suspects? chats. At around the same time, Skype happily went on record saying that it could not conduct wiretaps because of its ?peer-to-peer architecture and encryption techniques.? Recently, however, hackers alleged that Skype made a change to its architecture this spring that could possibly make it easier to enable ?lawful interception? of calls. Skype rejected the charge in a comment issued to the website Extremetech, saying the restructure was an upgrade and had nothing to do with surveillance. But when I repeatedly questioned the company on Wednesday whether it could currently facilitate wiretap requests, a clear answer was not forthcoming. Citing ?company policy,? Skype PR man Chaim Haas wouldn?t confirm or deny, telling me only that the chat service ?co-operates with law enforcement agencies as much as is legally and technically possible.? So what has changed? In May 2011, Microsoft bought over Skype for $8.5 billion. One month later, in June, Microsoft was granted a patent for ?legal intercept? technology designed to be used with VOIP services like Skype to ?silently copy communication transmitted via the communication session.? Whether this technology was subsequently integrated into the Skype architecture, it?s impossible to say for sure. Perhaps Skype?s reason for refusing to answer the interception question is because Microsoft has instituted a stricter media strategy than back in 2008. Either way, looking at Skype?s privacy policy today, it?s clear the company is certainly in a position to hand over at least some user communications to authorities if requested. Under Section 3 of the privacy policy, it is stated that Skype or its partners ?may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information.? It also notes that instant messages sent over Skype will be stored for a maximum 30 days ?unless otherwise permitted or required by law.? It is perhaps unsurprising that, with 663 million registered users reported last year, Skype has come under pressure to enable interception of calls. The overarching concern, though, is not the interception requests per se?it?s that Skype isn?t being candid about the status of its relationship with law enforcement. The company could learn a great deal from Google?s transparency reports, detailing requests it receives from authorities on a semi-annual basis. Without openness Skype will lose trust, and without trust it will lose users. Some are already migrating elsewhere, turning to alternatives like Jitsi, which enables end-to-end encryption and a level of security that can no longer be taken for granted with Skype. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 22 20:14:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 22 Jul 2012 21:14:55 -0400 Subject: [Infowarrior] - 'Minority Report' software hits the real world Message-ID: 23 July 2012 - 00H37 'Minority Report' software hits the real world http://www.france24.com/en/20120723-minority-report-software-hits-real-world AFP - The software behind the film "Minority Report" -- where Tom Cruise speeds through video on a large screen using only hand gestures -- is making its way into the real world. The interface developed by scientist John Underkoffler has been commercialized by the Los Angeles firm Oblong Industries as a way to sift through massive amounts of video and other data. And yes, the software can be used by law enforcement and intelligence services. But no, it is not the "pre-crime" detection program illustrated in the 2002 Steven Spielberg sci-fi film. Kwin Kramer, chief executive of Oblong, said the software can help in searching through "big data" for information. It can also create souped-up video-conference capabilities where participants share data from multiple devices like smartphones and tablets, integrated into a large video display. "We think the future of computing is multiuser, multiscreen, multidevice," Kramer told AFP. "This system helps with big workflow problems." A key part of the system is the gesture interface, which the company calls the "g-speak" spatial operating environment. That grew out of a project by Underkoffler -- then a scientist at the prestigious Massachusetts Institute of Technology -- for "Minority Report," before he became chief scientist at startup Oblong. "We have demo versions of this kind of software which show exactly the 'Minority Report' user experience, allowing you to move back and forth in time, or to zoom in to look at details," Kramer said. He said the same software can help businesses to "allow better collaboration, visualization and analysis of large amounts of data. "You can have a lot of data but it's hard to make use of that," Kramer said. "It can be on different machines and hard to access. This allows multiple people to look at that." Gestural interfaces have been developed for other firms including Microsoft's Kinect but Oblong says it has far more sophisticated systems which can use Kinect and more. Some highly sensitive systems use a data glove which can be more precise than ordinary hand movements. Oblong has contracts with firms such as Boeing, General Electric and Saudi Aramco to help in analyzing large amounts of data. It is also developing a gestural interface for onboard computers with automaker Audi. It has raised an unspecified amount of venture capital from investors including Foundry Group, Energy Technology Ventures and Morgan Stanley Alternative Investment Partners. Brad Feld, managing director at Foundry Group, said Oblong offers "a path to fundamentally change the way we interact with computers." Yet the question Oblong often gets is how users can get the "Minority Report" software. David Schwartz, the company's vice president for sales, said "We get calls from people in the military who say, 'I want the 'Minority Report' interface." He said the systems could be used for a realistic version of high-tech software interfaces on TV shows like "CSI." "They would like to get it for free," he added. What makes the real-life version of the software different from the one seen on film is that Oblong does not supply the analytics of the futuristic "pre-crime" division. That does not prevent a company or law enforcement agency from using the software and adding its own analytics. "We think law enforcement and intelligence are big data users and we think our technology is the leader," Kramer said. He said Oblong currently has no government customers in the United States or abroad but offers itself as "a core technology provider." Still, Oblong leverages its role in the movies to get in the door, even if the software is not quite the same. "I think most people look at those 'Minority Report' interfaces and imagine how they could use that flexible system in their own office or designs studio," Kramer said. "It isn't science fiction, it's real." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 07:45:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 08:45:25 -0400 Subject: [Infowarrior] - DigitalGlobe to buy GeoEye for $453 million Message-ID: <0B064522-A452-484F-9595-6A859DF2E6C8@infowarrior.org> DigitalGlobe to buy GeoEye for $453 million Mon Jul 23, 2012 8:16am EDT http://www.reuters.com/article/2012/07/23/us-geoeye-offer-idUSBRE86M0FX20120723 (Reuters) - Satellite imagery provider DigitalGlobe Inc (DGI.N) said it will buy rival GeoEye Inc (GEOY.O) in a $453 million deal that would create the world's largest fleet of high-resolution commercial imagery satellites. The companies, which are the only two suppliers of commercial satellite imagery to U.S. spy and military agencies, are set to join forces ahead of drastic cuts expected in the U.S. defense budget. The cash-and-stock offer is 34 percent higher than GeoEye's stock's Friday closing price of $15.17 per share, the companies said. DigitalGlobe shares were up 16 percent at $16.50, while those of GeoEye were up 37 percent at $20.74 in premarket trade on Monday. DigitalGlobe CEO Jeffrey Tarr will head the new company, while GeoEye CEO Matt O'Connell will have an advisory role. Tarr said the new company would be "better positioned to thrive in a time of unprecedented pressure on our nation's defense budget." GeoEye stockholders can opt for 1.137 shares of DigitalGlobe stock and $4.10 per share in cash or 100 percent of the consideration in cash at $20.27 per share. They can also choose 100 percent of the consideration in stock at 1.425 shares of DigitalGlobe stock. GeoEye shareholders are expected to own 36 percent of the new company under the deal, which caps the cash portion of the offer. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 10:45:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 11:45:43 -0400 Subject: [Infowarrior] - How the Norwegians Reacted to Terrorism Message-ID: <36288E22-B0F7-48B0-94D4-18F3A2C41C73@infowarrior.org> How the Norwegians Reacted to Terrorism http://www.schneier.com/blog/archives/2012/07/how_the_norwegi.html An antidote to the American cycle of threat, fear, and overspending in response to terrorism is this, about Norway on the first anniversary of its terrorist massacre: And at the political level, the Prime Minister Jens Stoltenberg pledged to do everything to ensure the country's core values were not undermined. "The Norwegian response to violence is more democracy, more openness and greater political participation," he said. A year later it seems the prime minister has kept his word. There have been no changes to the law to increase the powers of the police and security services, terrorism legislation remains the same and there have been no special provisions made for the trial of suspected terrorists. On the streets of Oslo, CCTV cameras are still a comparatively rare sight and the police can only carry weapons after getting special permission. Even the gate leading to the parliament building in the heart of Oslo remains open and unguarded. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 10:45:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 11:45:55 -0400 Subject: [Infowarrior] - OT OpEd: The coming economic collapse Message-ID: The coming economic collapse By Peter Morici Published July 23, 2012 http://www.foxnews.comhttp://www.foxnews.com/opinion/2012/07/23/coming-economic-collapse/ The U.S. economy is teetering on the brink of another recession. The bad news is that if it goes down again, there won?t be much we can do to save ourselves. Like a weary heavyweight, if it hits the mat again, it?s down for good. The expansion has been terribly disappointing?growth is hardly 2 percent and jobs creation barely keeps unemployment steady at 8.2. Manufacturing and exports powered the recovery but are now weakening. Consumer spending and existing home sales are flagging, because policymakers failed to aid underwater homeowners as generously as the banks. President Obama is doubling down on slow growth policies?new restrictions on offshore oil and CO2 emissions, and pushing forward with financial regulations that haven?t stopped Wall Street banks from trading recklessly and rigging markets as indicated by the Libor scandal. Governor Romney has reverted to shop-worn Republican prescriptions?tax cuts, free trade and deregulation. With the federal government spending 50 percent more than it takes in, no sane economist could endorse big rate cuts, beyond renewing the Bush tax cuts. China, by manipulating its currency and shutting out western products, helped cause the Great Recession and is now constraining recovery in the United States and Europe. More free trade agreements won?t fix that. [pullquote] Dodd-Frank may be bureaucratic and ineffective but no sane person could claim banks can regulate themselves?smarter solutions, like breaking up unmanageable and unsuperviserable institutions, is needed. Many analysts ask if another big innovation?like the automobile or computer-- is coming and could save the economy. The problems are many new products are creating more jobs in Asia than in the West, and many technology companies are consolidating or facing extinction?consider the smart phone, Hewlett Packard and Yahoo. A lot of US innovation is starting to look more like French art than American commerce. Icons like Yahoo, Facebook and Twitter have made great contributions to the economy and culture but simply don?t have business models that generate enough revenue and sustainable jobs growth. Google has succeeded by cannibalizing newspapers?the net effect has been to destroy more?and branching into software and media?which merely displaces workers elsewhere. Meanwhile, the profitable core of finance?investment banking?is shrinking. Burdensome regulations are a problem, but many clients?ranging from municipalities to wealth managers to foreign governments burnt by Wall Street schemes and securities?are now less interested in what the likes of Goldman Sachs and JP Morgan have to sell. To save European governments, several trillion dollars in sovereign debt must be written down. Beyond lacking a plan to equitably distribute the loss, Germany and other stronger states have not come to terms with the fact that market reforms are not enough. They cannot continue to pursue export-oriented growth strategies and trade surpluses if southern Europe is to create jobs and grow without running up trillions in new debt. China holds the West and its own future hostage?export-driven growth runs to ground when customers can no longer finance their purchases and trade deficits. Borrowing and printing money in the United States and Europe on the scale necessary to keep the Middle Kingdom producing and exporting is no loner possible. China must slow down because it is too late to reorient its economy toward domestic consumption without wrenching dislocations. When the United States entered the recent crisis, its budget deficit was $161 billion. Now it $1.3 trillion, and the Federal Reserve is already maintaining rock bottom interest rates. Even if Congress and the President manage to extend the Bush tax cuts, any hiccup in Europe or China could easily throw the U.S. economy into a recession?and the world?s biggest economy could hit the skids on its own. Capital markets simply won?t be able to absorb a $2.5 to $3 trillion federal deficit to further stimulate the U.S. economy, without sucking badly needed capital out of struggling European and developing country economies. The Fed could only print money to finance it and set off hyperinflation, but it can?t really lower interest rates much further. Having failed to adequately address what caused the Great Recession?China?s trade surplus and the imbalance in demand between the Middle Kingdom and the United States, the cowboy culture on Wall Street and the plight of underwater homeowners?not much can be done, having squandered the grace created by stimulus spending and easy money. Get ready for a bad ride. Peter Morici is an economist and professor at the Smith School of Business, University of Maryland, and widely published columnist. Follow him on Twitter @PMorici1. http://www.foxnews.comhttp://www.foxnews.com/opinion/2012/07/23/coming-economic-collapse/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 11:39:47 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 12:39:47 -0400 Subject: [Infowarrior] - U.S. Admits Surveillance Violated Constitution At Least Once Message-ID: U.S. Admits Surveillance Violated Constitution At Least Once ? By Spencer Ackerman ? Email Author ? July 20, 2012 | ? 4:30 pm | ? Categories: Spies, Secrecy and Surveillance http://www.wired.com/dangerroom/2012/07/surveillance-spirit-law/ Updated, 6:15 p.m. The head of the U.S. government?s vast spying apparatus has conceded that recent surveillance efforts on at least one occasion violated the Constitutional prohibitions on unlawful search and seizure. The admission comes in a letter from the Office of the Director of National Intelligence declassifying statements that a top U.S. Senator wished to make public in order to call attention to the government?s 2008 expansion of its key surveillance law. ?On at least one occasion,? the intelligence shop has approved Sen. Ron Wyden (D-Ore.) to say, the Foreign Intelligence Surveillance Court found that ?minimization procedures? used by the government while it was collecting intelligence were ?unreasonable under the Fourth Amendment.? Minimization refers to how long the government may retain the surveillance data it collects. The Fourth Amendment to the Constitution is supposed to guarantee our rights against unreasonable searches. Wyden does not specify how extensive this ?unreasonable? surveillance was; when it occurred; or how many Americans were affected by it. In the letter, acquired by Danger Room (.pdf), Wyden asserts a serious federal sidestep of a major section of the Foreign Intelligence Surveillance Act. That section ? known as Section 702 and passed in 2008 ? sought to legalize the Bush administration?s warrantless surveillance efforts. The 2008 law permitted intelligence officials to conduct surveillance on the communications of ?non-U.S. persons,? when at least one party on a call, text or email is ?reasonably believed? to be outside of the United States. Government officials conducting such surveillance no longer have to acquire a warrant from the so-called FISA Court specifying the name of an individual under surveillance. And only a ?significant purpose? of the surveillance has to be the acquisition of ?foreign intelligence,? a weaker standard than before 2008. Wyden says that the government?s use of the expanded surveillance authorities ?has sometimes circumvented the spirit of the law? ? a conclusion that the Office of the Director of National Intelligence does not endorse. The office does not challenge the statement about the FISA Court on at least one occasion finding the surveillance to conflict with the Fourth Amendment. Danger Room initially misunderstood the letter to mean that its author, top intelligence official Kathleen Turner, made the statements she was merely informing Wyden he could to issue publicly without revealing classified information. But this is a far cry from how Director of National Intelligence James Clapper typically describes the new FISA law. When the law was up for reauthorization this spring, Clapper wrote to congressional leaders to say its renewal was his ?top priority in Congress,? (.pdf) as the law ?allows the Intelligence Community to collect vital information about international terrorists and other important targets overseas while providing robust protection for the civil liberties and privacy of Americans.? Suspicions about abuse of the government?s new surveillance powers are almost as old as the 2008 expansion of the law. In 2009, citing anonymous sources, the New York Times reported that ?the N.S.A. had been engaged in ?overcollection? of domestic communications of Americans. They described the practice as significant and systemic,? if unintentional. The Justice Department told the Times that it had already resolved the problem. But as the American Civil Liberties Union noted in a May letter to lawmakers, ?There is little in the public record about how the government implements? the expanded law. An ACLU Freedom of Information Act request discovered that the Justice Department and intelligence bureaucracy refer to ?compliance incidents? (.pdf) in their internal accounting of the new surveillance ? which seemed to suggest difficulty staying within the broadened boundaries of the law. (Full disclosure: My wife works for the ACLU.) Wyden has been a lonely congressional voice against renewing the government?s broadened surveillance powers. Last month, he quietly used a parliamentary maneuver to stall the renewal after it passed a key Senate committee. Wyden?s argument was that the government had not fully disclosed the extent of its new surveillance powers. It argued to Wyden that it is ?not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed under the authority of the [FISA Amendments Act].? Separately, the National Security Agency insisted that it would violate Americans? privacy even to tally up how many Americans it had spied upon under the new law. On Friday, Wyden said in a statement: I applaud the DNI for agreeing that transparency should prevail in this situation? I believe that protections for Americans? privacy need to be strengthened, and I believe that the FISA Court?s rulings help illustrate why this is necessary. I look forward to debating this issue on the Senate floor.? In her letter to Wyden, Turner insisted ? as the government has in the past ? that all Constitutional and legal problems with the expanded surveillance have already been rectified. The government, she writes, believes the FISA Amendments Act is ?a well-calibrated statute that strikes an appropriate balance between protecting national security and safeguarding privacy and civil liberties.? ?At no time,? she continues, ?have these reviews found any intentional violations of law.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 12:45:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 13:45:50 -0400 Subject: [Infowarrior] - Reporters Seek Clarification of Pentagon Anti-Leak Policy Message-ID: <0538C1E5-D585-4773-888E-E1A35DC2FFDE@infowarrior.org> Reporters Seek Clarification of Pentagon Anti-Leak Policy July 23rd, 2012 by Steven Aftergood http://www.fas.org/blog/secrecy/2012/07/ppa_letter.html After the Department of Defense issued a statement last week saying that it would ?monitor all major, national level reporting? for evidence of unauthorized disclosures of classified information, Pentagon reporters wrote to the Secretary of Defense and the Chairman of the Joint Chiefs of Staff to ask whether such monitoring extended to surveillance of the press. ?We are asking you to clarify in writing what is meant by ?monitor all major, national level reporting?,? wrote reporters Robert Burns (Associated Press), Kevin Baron (National Journal), Luis Martinez (ABC) and Barbara Starr (CNN) on behalf of the Pentagon Press Association. ?The phrase ?monitor all major, national level reporting? could be interpreted by some as authorizing intrusive actions aimed at members of the news media who report on defense issues. We have received no answers as to specific monitoring authorities, and ?reporting? is much broader than ?published reports?,? they wrote. In particular, they asked, what specific authorities does the Pentagon claim for monitoring the media? ?Do you have authority to do the following: *tap phones at work or home? *intercept or monitor emails? *conduct monitoring or surveillance of Pentagon press workspaces?? ?Are you authorized to monitor phone conversations, emails or press workspaces without our knowledge?? See the July 20 letter from the Pentagon Press Association here. The letter was first reported by Dylan Byers in Politico on July 20. As of last night, no reply from DoD had been forthcoming. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 12:45:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 13:45:55 -0400 Subject: [Infowarrior] - Security-Cleared Population Tops 4.8 Million Message-ID: Security-Cleared Population Tops 4.8 Million July 23rd, 2012 by Steven Aftergood http://www.fas.org/blog/secrecy/2012/07/cleared_population.html The number of people who held security clearances for access to classified information increased last year to a new reported high of more than 4.8 million persons as of October 1, 2011, a new intelligence community report to Congress said. Last year?s annual report, the first official count of security cleared personnel, had indicated that there were over 4.2 million clearances in 2010. That number astonished observers because it surpassed previous estimates by more than a million. (?Number of Security Clearances Soars,? Secrecy News, September 20, 2011). But it turns out that the 2010 number itself underreported the number of clearances, and the new report to Congress presents a revised 2010 figure of 4.7 million. Even so, the number of clearances rose in 2011 by about 3% to 4.86 million, the new report said. [Clarification added: Last year's report used a methodology that tallied access to classified information. The resulting figures are not directly comparable to the figures presented this year. The new report focuses on eligibility for access, which yields a higher number of clearances both for last year and this year.] The total clearance figure is composed of cleared government employees and contractors, at all clearance levels ? Confidential, Secret and Top Secret. (The number of Top Secret clearances alone was over 1.4 million.) It includes all persons who have been cleared for access to classified information whether or not they have actually been granted such access. While the total reported figures are ?likely to include some duplicate entries,? the report explains, efforts have been made to eliminate them and only ?a minimal number of duplicates? remain. The annual report on security clearances was required by Congress in the FY2010 Intelligence Authorization Act. It represents a new degree of transparency in national security classification policy. Until the first report was issued last year, only rough estimates of the size of the cleared population were available, and those estimates proved to be unreliable. The latest ten-page report includes numerous details that are ordinarily withheld from public disclosure, whether they are classified or not. For example, the new report indicates that 5.3% of the security clearance cases that CIA processed last year resulted in denial of clearance. At NSA, the number of denials reached 8.0%. Six of the seven intelligence community agencies that do their own clearance adjudications reported that they had cases that had been open for more than one year, the report said. The number of pending security clearance cases at CIA requiring more than one year to complete was 3,755 for government employees, and 732 for contractors. ?The IC faces unique challenges in clearing individuals with unique or critical skills ? such as highly desirable language abilities ? who often have significant foreign associations that may take additional time to investigate and adjudicate,? the report said. The new report was transmitted to Congress in early July, and was first mentioned in a July 12 report from the Government Accountability Office. The report itself was publicly released last week by ODNI in response to a request from Secrecy News. From rforno at infowarrior.org Mon Jul 23 14:41:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 15:41:29 -0400 Subject: [Infowarrior] - Why the WikiLeaks Grand Jury is So Dangerous Message-ID: <8D2A4826-4DFD-422E-92DA-5068F2317257@infowarrior.org> (c/o ferg) July 23, 2012 | By Trevor Timm Why the WikiLeaks Grand Jury is So Dangerous: Members of Congress Now Want to Prosecute New York Times Journalists Too For more than a year now, EFF has encouraged mainstream press publications like the New York Times to aggressively defend WikiLeaks? First Amendment right to publish classified information in the public interest and denounce the ongoing grand jury investigating WikiLeaks as a threat to press freedom. Well, we are now seeing why that is so important: at a Judiciary subcommittee hearing on July 11, some members of Congress made it clear they also want New York Times journalists charged under the Espionage Act for their recent stories on President Obama?s ?Kill List? and secret US cyberattacks against Iran. During the hearing, House Republicans ?pressed legal experts Wednesday on whether it was possible to prosecute reporters for publishing classified information,? according to the Los Angeles Times. In addition, the Washingtonian?s Shane Harris reported a month ago that a ?senior? Justice Department official ?made it clear that reporters who talked to sources about classified information were putting themselves at risk of prosecution.? < -- > https://www.eff.org/deeplinks/2012/07/why-wikileaks-grand-jury-important-some-members-congress-want-prosecute-new-york --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 17:35:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 18:35:02 -0400 Subject: [Infowarrior] - RIP Sally Ride, first US woman in space Message-ID: <7AA7B1FE-4609-4617-92F2-AC9B0E25E1D0@infowarrior.org> Sally Ride, first U.S. woman in space, dies at 61 Irene Klotz Reuters 5:28 p.m. CDT, July 23, 2012 http://www.chicagotribune.com/news/sns-rt-us-sallyridebre86m1c3-20120723,0,6895077.story CAPE CANAVERAL, Florida (Reuters) - Sally Ride, the first U.S. woman to travel into space, died on Monday after a 17-month battle with pancreatic cancer, according to her organization, Sally Ride Science. She was 61. Ride broke new ground for American women in 1983 when at the age of 32 she and four crewmates blasted off aboard space shuttle Challenger. She returned to space for a second mission a year later. "??Sally Ride broke barriers with grace and professionalism - and literally changed the face of America's space program," NASA administrator Charles Bolden, a former astronaut, said in a statement. "??She will be missed, but her star will always shine brightly," Bolden said. Ride grew up in Los Angeles and attended Stanford University, where she earned degrees in physics and English. She joined NASA's astronaut corps in 1978. She was assigned to a third shuttle flight, but training for the mission was cut off after the fatal 1986 Challenger accident that claimed the lives of six colleagues and a schoolteacher. Ride served as a member of the presidential commission that investigated the accident, then assisted the agency as an administrator with long-range and strategic planning. She left NASA in 1989 and joined Stanford as a professor. Ride's interest in education extended to younger students, particularly women whom she targeted with her science education startup Sally Ride Science in San Diego. The company creates science programs and publications for elementary and middle school students and educators. Ride also authored five science books for children and served on dozens of NASA, space and technology advisory panels, including the board that investigated the second fatal space shuttle accident in 2003. Ride, who was also a science writer, is survived by her mother, her partner, Tam O'Shaughnessy, a sister, a niece and a nephew. (Additional reporting by Dan Burns; Editing by Kevin Gray and Philip Barbara) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 23 20:14:57 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jul 2012 21:14:57 -0400 Subject: [Infowarrior] - =?windows-1252?q?Jack_Daniel=92s_Sends_the_Most_P?= =?windows-1252?q?olite_Cease-and-Desist_Letter_Ever?= Message-ID: <2D090DA1-AC09-4C75-BD4E-CC9D5F6667C4@infowarrior.org> Jack Daniel?s Sends the Most Polite Cease-and-Desist Letter Ever https://mashable.com/2012/07/22/jack-daniels-trademark-letter/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 24 16:43:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 24 Jul 2012 17:43:10 -0400 Subject: [Infowarrior] - OT: He's really movin' on up. Message-ID: Jul 24, 2012 Pioneering TV sitcom star Sherman Hemsley is dead at 74 By Maria Puente, USA TODAY http://content.usatoday.com/communities/entertainment/post/2012/07/pioneering-tv-sitcom-star-sherman-hemsley-is-dead-at-74/1#.UA8WmETgLyI Sherman Hemsley, the actor who made cranky George Jefferson on The Jeffersons unforgettable, has died in his El Paso home, TMZ and local media are reporting. He was 74. The cause of death was unclear but TMZ cited anonymous sources who said it appeared to be natural causes. TMZ said he was discovered by his nurse, who first thought he was sleeping. Hemsley did not have a wife or children. Hemsley, who first played George Jefferson on All in the Family, became a star with the successful spinoff The Jeffersons. He was among the small number of black actors who pioneered leading roles in successful sitcoms. He also played Deacon Ernest Frye on Amen. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 06:23:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 07:23:30 -0400 Subject: [Infowarrior] - Clausewitz for Kids Message-ID: The Bible of Western War, Now Featuring Cartoon Animals ? By Spencer Ackerman ? Email Author ? July 18, 2011 | ? 4:13 pm | ? Categories: Bizarro http://www.wired.com/dangerroom/2011/07/the-bible-of-western-war-now-featuring-cartoon-animals/ How many times has this happened to you: at the schoolyard, you watch two kindergarteners prattle senselessly about some toy-related dispute. They rally their fellows to their respective causes, each pressing the justice of his case. Forces amassed, they begin gamely pushing and smacking one another, resulting in plaintive cries of woe, only to desultorily cease hostilities, with no appreciable change in the allotment of toys. And you think to yourself: If only these children could appreciate Clausewitz, this awful futility could have been avoided. That?s not exactly why Caitlin Fitzgerald started turning Carl von Clausewitz?s 1832 masterpiece On War into an online children?s book. But, Fitzgerald says, laughing, ?if kids knew about Clausewitz, it wouldn?t be such a bad thing.? One wonders. On War is Clausewitz?s attempt to distill warfare down to its enduring essentials. Its only equal is Sun Tzu?s The Art of War. If you?ve heard the phrase, ?war is politics by other means,? you know the nickel version. If you want to go for the jackpot, stroll over to one of the war colleges or onto any military listserv to hear people debate Clausewitz?s relevance to their pet issue or dispute what he really said like he was Marshall McLuhan in Annie Hall. But if you?d like something in between, Fitzgerald?s Clausewitz for Kids blog is slowly recasting On War, section by section, into a lecture series in the Prussian forest, conducted by Hare Clausewitz (get it?), the intense-looking rabbit officer pictured above in Napoleonic-era regalia. Hare Clausewitz holds forth on the cruelties of fate (?With the best planning in the world, you will still always be at the mercy of chance. It is unavoidable in war. You are always gambling to some degree?), the objective of violence (?to make the enemy do our will, to make him do what we want him to do?), and the primacy of politics in war (?You must never forget this part, because war is just a continuation of policy?). The otters, badgers, boars and other woodland creatures stand in for the children, asking Hare Clausewitz to back up and explain one of his concepts. He?s not really into it: ?Please save your questions!? he bellows. Not exactly something for the playground. The whole thing started as a Twitter joke with Fitzgerald?s friends. Jason Fritz from the Ink Spots blog tweeted last fall that he couldn?t interest his six-year old in On War since the book, alas, has no pictures. Suddenly Fitzgerald, who?d recently finished reading On War, knew what she had to do. ?I started it for my own entertainment,? says Fitzgerald. ?It didn?t come out of a driving need for kids to know about Clausewitz.? She credits her friend Lauren Jenkins, a Danger Room pal and development blogger, with coming up with Hare Clausewitz, after Fitzgerald toyed with making him a fox, boar or marten. ?He kind of reminds me of Hazel from Watership Down,? she says. Months later, Fitzgerald is devoted to translating all of On War, with her own illustrations, for the erector-set strategist crowd. It advances slowly, as her time allows: the Boston-based Fitzgerald, a former international relations grad student, works three different jobs. ?I would have no objection to a book deal on this,? she generously allows. So far, the blog has yet to yield a book offer, let alone a ruthlessly calculating group of playground Prussians. But give it time. From serving officers, Fitzgerald says, ?I hear, ?I can?t wait to read this to my kids.?? ? shudder ? ?And I hear just as often from people in the military, ?Oh, I need this, or I might never understand Clausewitz.?? Coming soon, surely: the animated adventures of the Woodland General Staff. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 07:51:24 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 08:51:24 -0400 Subject: [Infowarrior] - Brand Police Are on the Prowl for Ambush Marketers at London Games Message-ID: The Olympics are all about the sport, right? Everyone who believes that who's NOT on the IOC or hosting committees, raise your hand...... --rick Brand Police Are on the Prowl for Ambush Marketers at London Games By DAVID SEGAL http://www.nytimes.com/2012/07/25/sports/olympics/2012-london-games-brand-police-on-prowl-for-nike-and-other-ambush-marketers.html LONDON ? It is one of the fiercest contests at the Olympics, but it is not on any list of events. Every two years, the International Olympic Committee and the host city battle companies that want to bask in the Games? prestige and global exposure but have not paid the small fortune required to be an official sponsor. Ambush marketing, as it is called, has been around for decades, and no company has practiced this dark art with more verve and success than Nike. The triumphs of the sportswear giant, and other ambushers, have compelled the I.O.C. to impose ever more stringent rules to keep corporate crashers away from the party. No city has drafted broader and more robust rules than the London Organizing Committee of the Olympic and Paralympic Games, which, with an assist from the British Parliament, criminalized the most egregious ambush tactics and made lesser offenses punishable with fines of $30,000 or more. Since those laws were passed, the London organizing committee has been accused of protecting its sponsors with excessive zeal. But a larger question has remained: Would the rules work? Would they pass the toughest test of all by keeping a dedicated ambusher like Nike on the outside? The answer, it appears, is yes. At 7 a.m. Eastern Wednesday, Nike is scheduled to post a 60-second ad on YouTube that marks the worldwide unveiling of a campaign called ?Find Your Greatness.? The ad takes an idea that would have run afoul of the rules and cheekily turns it on its head. Instead of showing Olympic athletes in action in London, England, viewers will see unknown athletes in towns and villages called London around the world. Two men on bikes, for instance, are shown riding in London, Nigeria. Runners in London, Ontario, are seen cooling down after a marathon. There is a shot of London, Ohio, and Little London, Jamaica, and a few other Londons, accompanied by shots of a Little League pitcher, a guy doing situps and a menagerie of other unheralded warriors. ?There are no grand celebrations here, no speeches, no bright lights,? a narrator with an English accent intones. ?But there are great athletes. Somehow we?ve come to believe that greatness is reserved for the chosen few, for the superstars. The truth is, greatness is for all of us.? If there is a subtext, it translates to: ?Don?t get all worked up about the Olympics, people. What really matters won?t happen in thatLondon, with all its pomp and medals.? If you cannot join them, in other words, diminish them. Or needle them a little. ?The other way of putting it,? the Nike spokesman Charlie Brooks said in an interview Tuesday, ?is that greatness doesn?t just happen in the stadiums of London. We?re saying that greatness can be anywhere for anyone and you can achieve it on your own terms.? Regardless of its meaning, the campaign seems a little bizarre coming from Nike, which has perhaps done more to deify superstar athletes than any other company. But leave aside the dissonance. News that the best of the ambushers will apparently not attempt a surreptitious assault is sure to be regarded by the organizers of the London Games as evidence that the legal battlements erected in recent years are solid. Sponsors are a major source of financing for the Games? roughly $14.4 billion price tag. Nike?s campaign is also likely to come as a relief to its archrival Adidas, which reportedly spent about $62 million to be an Olympic sponsor. Which is not say that Nike will be invisible here. The company sponsors the United States Olympic Committee, which means that every athlete will wear Nike gear around the village or during medal ceremonies. Nike also sponsors a number of American federations, including basketball, soccer, and track and field, so those athletes will compete in Nike clothing. Athletes of every country are allowed to use any brand of footwear they like. In short, expect to see plenty of swooshes when the competition begins. And while Nike is abiding by the rules, a few of its sponsored athletes have already hashtagged their way into controversy. In June, the Advertising Standards Authority, a British ad watchdog, moved to censure a Twitter campaign by Nike-sponsored English soccer stars, including Wayne Rooney. One of his posts read: ?My resolution ? to start the year as a champion, and finish it as a champion... #makeitcount gonike.me/makeitcount.? The standards group concluded that the post failed to make it clear that it was part of an advertisement. Nike has appealed the decision. Athletes are prohibited from participating in any kind of advertising campaign during the Games, and federations from many countries have been reminding athletes of the rules in briefings when they arrive. But its hard to imagine how the I.O.C., or a country?s Olympic oversight body, would actually punish a social media offender. Stripping medals or blocking someone from competing seems an excessive punishment for a few Twitter posts. An e-mail sent Tuesday to the I.O.C.?s press office was not returned in time for this article. What explains Nike?s noncombatant status in the 2012 Olympics? Diplomacy might be part of it. There have been rumors that the company will be a sponsor in 2016 in Brazil ? Brooks would not comment ? and perhaps this does not seem like the right moment to infuriate the I.O.C. Another explanation is simply that the rules established here, largely through acts of Parliament in 1995 and 2006, are working. It took more than two decades, but perhaps the I.O.C. is nearing its ideal of an ambush-proof Games. ?It?s fair to say that we?re conscious that anything we do should be within the guidelines,? Brooks said. ?There are times when we?re sponsors of things and we expect other brands to play by the rules. Although we?ll always push the rules to the limit, we haven?t set out to break or disregard the rules that are in place.? The most aggressive of the London rules is the one prohibiting anything that creates an association in the mind of consumers between a nonsponsor and the Olympics. That, according to experts, is a first. ?The concept of association is very wide ? wider than trademark analysis, where you need to prove there is confusion or another consequence of the association,? said Adam Rendle a London lawyer at Taylor Wessing specializing in intellectual property and media. ?Anything that looks like it?s attempting to free-ride on the Games, using Games imagery or anything that would create in the consumer?s mind the image of the Games, is at risk of creating an association.? The rules can be awfully specific. Marketers could be in jeopardy if they use two of the next four words: ?Games,? ?two thousand and twelve,? ?2012? and ?twenty-twelve.? And using any one of those words in tandem with ?London,? ?medals,? ?sponsors,? ?summer,? ?gold,? ?silver? and ?bronze? is a no-no. This level of detail led the London authorities to pick a few well-publicized nits. A butcher in Weymouth, near a yachting competition site, was told to take down the five-ring Olympic logo he had made with images of sausage links. A lingerie seller in central England was asked to remove a display that showcased the rings using bras and mannequins as the Olympic torch passed by. A modest backlash was inevitable. ?At my own university,? said Alan Tomlinson a professor at the University of Brighton, ?because we?ve got a big sports studies program, we decided to have a series of lectures about the Games. But we couldn?t use the phrase ?London 2012? in the name because we would have been pounced on.? He lamented what he called ?legislatively backed brand protection? for top sponsors. The protection is about to start. The Olympic Delivery Authority, which is responsible for, among other jobs, enforcing the branding rules during the Games, said it was dispatching 250 ?specialist enforcement officers? to 28 sites. Their mission is to spot infractions and foil unsanctioned publicity stunts. That could mean interrupting giveaways or tearing down illicit advertisements. ?The enforcement officers only have powers within narrow ?event zones? stretching no more than 500m from venues,? wrote an Olympic authority representative in an e-mail. ?While these regulations do seek to stop so-called ambush marketing, they are also there to prevent unauthorized trading near the Games venues to ensure a welcoming environment for spectators.? Despite all these precautions and rules, other companies may go where Nike seems reluctant to tread. Nike is hardly the only ambusher ? American Express, Qantas Airways and Kodak are among the many that have profited from similar stratagems over the years. Nobody, however, ambushes like Nike. In 1996, the company executed what has been called ?the ambush of all ambushes,? at the Atlanta Games, when it bought a number of billboards around event sites and built Nike Village in an office block not far from Olympic Park. It also handed out branded banners for the cheering throngs to wave in the stands. None of those moves would be possible now. Its most recent victory came at the other quadrennial athletic extravaganza, the 2010 World Cup. For that, Nike produced ?Write the Future,? a kinetic and wryly comic ad starring soccer stars from around the world, that made its debut in a three-minute version on the Internet. The ad set a record by racking up 7.9 million online views in one week, according to the Web analytics company Visible Measures. The Nielsen Company later analyzed social media, including Facebook, Flickr and Twitter, and found that Nike wound up with 30 percent of the World Cup-related buzz. That bested Adidas, which had 14 percent ? and was an official sponsor. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 07:56:07 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 08:56:07 -0400 Subject: [Infowarrior] - =?windows-1252?q?Aquarius_Reef_Base=2C_world=92s_?= =?windows-1252?q?only_undersea_lab=2C_falls_victim_to_budget_ax?= Message-ID: Aquarius Reef Base, world?s only undersea lab, falls victim to budget ax By Juliet Eilperin, Published: July 24 http://www.washingtonpost.com/national/health-science/aquarius-reef-base-worlds-only-undersea-lab-falls-victim-to-budget-ax/2012/07/24/gJQAKB1U6W_print.html Sitting at a table 50 feet under the sea, legendary ocean explorer Sylvia Earle lamented what she believes is a shortsighted federal decision to cut off funding for the world?s only undersea laboratory. She was speaking by phone from the Aquarius Reef Base off the coast of Key Largo. She was one of a handful of researchers participating last week in the last federally funded mission to the Aquarius. The budget for the National Oceanic and Atmospheric Administration?s national undersea research program is slated to be eliminated, to the dismay of many researchers. ?For science, we really need assets to keep eyes on the sea, not just a few glimpses here and there,? said Earle, a National Geographic explorer-in-residence. ?We need to understand what we?re doing and how to stabilize the systems that are keeping us alive.? Deployed in the Florida Keys National Marine Sanctuary two decades ago after a four-year stint in the U.S. Virgin Islands, the laboratory has hosted 117 missions since 1993. The 81-ton yellow tube holds six bunks, a galley, a bathroom, a science station and a ?wet porch,? where scuba-diving researchers enter and exit. Visitors can stay for up to two weeks with no worry of getting the bends, because the air inside the Aquarius is pressurized. Researchers, who dive up to 12 hours a day, have used the platform to investigate everything from how sponges change the ocean?s chemistry to the way water flows over a reef. But the federal budget crunch and cost overruns in NOAA?s satellite program have put pressure on the ?wet side? of the agency?s budget ? its ocean programs. Funding for the national undersea research program plunged from $7.4 million in fiscal year 2011 to $3.98 million in fiscal 2012, before the administration slated it for elimination in fiscal year 2013. By contrast, NOAA has asked for more than $2 billion to fund its weather satellite program in 2013 ? a $163 million increase from the current fiscal year. Former NOAA administrator Conrad C. Lautenbacher Jr., who headed the agency under George W. Bush, called the decision to cut off funding for the Aquarius ?penny-wise and pound-foolish.? He said the station ? which runs on between $1 million and $4 million a year, depending on the number of missions ? also gives NASA astronauts a chance to practice how to operate in space. ?It is a national asset. It?s not a large expense, but it?s very valuable for the entire national picture,? Lautenbacher said. ?You have to have priorities, but to put the oceans at the bottom all the time is a very bad thing to do.? In a statement, NOAA Administrator Jane Lubchenco, a marine ecologist by training, said the Aquarius ?has been a vital part? of the agency?s oceans research ?and we fully recognize its importance.? ?NOAA?s core mission is to conduct and support scientific research and exploration of the oceans,? she said. ?Unfortunately, our budget environment is very, very challenging and we are unable to do all that we would like.? The lab was vulnerable to the budget ax in part because it is part of a grant program; although the Aquarius is owned by NOAA, it is run by the University of North Carolina at Wilmington. Thomas Potts, the lab?s director, said that the program sustained ?tremendous cuts? in 1996 and 2006, but that this time is different: ?Now there is actual legislative language which says boom, let?s kill this.? Rep. Ileana Ros-Lehtinen (R-Fla.), the lab?s fiercest proponent in the House, went diving Saturday to visit the lab with her husband, Dexter, and Rep. Mario Diaz-Balart (R-Fla.). A third lawmaker, Rep. David Rivera (R-Fla.), snorkeled as part of the same event. Ros-Lehtinen said that only private donations through the newly created Aquarius Foundation could keep the facility operating. ?As NOAA funding ends for this innovative laboratory, we are all hopeful that an Aquarius Foundation will be able to reopen the base to continue the important scientific studies undertaken there,? she said. Mark Patterson, a College of William and Mary marine science professor whose visit to the Aquarius last month marked his eighth visit there, said researchers like himself can learn much more by immersing themselves in an aquatic environment. For example, working for days at a time underwater, he said, they can attach probes to tiny coral polyps to monitor such things as the ocean?s acidity and the way water moves. ?We?re wiring up the corals to have them tell us their secrets in a way we never can in the lab,? Patterson said. ?It?s just such a better way to do science, to do it in the ocean rather than concoct a caricature microcosm of nature in the laboratory. .?.?. I hope we?re not all crying as we turn out the lights, because working underwater is one of the most interesting things I do.? Before the mission ended Saturday, the Aquarius hosted journalists and a film crew from the group One World One Ocean, which produced several videos about the lab. ?I think a lot of people don?t know what we have here,? said Shaun MacGillivray, One World One Ocean?s managing director, adding that being in the Aquarius ?feels like you?re in outer space.? Potts said he hasn?t given up hope, especially after hearing Lubchenco talk about the predicaments of coral reefs at the International Coral Reef Symposium this month in Cairns, Australia. The Aquarius sits next to Florida?s Conch Reef. ?Here it is, the case study, so now?s not the time to pull the plug on these things,? he said. ?Now?s the time to invest.? ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 08:17:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 09:17:54 -0400 Subject: [Infowarrior] - Who invented the Internet? The outrageous conservative claim that every tech innovation came from private enterprise. Message-ID: Who invented the Internet?: The outrageous conservative claim that every tech innovation came from private enterprise. By Farhad Manjoo | Posted Tuesday, July 24, 2012, at 6:03 PM ET http://www.slate.com/articles/technology/technology/2012/07/who_invented_the_internet_the_outrageous_conservative_claim_that_every_tech_innovation_came_from_private_enterprise_.html Don't believe the outrageous conservative claim that every tech innovation came from private enterprise. Earlier this month, President Obama argued that wealthy business people owe some of their success to the government?s investment in education and basic infrastructure. He cited roads, bridges, and schools. Then he singled out the most clear-cut example of how government investment can spark huge business opportunities: the Internet. ?The Internet didn?t get invented on its own,? Obama said. ?Government research created the Internet so that all the companies could make money off the Internet.? Until recently this wouldn?t have been a controversial statement. Everyone in the tech world knows that the Internet got its start in the 1960s, when a team of computing pioneers at the Pentagon?s Advanced Research Projects Agency designed and deployed ARPANET, the first computer network that used ?packet switching??a communications system that splits up data and sends it across multiple paths toward its destination, which is the basic design of today?s Internet. According to most accounts, researchers working on ARPANET created many of the Internet?s defining features, including TCP/IP, the protocol on which today?s network operates. In the 1980s, they strung together various government and university networks together using TCP/IP?thus creating a single worldwide network, the Internet. Suddenly, though, the government?s role in the Internet?s creation is being cast into doubt. ?It?s an urban legend that the government launched the Internet,? Gordon Crovitz, the former publisher of the Wall Street Journal, argued Monday in a widely linked Journal op-ed. Instead, Crovitz believes that ?full credit? for the Internet?s creation ought to go to Xerox, whose Silicon Valley research facility, Xerox PARC, created the Ethernet networking standard as well as the first graphical computer (famously the inspiration for Apple?s Mac). According to Crovitz, not only did the government not create the Internet, it slowed its arrival?that researchers were hassled by ?bureaucrats? who stymied the network?s success. ?It's important to understand the history of the Internet because it's too often wrongly cited to justify big government,? Crovitz says. I?ll give him one thing: It is important to understand the history of the Internet. Too bad he doesn?t seem interested in doing so. Crovitz?s entire yarn is almost hysterically false. He gets basic history wrong, he gets the Internet?s defining technologies wrong, and, most importantly, he misses the important interplay between public and private funds that has been necessary for all great modern technological advances. If you spend time looking at the history of the Internet, you?ll find the government there at every step. Researchers working directly for the government and at university labs funded by the government were some of the first people on the planet to think up a worldwide network, and, at the beginning, they were the only people working to build such an outlandish thing. That?s not true just of the Internet. Pop open your smartphone and you?ll find government research at the heart of just about every component, from the batteries to the GPS chip to the microprocessor to the multitouch interface. This doesn?t mean that the government deserves all credit for creating your phone. But it does mean that President Obama was right?in tech, no one does anything on his own. Useful products are usually the result of years of research by smart people at various instituitions: government labs, university labs, and corporate R&D campuses. The history of the Internet, like much of everything else that makes our world so magical, proves that in the tech industry, it takes a village. If you want to find out who built the Internet and why, there are a few main sources you should consult. If you?ve got time, read Where Wizards Stay Up Late, Katie Hafner and Matthew Lyon?s definitive history of the founding of the worldwide network. If you don?t have much time, look at A Brief History of the Internet, written by many of the scientists who worked on the system in its early days. The many Wikipedia articles on the history of the Internet are also quite helpful. All these sources put the lie to Crovitz?s ridiculously partisan theory that Xerox, and not the government, created the Internet. Some of Crovitz?s errors seem to stem from technological ignorance; in arguing that Xerox?s graphical machines were in some way responsible for the design of the Internet, Crovitz seems to conflate the Internet and the World Wide Web. The Web is the system of linked, usually graphical documents you see in a Web browser?i.e., sites like Slate. The Internet is the network over which the Web and other communications systems?e-mail, instant messaging, file-sharing?travel. The Internet predated the Web. Other times, Crovitz strays into what seems like intentional intellectual dishonesty. He mentions offhandedly that ?Vinton Cerf developed the TCP/IP protocol,? but he skips over both the gravity of this development and the government?s role in it. TCP/IP is the Internet?s defining language, the only reason that any two computers, anywhere, can send a message to one another. In this way, TCP/IP is the Internet. What?s more, Crovitz neglects to mention that when Cerf created TCP/IP, he did so with Robert Kahn, who was an employee of the Defense Department, and that both of them were working under funding from the government.* What about Ethernet, Xerox?s networking system, which Crovitz credits with being primarily responsible for the Internet? He?s right that Ethernet certainly was vital to the widespread adoption of networked computers. But as Ars Technica?s Timothy Lee points out, Ethernet connects different computers into a single network and does not connect different networks into a single larger network?which is what the Internet is, by definition. Calling Ethernet the foundation of the Internet is like calling sidewalks the foundation of the modern transportation network. Sure, sidewalks are important in how you walk around your neighborhood, but they don?t play much of a role in how you get from Paris to New York. Crovitz?s contention that the government slowed down the Internet is also totally backward. In fact, if you want to blame any single institution for delaying the Internet, your best bet would be the largest private corporation in the land?AT&T. In 1960, an engineer named Paul Baran came up with the idea of a packet-switching network. Baran was working for the RAND Corporation, a government-funded think tank, and he?d been looking for ways to create networks that would survive a disaster. Baran saw that the country?s most basic communications infrastructure?especially the telephone network maintained by AT&T?had several central points of failure. If you took out these central machines, the entire network would fail. His insight was to create a decentralized network, one in which every point was connected to every other point in multiple ways?your message from New York to San Francisco would get split into packets and might pass through Chicago, New Orleans, Atlanta, Tampa, or St. Louis. If one of those nodes were taken out, most of your message would get through, and the network would still survive. As recounted in Where Wizards Stay Up Late, when Baran presented this idea to AT&T, the company?s engineers thought he was nuts. They argued that he had no idea how to run a communications system, and they fiercely resisted the idea of creating a packet-switching network. And that?s why the task fell to the federal government?the Defense Department had to create the Internet because private enterprise refused to. Decades later, it?s easy to blame AT&T for being short-sighted. At the time, though, the company?s decision seemed perfectly reasonable. Baran was proposing something completely radical?who in his right mind would route a message from New York to San Francisco through so many different paths? And why make such a huge change when AT&T?s old way worked so well for its own aims (that is, building a profitable business)? In other words, creating something as grand and untested as the Internet was something that a private company simply couldn?t do. The project was too big, and the payoff too uncertain. That?s true of most technologies in their infancy. The Army created ENIAC, the world?s first general-purpose computer?and only after the military proved the basic idea was sound did IBM jump into the business. Apple began working on a multitouch interface in the 2000s, but that was only after decades of research at other labs, including by many researchers funded by the government. The American military developed and launched the network of satellites that form the Global Positioning System?and only then could tech companies come along to make spectacular use of that system. None of this is to deny the importance of private enterprise in tech. Apple, Facebook, Amazon, Google, Microsoft, and every start-up in Silicon Valley deserves credit for today?s tech marvels. But not a single one of them could have done much of anything without pioneering work by the government. The Internet, the Web, the microprocessor, GPS, batteries, the electric grid?if you?ve built a thriving company that depends on any of these things, you didn?t get there on your own. Or, as the president once said: You didn?t build that. Correction, July 24, 2012: This piece originally misspelled the last name of Robert Kahn. (Return to the corrected sentence) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 15:21:53 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 16:21:53 -0400 Subject: [Infowarrior] - DC police's shockingly reasonable photography policy Message-ID: <9AB7098B-E8AE-4FA4-ABAC-00CCD73B266C@infowarrior.org> DC police chief announces shockingly reasonable cell camera policy http://arstechnica.com/tech-policy/2012/07/dc-police-chief-announces-shockingly-reasonable-cell-camera-policy/ Link to the MPD directive: https://go.mpdconline.com/GO/GO_304_19.pdf --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 17:15:58 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 18:15:58 -0400 Subject: [Infowarrior] - =?windows-1252?q?Xerox=3A_Uh=2C_We_Didn=92t_Inven?= =?windows-1252?q?t_the_Internet?= Message-ID: <60FAE0CD-5328-4AC7-9730-53224E02E3D9@infowarrior.org> Xerox: Uh, We Didn?t Invent the Internet ? By Robert McMillan ? Email Author ? July 23, 2012 | ? 6:54 pm | http://www.wired.com/wiredenterprise/2012/07/xerox-internet/ Wall Street Journal columnist L. Gordon Crovitz took a stab at this question on Monday and settled on Xerox ? the copier company whose research and development group, Xerox PARC, invented just about everything people like about the personal computer. The columnist took exception to Barack Obama?s recent claim that the internet was actually created by government research. Crovitz?s argument? Well, Xerox had to cook up the internet, because it couldn?t wait for those dithering government researchers to make it happen. Xerox hired Robert Taylor, the guy who ran the Department of Defense?s ARPA (Advanced Research Projects Agency) Information Processing Technologies program in the 1960s to run Xerox PARC?s computer lab. ?If the government didn?t invent the Internet, who did?? Crovitz writes, adding: ?Full credit goes to the company where Mr. Taylor worked after leaving ARPA: Xerox.? Xerox maintains a decade-by-decade list of its technological accomplishments on its website. And while it?s eager to take credit for Ethernet, the graphical user interface, and the PC, Xerox doesn?t take credit for the internet. Why not? ?Robert Metcalfe, researcher at PARC, invented Ethernet as a way to connect Xerox printers and the Alto computer,? Xerox spokesman Bill McKee said on Monday. ?But inventing Ethernet is not the same as inventing the internet.? In other words, don?t confuse a network of computers with the birthplace of TCP/IP and lolcats. To be fair, Xerox invented a lot more than just Ethernet. And many of the things that came out of Xerox ? the PC and the graphical user interface ? were crucial to the internet as we know it today, according to Robert Taylor, who we interviewed Monday. To hear Taylor tell it, finding the inventor of the internet is a bit like finding the inventor of the blues. It?s origins are murky and complex. ?The origins of the internet include work both sponsored by the government and Xerox PARC, so you can?t say that the internet was invented by either one alone,? he says. So would the internet have been invented without the government? ?That?s a tough question,? he says. ?Private industry does not like to start brand new directions in technology. Private industry is conservative by nature. So the ARPAnet probably could not have been built by private industry. It was deemed to be a crazy idea at the time.? In fact, Taylor says, the two biggest computer and telecommunications companies back in the 1960s were pretty hostile to two of the big ideas behind the internet: time-sharing computing (IBM liked batch processing) and packet switching (AT&T liked circuit switching). ?Both AT&T and IBM were invited to join the ARPAnet and they both refused,? he says. Michael Hiltzik, the LA Times journalist who wrote the definitive biography of Xerox PARC, Dealers of Lightning, provides a definitive debunking of Crovitz?s argument here. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Jul 25 17:25:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jul 2012 18:25:55 -0400 Subject: [Infowarrior] - SciAm: Yes, Government Researchers Really Did Invent the Internet Message-ID: Okay, I won't bore you with more of this he-said, he-said stuff, entertainingly pathetic as it might be to watch. However, next week I expect someone to say that it was private enterprise that created a sunny day, or that government created the change of seasons. --rick Yes, Government Researchers Really Did Invent the Internet By Michael Moyer | July 23, 2012 | 20 http://blogs.scientificamerican.com/observations/2012/07/23/yes-government-researchers-really-did-invent-the-internet/ ?It?s an urban legend that the government launched the Internet,? writes Gordon Crovitz in an opinion piece in today?s Wall Street Journal. Most histories cite the Pentagon-backed ARPANet as the Internet?s immediate predecessor, but that view undersells the importance of research conducted at Xerox PARC labs in the 1970s, claims Crovitz. In fact, Crovitz implies that, if anything, government intervention gummed up the natural process of laissez faire innovation. ?The Internet was fully privatized in 1995,? says Crovitz, ?just as the commercial Web began to boom.? The implication is clear: the Internet could only become the world-changing force it is today once big government got out of the way. But Crovitz?s story is based on a profound misunderstanding of not only history, but technology. Most egregiously, Crovitz seems to confuse the Internet?at heart, a set of protocols designed to allow far-flung computer networks to communicate with one another?with Ethernet, a protocol for connecting nearby computers into a local network. (Robert Metcalfe, a researcher at Xerox PARC who co-invented the Ethernet protocol, today tweeted tongue-in-cheek ?Is it possible I invented the whole damn Internet??) The most important part of what we now know of as the Internet is the TCP/IP protocol, which was invented by Vincent Cerf and Robert Kahn. Crovitz mentions TCP/IP, but only in passing, calling it (correctly) ?the Internet?s backbone.? He fails to mention that Cerf and Kahn developed TCP/IP while working on a government grant. Other commenters, including Timothy B. Lee at Ars Technica and veteran technology reporter Steve Wildstrom, have noted that Crovitz?s misunderstandings run deep. He also manages to confuse the World Wide Web (incidentally, invented by Tim Berners Lee while working at CERN, a government-funded research laboratory) with hyperlinks, and an internet?a link between two computers?with THE Internet. But perhaps the most damning rebuttal comes from Michael Hiltzik, the author ?Dealers of Lightning,? a history of Xerox PARC that Crovitz uses as his main source for material. ?While I?m gratified in a sense that he cites my book,? writes Hiltzik, ?it?s my duty to point out that he?s wrong. My book bolsters, not contradicts, the argument that the Internet had its roots in the ARPANet, a government project.? In truth, no private company would have been capable of developing a project like the Internet, which required years of R&D efforts spread out over scores of far-flung agencies, and which began to take off only after decades of investment. Visionary infrastructure projects such as this are part of what has allowed our economy to grow so much in the past century. Today?s op-ed is just one sad indicator of how we seem to be losing our appetite for this kind of ambition. About the Author: Michael Moyer is the editor in charge of technology coverage at Scientific American. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 26 20:26:03 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 26 Jul 2012 21:26:03 -0400 Subject: [Infowarrior] - Senate Intelligence Committee Adopts a Dozen Anti-Leak Measures Message-ID: <02C4A55D-A822-4246-B8B3-4FFCD6296337@infowarrior.org> Senate Intelligence Committee Adopts a Dozen Anti-Leak Measures July 26th, 2012 by Steven Aftergood http://www.fas.org/blog/secrecy/2012/07/ssci_leak.html The Senate Intelligence Committee?s markup of the 2013 intelligence authorization bill includes 12 provisions that are intended to combat unauthorized disclosures of classified information. The proposed steps, which are of varying weight and severity, include: ? a requirement to notify Congress when intelligence information is disclosed to the public (outside of the FOIA or the regular declassification review process) and to maintain a record of all authorized disclosures of classified information ? a requirement to establish formal procedures for leak investigations ? a requirement to assess procedures for detecting leaks, including expanded use of polygraph testing in other parts of the executive branch ? a prohibition on cleared personnel (or formerly cleared personnel for up to a year after employment) serving as paid consultants or commentators to a media organization regarding intelligence matters ? a requirement that only certain designated intelligence community officials may communicate with the media ? a requirement for all intelligence community employees to report any contacts with the media ? a requirement for the Attorney General and the DNI to submit a report to Congress on possible improvements to current procedures governing leak investigations ? establishment of provisions to require surrender of federal pension benefits as a penalty for unauthorized disclosures ? a provision to prohibit security clearances for individuals who make unauthorized disclosures of covert action information ?The culture of leaks has to change,? said Committee Chair Sen. Dianne Feinstein in a news release. ?Leaks of classified information regarding intelligence sources and methods can disrupt intelligence operations, threaten the lives of intelligence officers and assets, and make foreign partners less likely to work with us.? In several respects, the proposed new measures are not a dramatic departure from the status quo. Unauthorized disclosures are already barred by non-disclosure agreements that all cleared personnel must sign. Unauthorized contacts between intelligence personnel and the press are already discouraged or prohibited. The Director of National Intelligence has already ratcheted up leak investigations and started an insider threat detection program. Significantly, the proposed anti-leak provisions would not amend the Espionage Act. They would not make all disclosures of classified information a felony. They would not impose restrictions on the unauthorized receipt of classified information, or penalize publication of such information (although one provision invites the Attorney General to reconsider limitations on subpoenas to members of the media). And yet there is something incongruous, if not outrageous, about the whole effort by Congress to induce stricter secrecy in the executive branch, which already has every institutional incentive to restrict public disclosure of intelligence information. In an earlier generation of intelligence oversight, leaks led to leak investigations in executive agencies, but they also prompted substantive oversight in Congress. When Seymour Hersh and the New York Times famously reported on unlawful domestic surveillance in December 1974, the urgent question in Congress was not how did Hersh find out, or how similar disclosures could be prevented, but what to do about the alarming facts that had been disclosed. In contrast, while pursuing leaks and leakers, today?s Senate Intelligence Committee has not held an open public hearing for six months. The Committee?s investigative report concerning CIA interrogation practices from ten years (and two presidential terms) ago has still not been issued. Upon publication ? perhaps this fall ? it will essentially be a historical document. Most fundamentally, the Committee?s new draft legislation errs by treating ?classification? as a self-validating category ? i.e., if it?s classified, it warrants protection by definition ? rather than as the flawed administrative instrument that it is. As far as the Committee is concerned, the unauthorized disclosure of any classified information ? even the substance of a constitutional violation that was recently committed by a US intelligence agency ? would constitute a punishable offense, regardless of its public policy significance. Last Friday, the DNI agreed to declassify the bare fact of such an actual violation, in response to a request by Senator Ron Wyden (as reported by Wired, but altogether overlooked in the Committee?s latest report on FISA last month). This disclosure by the DNI would apparently trigger the proposed new requirement to notify Congress of public releases of intelligence information since it was ?declassified for the purpose of the disclosure? ? which is just silly. ?The whole notion of classification in this building has degenerated into a joke, most reporters and a lot of officials would agree,? said Tony Capaccio of Bloomberg News at a Pentagon press briefing on Tuesday. He asked how the Pentagon planned to distinguish between legitimate secrets and spurious secrets when monitoring news stories for leaks. ?What steps are you going to be taking to make sure when you analyze these news stories that it?s really classified-classified versus B.S.-classified information?? ?I don?t have the answer yet, Tony,? replied Pentagon press spokesman George Little. Neither does the Senate Intelligence Committee. The full version of the FY2013 Senate intelligence bill and the accompanying report is expected to be filed on Friday. The proposed anti-leak provisions ?are the product of work over the past several weeks within the Committee, in discussion with the Executive Branch, in consultation with the House Intelligence Committee, and reflecting input from nongovernmental organizations,? according to the Senate Intelligence Committee. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Jul 26 20:41:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 26 Jul 2012 21:41:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?The_Mac_App_Store=92s_future_of_?= =?windows-1252?q?irrelevance?= Message-ID: <81EAAA96-96C8-4669-A0BB-C08290EFBB3A@infowarrior.org> (As for me, I just like having local copies of the installer here on my own media, non-DRM'd and ready anytime, even w/o an Internet connection. So I agree w/the author --- for his reasons and others as well, I don't trust the App Store either! --rick) The Mac App Store?s future of irrelevance July 26, 2012 http://www.marco.org/2012/07/26/mac-app-store-future Postbox?s exit from the Mac App Store should sound very familiar to anyone who buys Mac software. If you read between the lines a bit, I think the real story there is one we?ve seen a lot since June 1: they tolerated the App Store?s lack of paid upgrade mechanics before, but sandboxing ? and more accurately, needing to remove important app features because of their incompatibility with the current set of sandboxing entitlements ? was the last straw. How many good apps will be pulled from the App Store before Apple cares? The problem with sandboxing isn?t that any particular app is incompatible with the current entitlements. It?s a deeper problem than that: Apple is significantly reducing the number of apps that can be sold in the Store after people have already bought them. Apple?s stance seems to be pretty typical of them: comply with the new rules or leave. This usually works for them, but this time, they?ve made a critical strategic error: leaving is often a better option, or the only option, for the affected developers. Many of them have already left, and many more will. In the first year of the Mac App Store, before sandboxing, I bought as much as I could from it. As a customer, the convenience was so great that I even repurchased a few apps that I already owned just to have the App Store updates and reinstallation convenience. And, most importantly, when an app was available both in and out of the Mac App Store, I always bought the App Store version, even if it was more expensive. But now, I?ve lost all confidence that the apps I buy in the App Store today will still be there next month or next year. The advantages of buying from the App Store are mostly gone now. My confidence in the App Store, as a customer, has evaporated. Next time I buy an app that?s available both in and out of the Store, I?ll probably choose to buy it directly from the vendor. And nearly everyone who?s been burned by sandboxing exclusions ? not just the affected apps? developers, but all of their customers ? will make the same choice with their future purchases. To most of these customers, the App Store is no longer a reliable place to buy software. This jeopardizes Apple?s presumed strategic goal of moving as much software-buying as possible to the App Store. By excluding so many important apps and burning the trust of so many customers, the App Store can never become ubiquitous. Apple can never require an App-Store-only future and all of the simplicity and security benefits that it could bring, if that was ever their goal. And with reduced buyer confidence, fewer developers can afford to make their software App Store-only. This even may reduce the long-term success of iCloud and the platform lock-in it could bring for Apple. Only App Store apps can use iCloud, but many Mac developers can?t or won?t use it because of the App Store?s political instability. The Mac App Store is in significant danger of becoming an irrelevant, low-traffic flea market where buyers rarely venture for serious purchases. And I bet that?s not what Apple had in mind at all. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 27 12:05:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jul 2012 13:05:14 -0400 Subject: [Infowarrior] - OpenBarr Tracks 'Untrackable' Flights Message-ID: <53471287-A10D-444B-976E-8949AFEBECCC@infowarrior.org> http://www.forbes.com/sites/andygreenberg/2012/07/26/want-to-find-jay-zs-or-bill-gates-private-jets-openbarr-tracks-untrackable-flights/print/ 7/26/2012 @ 10:30AM |4,767 views Want To Find Jay-Z's Or Bill Gates' Private Jets? OpenBarr Tracks 'Untrackable' Flights Good news for paparazzi, stalkers, and corporate spies: ?Private? jets are about to become significantly less private. At the Defcon security conference later this week, two security researchers plan to release a tool that aims to expose a little-seen list of hidden private aircraft flight plans?the so-called Block Aircraft Registration Request or BARR list, a collection of aircraft whose owners have worked to keep their whereabouts out of the Federal Aviation Administration?s public database of flights. Dustin Hoffman and Semon Rezchikov have built OpenBarr.net, a website that will make public the tail numbers and locations of planes whose owners have explicitly tried to make them untrackable. In some cases, the planes? destinations will even be posted prior to their arrival, such that a resourceful paparazzi could arrive at the airport ready to catch his or her target stepping out the door. ?TMZ would probably love to know where Jay Z?s plane is going to land and when,? says Hoffman, who runs the IT consultancy Exigent Systems and frequently pilots his own plane. ?Or if you want your product on the shelves at Walmart and a competitor?s executives are flying their corporate jet into Bentonville, Arkansas, knowing that could be very advantageous.? Since the year 2000, private aircraft have been able to file a request with the FAA and have their flight plans excluded from the public database accessible to sites like FlightAware.com, which allows anyone to look up a plane?s location and upcoming destinations based on its tail number. ?Anyone who?s interesting who you might want to track is already on the BARR list,? says Hoffman. ?If someone wants to travel discreetly, why not?? But Hoffman and Rezchikov found a clever way to maneuver around the list?s privacy protections. Even private planes signal their arrival to air traffic control towers over public frequencies that anyone can access with a bit of radio savvy. Air traffic control enthusiasts eavesdrop on those communications and collect them at sites like LiveATC.net, where they can be streamed or downloaded in archives. So the two researchers developed speech-to-text software that allows them to download the audio files and convert them to publicly-accessible alerts about which planes are arriving where in as little as five minutes. ?They simply can?t get in without talking on the radio,? says Hoffman. ?We suck up the mp3s and scrape them. There?s no way around it.? For now, OpenBarr only tracks flights going into or coming out of the three Las Vegas airports: McCarren International, Henderson, and North Las Vegas. But Hoffman and Rezchikov have plans to expand it soon?possibly with volunteer help from the site?s users?to other cities including Miami and Los Angeles. Parsing a noisy feed of jargon-filled air-traffic-control communications isn?t easy. (The recordings sound like this.) But Rezchikov, a freshman at MIT and a Thiel Fellow, used an open source system called Sphinx developed at Carnegie Mellon, and honed the program?s understanding of air traffic vocabulary with 70 hours of air traffic control transcripts provided by the Linguistic Data Consortium along with hours more of transcripts he and Hoffman produced themselves. With significant tweaking, the program can now recognize 80% of words in the recordings, Rezchikov says, though its accuracy for recognizing digits such as plane tail numbers is much higher. Adding more cities to OpenBarr.net will require more transcribing of feeds from other airports, to ?teach the thing to understand every acoustic environment,? says Rezchikov. But he and Hoffman may request that OpenBarr users who want a new airport added spend a few minutes transcribing recordings from its control tower and submitting them to the site. The BARR list became a subject of debate last year when the FAA sought to change flying rules to cancel the opt-out privacy protection. But after the National Business Aviation Association and privacy advocates lobbied in favor of maintaining the option, it was reinstated in November of last year. Update: Needless to say, the NBAA isn?t happy about about Hoffman and Rezchikov?s work. ?It?s regrettable that someone would seek to violate another person?s security ?for fun and profit? as this person, in his own words, says he wants to do,? writes Dan Hubbard, a spokesperson for the association, referring to the somewhat playful title of the pair?s Defcon talk: ?Tracking ?Untrackable? Private Aircraft for Fun & Profit.? ?Getting on an airplane shouldn?t amount to forfeiting your security and privacy to anyone, anywhere in the world with an Internet connection,? adds Hubbard. ?That?s why a law was passed to create a program that allows citizens and companies to opt out from having their flights tracked. Attempts to compromise that opt-out ability amount to nothing less than an unwarranted invasion of the privacy of aircraft owners and operators, a threat to the competitiveness of U.S. companies and a potential security risk to the persons aboard aircraft.? Hoffman, himself a private pilot, says he?s conflicted about exposing the BARR list, but felt it was important to show that it didn?t provide complete secrecy, rather than to maintain what he describes as the illusion of privacy. ?I was kind of torn at times,? he says of his work. ?But if Semon and I can pull this off?and this isn?t even our full time job?someone else is already doing it.? In fact, Hoffman says he?s in favor of stronger protections for the privacy of flyers; But he believes?and aims to prove?that the BARR list doesn?t provide it. ?I?m a libertarian. I don?t think it?s anyone?s business where you travel to,? he says. ?But what?s worse, for everyone to know it?s easy to track you, or to have a false assurance you can?t be tracked?? This article is available online at: http://www.forbes.com/sites/andygreenberg/2012/07/26/want-to-find-jay-zs-or-bill-gates-private-jets-openbarr-tracks-untrackable-flights/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 27 12:05:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jul 2012 13:05:23 -0400 Subject: [Infowarrior] - Manipulation of California energy market gives consumers a jolt Message-ID: (Reader adds: "This time JP Morgan is caught operating a fraud in the California electricity market, called the California Independent System Operator, or Cal ISO - the same one that was gamed and defrauded by Enron 10 years ago.") http://www.latimes.com/business/la-fi-hiltzik-20120718,0,1949782.column Manipulation of California energy market gives consumers a jolt By Michael Hiltzik July 18, 2012 The next time your electricity bill prompts you to curse your local utility, here's another target where you should direct your anger: JPMorgan Chase & Co., which has manipulated the California energy market for its own profit and at a cost to residents and businesses in the state that could be $100 million, $200 million or much more. That's the accusation leveled by the California Independent System Operator, which has jurisdiction over 80% of the state's electrical transmission. The ISO, a nonprofit corporation controlled by the state government, estimates that JPMorgan may have gamed the state's power market for $57 million in improper payments over six months in 2010 and 2011. But that could be just the tip of the iceberg: The bank continued its activities past that time frame, according to the ISO. It also says JPMorgan's alleged manipulation could have helped throw the entire energy market out of whack, imposing what could be incalculable costs on ratepayers. The Federal Energy Regulatory Commission, the regulator of the ISO and its trading markets, has started a formal investigation into Morgan's allegedly manipulative energy deals in California and with the Midwest ISO, which covers 11 states from Michigan to Montana. Forget JPMorgan's well-publicized multibillion-dollar trading loss in derivatives; this trade turned a handsome profit, and it came directly out of electric customers' hides. The toll may not have amounted to much for each of the 37 million men, women and children in California. But collectively it's a massive, illegitimate tax on the entire state. What's worse, it shows that we haven't learned anything from Enron's bogus energy trading, the disclosure of which helped destroy that firm in 2001 and land several of its executives in jail. To the extent it was designed to exploit loopholes in energy trading rules, experts say, the scheme allegedly perpetrated by JPMorgan Ventures Energy Corp. is cut from the same cloth as Enron's infamous "fat boy" swindle, which cost the state's ratepayers an estimated $1.4 billion in 2000. "There's nothing really new under the sun," says Robert McCullough, a Portland, Ore., energy expert who reviewed the ISO complaint at my request. "But it's a cost you're paying in your monthly bill." Asked for a response to the ISO's allegations, a JPMorgan spokeswoman referred me to a court brief the bank filed last week stating that its trading involved no misconduct and pointing out that FERC hasn't found any, to date. FERC says its inquiry is still at an early stage. But given the complexity of the energy market, this may be one of those cases in which the scandal lies not in what's illegal, but in what's legal. One issue raised by this affair is whether government regulators have adequate tools to enforce trading rules. FERC's investigation could take years, and its maximum penalty is $1 million per day of violation. If the agency hit JPMorgan for even six months of misbehavior, the $180-million bill would be a pittance compared with the $14 billion in revenue collected annually by JPMorgan's investment banking arm, which houses the energy trading. The incentive remains for outfits like JPMorgan to stretch the rules to the breaking point ? if they get caught, the cost is tolerable; if not, the returns are fabulous. This raises again the age-old question: Can Wall Street be trusted? And it suggests an age-old answer: no. "You set up these rules," says Carl Wood, a former Public Utilities Commissioner who served during the California power crisis of 2000-01, "and you have all these very smart people figuring out how to game them." Indeed, there are signs that trading scams are rife: FERC in December accused Deutsche Bank of manipulating the California market and in March extracted a $245-million settlement from Baltimore-based Constellation Energy over charges it made manipulative trades in the New York market. (The Deutsche Bank determination is "preliminary" and subject to further investigation.) These are trades that "don't create jobs or economic value," says Tyson Slocum, director of the energy program at the public advocacy organization Public Citizen. Hints of JPMorgan's behavior leaked out this month, when FERC went to court to demand unedited versions of emails it had subpoenaed from the bank. News reports generally treated FERC's demand as little more than a PR embarrassment for Morgan. But the email dispute is a sideshow. The center ring should belong to the underlying allegations of manipulation. These involve an energy trading unit the bank set up in 2005 as part of a plan to make money via short-term trading in a broad range of commodities with rapidly changing prices, including electricity. JPMorgan doesn't actually own any plants providing power to California, but holds contracts with generators allowing it to offer their power in trading markets. The California ISO hasn't been very forthcoming with details of JPMorgan's alleged misdeeds. Its public filings don't even name the bank; it was FERC's court brief that fingered JPMorgan. The ISO's language describing the scheme is impenetrable to a layman. Here's a piece of its original filing with FERC, untranslated from the original gibberish: "The use of a particular bidding practice, in conjunction with the application of the metered energy adjustment factor to the calculation of market revenues used to offset bid costs, resulted in overpayment of bid cost recovery amounts to specific resources." ISO refused our request to put that in plain English. With the assistance of McCullough and other experts, however, we've unwound what JPMorgan is actually accused of doing in the ISO and FERC filings. Be prepared: It's no less ugly for being diabolically simple. The alleged scheme involves two related wholesale electricity markets maintained by the ISO. There's the day-ahead market, in which power plant owners place bids to provide power for the California electricity grid in the future; and the real-time market, an auction market through which ISO buys electricity for immediate distribution to homes and businesses. To give plant owners an incentive to participate in these auctions, ISO guarantees to cover their costs for starting up or running their plants at a minimal level, even if their bids aren't accepted. This is known as "bid cost recovery." ISO rules allow bidders to claim payments of up to twice their real costs. In simplest terms, JPMorgan submitted bids in the day-ahead market that were so low the firm was certain to be accepted onto ISO's roster of potential electricity suppliers ? in fact, they were negative bids, essentially offering to pay ISO to take their electricity. The bidding is overseen by software, not human beings, and the automated program isn't smart enough to distinguish a real bid from a potentially fake one. (Implausible as it may seem, there can be legitimate reasons for a power generator to submit a negative bid, but they don't apply to JPMorgan.) ISO believes that JPMorgan never intended to make that sale, but the beauty of its low bids was that they made it eligible to collect bid cost recovery payments. The next step was for JPMorgan to make sure that ISO didn't actually buy its electricity, presumably because the profit margin from the bid cost recovery claim was greater than from actually selling energy. So in the real-time market, it priced its electricity so high that ISO wouldn't buy it. The bottom line, the ISO says, is that JPMorgan's traders never intended to sell it electricity via these bids. The scheme, it says, seems to have been designed purely to capture a bid cost recovery payment the bank didn't deserve, at a rate that was inflated anyway. ISO says it first noticed that its auction was being gamed this way in August 2010, when bid cost recovery claims started creeping above the historical range of $3 million to $7 million a month. By February, the monthly bill hit $24 million. More than half the sum, it turned out, was draining out through the bidding loophole. So in March last year, ISO put through an emergency request to FERC for permission to stamp out the practice by immediately revising its bidding rules. The request was granted, and the problem disappeared ? for 10 days. Then, the ISO found, the same perpetrators discovered another loophole and started squeezing that until it screamed for mercy. As a result, the ISO says, it incurred unnecessary costs of $5.3 million over a period of just five days in April 2011. The new scheme prompted the ISO to ask FERC for a second emergency rule change, also granted. Through a spokeswoman, Jennifer R. Zuccarelli, JPMorgan disputes that its bids were designed to avoid selling electricity. Its energy trading operation "always stood ready, able and willing to fulfill the bids we made," she says. The firm observes that bids submitted to the ISO are secret to everyone but the ISO, and therefore its traders have "no way of knowing" whether the ISO will accept or reject its bids. In other words, for all the traders know, they'll have to deliver power. Other experts, however, say it's not so difficult to place a bid you know won't be accepted. McCullough suggests that the questionable bidding may have been focused on times of year and times of day when electricity demand, and therefore the risk of having to fill a bid, is low. He also says that the secret bidding is part of the problem. If power generators' bids were public, they would be subject to more disinfecting sunlight, and any attempt at a swindle might be uncovered much faster. What the JPMorgan accusations really underscore is that a free market in California electricity, the basis of FERC's regulatory policies, doesn't exist. It's a market vulnerable to anyone who can uncover a loophole in the rules ? and it's so complex that there are almost certain to be more loopholes than electrons in the power grid. FERC says it has the legal authority to return the state's wholesale market to a utility model, in which generators would get paid only for their true cost of generation, plus a reasonable financial return. It also has the authority to place trading restrictions on JPMorgan or any other market participant it finds guilty of manipulation, as it did against Enron (though only after that company was already bankrupt). The agency hasn't indicated whether it might take either step in this case. What should scare the regulators ? and ratepayers ? is that there may be many more scams out there, all driving up costs to California consumers. According to ISO documents, JPMorgan's scheme got discovered only because the firm was collecting so much in excessive payments that it became hard to miss. "JPMorgan got greedy," Slocum says. If their take was "25 cents on the dollar, instead of 200%, they never would have been caught." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 27 12:06:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jul 2012 13:06:29 -0400 Subject: [Infowarrior] - Dems try slipping gun control into cybersecurity bill Message-ID: <7C92E1CB-7496-4206-9E80-D900934B09CA@infowarrior.org> This is one of the problems with Congress -- their fetish for tucking in unrelated items into named legislative proposals. Need to pass a controversial national id card scheme? Tack it onto must-pass legislation named the "Defense Authorisation Act." Want to re-fund food stamps? Amend the latest must-pass "Highway Funding Bill." The modern Congress would fail to function (such that it does) and the apparently accepted cronyist nature of American politics would be undermined immediately if Congress would abide by Truth in Advertising when it comes to naming and amending its legislative items. Got an item unrelated to the bill being discussed? Too bad. (wishful thinking, I know....but hey, it's Friday.) -- rick Democratic senators offer gun control amendment for cybersecurity bill By Ramsey Cox - 07/26/12 07:29 PM ET http://thehill.com/blogs/floor-action/senate/240657-cybersecurity-bill-includes-gun-control-measure Democratic senators have offered an amendment to the cybersecurity bill that would limit the purchase of high capacity gun magazines for some consumers. Shortly after the Cybersecurity Act gained Senate approval to proceed to filing proposed amendments and a vote next week, Sen. Chuck Schumer (D-N.Y.), a sponsor of the gun control amendment, came to the floor to defend the idea of implementing some ?reasonable? gun control measures. The amendment was sponsored by Democratic Sens. Frank Lautenberg (N.J.), Barbara Boxer (Calif.), Jack Reed (R.I.), Bob Menendez (N.J.), Kirsten Gillibrand (N.Y.), Schumer and Dianne Feinstein (Calif.). S.A. 2575 would make it illegal to transfer or possess large capacity feeding devices such as gun magazines, belts, feed stripes and drums of more than 10 rounds of ammunition with the exception of .22 caliber rim fire ammunition. The amendment is identical to a separate bill sponsored by Lautenberg. Feinstein was the sponsor of the assault weapons ban, which expired in 2004. The proposed amendment would only affect sales and transfers after the law took effect. Schumer defended the Brady law and assault weapons ban on the floor Thursday evening, perhaps in preparation for the coming fight with Republicans and gun rights activists. Schumer suggested that both the left and right find common ground. ?Maybe we could come together on guns if each side gave some,? Schumer said. He suggested that Democrats make it clear that their goal is not to repeal the Second Amendment. ?The basic complaint is that the Chuck Schumers of the world want to take away your guns,? Schumer said of the argument made by gun lobbies. ?I think it would be smart for those of us who want rational gun control to make it know that that?s not true at all.? Schumer also pointed out that it would be reasonable for the right to recognize that background checks on those buying guns is necessary ? as called for in the Brady law. He also said average Americans don?t need an assault weapon to go hunting or protect themselves. ?We can debate where to draw the line of reasonableness, but we might be able to come to an agreement in the middle,? Schumer said. ?Maybe, maybe, maybe we can pass some laws that might, might, might stop some of the unnecessary casualties ? maybe there?s a way we can some together and try to break through the log jam and make sure the country is a better place.? Next week the Senate is expected to debate and vote on proposed amendments to the cybersecurity bill. Updated at 9:30 p.m. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 27 20:59:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jul 2012 21:59:34 -0400 Subject: [Infowarrior] - DOJ Argues That Even If Case Against Megaupload Is Dismissed, It Still Can Hold Its Assets Message-ID: <1CABE174-D459-46B4-966F-55C9C6B6BFDB@infowarrior.org> DOJ Argues That Even If Case Against Megaupload Is Dismissed, It Still Can Hold Its Assets from the well-of-course dept As the fight over whether or not the US can even charge Megaupload under criminal law continues, the US Justice Department continues to make quite extraordinary claims. If you don't recall, the US filed criminal charges against Megaupload and a bunch of its execs. However, as a US judge noted back in April, under US law it might actually be impossible for the case against Megaupload to proceed, because criminal law requires "serving" the defendant, and the law also says you can only serve companies at their US address. Megaupload is not based in the US and has no US address. The DOJ is trying to tapdance around what the law actually says, but (as Megaupload points out) they can't point to a single real legal citation that supports their position. The DOJ is basically arguing that the law should be what they want it to be... because otherwise the DOJ wouldn't like it very much. < - snip - > http://www.techdirt.com/articles/20120727/11195719858/doj-argues-that-even-if-case-against-megaupload-is-dismissed-it-still-can-hold-its-assets.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Jul 27 21:02:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jul 2012 22:02:06 -0400 Subject: [Infowarrior] - =?windows-1252?q?NBCOlympics=92_Opening_Ceremony_?= =?windows-1252?q?Tape_Delay=3A_Stupid=2C_Stupid=2C_Stupid?= Message-ID: NBCOlympics? Opening Ceremony Tape Delay: Stupid, Stupid, Stupid Ryan Lawler posted 3 hours ago If you were paying attention to Twitter today, you were probably met with two conflicting sides of the 2012 Olympics Opening Ceremony. On the one hand, you had those who were on the ground (or who had access to the live stream somehow ? more on that later), and those who were bitching about not being able to watch the ceremony live. While most of the rest of the world ? or at least Europe ? was watching the ceremony live, U.S. audiences were held hostage by NBC, which holds the rights to the games here. Rather than broadcasting the biggest event of the Games live as it happened, NBC decided it would air the ceremony on a tape delay, to capture a larger overall audience. Now, tape delays are nothing new, but they do seem archaic at a time when online video and social media bring an air of immediacy to live events. The existence of the NBC Olympics Twitter account is evidence of this, but the account seems totally misused in this case: NBC live tweeted the whole ceremony, with no apparent sense of irony around the fact that its target audience couldn?t actually watch the events it was describing. Instead of building excitement around the ceremony, and engaging with its viewers, all NBC ended up doing was frustrating its audience ? the people who care most about watching the thing. So really, how bad was NBC?s strategy around the U.S. broadcast of the 2012 Olympics Opening Ceremony in London? So bad that Mark Benioff, chairman and CEO of Salesforce.com, and someone who should really fucking know better, tweeted out a link to a pirated live stream of the ceremony taking place in London. (Ironically enough, he was tweeting about the appearance of Sir Tim Berners-Lee, creator of the World Wide Web, that magical thing which made the pirate stream available to the rest of us.) < - snip - > http://techcrunch.com/2012/07/27/nbc-olympic-opening-ceremony/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Jul 28 21:50:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 28 Jul 2012 22:50:10 -0400 Subject: [Infowarrior] - #NBCFail is trending bigtime, apparently Message-ID: <894F0F95-33A9-4F1B-9537-F86D6871F9F3@infowarrior.org> NBC criticized for not airing Phelps race live by James Hibberd http://insidetv.ew.com/2012/07/28/nbc-michael-phelps/ NBC?s live vs. tape Olympic Games debate already has its Exhibit A. Viewers slammed the broadcaster for choosing to delay the telecast of Michael Phelps? dramatic men?s 400-meter individual medley race until primetime. The Saturday midmorning race concluded with Ryan Lochte winning the gold medal and Phelps shockingly finishing fourth. The network instead chose to air a taped interview. Fans took to social media to express their outrage with the decision. ?I can?t believe NBC isn?t putting Phelps first medal attempt live,? wrote University of Texas journalism professor Robert J. Quigley on Twitter. ?Is a monkey running that network?? NBA player Dirk Nowitzki tweeted: ?Can?t believe they didn?t show Phelps Lochte live. Now, we all know who won. This is frustrating.? Later, fans hit the broadcaster a second time ? for NBC News revealing the outcome of the race before airing the taped coverage. ?So bizarre!? tweeted author Will Bunch. ?NBC won?t show Lochte-Phelps live at 2:30, but it?s lead story on 6:30 Nightly News w/ no spoiler alert #nbcfail.? Of course, complaining about major Olympic events being delayed until primetime is practically its own sport (and knocking NBC for showing events live in primetime that might seem unworthy of the time period is a close runner up ? sometimes a network can?t win either way). Fans who are determined to watch the Olympics live can stream the events on NBC?s Olympics website. But with the rise of mobile devices and social media, hearing the winner of such a pivotal race is pretty tough to avoid for many connected fans who still prefer to watch television in the traditional way. ?The world has changed,? one sports fan wrote on Twitter. ?This tape delay thing doesn?t work anymore.? NBC earns higher rates from advertisers by airing the day?s biggest events in primetime, when more viewers are likely to tune in. The network claimed Saturday that its tape-delay strategy was already paying off, with ratings for the Opening Ceremony drawing its biggest audience ever for a summer telecast. NBC Sports Group chairman Mark Lazarus said in a statement, ?This audience number for the London Opening Ceremony is a great early sign that our strategy of driving people to watch NBC in primetime is working.? Of course, the multi-hour pageantry of the Opening Ceremony isn?t quite the same as the outcome of a highly anticipated race. I mean, really ? spoiler alert, there are fireworks. Wrote one critic, who along with other viewers had difficulty watching the swimming event via NBC?s online stream: ?There?s little reason NBC would change strategies midway through the Olympics ? NBC just better get used to getting skewered every time something like this happens.? NBC did not return a request for comment, but one of the broadcast network?s competitors defended the Peacock ? sort of. ?Yes, from a ratings perspective [it's smart to tape delay],? the rival executive replied via email, but also noted: ?It?s cynical and Zuckeresque to do what they are doing. People will now tune in to see the agony of defeat.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Jul 28 21:52:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 28 Jul 2012 22:52:30 -0400 Subject: [Infowarrior] - Critics: NBC News Just Playing Games With Olympic Coverage Message-ID: Critics: NBC News Just Playing Games With Olympic Coverage July 27, 2012, 3:42 p.m. CDT The Washington Post News Service with Bloomberg News (c) 2012, The Washington Post. http://www.nola.com/newsflash/index.ssf/story/critics-nbc-news-just-playing-games-with-olympic-coverage/8b8644cd0e06a8447afcce77c851bbc2 To cover this summer's Olympic Games, NBC News will deploy a journalistic force of some 450 people, including 25 reporters and its lead anchorman, Brian Williams. The network has been featuring Olympic updates on the Williams-anchored "Nightly News" and softer stories every morning on the "Today" show for weeks. By contrast, ESPN, the 24-hour sports network, has sent just two reporters to London, plus a handful of blogger-commentators. ABC News is fielding an on-air team of five. CBS News and Fox News are relying on their London bureaus, which have two correspondents apiece. The top anchormen of all four networks are staying home. What explains the difference in the coverage? NBC News says the Games are such an inherently compelling story that its massive commitment is justified. "The Olympics are, and have always been, a major international event," said David Verdi, the network's vice president of worldwide news gathering. "It's a huge story of great interest to every part of our audience." But it might be a little bit more complicated than that. The differing approaches to covering the Games may provide an illustration of the forces that sometimes shape the TV-news agenda. In this case, what constitutes "news" seems to depend on not just who's playing, but also who's paying. NBC News' parent company, of course, has a huge investment in the London Olympics. NBC Universal paid a record $2.2 billion to the International Olympic Committee in 2003 to become the "official" American broadcaster of the 2010 Winter and 2012 Summer games. The fee, which was nearly 50 percent higher than NBC's winning bid for the previous Summer and Winter games, gives NBC the exclusive right to show Olympic events, starting with Friday's Opening Ceremonies. This year, as in 2008 and 2010, NBC will televise thousands of hours of the Games on its main broadcast network and on others owned by NBC Universal's majority shareholder, Comcast, including MSNBC, CNBC, Bravo, Telemundo and the NBC Sports channel. Even the Comcast-owned E! Entertainment channel, best known for its Kardashian family reality series,will get into the Olympic act; it will feature party coverage and athlete interviews. And, as in years past, NBC's news division will be pitching in, too. In the weeks leading up to the Games, NBC News has offered a steady diet of Olympics-related stories. "Nightly News," for example, has covered the Olympic torch relay, reported the results of the Olympic trials in swimming and track, and profiled Olympic athletes. One segment featured a dog crowned the world's ugliest returning home to Britain "just in time for the London Olympics." Meanwhile, NBC's 10 owned-and-operated stations, will offer more coverage on their local newscasts. Each of the stations will have its own journalist at the Games. Critics see another agenda in all this. They suggest that much of this coverage is driven not by newsworthiness, but by corporate synergy, in which the news division generates stories to heighten interest in NBC's prime-time Olympic telecasts. "There's no excuse for this," said Andrew Tyndall, the publisher of the Tyndall Report, which tracks the network news business. "It's just shameless cross promotion. There's no journalistic fig leaf to hide behind. It's free advertising for the prime-time programming." Journalists aren't supposed to promote anyone's corporate interest, but some lines have been crossed in recent years as competition increases and news profits shrink. Network news affiliates often report as news the results of prime-time singing and dancing competitions aired by their networks; many air interviews on their newscasts with the stars of new sitcoms or dramas that will be shown on their station. Verdi acknowledges that there's "a little greater interest and excitement" when a TV news organization is associated with a major event such as the Olympics. "You might see a little more coverage [of the event] on our broadcasts," he said. "We're proud of it. It generates greater interest in the news." But, he adds, "if the question is, is our editorial process corrupted by an event like this, then the answer is no. We use the same editorial checklist to determine coverage [of the Olympics] as we would for any news event." Tyndall challenges that assertion by pointing to the Winter Olympics in Vancouver in 2010. During those Games, in which NBC also had the exclusive broadcast rights, "Nightly News" aired a total of 84 minutes of Olympic-themed news over two weeks ? more than four times as much as CBS' "Evening News" (18 minutes) or ABC's "World News Tonight" (17 minutes), according to Tyndall's tracking. Conversely, when NBC didn't have the Olympic rights, NBC News's interest in the story flagged. During the 1998 Winter Olympics ? which aired on CBS ? "Nightly News" carried just 11 minutes of Olympic-related stories over two weeks. ABC had 18 minutes while "Evening News" ran 41 minutes about the Olympics. This time, NBC's rivals say they'll cover Olympic stories as events warrant. "We'll neither ignore them nor turn over our entire programming schedule to them," said Mike Leber, ESPN's senior coordinating producer. Leber notes that his network and others are handicapped somewhat in their reporting by NBC's exclusive control over showing events. What's more, non-rights holders such as ESPN must abide by restrictions on showing copyrighted Olympic footage. But rival news organizations privately admit their enthusiasm for Olympic stories is tempered by the fact that the Games are being shown by another network. Too much coverage, they say, could drive their viewers to NBC. "The Olympics are such an all-encompassing event that the other networks can't ignore it," said Paul Swangard, managing director of the Warsaw Sports Marketing Center at the University of Oregon. "But the broadcast-rights holder is much more willing to invest its news assets in covering it because they know it will fuel interest that comes back to the bottom line." Swangard, a former journalist, said the mingling of news and promotion "is the one place where I start to feel a little queasy about all of this. If credibility still matters to the news division, they should be a cautious partner in that promotional piece of the equation. If people start thinking they're doing these cheesy stories to fuel the [prime-time ratings], their credibility will be in question once the Olympics are over." The London Games could set the tone for several Olympics to come. Last June, NBC signed a deal with the IOC to broadcast every Olympics ? summer and winter ? through 2020. The $4.4 billion agreement is the most expensive in Olympic history. bc-tv-olympics-repeat (TPN) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 11:40:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 12:40:17 -0400 Subject: [Infowarrior] - DHS gears up for civil unrest prior to presidential elections Message-ID: <78D15821-D9A5-4B67-A405-B519269C3E8A@infowarrior.org> DHS gears up for civil unrest prior to presidential elections Published: 28 July, 2012, 12:49 http://rt.com/usa/news/dhs-unrest-gear-283/ Reuters / Frank Polich The Department of Homeland Security has ordered masses of riot gear equipment to prepare for potential significant domestic riots at the Republican National Convention, Democratic National Convention and next year?s presidential inauguration. The DHS submitted a rushed solicitation to the Federal Business Opportunities site on Wednesday, which is a portal for Federal government procurement requisitions over $25,000. The request gave the potential suppliers only one day to submit their proposals and a 15-day delivery requirement to Alexandria, Virginia. As the brief explains, ?the objective of this effort is to procure riot gear to prepare for the 2012 Democratic and Republican National Conventions, the 2013 Presidential Inauguration and other future similar activities.? The total amount ordered is about 150 sets of riot helmets, thigh and groin protectors, hard-shell shin guards and other riot gear. Specifically, DHS is looking to obtain: - ?147 riot helmets? with ?adjustable tactical face shield with liquid seal? - ?147 sets of upper body and shoulder protection? - ?152 sets of thigh and groin protection? - ?147 hard-shell shin guards? with ?substantial protection from flying debris, non-ballistic weapons, and blows to the leg? and ?optimized protective design for severe riot control or tactical situations.? - ?156 forearm protectors? - ?147 pairs of tactical gloves? The riot gear will be worn by Federal Protective Service agents who are tasked with protecting property, grounds and buildings owned by the federal government. The urgency of the order can be explained by the fact that there is a growing anticipation that many demonstrators will travel to the Republican National Convention (RNC), scheduled for August 27-30 in Tampa Bay, Florida, and Democratic National Convention (DNC), planned for September 3-6 in Charlotte, North Carolina. The RNC itself, for example, will have free speech zones, which will serve as containment quarters for the protesters by not allowing them to leave the designated areas and cause trouble. Another recent DHS move to gear up was back in March of this year, when it gave the defense contractor ATK a deal to provide the DHS with 450 million .40 caliber hollow-point ammunition over a five year period. On top of that, the DHS has recently purchased a number of bullet-proof checkpoint booths and hired hundreds of new security guards to protect government buildings. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 11:58:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 12:58:39 -0400 Subject: [Infowarrior] - =?windows-1252?q?Music_Labels_Won=92t_Share_Pirat?= =?windows-1252?q?e_Bay_Loot_With_Artists?= Message-ID: <1C0CA992-2174-4082-96B2-63DB97386D6D@infowarrior.org> Music Labels Won?t Share Pirate Bay Loot With Artists ? Ernesto ? July 28, 2012 https://torrentfreak.com/pirate-bay-loot-with-artists-120728/ Earlier this year the sentences against the Pirate Bay defendants were made final. Aside from prison sentences, they will have to pay damages to the entertainment industries, including ?550,000 to several major music labels. The court awarded the damages to compensate artists and rightsholders for their losses. However, it now turns out that artists won?t see a penny of the money, as the labels have allocated it to IFPI to fund new anti-piracy campaigns. February this year, Sweden?s Supreme Court announced its decision not to grant leave to appeal in the long-running criminal case against the founders of The Pirate Bay. This meant that the previously determined sentences handed out to Peter Sunde, Fredrik Neij, Gottfrid Svartholm and Carl Lundstr?m will stand. Part of the sentence are damages that have to be paid to various entertainment industry companies. EMI Music, Universal Music, Sony Music and other labels, for example, were awarded around ?550,000 to compensate artists and rightsholders for the losses they suffered. During the trial the court carefully weighed all the individual albums that were brought in as evidence. The resulting damages were eventually based on the fees The Pirate Bay would have paid if they had bought licenses for that content. The music labels were satisfied with this outcome, but have since had trouble collecting the damages. TorrentFreak got a peek at an unpublished document from the legal department of anti-piracy outfit IFPI, which documents the issue in more detail. ?We have filed applications with Sweden?s Enforcement Agency to secure assets to satisfy these funds. So far very little has been recovered as the individuals have no traceable assets in Sweden and the Enforcement Agency has no powers to investigate outside Sweden. There seems little realistic prospect of recovering funds,? the document reads. While it may come as no surprise that the music industry has a hard time getting money from The Pirate Bay defendants, what comes next may raise a few eyebrows. ?There is an agreement that any recovered funds will be paid to IFPI Sweden and IFPI London for use in future anti-piracy activities,? IFPI writes. In other words, the money that the Court awarded to compensate artists and rightsholders for their losses is not going to the artists at all. Instead, the labels will simply hand it over to IFPI for their ongoing anti-piracy efforts, which we documented in detail earlier this week. According to former Pirate Bay spokesman Peter Sunde, one of the people convicted in the case, this shows who the real ?thieves? are. ?Regarding the issue that they?ve already divvied up the loot, it?s always fun to see that they call it ?recovered money? (i.e. money they?ve lost) but that they?re not going to give the artists in question any of it,? Sunde told TorrentFreak. ?They say that people who download give money to thieves ? but if someone actually ends up paying (in this case: three individuals) then it?s been paid for. So who?s the thief when they don?t give the money to the artists?? According to Sunde the news doesn?t come as a surprise. ?As far as I know, no money ever won in a lawsuit by IFPI or the RIAA has even gone to any actual artist,? Sunde says. ?It?s more likely the money will be spent on cocaine than the artists that they?re ?defending?.? This is not the first time that artists have been left out when damages have been awarded in a copyright infringement case. The RIAA previously told TorrentFreak that the ?damages? accrued from piracy-related lawsuits will not go to any of the artists, but towards funding more anti-piracy campaigns. ?Any funds recouped are re-invested into our ongoing education and anti-piracy programs,? we heard. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 12:01:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 13:01:54 -0400 Subject: [Infowarrior] - Apple won't carry an ebook because it mentions Amazon Message-ID: <3D6B1123-399B-40BA-9F21-D88A5F92BF6F@infowarrior.org> (Cue the jokes about a 'thin-skinned Apple' ... --rick) Apple won't carry an ebook because it mentions Amazon http://boingboing.net/2012/07/28/apple-wont-carry-an-ebook-be.html Author Holly Lisle has a series of online writing guides that she sells. One volume of this, "How To Think Sideways Lesson 6: How To Discover (Or Create) Your Story?s Market" was rejected by Apple's iBooks store. At first, Apple told Lisle that she wasn't allowed to have "live links" to Amazon in her books. So she removed the links and resubmitted the book, and then Apple rejected it again, telling her that they wouldn't sell her book because it mentioned Amazon, a competitor of its iBooks store. < - > But I also will not deal with this sort of head-up-ass behavior from a distributor. You don?t tell someone ?The problem is the live links,? and then, when that person has complied with your change request and removed the live links, turn around and say, ?No, no. The problem is the CONTENT. You can?t mention Amazon in your lesson. This is not professional behavior from a professional market. And cold moment of truth here?you cannot write a writing course that includes information on publishing and self-publishing and NOT mention Amazon. It?s the place where your writers are going to make about 90% of their money. So I?m pulling ALL my work from the iBookstore today. I apologize to iBookstore fans. I tried. Hard. But I?m done. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 14:02:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 15:02:54 -0400 Subject: [Infowarrior] - Facebook Abstainers could be labeled Suspicious Message-ID: <90C321F6-477E-4F20-B315-B85128DE8696@infowarrior.org> Yeah, okay. What-ever. --rick Facebook Abstainers could be labeled Suspicious posted on 2012.07.25 by BSOD http://activepolitic.com:82/News/2012-07-25c/Facebook_Abstainers_could_be_labeled_Suspicious.html According to this article printed in tagesspiegel.de, not having a facebook account should be the first sign that you are a mass murderer. No facebook, no job offer. The article mentions the fact that in the US, people were subject to handing their passwords over to potential employers, which privacy advocates, facebook, and the US government disagree with. But the article takes it one step further in claiming that not only did US employers have a legitimate point, but also suggesting that those who abstain from facebook could be mass murderers. As examples they use Norwegian shooter Anders Breivik, who used myspace instead of facebook (or as they put it, "largely invisible on the web", haha @ myspace), and the newer Aurora shooter who used adultfriendfinder instead of facebook. So being social on any other website isn't good enough, it has to be specifically facebook that people are using. While it is already established that sites like facebook and google+ are no good for political activists, abuse survivors, and people in the witness protection program; abuse survivors will have to take a back seat while more and more insane articles like this come out. There seems to be an insanity bubble around older people which has arrived after the initial facebook boom that brought in the youth, where they see facebook as a necessary utility; instead of a trendy website that will have passed in a few years. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 20:07:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 21:07:30 -0400 Subject: [Infowarrior] - U.S forces maintain fire against Megaupload Message-ID: U.S forces maintain fire against Megaupload http://www.theregister.co.uk/2012/07/30/megaupload_pursuit_unrelenting/ MPAA labels Dotcom as career crim (for piracy, not rapping) By Natalie Apostolou ? Get more from this author Posted in Public Sector, 30th July 2012 01:02 GMT The United States government is holding firm against the pursuit of file sharing platform Megaupload and its founders stating that even if the indictment of the Megaupload corporation is dismissed, it will continue the indefinite freeze on it?s assets. During a federal hearing in the U.S last Friday, prosecutors urged U.S. District Judge Liam O'Grady to uphold their charges against infamous file-hosting site Megaupload. Megaupload?s team have been arguing to dismiss the indictment as they posit that criminal procedure does not allow a way to serve notice on corporations that do not have a US address. Judge Liam O'Grady did not issue a ruling. Founder Kim Dotcom received a reprieve from the New Zealand courts earlier this month with the delay of his extradition hearing until 2013, based on his legal team argument that the court violated the Federal Rules of Civil Procedure by failing to mail a summon to their client's last known address in the United States. Team Megaupload also maintain that U.S. prosecutors have no legal jurisdiction over the company as it is a foreign entity with no official presence in the United States. "They wiped out a foreign company that does not reside in the United States by bringing a criminal case against it. If this were a person ... there would be little argument that there were due process violations," Megaupload lawyer William Burck said during Friday's hearing. Burck requested that Judge O'Grady dismiss the indictment without prejudice and force the Department of Justice to re-file charges. The U.S prosecutors claimed that mailing summons to the offices of Dotcom's U.S based lawyers or to Megaupload?s Virginia based hosting supplier Carpethia Hosting was sufficient process. They added that under a Mutual Legal Assistance Treaty they would also be able to send a summons to Megaupload's address in Hong Kong. The Justice Department's Ryan Dickey said that Congress has "made it crystal clear" that they will address global copyright crime and that they would be relentless in the pursuit of Dotcom and his employees with criminal charges whenever they are extradited to the United States. Last week, the Motion Picture Association of America branded Dotocm a ?career criminal? and claimed that even if the case against Megaupload were dismissed it would have little practical impact as Dotocom and his co-founders are still facing indictment. Dotcom remains under house arrest in his New Zealand mansion where he waging an aggressive social media campaign against the MPA and the U.S government?s actions. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Jul 29 21:33:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 29 Jul 2012 22:33:52 -0400 Subject: [Infowarrior] - Twitter has become major character at Olympics Message-ID: <3A79C93F-3846-4BCD-B309-9D82CE68A658@infowarrior.org> #nbcfail FTW, btw. ---rick Posted on Sun, Jul. 29, 2012 07:30 PM Twitter has become major character at Olympics By SAM MELLINGER http://www.kansascity.com/2012/07/29/3730900/sam-mellinger-twitter-has-become.html LONDON -- They are worrying about security, with missile launchers on residential buildings. They are worrying about appearances, with military personnel serving as seat-fillers for the TV shots. And they are worrying about the rain, with CGI-looking clouds hovering over Olympic Park here. As it happens, what they really should be worrying about is Twitter. The social media monster with the silly name is turning these Summer Olympics upside down, 140 characters or so at a time. Even if you?re not on Twitter the impact is impossible to miss. Hope Solo, the wild and terrific goaltender for Team USA women?s soccer, used it to blast former teammate and now commentator Brandi Chastain. A Greek triple jumper was booted out of the Olympics for a racist Tweet. And a German field hockey player was apparently the victim of a ?cowardly fake? message with an offensive joke about Greece. Back home, the Twitter takeover is mocking NBC?s 10-figure investment in the Games. When a broadcasting giant can?t make events start in prime time on the East coast, it just pretends it can. So with London six hours ahead of Kansas City time, NBC made the very 1996 decision to tape-delay many events ? notably major ones like the Lochte-Phelps showdown. NBC has always tape-delayed Olympic events when there?s a major time difference, but these are different times we?re in. Twitter didn?t exist in 2004, and only had six million users in 2008. Today, more than 150 million people use it. Twitter ensures the world moves in real time, and in that way NBC is spitting into the wind of reality. It?s streaming events live online with the slogan ?watch history on NBCOlympics.com,? which is good advice when the alternative is to watch history on television. NBC is also taking the stubborn stance that high TV ratings ? including especially big numbers in Kansas City ? are a mandate of tape-delayed programming. As if people are tuning in to see NBC, and not the actual events. Behind the scenes, Olympics organizers and powers are struggling with how to deal with this. They like the free and easy promotion provided by athletes speaking directly to fans, but don?t want the headaches of the inevitable controversies. NBC?s issue is potentially worse. Information embargoes on major events happening in front of thousands of reporters just aren?t possible. A policy made it possible to revoke credentials of journalists who posted pictures of the opening ceremony setup before the broadcast, but if there was ever sincerity in the threat it was overwhelmed by a huge number of violators. There is a thought from some that this may all take care of itself. The viewing experience is still far better on affordable high-definition TV than through computers, but trends continue to push heavy toward online. More than half the online consumption of these Olympics is being done on mobile devices, for instance. At some point, perhaps the online viewing quality will get close enough to television for the convenience to make it better overall. But at the moment, the best part of mobile devices is the immediacy ? and it?s knocking heads with what NBC wants to package for your living room during prime time. Twitter has weaved its way into a habitual place of many American lives, particularly sports fans, and nobody wants to watch an event after they know the result. If we miss a game live, that?s why God invented highlights. NBC is trying to change the rules and fight the way people want to consume live events. Good luck with that. To reach Sam Mellinger, call 816-234-4365, send e-mail to smellinger at kcstar.com or follow twitter.com/mellinger. For previous columns, go to KansasCity.com. Read more here: http://www.kansascity.com/2012/07/29/3730900/sam-mellinger-twitter-has-become.html#storylink=cpy --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 06:40:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 07:40:48 -0400 Subject: [Infowarrior] - A Day Job Waiting for a Kill Shot a World Away Message-ID: July 29, 2012 A Day Job Waiting for a Kill Shot a World Away By ELISABETH BUMILLER http://www.nytimes.com/2012/07/30/us/drone-pilots-waiting-for-a-kill-shot-7000-miles-away.html?_r=2&hp&pagewanted=print HANCOCK FIELD AIR NATIONAL GUARD BASE, N.Y. ? From his computer console here in the Syracuse suburbs, Col. D. Scott Brenton remotely flies a Reaper drone that beams back hundreds of hours of live video of insurgents, his intended targets, going about their daily lives 7,000 miles away in Afghanistan. Sometimes he and his team watch the same family compound for weeks. ?I see mothers with children, I see fathers with children, I see fathers with mothers, I see kids playing soccer,? Colonel Brenton said. When the call comes for him to fire a missile and kill a militant ? and only, Colonel Brenton said, when the women and children are not around ? the hair on the back of his neck stands up, just as it did when he used to line up targets in his F-16 fighter jet. Afterward, just like the old days, he compartmentalizes. ?I feel no emotional attachment to the enemy,? he said. ?I have a duty, and I execute the duty.? Drones are not only revolutionizing American warfare but are also changing in profound ways the lives of the people who fly them. Colonel Brenton acknowledges the peculiar new disconnect of fighting a telewar with a joystick and a throttle from his padded seat in American suburbia. When he was deployed in Iraq, ?you land and there?s no more weapons on your F-16, people have an idea of what you were just involved with.? Now he steps out of a dark room of video screens, his adrenaline still surging after squeezing the trigger, and commutes home past fast-food restaurants and convenience stores to help with homework ? but always alone with what he has done. ?It?s a strange feeling,? he said. ?No one in my immediate environment is aware of anything that occurred.? Routinely thought of as robots that turn wars into sanitized video games, the drones have powerful cameras that bring war straight into a pilot?s face. Although pilots speak glowingly of the good days, when they can look at a video feed and warn a ground patrol in Afghanistan about an ambush ahead, the Air Force is also moving chaplains and medics just outside drone operation centers to help pilots deal with the bad days ? images of a child killed in error or a close-up of a Marine shot in a raid gone wrong. Among the toughest psychological tasks is the close surveillance for aerial sniper missions, reminiscent of the East German Stasi officer absorbed by the people he spies on in the movie ?The Lives of Others.? A drone pilot and his partner, a sensor operator who manipulates the aircraft?s camera, observe the habits of a militant as he plays with his children, talks to his wife and visits his neighbors. They then try to time their strike when, for example, his family is out at the market. ?They watch this guy do bad things and then his regular old life things,? said Col. Hernando Ortega, the chief of aerospace medicine for the Air Education Training Command, who helped conduct a study last year on the stresses on drone pilots. ?At some point, some of the stuff might remind you of stuff you did yourself. You might gain a level of familiarity that makes it a little difficult to pull the trigger.? Of a dozen pilots, sensor operators and supporting intelligence analysts recently interviewed from three American military bases, none acknowledged the kind of personal feelings for Afghans that would keep them awake at night after seeing the bloodshed left by missiles and bombs. But all spoke of a certain intimacy with Afghan family life that traditional pilots never see from 20,000 feet, and that even ground troops seldom experience. ?You see them wake up in the morning, do their work, go to sleep at night,? said Dave, an Air Force major who flew drones from 2007 to 2009 at Creech Air Force Base in Nevada and now trains drone pilots at Holloman Air Force Base in New Mexico. (The Air Force, citing what it says are credible threats, forbids pilots to disclose their last names. Senior commanders who speak to the news media and community groups about the base?s mission, like Colonel Brenton in Syracuse, use their full names.) Some pilots spoke of the roiling emotions after they fire a missile. (Only pilots, all of them officers, employ weapons for strikes.) ?There was good reason for killing the people that I did, and I go through it in my head over and over and over,? said Will, an Air Force officer who was a pilot at Creech and now trains others at Holloman. ?But you never forget about it. It never just fades away, I don?t think ? not for me.? The complexities will only grow as the military struggles to keep up with a near insatiable demand for drones. The Air Force now has more than 1,300 drone pilots, about 300 less than it needs, stationed at 13 or more bases across the United States. They fly the unmanned aircraft mostly in Afghanistan. (The numbers do not include the classified program of the C.I.A., which conducts drone strikes in Pakistan, Somalia and Yemen.) Although the Afghan war is winding down, the military expects drones to help compensate for fewer troops on the ground. By 2015, the Pentagon projects that the Air Force will need more than 2,000 drone pilots for combat air patrols operating 24 hours a day worldwide. The Air Force is already training more drone pilots ? 350 last year ? than fighter and bomber pilots combined. Until this year, drone pilots went through traditional flight training before learning how to operate Predators, Reapers and unarmed Global Hawks. Now the pilots are on a fast track and spend only 40 hours in a basic Cessna-type plane before starting their drone training. Gen. Norton A. Schwartz, the Air Force chief of staff, said it was ?conceivable? that drone pilots in the Air Force would outnumber those in cockpits in the foreseeable future, although he predicted that the Air Force would have traditional pilots for at least 30 more years. Many drone pilots once flew in the air themselves but switched to drones out of a sense of the inevitable ? or if they flew cargo planes, to feel closer to the war. ?You definitely feel more connected to the guys, the battle,? said Dave, the Air Force major, who flew C-130 transport planes in Iraq and Afghanistan. Now more and more Air National Guard bases are abandoning traditional aircraft and switching to drones to meet demand, among them Hancock Field, which retired its F-16s and switched to Reapers in 2010. Colonel Brenton, who by then had logged more than 4,000 hours flying F-16s in 15 years of active duty and a decade in Syracuse deploying to war zones with the Guard, said he learned to fly drones to stay connected to combat. True, drones cannot engage in air-to-air combat, but Colonel Brenton said that ?the amount of time I?ve engaged the enemy in air-to-ground combat has been significant? in both Reapers and F-16s. ?I feel like I?m doing the same thing I?ve always done, I just don?t deploy to do it,? he said. Now he works full time commanding a force of about 220 Reaper pilots, sensor operators and intelligence analysts at the base. Pilots say the best days are when ground troops thank them for keeping them safe. Ted, an Air Force major and an F-16 pilot who flew Reapers from Creech, recalled how troops on an extended patrol away from their base in Afghanistan were grateful when he flew a Reaper above them for five hours so they could get some sleep one night. They told him, ?We?re keeping one guy awake to talk to you, but if you can, just watch over and make sure nobody?s sneaking up on us,? he recalled. All the operators dismiss the notion that they are playing a video game. (They also reject the word ?drone? because they say it describes an aircraft that flies on its own. They call their planes remotely piloted aircraft.) ?I don?t have any video games that ask me to sit in one seat for six hours and look at the same target,? said Joshua, a sensor operator who worked at Creech for a decade and is now a trainer at Holloman. ?One of the things we try to beat into our crews is that this is a real aircraft with a real human component, and whatever decisions you make, good or bad, there?s going to be actual consequences.? In his 10 years at Creech, he said without elaborating, ?I?ve seen some pretty disturbing things.? All of the pilots who once flew in cockpits say they do miss the sensation of flight, which for Colonel Brenton extends to the F-16 flybys he did for the Syracuse Memorial Day parade downtown. To make up for it, he sometimes heads out on weekends in a small propeller plane, which he calls a bug smasher. ?It?s nice to be up in the air,? he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 06:48:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 07:48:20 -0400 Subject: [Infowarrior] - Alex Day Sells Half A Million Songs By Breaking All The 'Rules' Message-ID: <89BC5C4F-C379-4520-A7B8-83197361A665@infowarrior.org> Alex Day Sells Half A Million Songs By Breaking All The 'Rules' from the *according-to-the-recording-industry dept Well, what do we have here? Another artist operating outside the constraints of the recording industry and yet, against all odds, making money? Probably too good to be true. He's built a huge following on known pirate site YouTube and his first two royalty checks totaled over $200,000, but the question remains: how can Alex Day make money with such a wrong-headed approach? The Tunecore blog gets to the bottom of this Alex Day sensation. In a day and age where no one can sell music, Day is doing exactly that. Not only is he selling music, but he's doing many things completely wrong, if conventional thinking is anything to go by. Just how successful is Alex Day? < - > http://www.techdirt.com/blog/casestudies/articles/20120721/16471919785/alex-day-sells-half-million-songs-breaking-all-rules.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 07:44:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 08:44:43 -0400 Subject: [Infowarrior] - Ubisoft DRM Lets In Remote Attackers, Google Engineer Reports Message-ID: <2B04FDF3-C934-443A-9893-C3326A4C3837@infowarrior.org> Ubisoft DRM Lets In Remote Attackers, Google Engineer Reports ? enigmax ? July 30, 2012 http://torrentfreak.com/ubisoft-drm-lets-in-remote-attackers-google-engineer-reports-120730/ Hacker Tavis Ormandy has discovered a serious vulnerability in a well-known PC game DRM system. The Google engineer said that after buying a game from Ubisoft he became aware that its ?Uplay? browser plug-in might prove problematic. In the early hours of this morning Ormandy confirmed that the add-on allows remote and ?wide access? to machines running the DRM, potentially giving malicious attackers free reign to wreak havoc. Digital Rights Management (DRM) software is seen as an essential part of life for many games developers. It allows them to control who and who cannot copy, install and otherwise operate their software, usually for the purposes of piracy control. But all too often DRM hits the headlines when it either fails to do its job or generates unintended side-effects that cause headaches for legitimate users. Today could be the start of a very big headache indeed for Ubisoft and people who have purchased the company?s games. According to hacker/researcher Tavis Ormandy, the Uplay DRM system designed and operated by Ubisoft could be opening up the company?s customers? machines to a whole world of hurt. ?While on vacation recently I bought a video game called ?Assassin?s Creed Revelations?. I didn?t have much of a chance to play it, but it seems fun so far,? Ormandy wrote on the Full Disclosure mailing list yesterday. ?However, I noticed the installation procedure creates a browser plugin for its accompanying Uplay launcher, which grants unexpectedly (at least to me) wide access to websites. I don?t know if it?s by design, but I thought I?d mention it here in case someone else wants to look into it.? Just 24 hours later Ormandy was back with a worrying update. ?I got it working,? he wrote. ?I submitted it to Ubisoft via the online form.? What Ormandy appears to be suggesting is that once hackers understand how this vulnerability works, websites could incorporate an exploit into their designs which could then allow them to gain access to a Ubisoft game-player?s PC. The sky?s the limit with this kind of opening ? software installs, keyloggers, bots or other malware all become possible. A list of games running Uplay DRM can be found here ? they include some huge names such as the Assassins Creed series, Call of Juarez: The Cartel, Driver: San Francisco, Silent Hunter 5: Battle of the Atlantic, and all the Tom Clancy games. TorrentFreak contacted Ormandy for comment and we will update --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 15:15:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 16:15:39 -0400 Subject: [Infowarrior] - The RIAA knew SOPA and PIPA were useless, yet supported them anyway Message-ID: The RIAA knew SOPA and PIPA were useless, yet supported them anyway The industry knows that most music files are swapped offline, notes Torrent Freak. So why is the RIAA still asking ISPs to spy on us? http://www.itworld.com/it-managementstrategy/287788/riaa-knew-sopa-and-pipa-were-useless-against-piracy-and-supported-them- July 29, 2012, 2:32 PM By Dan Tynan http://www.itworld.com/print/287788 The Torrent Freak blog reveals that, despite the RIAA?s public support of the ill-advised SOPA and PIPA bills last winter, the music industry trade group never actually believed that either piece of legislation would have put a dent in music piracy. Torrent Freak got its hands on a leaked presentation given by RIAA Deputy General Counsel Vicky Sheckler last April. Among the bullet points in Sheckler?s report is the notion that while SOPA and PIPA were ?intended to defer [copyright] infringements [by] foreign sites by obligating/encouraging intermediaries to take action,? they were ?not likely to have been an effective tool for music.? The internal report shows that the US music industry has been taking it in the shorts for some time ? shipments declined from $12.3 billion in 2005 to just $7 billion last year ? but the boogieman isn?t who you think it is. It turns out that while illegal music sharing is still quite popular among the kids, most of the swapping takes place offline, not on. As the following chart shows, only about one out of six music files is exchanged via a P2P network, while nearly half are traded via a physical hard drive or ripping music purchased by others. Cyberlockers like MegaUpload contribute just 4 percent to that total. Part of that can be attributed to the fact that some of the most popular P2P services have been shut down. Part can be attributed to the low cost and easy availability of USB thumb drives. (Seriously, does anyone really trade a hard drive?) I think none of it can be attributed to the RIAA?s spectacularly bungled attempt to intimidate file swappers by suing thousands of them, violating their privacy in the process. So if you want to blame someone outside the music industry for its demise, you might as well blame mix tapes. (Memo to nerdy males who are reading this: Despite your wicked cool taste in tunes, giving a mix tape to the cheerleader of your dreams will not convince her to attend the prom with you instead of that hunky jock. Didn?t work then, still doesn?t work now. Sorry.) There are two big reasons why the music industry has been in steady decline, in my humble opinion. One was its abject refusal to read the writing on the wall in the late 1990s and realize that the Internet just killed its distribution model. Had the record companies partnered with Napster in 1999 instead of trying to stamp it out of existence, they might be singing a different tune right now. The subscription model that Napster proposed back then is now standard fare in the industry. The other reason, perversely, is iTunes. Once people realized they could shell out a buck for the songs they loved instead of $15 to $20 for a CD with the song they loved and a dozen other songs they didn?t love, that was largely game over for album sales. Oh, and there?s a third reason: All that crappy music. Every time my 13 year old turns on the car radio and switches to her favorite station, I am reminded that the only thing the recording industry seems to be good at is churning out the same old s*** over and over and over. (My daughter, tired of hearing me rant about that, just turns the music up louder.) Of course, the realization that Congress can?t help them isn?t stopping the RIAA?s efforts to enlist your ISP in the battle to wipe out all that illegal file swapping that is mostly not happening. They are moving forward with the ?Six Strikes? strategy, offering users who swap music or other copyrighted material 5 or 6 warnings before their Internet connections get throttled or cut off. This essentially turns your ISP into a spy, watching what you do and ratting you out. This is what I pay Time Warner Cable hundreds of dollars a month for? Torrent Freak notes that ?the measures that will be imposed by Internet providers are not that scary, there is a worrying backdoor built into the deal which allows the MPAA and RIAA to request personal details of repeat infringers for legal action.? Next, the RIAA will hire people to stand outside your house and frisk you for thumb drives containing MP3s. The tactics may change, but the reality remains the same: The RIAA still sucks. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 15:16:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 16:16:34 -0400 Subject: [Infowarrior] - New Tool From Moxie Marlinspike Cracks Some Crypto Passwords Message-ID: <25731FA0-59AC-4008-8C37-3DEB981832A5@infowarrior.org> July 30, 2012, 8:38AM New Tool From Moxie Marlinspike Cracks Some Crypto Passwords http://threatpost.com/en_us/blogs/new-tool-moxie-marlinspike-cracks-some-crypto-passwords-073012 Moxie Marlinspike, the security and privacy researcher known for his SSLStrip, Convergence and RedPhone tools, has released a new tool that can crack passwords used for some VPNs and wireless networks that rely on encryption using Microsoft's MS-CHAPv2 protocol. Marlinspike discussed the tool during a talk at DEF CON over the weekend, and it is available for download. ChapCrack is designed to enable users to crack passwords that are used to help secure PPTP connections. PPTP (point-to-point tunneling protocol) is one of the protocols used for securing remote connections. The MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol version 2) is the algorithm used to do the secure negotiation for some PPTP implementations. "Separate cryptographic keys are generated for transmitted and received data. The cryptographic keys are based on the user's password and the arbitrary challenge string. Each time the user connects with the same password, a different cryptographic key is used," Microsoft says in the documentation for the protocol. Marlinspike's ChapCrack tool has the ability to take packet captures that include an MS-CHAPv2 network handshake--the back-and-forth negotiation that sets up the secure connection between machines--and remove the relevant credentials from the capture. The user can then submit the encrypted credentials to CloudCracker and will eventually receive in return an encrypted packet that he can insert into ChapCrack again. The tool then will crack the password. The ChapCrack tool relies on the computing power of a system built by Pico Computing, a specialized manufacturer of hardware for applications such as cryptography that require large amounts of dedicated processing power. David Hulton of Pico Computing presented the ChapCrack tool at DEF CON with Marlinspike. "They were able to build an FPGA box that implemented DES as a real pipeline, with one DES operation for each clock cycle. With 40 cores at 450mhz, that's 18 billion keys/second. With 48 FPGAs, the Pico Computing DES cracking box gives us a worst case of ~23 hours for cracking a DES key, and an average case of about half a day," Marlinspike said in a blog post on the attack and tools. "With Pico Computing's DES cracking machine in hand, we can now crack any MS-CHAPv2 handshake in less than a day. " Here's how the ChapCrack documentation describes the process: 1) Obtain a packet capture with an MS-CHAPv2 network handshake in it (PPTP VPN or WPA2 Enterprise handshake, for instance). 2) Use chapcrack to parse relevant credentials from the handshake (chapcrack parse -i path/to/capture.cap). 3) Submit the CloudCracker token to www.cloudcracker.com 4) Get your results, and decrypt the packet capture (chapcrack decrypt -i path/to/capture.cap -o output.cap -n ) ChapCrack has the ability to search the entire DES keyspace in order to crack the captured password. DES is an old encryption standard that was replaced several years ago by AES. However, DES is still in use in some places, and the fact that Marlinspike was able to design a system that can tear through all of the DES keyspace in a reasonable amount of time shows again the serious problems with the algorithm. Although MS-CHAPv2 is an older protocol and has had known security weaknesses for more than a decade, Marlinspike said in his post that he and Hulton chose to go after it because it is still used in a lot of enterprise wireless networks that use WPA2 and in numerous VPNs. Hulton and Marlinspike say that, as a result of their findings, enterprises would be smart to start migrating their implementations now. "All users and providers of PPTP VPN solutions should immediately start migrating to a different VPN protocol. PPTP traffic should be considered unencrypted," Marlinspike wrote. "Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else." This article was update on July 30 to add more context about the hardware involved in the crack and Pico Computing's involvement. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 17:47:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 18:47:12 -0400 Subject: [Infowarrior] - Mac users left wondering if OS X Snow Leopard's retired Message-ID: <80951770-0B1E-4104-9FD1-89915DCA6B12@infowarrior.org> Mac users left wondering if OS X Snow Leopard's retired OS X 10.6 users have probably seen their last core OS patches, says researcher Gregg Keizer July 30, 2012 (Computerworld) http://www.computerworld.com/s/article/print/9229784/Mac_users_left_wondering_if_OS_X_Snow_Leopard_s_retired Apple's refusal to put into writing its operating system support policy leaves Snow Leopard users wondering whether their copy of OS X has been retired, security experts said today. The question "Is Snow Leopard retired?" went legitimate as soon as Apple launched OS X Mountain Lion last week. That's because Apple has always dropped security update support for one edition around the time it has two newer in play. If the current OS X is dubbed "n," then "n-2" support ends at the debut of "n." In other words, patches are provided only to the newest OS X and the one immediately preceding it. With Mountain Lion's debut last Wednesday, that informal policy -- Apple has never put its support practices on paper or its website -- means the two editions that will receive patches are OS X 10.7, aka 2011's Lion, and the brand new 10.8, or Mountain Lion. Apple last shipped a Snow Leopard security update in May 2012. "I would expect that Snow Leopard is toast," said Chet Wisniewski, senior security adviser at Sophos, when asked today of his expectations. "They seem to apply that 'n-2' rule [of no security updates] somewhat universally, even when it doesn't make sense." Apple has held to the n-2 rule, although the timing of an edition's final update has varied. Last year, Apple shipped the last OS X-wide security update for Leopard (n-2), the edition released in Oct. 2007, on June 23, 2011, almost a month before the launch of Lion (n). OS X Tiger (n-2), which appeared in April 2005, received a final security update on Sept. 10, 2009, 12 days after Snow Leopard (n) shipped. Prior to that, Panther (n-2), or OS X 10.3, got its final update two-and-a-half weeks after the debut of Leopard (n), while OS X 10.2, aka Jaguar (n-2), saw its last patch three months before the launch of Tiger (n). An edition's retirement isn't comprehensive. Apple has typically delivered separate security updates for four components: iTunes, Java, QuickTime and Safari for several months beyond the cut-off. Apple usually delivers the final security update for an older edition ('n-2') around the time when a new upgrade ('n') ships. (Data: Apple.) For example, Apple updated iTunes for Leopard as recently as last month, and patched QuickTime in August 2011. (The company also shipped a security-related update for Leopard in May 2012 that did not patch any vulnerabilities but instead disabled long-outdated versions of Adobe's Flash Player, one of several moves made this spring to protect Mac users from the Flashback malware.) The problem isn't necessarily that Apple retires each edition of OS X -- every software vendor does that -- but that it won't tell customers when it does. "We're here speculating on whether Snow Leopard is supported or not," said Wisniewski. "It's like we're forced to read tea leaves. It's kind of unfortunate." Andrew Storms, director of security operations at nCircle Security, echoed that. "That's the same old story with Apple," said Storms in an interview conducted over instant messaging. "It's never really clear when they discontinue support. While they have some data about lifecycle support, Apple fails at actually making any effort to tell people as much. They'd rather spend the time telling you all the cool stuff about the new OS." Both Wisniewski and Storms contrasted Apple's practice with Microsoft, which describes Windows' support policy on its website, and generally patches the OS for a decade, no matter how many successors ship during that stretch. Another Sophos researcher pointed out that the omission of a Safari update for Snow Leopard was another hint that OS X 10.6 faces retirement. "And on [the Safari download] page, the fine print states: The latest version of Safari is available for Mountain Lion. The latest version of Safari for Lion is available through Software Update," observed Joshua Long in a Monday blog post. There's no mention of [Safari for] Windows or Snow Leopard." Apple patched 121 vulnerabilities in Safari for Lion and Mountain Lion. Snow Leopard's status is important to a lot of users: According to Web analytics company Net Application, 38% of all Macs were powered by that edition last month. Wisniewski reminded Snow Leopard users that they can probably upgrade to Mountain Lion, which of course will receive security updates. And even in the absence of any future patches, their current OS will continue to work. "But the best way to stop an attack is to patch the vulnerability," Wisniewski added. Apple did not reply to questions about whether Snow Leopard will continue to receive security updates, and if so, for how long. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 19:52:04 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 20:52:04 -0400 Subject: [Infowarrior] - Critic of NBC has Twitter account suspended after network complains Message-ID: Critic of NBC has Twitter account suspended after network complains 5 hours ago http://sports.yahoo.com/news/olympics--critic-of-nbc-has-twitter-account-suspended-after-network-complains.html Guy Adams works as a writer for The Independent, a national newspaper in Great Britain. He lives in Los Angeles. Throughout the Olympics, he's taken to Twitter and ripped NBC repeatedly for its coverage of the Games in America. Namely, he's criticized the network's reliance on using tape delays, a frustration shared by millions of viewers. Only in a marriage of old media and social media, Guy Adams no longer has a Twitter account. It was suspended Tuesday, and both NBC and Twitter ought to be humiliated by their thin-skinned, heavy-handed, and essentially pointless behavior. Adams was no doubt relentless in his tweets. "Am I alone in wondering why NBColympics think its [sic] acceptable to pretend this road race is being broadcast live?" he wrote in one. "Matt Lauer: ?Madagascar, a location indelibly associated with a couple of recent animated movies,'" he mocked on another. Adams encouraged Lauer "to shut up" and called out Gary Zenkel, the president of NBC Olympics, as the "moronic exec behind the time delay." And he said Zenkel should be fired. That's essentially how Twitter works, of course. It can be profane, reactionary, and often ridiculous. It breeds all sorts of over-the-top anger, outrageous talk, and off-the-handle opinions. Adams said in a column for The Independent that Twitter claimed he crossed the line by tweeting out Zenkel's corporate email address and encouraging his followers to contact the executive directly. The email address is easily identifiable, common with how thousands of NBC/Univision employees' email addresses are determined. Twitter soon suspended Adams' account, he said. In a story he wrote in The Independent, Adams wrote that after filing an article critical of NBC's coverage, he checked his Twitter account only to find it had been suspended. When he inquired why, he received the following response: "Your Twitter account has been suspended for posting an individual's private information such as private email address." With that, the account was gone. And a controversy was born. Adams said he emailed Rachel Bremer, Twitter's head of European PR, to dispute that he broke Twitter's rules. The email address Adams tweeted wasn't a private address belonging to Zenkel, Adams wrote, but a corporate one attainable to anyone with access to Google. "It's no more 'private' than the address I'm emailing you from right now," Adams wrote Bremer. "Either way, [it's] quite worrying that NBC, whose parent company are an Olympic sponsor, are apparently trying (and, in this case, succeeding) in shutting down the Twitter accounts of journalists who are critical of their Olympic coverage." The decision, as expected, has gone over poorly on the website, where the freedom to express one's opinions, especially against high-ranking executives of multinational corporations, is highly valued. Which makes the decision a colossal mistake. You could argue forever whether Zenkel's corporate email is really "private." You'd have to be a trusting soul to think Twitter really cared. The issue here is that NBC and Twitter formed a corporate "partnership" for the London Games "to bring Olympic coverage and social conversation to viewers everywhere," according to a pre-Games news release. "During the games, Twitter is using its Olympics events page to highlight insiders' views, and to encourage people to watch NBC's on-air and online coverage." So, first, they team up and then coincidentally one of the network's most relentless critics gets booted from the website? Earlier this year, film director Spike Lee tweeted what turned out to be an incorrect home address for George Zimmerman, the accused killer of Trayvon Martin. Twitter didn't suspend Lee's account. The Independent's deputy managing editor, Archie Bland, confirmed that Adams' account was suspended for mentioning the email address. Bland tweeted himself that it's "reasonable to ask whether the suspension also had to do with his criticism of NBC's coverage of the Games and whether they'd usually take the same step." Twitter has yet to respond for comment. NBC released a statement confirming that it contacted Twitter. "We filed a complaint with Twitter because a user tweeted the personal information of one of our executives," the network said. "According to Twitter, this is a violation of their privacy policy. Twitter alone levies discipline." On the rank of world transgression, some snarky journalist losing his tweeting privileges is incredibly low. This isn't even a First Amendment issue. The government isn't trying to silence the public. This is a public-relations gaffe, and it's hard to imagine how Twitter didn't see it coming. First, the account suspension directed far more attention to Adams' criticism than if he had simply been ignored. Second, it's an embarrassment for Zenkel. He now looks like some overly sensitive suit. Twitter is what Twitter is ? most people get slammed, at some point, on that website. The head of NBC Olympics not only should've expected the criticism, he should now expect a great deal more of it. What Adams ranted about hardly mattered. Yes, the tape delay was frustrating. The same for the network's often poor performing online streams. The American viewing public was tuning in at night in record numbers anyway. That was proof NBC's old formula could not only survive in today's instant information age, it could thrive. Adams was losing. NBC was winning. Until Twitter suspended an account and the story got reversed, making a villain out of its partner and a social media hero out of the partner's critic. It's one more social media casualty in an Olympics full of them. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Jul 30 19:58:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jul 2012 20:58:06 -0400 Subject: [Infowarrior] - A bill to stop security leaks puts a plug on democracy Message-ID: A bill to stop security leaks puts a plug on democracy By Editorial Board, Monday, July 30, 6:54 PM http://www.washingtonpost.com/opinions/squelching-public-interest-in-national-security/2012/07/30/gJQAF0pHLX_print.html EVERY DAY IN Washington, government officials ? at the Pentagon, the State Department, the White House, Congress or the CIA, to name a few ? talk to journalists about information that is considered sensitive. The officials are not quoted by name, but the information is provided for the reporter?s understanding and it often makes its way into the public realm. These officials are attempting to help the American people sort out complex policies. Often they have strong views, as boosters or dissidents of the policies. This vast public square is a robust and enduring feature of our democracy. Now, spurred by recent national security leaks, the Senate intelligence committee has voted 14 to 1 to outlaw many of such background briefings. An amendment to the 2013 intelligence authorization bill would prohibit anyone but the director, deputy director or public affairs representative of an intelligence agency from providing ?background or off-the-record information regarding intelligence activities? to the media. Those at the top could go on talking, while lower-level experts or anyone who might have contrary views would be blocked. The provision is crude and dangerous. For example, at the end of April, intelligence officials spoke to reporters about their assessment of al-Qaeda one year after the killing of Osama bin Laden. The briefing included important information about the bin Laden network and to what extent it might be a threat in the future. This is of extreme public interest. Under the Senate bill, the briefing might well have been prohibited. Other provisions in the bill are also flawed. One would extend the reach of pre-publication review by the intelligence community to include not only manuscripts but also ?anticipated oral comments.? Yet another would ban government employees or contractors with security clearances from entering into contracts with ?the media? to provide ?analysis or commentary? on intelligence matters. Former officials who left within the previous year would also be silenced, as would members of advisory boards to the intelligence community. The amendment is poorly drafted. It fails to define ?the media.? Does it include book publishing or social media? Would a 140-character tweet violate the law? It sweepingly prohibits disclosure of ?intelligence activities? without distinguishing among different levels of classification that are used every day by the 4.8 million people authorized to handle such material. The chairman of the Senate intelligence committee, Dianne Feinstein (D-Calif.), said in a news release that ?the culture of leaks has to change.? Surely Congress can do better. Serious reform would deal not only with protecting secret information but also repair a dysfunctional system that wildly overclassifies documents which would enrich the public debate. This hastily conceived legislation would choke off the daily give-and-take that is the lifeblood of a democratic society without making the nation in any way more secure. ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 31 06:23:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 31 Jul 2012 07:23:46 -0400 Subject: [Infowarrior] - Gillmor: If Twitter doesn't reinstate Guy Adams, it's a defining moment Message-ID: If Twitter doesn't reinstate Guy Adams, it's a defining moment Twitter has fumbled its response to the publication by a British journalist of an NBC executive's email address. But the social network has time to make amends ? Dan Gillmor ? guardian.co.uk, Monday 30 July 2012 18.29 EDT ? Jump to comments (48) http://www.guardian.co.uk/commentisfree/2012/jul/30/twitter-suspends-guy-adams-independent Once again, we're reminded of a maxim when it comes to publishing on other people's platforms: we publish at their sufferance. But there's a corollary: When they take down what we publish, they take an enormous risk with their own futures. This time, Twitter has suspended the account of a British journalist who tweeted the corporate email address of an NBC executive. The reporter, Guy Adams of the Independent, has been acerbic in his criticisms of NBC's (awful) performance during the Olympics in London. Adams has posted his correspondence with Twitter, which claims he published a private email address. It was nothing of the kind, as many, including the Deadspin sports blog, have pointed out. (Here's the policy, which Adams plainly did not violate, since the NBC executive's email address was already easily discernible on the web ? NBC has a firstname.lastname@ system for its email, and it's a corporate address, not a personal one ? and was published online over a year ago.) What makes this a serious issue is that Twitter has partnered with NBC during the Olympics. And it was NBC's complaint about Adams that led to the suspension. That alone raises reasonable suspicions about Twitter's motives. Now, Twitter has been exemplary in its handling of many issues over the past several years, including its (for a social network) brave stance in protecting user privacy; for example, it has contested warrantless government fishing expeditions. So I'm giving the service the benefit of the doubt for the moment, and hoping that this is just a foolish ? if possibly well-meaning ? mistake by a single quick-triggered Twitter employee. If so, Twitter should apologize and reinstate Adams' account immediately. If it does so, there's little harm done ? and the company will have learned a lesson. If not, this is a defining moment for Twitter. It will have demonstrated that it can be bullied by its business partners into acts that damage its credibility and ultimately the reason so many of us use it as a platform. And if that's the case, there will be much less incentive to use it. One of the great ironies in Monday's events is that the corporate address of the NBC executive, Gary Zenkel, has now spread widely around the internet. This is the so-called Streisand effect, a term that arose when singer Barbra Streisand tried to suppress aerial photos of her mega-mansion on the California coastline north of Los Angeles. Her arrogance led to the widespread dissemination of the pictures, and continuing ridicule. But the most important reminder for all of us who don't own technology mega-platforms is that we don't control them. Their owners do. Twitter's mistake in this case comes at a non-trivial cost to Adams and his employer. They have lost ? temporarily, one hopes ? an important method of bringing people to the journalism they produce about the biggest London event in a long time. And until Twitter reverses itself, it's telling its users they live or die on its servers at the whims of others. *** Speaking of mistakes, I must mention a big one I made Sunday. I pointed on Twitter to the now-famous, but bogus, column about Wikileaks purportedly written by the New York Times' Bill Keller. I won't go into the details of how I got duped, but duped I was ? and as I said in a subsequent tweet, after deleting the original, "I apologize." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 31 06:27:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 31 Jul 2012 07:27:43 -0400 Subject: [Infowarrior] - Monster Fight: Can You Tell An Energy Drink From An Aquarium? Message-ID: <9A63BA75-D773-4979-9127-8EDD4F01F058@infowarrior.org> Monster Fight: Can You Tell An Energy Drink From An Aquarium? from the tastes-like-bulls**t-to-me dept Can you guess which brand is throwing its trademark power around with reckless disregard for common sense or possible confusion? That's right. Monster. Only in this case it's Monster Energy Drinks, whose legal team had apparently gone dormant after a streak of losses, rather than Monster Cable, whose legal team felt the average consumer couldn't tell the difference between an overpriced cable and a deer salt lick. The Consumerist brings us the news that Monster (the Energy Drink) is looking to add to its streak of windmills tilted at, this time going after the Monster Aquaria Network, under the belief that somehow innocent people looking for a pick-me-up beverage are ending up with extremely large fish tanks instead. Further details of the cease and desist order can be found at the site set up by the Monster Aquaria Network to apprise its fans and customers of the situation. In addition to insisting that the Aquaria Network immediately cease usage of the word "Monster" and the letter "M," Monster Energy Drinks apparently feels it has staked a claim to certain colors ..... < -- > http://www.techdirt.com/articles/20120719/15533919767/monster-fight-can-you-tell-energy-drink-aquarium.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 31 07:28:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 31 Jul 2012 08:28:20 -0400 Subject: [Infowarrior] - Olympics fans find ways to circumvent NBC's online control Message-ID: RPT-Olympics fans find ways to circumvent NBC's online control Tue Jul 31, 2012 6:59am EDT By Liana B. Baker and Yinka Adegoke http://www.reuters.com/article/2012/07/31/olympics-tech-workaround-idUSL2E8IUGFU20120731 NEW YORK, July 31 (Reuters) - It took Jason Legate, a Walnut Creek, California-resident, all of 10 minutes to connect his computer to a London-based server and access BBC's coverage of the Olympics Saturday, thereby circumventing NBC's lock on coverage in the United States. The 31-year-old system administrator said he has watched at least 12 hours of live BBC coverage (his favorite sport so far - judo) since he set up a virtual private network (VPN) connection to send all his Internet traffic to a server in London. Legate is one of many viewers who, turned off by NBC's ironclad control of access to Olympics coverage in the United States and spotty online streaming, has resorted to a workaround--sometimes legal, sometimes not--to watch the Games when and how they want on feeds from countries such as the UK and Canada. NBC, which spent $1.18 billion for the rights to broadcast the Olympics on the Internet and on television in the United States, has made it impossible for people without a pricey cable or satellite subscription to watch the Olympics live in the United States. Viewers can receive a complimentary four hours of live content with a temporary pass. Only those customers who are first "authenticated" as paying cable or satellite subscribers have access to live streaming of every Olympic event, a move that has led to a explosion of anger at the network on Twitter under the unofficial "#NBCfail" hashtag. Other complaints included NBC streaming that didn't work and the network bombarded viewers had too much advertising. For its regular network coverage, NBC, which is owned by cable giant Comcast Corp, has tape-delayed some of the most popular sports for the U.S. prime-time audience, meaning they air nearly five to six hours after they have happened. This helps NBC maximize its return-on-investment by saving the top events for the largest audience and thereby the biggest advertising pay-off. But it has also led to event spoilers and criticism that the network was putting the interests of its business over those of its viewers. The tape delay and some glitches in the coverage fueled wider criticism of NBC. But NBC spokesman Chris McCloskey, who declined to comment on the matter, pointed to the 7 million live streams, which was a record on the first day of competition. The company is making every event available live online -- except the opening and closing ceremonies. Enter a small but vocal group of tech savvy Olympics fans who are finding new ways to watch the world's biggest sports event away from their TV sets. These fans use techniques that make it seem like their computers are located outside the United States, giving them access to streaming access to the Games held by companies other than NBC in countries such as Canada or the UK. Think of it as a sporting version of how Internet users in China access banned websites by routing traffic through servers in Hong Kong in order to fool government censors. "Because all of my Internet traffic looks like it's coming from that box in England, the BBC thinks I'm located in England," Legate said of the workaround he utilizes. Like NBC in the United States, the BBC's Olympic rights only allow it to show the games to users in the UK. For example, when from the United States towatch a BBC or CTV stream for example they are greeted with various messages telling them that they don't have access. Legate still pays for cable service through his local provider Astound, but said he decided to boycott NBC after he was unable to find a live broadcast of the opening ceremonies last Friday. He was also miffed by comments made by an NBC spokesman to the LA Times on Friday about the opening ceremony not translating well online because it is "complex" and requires context for a U.S. audience. "To me, it just felt like they were insulting everyone so I basically decided to boycott NBC for the duration of the games, which meant I had to find an alternative," he said. Legate said he has set up the same connection for a friend who wanted to watch dressage, an equestrian event that she could not find on NBC. People who are finding ways to circumvent NBC's restrictions seem to be spreading the word to friends, like New York City journalist Kate Gardiner, who sent out a public service announcement message on Twitter last weekend to urge her followers to use a service called TunnelBear. The 26-year-old has been using the service to keep up with live swimming broadcasts even though she does not own a television. TunnelBear is a VPN service that sends a user's Internet connection to different countries, so in Gardiner's case it appears her computer is based in London. The decision to avoid NBC was easy for her since she's one of the millions of U.S. residents without a cable subscription. "I'm not going to buy a cable subscription to spend three weeks watching Olympics coverage. It's not going to happen," she said. So far it is unclear whether NBC would take on the task of blocking or suing services like TunnelBear or StreamVia, a similar workaround. Typically, NBC has left it to the International Olympic Committee (IOC)to police the piracy of the games' TV rights. NBC Sports spokesman McCloskey said the company never comments on issues involving security. The workarounds--as well as the outrage--so far seem to be having no effect on TV rating for the Olympics. NBC has pointed to record-breaking success through the first three days of the games, with more than 36 million average viewers, including more than 40 million people watching the opening ceremony. But while these fledgling services may seem popular on Twitter and blogs, many people could be turned off by them because they involve several steps that may be too advanced for a casual Internet user and can cost money, said City University of New York journalism professor Jeff Jarvis, who has tested them out. After 500 megabytes of streaming video, users need pay for a $5 subscription on TunnelBear, for example. "While TunnelBear is easier than some services, you've got to geek out and you've got pay," Jarvis said, adding that the number of people using these services is a fraction of those tuning into NBC. Jarvis said people circumventing NBC don't pose a threat and they are just consumers trying to make a point. "It says 'Hey, we can go around you,' and the lesson there is, if you think you can control communication, content and culture around borders, it is going to be become increasingly difficult," he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 31 14:55:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 31 Jul 2012 15:55:59 -0400 Subject: [Infowarrior] - NBC Retracts Complaint, Guy Adams Is Back On Twitter Message-ID: NBC Retracts Complaint, Guy Adams Is Back On Twitter Billy Gallagher http://techcrunch.com/2012/07/31/nbc-retracts-complaint-guy-adams-is-back-on-twitter/ Independent reporter Guy Adams Twitter account was restored today. It was suspended after Adams tweeted NBC President of the Olympics Gary Zenkel?s email address. Adams tweeted in two parts, ?Twitter emails to tell me: ?we have just received an update from the complainant retracting their original request?Therefore your account has been unsuspended.? No further explanation given, or apology offered.? The complainant was NBC, and it looks like they have backed down under severe public criticism. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Jul 31 21:49:58 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 31 Jul 2012 22:49:58 -0400 Subject: [Infowarrior] - Dropbox confirms it got hacked, will offer two-factor authentication Message-ID: Dropbox confirms it got hacked, will offer two-factor authentication Spammers used stolen password to access list of Dropbox user e-mails. by Jon Brodkin - July 31 2012, 10:05pm EDT http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/ A couple of weeks ago Dropbox hired some "outside experts" to investigate why a bunch of users were getting spam at e-mail addresses used only for Dropbox storage accounts. The results of the investigation are in, and it turns out a Dropbox employee?s account was hacked, allowing access to user e-mail addresses. In an explanatory blog post, Dropbox today said a stolen password was "used to access an employee Dropbox account containing a project document with user email addresses." Hackers apparently started spamming those addresses, although there?s no indication that user passwords were revealed as well. Some Dropbox customer accounts were hacked too, but this was apparently an unrelated matter. "Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts," the company said. Dropbox noted that users should set up different passwords for different sites. The site is also upping its own security measures. In a few weeks, Dropbox said it will start offering an optional two-factor authentication service. This could involve users logging in with a password as well as a temporary code sent to their phones. Dropbox has also set up a new page letting users view all the active logins to their accounts, and said it is planning "new automated mechanisms to help identify suspicious activity." At any rate, users may want to think about examining more secure alternatives, encrypting their files, or simply not storing ultra-sensitive information in Dropbox. You may recall that one year ago, a Dropbox screwup left all user accounts unsecured and accessible with any password for four hours. These mistakes haven't led to major problems for users that we know of just yet, but they don't inspire much confidence in Dropbox's security systems. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.