From rforno at infowarrior.org Mon Oct 1 12:38:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Oct 2012 13:38:00 -0400 Subject: [Infowarrior] - =?windows-1252?q?_=91Internet_addiction=92_to_be_?= =?windows-1252?q?classified_as_mental_illness?= Message-ID: <1A8D41B4-54A3-4370-BE08-53A53B1BC2A1@infowarrior.org> Digital Age overload: ?Internet addiction? to be classified as mental illness Get short URL email story to a friend print version Published: 01 October, 2012, 14:21 Edited: 01 October, 2012, 21:19 http://rt.com/news/internet-use-mental-illness-389/ Think twice the next time you play a videogame or surf the Net: ?Internet-use disorder? is set to be added to the list of mental illnesses in the worldwide psychiatric manual. Kids are identified as being especially at risk. The international mental health encyclopedia known as the ?Diagnostic and Statistical Manual of Mental Disorders? (DSM-IV) will include Internet-use disorder as a condition ?recommended for further study? in its forthcoming May 2013 edition. Psychologists believe that Internet addiction should be categorized like other addiction disorders as it has similar symptoms, including emotional shutdown, lack of concentration and withdrawal. Parents have noted their children becoming angry and violent when their electronic gadgets are taken away from them, the Sydney Morning Herald reported. In other instances, kids preferred to play a videogame over eating or social interaction. One step closer to mental illness The listing is another step towards classifying Internet addiction as a mental illness: The DSM-IV?s new inclusion demonstrates that there are risks posed by overusing technology and that more research is required, which could lead to formal diagnoses of the disorder in the future. Psychologists are pushing to broaden the diagnoses of Internet-use disorder to include more than just gaming addictions, which could expand the age group of those affected by the illness. ''With kids, gaming is an obvious issue. But overall, technology use could be a potential problem,'' Director of the Brain and Psychological Sciences Research Centre Mike Kyrios told the Sydney Morning Herald. Australia was one of the first countries to recognize the problem and offer public treatment, and established clinics to treat video game addiction. That such widely used technologies can cause deep harm to children has lead to further examinations of adults habits surrounding devices used 24/7 for reading, gaming, and social interactions. When addiction borders on insanity Addiction to online games is not a new phenomenon, with some cases grabbing international headlines over the past few years. In a 2009 incident, 17-year-old Daniel Petric of Ohio shot his mother and injured his father after they confiscated his Halo 3 videogame because they feared he was playing it too much. Chris Staniforth, 20, suffered a blockage to his lungs and died while playing his Xbox for up to 12 hours in 2011. A year later, another gaming addict died after playing an online videogame for 40 hours straight at an Internet caf? in Taiwan. Similar behavior has also been exhibited by adults: A Korean couple was arrested in 2010 after their infant daughter starved to death while the pair played an online game for hours. The videogame the two were playing involved raising a virtual baby. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:14:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:14:26 -0400 Subject: [Infowarrior] - =?windows-1252?q?=93It_is_well_that_war_is_so_ter?= =?windows-1252?q?rible=2C_or_we_should_grow_too_fond_of_it=2E=94?= Message-ID: (c/o MM) October 2, 2012 ?It is well that war is so terrible, or we should grow too fond of it.? Filed under: Technology for HLS ? by Dan OConnor on October 2, 2012 http://www.hlswatch.com/2012/10/02/%e2%80%9cit-is-well-that-war-is-so-terrible-or-we-should-grow-too-fond-of-it-%e2%80%9d/ Recently I received a notice in my mail box about a new documentary. I get them from time to time and I scan them to see if any catch my interests. This one, calledRobot Wars, immediately caught my attention. This is interesting on a couple of fronts. First, it was put together by Al Jazeera and the narrator, Josh Rushing, is the former Marine Corps public affairs officer who was character assassinated endlessly for taking a job with them. Second, some of the interviewees discuss how Americans have become less tolerant of their youth coming home in body bags. Also prominently featured is Peter Warren (PW) Singer, a noted political scientist and author of Wired for War. In his book, Singer discusses the rapidity of technological change and how wars are fought and the impact on politics, economics, laws, and the ethics that surround war itself. So we use robots more; a lot more. This may be the continuation of creating stand off distance for warfare. But this technology is changing warfare. Today there are more than 7,000 drones and 12,000 ground robots in use by all branches of the military. These systems mean fewer American deaths and also less political risk for the US when it takes acts of lethal force ? perhaps even outside of official war zones. Some people see the growth of drones and robots as acceptable because the provide tactical advantage and decreases vulnerability of U.S. assets. Others criticize the growth because it suggests that drone or UAV warfare has devolved into a video game where the operator can enjoy a Starbucks and still make it home on time to catch their child?s ball game. The outcome is we now have killing from 8000 miles away in a box in Nevada or wherever, never smelling the cordite, acrid smoke, burnt and rotting flesh nor sensing the destruction they have caused. As he observed the carnage during the Battle of Fredericksburg, General Robert E. Lee said, ?It is well that war is so terrible, or we should grow too fond of it.? Sometimes I wonder if by making war too easy and not seeing the carnage we are growing ?too fond of it.? Has our fondness for technology and a growing risk aversion for loss made one of these arguments of UAV warfare correct? Do the UAV or robot operators at far off distances have an understanding of war and death? They may say they feel the sense of urgency and fear but their argument cannot possibly be compared to the Marine or Soldier in harms? way. They do not deal with the consequence, the smell, the after effects, the detritus of war. It is an extension of the pilot leaving the battle space. Another issue and one that I have discussed at length with Marines returning from extended combat in Sangin and Fallujah are the dehumanizing aspects of UAV combat and death from afar. When a sniper engages an enemy he does so with a magnified animation of the individual. There is some degree of interaction or, better described, transfer of humanity. Some see the UAV attacks as much less so. While ?surgical? they do leave one with the idea that surgical is relative and a 500 lbs explosion is not as discriminate as we say it is. Is our moral imperative, the one we profess to have, compromised by the way we value our enemies? life and how we kill them? From a purely spiritual perspective and from someone who has trained to do this for a long time, I always felt it necessary to realize that taking another?s life should never be an easy task, politics and nationalism aside. Many of those engaged in war are conscripts, pushed out in front of their Nation by others and given choices that are none too selective. So in that light, it must cross one?s mind that killing another son, father, brother, daughter, mother, sister etc. is not trivial. That process makes at least defining and identifying what the Nation asks its military to do a reasonable humanity test. The irony here is that in order to do something very well you kind of have to like it, which is in direct conflict with the previous thought. To be really good at fighting you have to like it. To like fighting is to like killing. Is that the bridge? Is that accurate? Talk to combat veterans and they will tell you there is no rush like fighting. War is intoxicating. Or is it? A topic for another debate. I think we are getting too good at rationalizing away why we fight and how difficult it is to kill. Most people will tell you they don?t fight the enemy as much they fight for their mates left and right. That?s probably accurate. That is also an argument against having an all-volunteer force vice a conscription force. The all-volunteer forces are more apt to comply because of career decisions. This is not my argument. It is one I have heard from both former Vietnam draftees and others not enamored with the ?military industrial complex.? And we have figured out how to make our fighters adept at killing, something they may not have been good at 50 or so years ago. (For more on that, read On Killing: The Psychological Cost of Learning to Kill in War and Society, by David Grossman.) With regard to hunting high value targets, terrorists and their leaders are probably worthy targets, and there is a good argument to be made. I?m not being flippant here. But when lawyers spend great amounts of time trying to justify activities, it makes me a little squirrely. This is the slope I see us on. So using robots, UAVs, drones and their ilk is an extension of protecting our fighters ? something that borders on risk aversion in lieu of answering policy questions. But it also devalues our enemies and life in general. This therefore amplifies the terrorists desire to strike us, because 99+% of the population has little understanding of what we ask the military to do and how they do it. They just watch war porn on Youtube and play it on Xbox. Madeline Albright infamously said, ?What?s the point of having this superb military that you?re always talking about if we can?t use it?? That is wildly cavalier and demonstrates how little we value our lives and the lives of others. It?s getting too easy. It becomes too easy to roll out the troops, and then they get stuck in tough situations because of all the constraints and all the politics. If we do not respect the lives we take and the collateral damage we cause is that a problem? Is caring more about Snooky and her baby and Honey Boo Boo more newsworthy than the 2000th death in Afghanistan? It?s a far cry from the number of deaths in Viet Nam and World War 2, but you know it hurts the families who lost them the same. Do we have to respect our enemy?s lives to better understand what it is we are asking our military to do? If we do not should anybody be surprised that they do not respect ours either? ?????? Here are two recent essays about the use of drones: 1. A dangerous new world of drones, by Peter Bergen, CNN National Security analyst, and Jennifer Rowland. 2. Drones Will Soon Be Able To Kill During War Without Human Assistance --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:19:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:19:18 -0400 Subject: [Infowarrior] - DSL modem hack used to infect millions with banking fraud malware Message-ID: (c/o AJR) DSL modem hack used to infect millions with banking fraud malware Even when PCs are locked down, modems and routers can still be compromised. by Dan Goodin - Oct 1 2012, 2:35pm EDT http://arstechnica.com/security/2012/10/dsl-modem-hack-infects-millions-with-malware/ Millions of Internet users in Brazil have fallen victim to a sustained attack that exploited vulnerabilities in DSL modems, forcing people visiting sites such as Google or Facebook to reach imposter sites that installed malicious software and stole online banking credentials, a security researcher said. The attack, described late last week during a presentation at the Virus Bulletin conference in Dallas, infected more than 4.5 million DSL modems, said Kaspersky Lab Expert Fabio Assolini, citing statistics provided by Brazil's Computer Emergency Response Team. The CSRF (cross-site request forgery) vulnerability allowed attackers to use a simple script to steal passwords required to remotely log in to and control the devices. The attackers then configured the modems to use malicious domain name system servers that caused users trying to visit popular websites to instead connect to booby-trapped imposter sites. "This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems," Assolini wrote in a blog post published on Monday morning. "This enabled the attack to reach network devices belonging to millions of individual and business users, spreading malware and engineering malicious redirects over the course of several months." Assolini said the mass attack was the result of a "perfect storm" brought on by the inaction of a variety of key players, including ISPs, modem manufacturers, and the Brazilian governmental agency that approves network devices, but failed to test any of the modems for security. It remains unclear which modem manufacturers and models are susceptible to the attacks. Assolini said a vulnerability disclosed in early 2011 appears to be caused by a chipset driver included with modems that use hardware from communications chip provider Broadcom. It allows a CSRF attack to take control of the administration panel and capture the password set on vulnerable devices. Assolini doesn't know precisely when, but at some point attackers began exploiting the vulnerability on millions of Brazilian modems. In addition to pointing the devices to malicious DNS servers, the attackers also changed the device passwords so it would be harder for victims to change the malicious settings. The attacks were recorded on modems from six manufacturers, five of whom are widely marketed in Brazil and several that are among the most popular. In an e-mail, a Kaspersky spokesman said the firm isn't publishing the affected manufacturers or models at this time. "The negligence of the manufacturers, the neglect of the ISPs and ignorance of the official government agencies create a 'perfect storm,' enabling cybercriminals to attack at will," Assolini wrote. People who connected to the Internet using a compromised modem were routed to imposter websites when they attempted to visit sites such as Google, Facebook, and Orkut. In some cases, the malicious sites exploited vulnerabilities in Oracle's ubiquitous Java software framework to silently install banking fraud malware when the booby-trapped websites were accessed. In other cases, users were told they should install a software plug-in so their computers would be able to take advantage of recent changes made to the sites. Attacks were recorded on all major Brazilian ISPs, with some providers seeing about 50 percent of their users affected, Assolini said. One of the 40 DNS servers used in the attack that was later accessed by authorities showed more than 14,000 victims had connected to it. During his presentation, Assolini displayed an Internet chat in which one of the hackers claimed to earn "more than 100,000 Reais (approximately $50,000) and would spend his ill-gotten gains on trips to Rio de Janeiro in the company of prostitutes," according to a write-up by Graham Cluley, a senior technology consultant at antivirus provider Sophos. With an attack this effective and easy to exploit, it wouldn't be surprising to learn the countries other than Brazil have also been targeted. Last year Kaspersky Lab researchers reported a similar attack hitting Mexico. The mass attack is concerning because it successfully targeted devices few of us spend much time trying to secure. With so much emphasis spent on locking down computers, it's worth remembering that the modems and routers can also be exploited to steal banking passwords and other online assets. The vulnerability is even more alarming since the list of affected manufacturers and models is still unknown. Users who want to protect themselves should make sure their modems are using the latest available firmware, although based on what we know now, there's no guarantee the latest release has been patched against the exploited CSRF flaw. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:29:33 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:29:33 -0400 Subject: [Infowarrior] - CA Governor Vetoes Bill Barring Gov't From Turning Off Mobile Phone Service Message-ID: <4C5DB25A-8284-44C3-AC00-99CAB7791C3A@infowarrior.org> California Governor Vetoes Bill Barring Gov't From Turning Off Mobile Phone Service from the seems-like-it-should-already-be-illegal dept http://www.techdirt.com/blog/wireless/articles/20121001/16290220562/california-governor-vetoes-bill-barring-govt-turning-off-mobile-phone-service.shtml You may recall how law enforcement in California tried to shut down a protest last year by turning off mobile phone service at a BART (Bay Area Rapid Transit) station to prevent potential protestors (none of whom actually showed up) from communicating. This raised significant questions about whether or not such actions were even legal. Either way, a bill was introduced and passed in the state legislature that would have barred such a shut down in the future... but California Governor Jerry Brown has vetoed the bill, because apparently allowing law enforcement to cut off communications to prevent free speech is perfectly reasonable in his book. I still think the original action probably violated existing law, but it's a shame that Governor Brown couldn't stand up for basic freedom of speech issues, especially when it comes to having law enforcement shut down cell service to prevent public assembly and protest. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:29:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:29:39 -0400 Subject: [Infowarrior] - Judge decries "excessive" copyright and software patent protections Message-ID: <9E982553-212D-4F1A-A5C7-1BE264C8C0AE@infowarrior.org> Judge decries "excessive" copyright and software patent protections Influential judge and legal scholar argues that "major reforms are necessary." by Timothy B. Lee - Oct 1 2012, 5:45pm EDT Richard Posner, the federal judge who threw out the entire Apple v. Motorola patent battle in June, has penned a new blog post complaining about the proliferation of patents. "I am concerned that both patent and copyright protection, though particularly the former, may be excessive," Posner wrote on Sunday. < - > http://arstechnica.com/tech-policy/2012/10/judge-decries-excessive-copyright-and-software-patent-protections/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:30:19 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:30:19 -0400 Subject: [Infowarrior] - SCOTUS won't hear body-scanner appeal Message-ID: Oct. 1, 2012, 11:24 a.m. EDT Supreme Court won't hear body-scanner appeal By William Spain CHICAGO (MarketWatch) -- The U.S. Supreme Court on Monday declined to hear a case that is attempting to challenge the use of full body scanners at airport security checkpoints, the Associated Press reports. Jonathan Corbett challenged the Transportation Security Administration's use of the devices, along with enhanced pat downs, but federal courts in Florida refused to hear the suit. Corbett then filed an appeal in U.S. Circuit Court, which upheld the lower court's dismissal. The advanced imaging technology has been online since October 2010, the wire service noted. http://www.marketwatch.com/story/supreme-court-wont-hear-body-scanner-appeal-2012-10-01 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:31:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:31:28 -0400 Subject: [Infowarrior] - Palmer's 'Free' Album Debuted At Number 10 On The Billboard Charts Message-ID: <28A7985D-BB21-4A7C-8730-D084968C19C5@infowarrior.org> Worth Noting: Amanda Palmer's 'Free' Album Debuted At Number 10 On The Billboard Charts http://www.techdirt.com/articles/20120928/14561420543/worth-noting-amanda-palmers-free-album-debuted-number-10-billboard-charts.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 07:41:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 08:41:23 -0400 Subject: [Infowarrior] - DOJ to defend warrantless cell phone tracking Message-ID: <0EC526A7-55E1-45E8-BF4D-F052712308A2@infowarrior.org> Justice Dept. to defend warrantless cell phone tracking Prosecutors say Americans have "no privacy interest" in location records revealing minute-to-minute movements of their mobile devices, even when they're not in use. by Declan McCullagh October 2, 2012 4:00 AM PDT The Obama administration will tell federal judges in New Orleans today that warrantless tracking of the location of Americans' mobile devices is perfectly legal. Federal prosecutors are planning to argue that they should be able to obtain stored records revealing the minute-by-minute movements of mobile users over a 60-day period -- in this case, T-Mobile and MetroPCS customers -- without having to ask a judge to approve a warrant first. The case highlights how valuable location data is for police, especially when it's tied to a device that millions of people carry with them almost all the time. Records kept by wireless carriers can reveal or hint at medical treatments, political associations, religious convictions, and even whether someone is cheating on his or her spouse. "It's at a point now where the public awareness about this specific issue is growing," says Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation who will be arguing the pro-privacy side before the Fifth Circuit Court of Appeals this morning. Today's oral arguments are remarkably timely: on Sunday, California Gov. Jerry Brown, a Democrat, vetoed (PDF) a bill that would have required law enforcement to obtain location warrants. And last week, Rep. Zoe Lofgren, a Democrat representing Silicon Valley, introduced pro-warrant federal legislation. CNET disclosed the Justice Department's warrantless tracking requests in 2005. More than seven years later, the legal landscape remains unsettled, with two other appeals courts taking different approaches, and plenty of lower courts disagreeing. Meanwhile, a coalition of tech companies and advocacy groups including AT&T, Facebook, and Google has been all but begging Congress to update the law to require warrants. The Justice Department declined to respond to questions from CNET yesterday. James Baker, the associate deputy attorney general, previously told Congress that requiring warrants before police could obtain location data from mobile providers would hinder "the government's ability to obtain important information in investigations of serious crimes." DOJ: Customers have 'no privacy interest' in cell site records In a legal brief (PDF) filed before the Fifth Circuit in February, the Justice Department says its position "is consistent with the Fourth Amendment because a customer has no privacy interest in cell-site records, which are business records created and stored by a cell phone provider in its ordinary course of business." It wants location data collected even if the mobile device isn't being used. (The Fourth Amendment prohibits "unreasonable" searches and seizures.) Lending a boost to arguments made by the EFF and the ACLU -- and, in separate briefs, the Electronic Privacy Information Center and law professor Susan Freiwald -- is a recent ruling by the U.S. Supreme Court on GPS tracking. The January opinion, written by Justice Antonin Scalia, said that the customary law enforcement practice of installing physical GPS bugs on a car for 28 days was a "physical intrusion" and trespass that triggered the Fourth Amendment. U.S. Attorney Kenneth Magidson, one of the Justice Department prosecutors who told an appeals court that Americans enjoy "no reasonable expectation of privacy" in their minute-by-minute movements. Scalia suggested that non-physical surveillance might also raise constitutional concerns: "It may be that achieving the same result through electronic means, without an accompanying trespass, is an unconstitutional invasion of privacy, but the present case does not require us to answer that question." Five other justices, however, suggested they had constitutional concerns with long-term tracking. "If tracking a vehicle over 28 days violates a reasonable expectation of privacy, then tracking a cell phone for more than twice that period surely violates such an expectation as well," the civil liberties groups told the Fifth Circuit. "The warrant and probable cause requirements are essential to ensuring that these invasive searches do not take place without adequate justification." The Justice Department's position is straightforward: a wireless customer "has no reasonable expectation of privacy" in location data, in part because he or she has "voluntarily conveyed" that information to a wireless provider. "Obtaining historical cell-site information is not invasive or intrusive" and this is a "routine" investigation, its brief (PDF) says. Prosecutors say all that's necessary is what's known as a 2703(d) order, which requires law enforcement to demonstrate that the records are "relevant and material to an ongoing criminal investigation." Because that standard is easier to meet than that of a search warrant based on probable cause, it's less privacy-protective. An October 2010 opinion by U.S. Magistrate Judge Stephen Smith in Texas rejected prosecutors' requests for a (d) order, saying they were seeking "continuous location data to track the target phone over a two month period, whether the phone was in active use or not." Prosecutors had requested any information regarding "the antenna tower and sector to which the cell phone sends its signal," which can yield a location fix down to as a little as a few hundred feet, depending on the tower placement and the technology used. (They did, however, appear to request handset-based GPS data, which is more precise.) No matter what the outcome of today's arguments before the Fifth Circuit, the losing side is nearly certain to appeal. Predicts Fakhoury, the EFF attorney: "That's exactly the type of situation the Supreme Court is going to get involved in." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 08:36:19 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 09:36:19 -0400 Subject: [Infowarrior] - A Speed Limit for the Stock Market Message-ID: Op-Ed Contributor A Speed Limit for the Stock Market By ROGER LOWENSTEIN Published: October 1, 2012 http://www.nytimes.com/2012/10/02/opinion/putting-the-brakes-on-high-frequency-trading.html?hpw IMAGINE if the stock market were hijacked by computers that executed trades in a fraction of the time that it takes to blink. Since no mere mortal could understand the ?thinking? behind such nanosecond trading, ordinary investors ? even longtime institutional traders ? would have little clue as to why any company?s share price was moving up or down in any moment. The values of well-established corporations would sometimes swing wildly from one second to the next and we slow-reacting, human investors wouldn?t know why. You don?t really have to imagine this. This is how our stock markets function today. Some 50 percent to 70 percent of all trading is done by ?traders? who live in server parks, are nourished by direct current and speak only in binary pulses. Several other countries are starting to regulate this high-frequency trading, or H.F.T. But in the United States, the deep-seated bias toward ?liquidity? ? the notion that more volume will always make it easier for investors to buy and sell shares ? has discouraged regulators from taking action. Lately, though, after several well-publicized market blowups traced to H.F.T., officials are having second thoughts. In late September, the Senate banking committee held a hearing on the issue, and the Securities and Exchange Commission is getting into the act with a panel discussion today. Even Wall Street veterans have begun to question whether a market flooded with speed demons is good for society. The purpose of financial markets, remember, is not to provide a forum for split-second trading. If you want to gamble, go to Las Vegas. Markets exist to provide some minimal level of liquidity, so that long-term investors have the confidence to invest. And they exist so that companies and investors can discover how much an ownership position in, say, Apple is worth. When Apple stock goes up, it sends a signal to other firms to invest in the same or similar technologies. Thus does a capitalist society allocate resources. A well-functioning market can accommodate some hyperactive turnstile traders as long as it has enough legitimate investors ? people who are thinking about the outlook for companies down the road. The reason that market squares like me harp on the long term isn?t because we?re technologically illiterate. It?s because, again, society relies on the market to allocate capital. If market signals are based on algorithms that become outmoded in a nanosecond, we end up with empty factories and useless investment. How much effort do high-speed traders devote to analyzing the future prospects of Apple? Precisely none. Their aim is only to exploit tiny price discrepancies that disappear in milliseconds. Incredibly, we have let capital formation become subordinate to traders on electronic steroids ? with some hedge funds setting up their servers just inches away from stock exchange servers to get a jump on other steroid-crazed traders. David Lauer, a former trader, told the Senate panel that high-speed technology was ?a destructive force in the market? with ?no social benefit.? He?s right. The ?liquidity? H.F.T. provides is long past the point of being helpful. When high-speed trading was new, trading costs for all investors seemed to dip, but that trend has stopped, suggesting a point of diminished returns. Volume on the New York Stock Exchange now is four times the level it was in 1999 ? a year with so much excess liquidity that it witnessed the greatest stock market bubble in history. And in exchange for providing the markets with more liquidity than they need, H.F.T. is creating a problem of a potentially enormous scale. It?s not just that such trading is unfair to traditional investors who, obviously, cannot take advantage of price movements they cannot see. (The truth is, parlor investors who try to beat the pros at short-term trading have always been easy fodder for Wall Street.) The greater concern is that it will subject markets to more destabilizing crashes and that prices will come to reflect the ?judgments? not of investors, but of high-speed robots. We?ve seen evidence of that already. In May 2010, several publicly traded companies briefly lost nearly $1 trillion of market value in a so-called ?flash crash? that the S.E.C. said was triggered by a single firm using algorithms to rapidly sell 75,000 futures contracts. Unless something is done, the markets will grow only more volatile and less responsive to investment values. Lawmakers in Germany, Australia and other countries are proposing to address the problem by imposing new restrictions on high-speed traders, and considering options like erecting superfast shutdown switches that might be able to cordon off damage in a crisis. But the better way to discourage this excessive, short-term market myopia is to take a page from anti-tobacco efforts: let high taxes discourage the antisocial behavior. We already encourage long-term investing by taxing capital gains on investments held for more than a year at a rate of just 15 percent ? in contrast to short-term capital gains, which are assessed at much higher rates. We could simply fine-tune that incentive even more. Intraday trades should be taxed at 50 percent. And ?investments? that mature in 60 seconds should be regarded as, in effect, electronic errors ? with any profit going to the government. This will greatly reduce high-speed trading and divert its remaining gains to the public. Roger Lowenstein, an outside director of the Sequoia Fund, is writing a book about the origins of the Federal Reserve. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 09:32:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 10:32:29 -0400 Subject: [Infowarrior] - WH Conveniently Confirms 'Cyberattack' Story Just As Its Pushing Cybersecurity Exec Order Message-ID: White House Conveniently Confirms 'Cyberattack' Story Just As Its Pushing Cybersecurity Exec Order from the coincidence... dept A "conservative" website apparently reported that Chinese hackers broke into a White House military office computer system with a "spear-phishing attack (like regular phishing, but directly targeted at a victim)". The White House has confirmed the story while saying that nothing sensitive was accessed: "A White House official speaking on background late Sunday confirmed there was an attempted hack but said that it affected an unclassified network, was ?isolated? and that there was no evidence that any data had been stolen." I'm not a huge fan of any sort of conspiracy theories, but it does seem questionable that this comes out just as the White House is circulating an executive order dealing with "cybersecurity," and so soon after the administration's preferred Cybersecurity Act got rejected by the Senate. The Free Beacon website that first broke the story seems to use it to suggest that the administration is "soft" on security -- though it was conservatives in the Senate who blocked the Cybersecurity Act from passing in the first place. Either way, it seems likely that people are trying to hack into key networks all the time. This doesn't sound like much of a big deal, but the fact that the White House is confirming the news just as it's pushing this exec order (while still hoping to get legislation through in the lame duck session), at least makes you wonder if the whole thing isn't being "leaked" on purpose to get cybersecurity stories back into the press to push for the exec order or for a revival of the bill. http://www.techdirt.com/articles/20121001/16131220560/white-house-conveniently-confirms-cyberattack-story-just-as-its-pushing-cybersecurity-exec-order.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 19:31:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 20:31:39 -0400 Subject: [Infowarrior] - Intelligence effort named citizens, not terrorists Message-ID: <238D4F30-B8E8-4983-94C9-16FFF4813EC2@infowarrior.org> Intelligence effort named citizens, not terrorists By EILEEN SULLIVAN and MATT APUZZO | Associated Press ? 42 mins ago http://news.yahoo.com/intelligence-effort-named-citizens-not-terrorists-234755138.html WASHINGTON (AP) ? A multibillion-dollar information-sharing program created in the aftermath of 9/11 has improperly collected information about innocent Americans and produced little valuable intelligence on terrorism, a Senate report concludes. It portrays an effort that ballooned far beyond anyone's ability to control. What began as an attempt to put local, state and federal officials in the same room analyzing the same intelligence has instead cost huge amounts of money for data-mining software, flat screen televisions and, in Arizona, two fully equipped Chevrolet Tahoes that are used for commuting, investigators found. The lengthy, bipartisan report is a scathing evaluation of what the Department of Homeland Security has held up as a crown jewel of its security efforts. The report underscores a reality of post-9/11 Washington: National security programs tend to grow, never shrink, even when their money and manpower far surpass the actual subject of terrorism. Much of this money went for ordinary local crime-fighting. Disagreeing with the critical conclusions of the report, Homeland Security says it is outdated, inaccurate and too focused on information produced by the program, ignoring benefits to local governments from their involvement with federal intelligence officials. Because of a convoluted grants process set up by Congress, Homeland Security officials don't know how much they have spent in their decade-long effort to set up so-called fusion centers in every state. Government estimates range from less than $300 million to $1.4 billion in federal money, plus much more invested by state and local governments. Federal funding is pegged at about 20 percent to 30 percent. Despite that, Congress is unlikely to pull the plug. That's because, whether or not it stops terrorists, the program means politically important money for state and local governments. A Senate Homeland Security subcommittee reviewed more than 600 unclassified reports over a one-year period and concluded that most had nothing to do with terrorism. The panel's chairman is Democrat Carl Levin of Michigan, the ranking Republican Tom Coburn of Oklahoma. "The subcommittee investigation could identify no reporting which uncovered a terrorist threat, nor could it identify a contribution such fusion center reporting made to disrupt an active terrorist plot," the report said. When fusion centers did address terrorism, they sometimes did so in ways that infringed on civil liberties. The centers have made headlines for circulating information about Ron Paul supporters, the ACLU, activists on both sides of the abortion debate, war protesters and advocates of gun rights. One fusion center cited in the Senate investigation wrote a report about a Muslim community group's list of book recommendations. Others discussed American citizens speaking at mosques or talking to Muslim groups about parenting. No evidence of criminal activity was contained in those reports. The government did not circulate them, but it kept them on government computers. The federal government is prohibited from storing information about First Amendment activities not related to crimes. "It was not clear why, if DHS had determined that the reports were improper to disseminate, the reports were proper to store indefinitely," the report said. Homeland Security Department spokesman Matthew Chandler called the report "out of date, inaccurate and misleading." He said that it focused entirely on information being produced by fusion centers and did not consider the benefit the involved officials got receiving intelligence from the federal government. The report is as much an indictment of Congress as it is the Homeland Security Department. In setting up the department, lawmakers wanted their states to decide what to spend the money on. Time and again, that setup has meant the federal government has no way to know how its security money is being spent. Inside Homeland Security, officials have long known there were problems with the reports coming out of fusion centers, the report shows. "You would have some guys, the information you'd see from them, you'd scratch your head and say, 'What planet are you from?'" an unidentified Homeland Security official told Congress. Until this year, the federal reports officers received five days of training and were never tested or graded afterward, the report said. States have had criminal analysis centers for years. But the story of fusion centers began in the frenzied aftermath of the Sept. 11, 2001, attacks. The 9/11 Commission urged better collaboration among government agencies. As officials realized that a terrorism tip was as likely to come from a local police officer as the CIA, fusion centers became a hot topic. But putting people together to share intelligence proved complicated. Special phone and computer lines had to be installed. The people reading the reports needed background checks. Some information could only be read in secure areas, which meant construction projects. All of that cost money. Meanwhile, federal intelligence agencies were under orders from Congress to hire more analysts. That meant state and local agencies had to compete for smart counterterrorism thinkers. And federal training for local analysts wasn't an early priority. Though fusion centers receive money from the federal government, they are operated independently. Counterterrorism money started flowing to states in 2003. But it wasn't until late 2007 that the Bush administration told states how to run the centers. State officials soon realized there simply wasn't that much local terrorism-related intelligence. Terrorist attacks didn't happen often, but police faced drugs, guns and violent crime every day. Normal criminal information started moving through fusion centers. Under federal law, that was fine. When lawmakers enacted recommendations of the 9/11 Commission in 2007, they allowed fusion centers to study "criminal or terrorist activity." The law was co-sponsored by Sens. Susan Collins and Joe Lieberman, the driving forces behind the creation of Homeland Security. Five years later, Senate investigators found, terrorism is often a secondary focus. "Many fusion centers lacked either the capability or stated objective of contributing meaningfully to the federal counterterrorism mission," the Senate report said. "Many centers didn't consider counterterrorism an explicit part of their mission, and federal officials said some were simply not concerned with doing counterterrorism work." When Janet Napolitano became Homeland Security secretary in 2009, the former Arizona governor embraced the idea that fusion centers should look beyond terrorism. Testifying before Congress that year, she distinguished fusion centers from the FBI-led Joint Terrorism Task Forces that are the leading investigative and analytical arms of the domestic counterterrorism effort. "A JTTF is really focused on terrorism and terrorism-related investigations," she said. "Fusion centers are almost everything else." Congress, including the committee that authored the report, supports that notion. And though the report recommends the Senate reconsider the amount of money it spends on fusion centers, that seems unlikely. "Congress and two administrations have urged DHS to continue or even expand its support of fusion centers, without providing sufficient oversight to ensure the intelligence from fusion centers is commensurate with the level of federal investment," the report said. And following the release of the report, Homeland Security officials indicated their continued strong support for the program. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 19:54:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 20:54:30 -0400 Subject: [Infowarrior] - =?windows-1252?q?Army_Says_=91Social_Network=92_U?= =?windows-1252?q?se_Is_a_Sign_of_Radicalism?= Message-ID: Not From the Onion: Army Says ?Social Network? Use Is a Sign of Radicalism ? By Spencer Ackerman ? October 2, 2012 | ? 6:30 am | ? Categories: Af/Pak, Military Life, Terrorists, Guerillas, Pirates http://www.wired.com/dangerroom/2012/10/insider-threat/ These are some warning signs that that you have turned into a terrorist who will soon kill your co-workers, according to the U.S. military. You?ve recently changed your ?choices in entertainment.? You have ?peculiar discussions.? You ?complain about bias,? you?re ?socially withdrawn? and you?re frustrated with ?mainstream ideologies.? Your ?Risk Factors for Radicalization? include ?Social Networks? and ?Youth.? These are some other signs that one of your co-workers has become a terrorist, according to the U.S. military. He ?shows a sudden shift from radical to ?normal? behavior to conceal radical behavior.? He ?inquires about weapons of mass effects.? He ?stores or collects mass weapons or hazardous materials.? That was the assessment of a terrorism advisory organization inside the U.S. Army called the Asymmetric Warfare Group in 2011, acquired by Danger Room. Its concern about the warning signs of internal radicalization reflects how urgent the Army considers that threat after Maj. Nidal Malik Hasan shot and killed 13 people at Ford Hood in 2009. But its ?indicators? of radicalization are vague enough to include both benign behaviors that lots of people safely exhibit and, on the other end of the spectrum, signs that someone is so obviously a terrorist they shouldn?t need to be pointed out. It?s hard to tell if the group is being politically correct or euphemistic. Around the same time, the Asymmetric Warfare Group tried to understand a related problem that now threatens to undermine the U.S. war in Afghanistan: ?insider threats? from Afghan troops who kill their U.S. mentors. In another chart, also acquired by Danger Room, an Afghan soldier or policeman ready to snap could be someone who ?appears frustrated with partnered nations?; reads ?questionable reading materials?; or who has ?strange habits.? Admittedly, the U.S. military command isn?t sure what?s causing the insider attacks, but it?ll be difficult for an American soldier who doesn?t speak Pashto or Dari to identify ?strange habits? among people from an unfamiliar culture. A selection from a U.S. military chart on ?Radicalization Into Violent Extremism.? The Asymmetric Warfare Group didn?t purport to identify every factor leading to insider threats, from either Americans or Afghans, and cautions against using its assessments as ?checklists.? But it takes a broad view of both the causes of radicalization and what might make someone at risk for it. Among Afghans, ?Cultural Misunderstandings,? ?Civilian Casualties,? ?Global Events? or ?Political Speeches or Upheaval? are listed as potential causes of ?Grievance-Based Action.? All of which seems intuitive, but it doesn?t help a commander, who may be preoccupied with the daily rigors of warfighting, from identifying which Afghans represent looming threats. The ?observable? indicators of those threats run the gamut from an ?abrupt behavioral shift? to ?intense ideological rhetoric? to blinking red lights that shouldn?t have to be pointed out to people, like ?mak[ing] threatening gestures or verbal threats.? American behavior is easier for Americans to understand, but the Asymmetric Warfare Group?s list of red flags from American troops is also problematic outside context. Someone who ?takes suspicious or unreported travel (inside or outside the United States)? could be linking up with a terrorist group. Or he could be hooking up with a lover, or a going on a road trip with friends, or anything else. Yet that?s an example of ?Actions conducted by the subject that would indicate violent or terroristic planning activities that warrant investigation.? The unreported aspect of the travel might be its most blatantly problematic feature. Similarly, some of the ?Risk Factors for Radicalization? identified here apply equally to Normal Soldier and Ticking Time Bomb. Among them: ?Youth,? which might be a difficult thing to mitigate against, unless the military wants to take former Pentagon official Rosa Brooks? unorthodox recruitment advice. ?Social Networks? is another, and it?s probably alarmingly coterminous with Youth. Still others: ?Emotional Vulnerability,? ?Personal Connection to a Grievance? and ?Conflict at Work or at Home.? To be fair to the Group, the bonds within a military unit can make it difficult to be alert to sketchy behavior, let alone the chain of command to it. And that disinclination to report something isn?t limited to the military: The FBI didn?t act on Hasan, even when he e-mailed the radical cleric Anwar al-Awlaki seeking advice on the legitimacy of murdering Americans. The Group repeatedly underscores the need to ?notify the chain of command? about suspicious behavior, even about behavior as potentially benign as ?chang[ing] type of off-duty clothing.? A ?single reportable indicator is enough to report,? it cautions, listing internal Army websites and phone hotlines to report a suspected Hasan 2.0. If underreporting suspicious behavior is a problem within the U.S. military, soldiers and Marines in Afghanistan probably won?t have a problem reporting their suspicious about Afghans now that over 50 U.S. and allied troops have been killed by their Afghan counterparts this year. Marine Gen. John Allen, the commander of NATO forces in Afghanistan, told 60 Minutes on Sunday that he?s ?mad as hell? at the attacks, and while his troops are willing to sacrifice for the war, ?we?re not willing to be murdered for it.? Woe to Afghans deemed ?reclusive? or engaging in ?peculiar discussions? in the eyes of troops who don?t share their culture. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 2 19:56:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Oct 2012 20:56:16 -0400 Subject: [Infowarrior] - Obama Cabinet Flunks Disclosure Test With 19 in 20 Ignoring Law Message-ID: <02799857-2850-4E26-B0D6-D9127FF503A7@infowarrior.org> Obama Cabinet Flunks Disclosure Test With 19 in 20 Ignoring Law By Jim Snyder and Danielle Ivory - Sep 28, 2012 http://www.bloomberg.com/news/print/2012-09-28/obama-cabinet-flunks-disclosure-test-with-19-in-20-ignoring-law.html On his first full day in office, President Barack Obama ordered federal officials to ?usher in a new era of open government? and ?act promptly? to make information public. As Obama nears the end of his term, his administration hasn?t met those goals, failing to follow the requirements of the Freedom of Information Act, according to an analysis of open-government requests filed by Bloomberg News. Nineteen of 20 cabinet-level agencies disobeyed the law requiring the disclosure of public information: The cost of travel by top officials. In all, just eight of the 57 federal agencies met Bloomberg?s request for those documents within the 20-day window required by the Act. ?When it comes to implementation of Obama?s wonderful transparency policy goals, especially FOIA policy in particular, there has been far more ?talk the talk? rather than ?walk the walk,?? said Daniel Metcalfe, director of the Department of Justice?s office monitoring the government?s compliance with FOIA requests from 1981 to 2007. The Bloomberg survey was designed in part to gauge the timeliness of responses, which Attorney General Eric Holder called ?an essential component of transparency? in a March 2009 memo. About half of the 57 agencies eventually disclosed the out-of-town travel expenses generated by their top official by Sept. 14, most of them well past the legal deadline. Public Interest Bloomberg reporters in June filed FOIA requests for fiscal year 2011 taxpayer-supported travel for Cabinet secretaries and top officials of major departments. Justice Department official Melanie Ann Pustay said in an interview that disclosure of those records is in the public interest. Data and Graphics: Testing Obama's Promise of Government Transparency Even agency heads who publicly announce their events -- including Holder, Secretary of State Hillary Clinton and Health and Human Services Secretary Kathleen Sebelius -- didn?t provide the costs of their out-of-town trips more than three months after the initial request. ?It?s ironic that the demands in the presidential campaign for Mitt Romney?s tax returns are unrelenting, but when it comes time to release the schedules for senior appointees there?s the same denial of access,? said Paul Light, a New York University professor who studies the federal bureaucracy. ?Over the past four years, federal agencies have gone to great efforts to make government more transparent and more accessible than ever, to provide people with information that they can use in their daily lives,? said White House spokesman Eric Schultz, who noted that Obama received an award for his commitment to open government. The March 2011 presentation of that award was closed to the press. 2013 Delivery The travel costs generated by some other Obama officials --Transportation Secretary Ray LaHood, Energy Secretary Steven Chu, Environmental Protection Agency Administrator Lisa Jackson, and Homeland Security chief Janet Napolitano -- also remain undisclosed. A request made in June for the travel records of Susan Rice, the U.S. Ambassador to the United Nations, will remain unfulfilled for more than a year, according to a federal official involved in the case. ?We really appreciate your patience in this matter. The estimated completion date is July 2013,? wrote Chris Barnes, a State Department FOIA official, in a Sept. 24 e-mail. Under FOIA, the department is required to offer a timetable for delayed responses. GSA Scandal Government travel costs have received greater scrutiny since a report by the General Services Administration?s inspector general on April 2 revealed that a 2010 Las Vegas junket -- featuring a mind reader and a clown -- cost taxpayers more than $823,000. Since then, GSA Administrator Martha Johnson has resigned and the IG has referred the matter to the Department of Justice. Related: Activist's Nine Year Navy FOIA Fight Results in Supreme Court Win Records obtained as a result of another Bloomberg FOIA request showed that the GSA almost tripled its expenditures for conferences from 2005 to 2010. Taxpayers paid $27.8 million for more than 200 overnight gatherings attended by at least 50 GSA employees over the five-year period, according to the records. Under Obama, federal agencies also have stepped up the use of exemptions to block the release of information. During the first year of the administration, cabinet agencies employed exemptions 466,402 times, a 50 percent jump from the last year of the presidency of George W. Bush. While exemption citations have since been reduced by 21 percent from that high, they still are above the level seen during the Bush administration, according to Justice Department data. DHS Exemptions The majority of the exemptions came from the Department of Homeland Security, which gets the most requests, records show. The greater number of documents released online helps explain the increased use of exemptions, according to Tracy Russo, a spokeswoman for the Justice Department. ?The pool of requests that are made tend to be more complex,? she said. Open government advocates note that Obama?s transparency pledge is undermined by a federal bureaucracy that often cites staff shortages and compliance costs to delay the release of information. ?I don?t think the administration has been very good at all on open-government issues,? said Katherine Meyer, a Washington attorney who has been filing open records requests since the late 1970s. ?The Obama administration is as bad as any of them, and to some extent worse.? Fee Fight In one case Meyer pursued, the Center for Auto Safety was told by Treasury FOIA officials that its request for records relating to the U.S. auto bailout would cost $38,000. Meyer successfully argued the fees should be waived because the request was in the public interest. The Freedom of Information Act, signed into law by President Lyndon B. Johnson in 1966, is designed to open up the process of government to citizens. Individuals have the right to file requests, and the law mandates that the department answer the query within 20 working days, ask for a 10-day extension, or offer a timetable for the release of the information. In the past, FOIA has been used to obtain a wide range of government records. Among them: Documents on the use of the defoliant Agent Orange during the Vietnam War; Department of Transportation reports detailing safety issues with the Ford Pinto?s fuel tank that contributed to some 500 deaths; and details of the Bush administration?s deliberations on the use of torture following the Sept. 11, 2001 terrorist attacks. ?Smoking Gun? ?It?s the smoking gun that often holds government accountable for its misdeeds,? said Kevin Goldberg, a First Amendment attorney at Fletcher, Heald & Hildreth Plc in Arlington, Virginia, who also serves as legal counsel for the American Society of News Editors. Miriam Nisbet, the head of the Office of Government Information Services, which acts as a FOIA ombudsman, said Obama deserves praise for highlighting government accountability. ?We see a great deal of emphasis and attention paid to transparency,? she said. ?That is a really important message.? Nisbet?s office offered travel documents three days after acknowledging the FOIA request. The Bloomberg FOIA filing also asked each department to identify trips, lodging and meals provided by non-federal sources. All told, 30 of the 57 agencies contacted replied with those travel records by Sept. 14. SBA Response Of the 20 Cabinet-level agencies contacted by Bloomberg News, only the Small Business Administration met the legal 20- day deadline by disclosing that Administrator Karen Mills took 27 trips out of Washington at a total cost to the U.S. taxpayer of $15,856. The records of Secretary of the Treasury Timothy Geithner, Labor Hilda Solis, former Secretary of Commerce and Acting Secretary Gary Locke and Rebecca Blank, U.S. Trade Representative Ron Kirk and Jacob Lew, the former director of the Office and Management and Budget who is now White House Chief of Staff, were released to Bloomberg News under the request, though those agencies did not meet the 20-day deadline. Kirk, ?who travels all over the world? for his duties according to the USTR website, took 23 business trips in fiscal 2011, 17 of which involved domestic travel, for a cost of about $45,000. Kirk ?has said many times that increased outreach to the American people? is important for economic growth, USTR spokeswoman Carol Guthrie said in an e-mail. No Excuse Eric Newton, senior adviser at the Knight Foundation, a Miami-based group that promotes citizen engagement, said agencies have no excuse not to rapidly disclose travel costs. ?In a 24/7 world, it should take two days, it should take two hours,? Newton said. ?If it?s public, it should be just there.? The Department of Justice, which is charged with monitoring how all federal agencies respond to FOIA requests, has yet to release the travel details of top officials at three of its affiliated agencies: The Bureau of Alcohol, Tobacco, Firearms and Explosives, the Drug Enforcement Administration and the Federal Bureau of Investigation. Pustay, head of the Justice Department?s Office of Information Policy, said that taxpayer-supported travel records are ?certainly something that people would ask for and something that?s of interest to the public.? She said ?the crush of work? makes swift replies difficult. Redacted Information None of the nine exemptions under the FOIA -- which protect national security, personal information or corporate trade secrets, for example -- allow taxpayer-supported travel expenses to remain hidden from view. Those records may include information, such as private mobile-phone numbers or information related to security, that is exempted from disclosure, which could be causing the delays, Pustay said. Responsive agencies were able to redact personal details within the FOIA time period. The Federal Housing Finance Agency, the chief regulator for Fannie Mae and Freddie Mac, provided the travel expense records for Acting Director Edward DeMarco?s six trips out of town within 15 days of the filing. DeMarco?s trips cost $5,653.29, the documents show. Personal information such as his Social Security number and home address were blacked-out in the file. Data and Graphics: Testing Obama's Promise of Government Transparency The process for accessing information that hasn?t been already released remains confusing, time-consuming and at times antagonistic, said Thomas Blanton, director of the National Security Archive, a Washington-based open-information repository. ?Obfuscation? Culture ?There is a culture of obfuscation among agency Freedom of Information officials,? he said. ?Bureaucrats are able to deter a lot of citizen engagement.? Travel records were largely shielded from public view until Johnson signed the Freedom of Information Act on July 4, 1966. Congress adopted post-Watergate reforms in 1974, giving agencies a deadline to comply with requests and narrowing exemptions for law enforcement and national security agencies. The FOIA law was updated another four times through 2007, when the Office of Government Information Services was established as the federal ombudsman. The White House says it has released more than 2.5 million records since Obama took office. Recovery.gov allows citizens to track stimulus spending by state. The administration also has for the first time posted the names of White House visitors, though not a full list of who has attended meetings. Backlogged Files Other records now disclosed include the number of weapons in the nation?s nuclear arsenal, report cards for veterans? hospitals, and employer-specific workplace safety records kept by the Occupational Safety and Health Administration. The total number of FOIA requests increased, with 631,424 processed last year, compared with 600,849 in 2010. The government?s website dedicated to monitoring its response to filings, FOIA.gov, shows the number of backlogged requests grew 20 percent to 83,490 filings from 2010 to 2011. The Justice Department reported in 2008 that there were 3,691 full-time FOIA personnel across all departments and agencies. In 2011, the figure increased by 19 percent to 4,400, according to the department. Some agencies outsource FOIA- related tasks, including the redaction process. The government has spent at least $86.2 million on contracts described as pertaining to FOIA since 2009, according to federal procurement data compiled by Bloomberg. The administration acknowledged systemic issues with the FOIA process when the Office of Management and Budget issued guidelines Aug. 24 to all federal agencies on how to streamline government information. The memo called for all government information to be stored in an electronic format by December 2019 -- almost three years after the end of a potential second Obama term. Stephen Hess, a presidential historian at the Washington- based Brookings Institution, called the survey results a ?grim? assessment of Obama?s transparency record. He said the president -- like many of the men who have occupied the Oval Office -- has discovered how difficult it is to bend the government?s bureaucracies to his will. ?The sad part is it won?t be any better for the next folks either,? Hess said. ?The only difference perhaps is the Obama people led us to believe it would be different.? To contact the reporters on this story: Jim Snyder in Washington at jsnyder24 at bloomberg.net; Danielle Ivory in Washington at divory at bloomberg.net To contact the editors responsible for this story: Jon Morgan at jmorgan97 at bloomberg.net; Stephanie Stoughton at sstoughton at bloomberg.net ?2012 BLOOMBERG L.P. ALL RIGHTS RESERVED. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 06:46:24 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 07:46:24 -0400 Subject: [Infowarrior] - =?windows-1252?q?DHS_Issued_False_=91Water_Pump_H?= =?windows-1252?q?ack=92_Report=3B_Called_It_a_=91Success=92?= Message-ID: (Note, this comes right on the heels of that scathing bipartisan Senate report slamming DHS's "fusion" centers effectiveness. -rick) DHS Issued False ?Water Pump Hack? Report; Called It a ?Success? ? By Kim ZetterEmail Author ? 10.02.12 ? 10:00 PM http://www.wired.com/threatlevel/2012/10/dhs-false-water-pump-hack/ When an Illinois fusion center distributed a report last year stating that hackers from Russia had broken into a water district?s SCADA system and sabotaged a water pump, the Department of Homeland Security stepped in publicly to denounce the report as false, blaming the regional fusion center for spreading unsubstantiated claims and sowing panic in the industrial control system community. But while DHS was busy pointing a finger at the fusion center, its own Office of Intelligence and Analysis had been irresponsibly spreading the same false information privately in a report to Congress and the intelligence community, according to a Senate subcommittee investigation released late Tuesday. The DHS report was issued five days after the fusion center report was issued. Even after the FBI and other investigators concluded a few days later that there was no merit to the hacking claimsand that the reports were false, the DHS intelligence unit did not issue a correction to its report or notify Congress or the intelligence community that the information it spread was incorrect. Officials behind the false claims told Senate investigators that such reports weren?t meant to be ?finished intelligence? and that despite their report?s inaccuracies and sloppy wording they considered it to be a ?success.? ?[It did] exactly what it?s supposed to do ? generate interest,? DHS officials told Senate investigators. The revelation is buried in a lengthy report released by the Senate?s bipartisan Permanent Subcommittee on Investigations, which examines the many failings of state fusion centers, which were set up in the wake of the 9/11 terrorist attacks in an effort to improve intelligence collection and dissemination for state, local and federal law enforcement and counter-terrorism agencies. The water pump hack report spawned dozens of sensational news stories when it was leaked to reporters in November 2011. The fusion center report, which was titled ?Public Water District Cyber Intrusion,? was distributed by the Illinois Statewide Terrorism and Intelligence Center on Nov. 10 and given to state and federal law enforcement agencies, utilities and other groups. The report, which was meant to be confidential, claimed that attackers from Russia had hacked into the network of a software vendor that made the SCADA system used by a water district in Illinois and stolen usernames and passwords that the vendor maintained for its customers. The hackers then supposedly used the credentials to gain remote access to the utility?s network and cause a water pump to burn out. The report was leaked to the media by an industrial control systems expert who had gained access to it. The report was significant at the time because it represented the first known attack of this kind involving hackers breaking into an industrial control system in the U.S. and sabotaging equipment. As the Senate investigators point out in their report, earlier that year Defense Department officials had stated that the U.S. would treat such attacks on critical infrastructure systems as an act of war if they caused widespread casualties. But none of the information was true, and the authors of the fusion center report could have easily discovered this had they bothered to investigate the matter even a little. Someone did access the water district?s SCADA system from Russia, but it was a water district contractor who was asked to access the system by water district employees, as Wired first reported. They had called him to seek his opinion on something while he was on vacation in Russia, and he had logged into the system remotely to check on some data for them. When the pump broke five months later and someone examined the network logs to determine the cause, they found an IP address from Russia listed in the logs next to the username and password of the contractor. No one ever bothered to call the contractor to see if he had logged in from Russia; they just assumed someone in Russia had stolen his credentials. The assertion by the fusion center that the pump was sabotaged by intruders from Russia were all the more perplexing since the contractor had logged in from Russia five months before the pump broke, the congressional investigators point out. Nonetheless, five days after the fusion center issued its report on Nov. 10, officials from DHS?s Office of Intelligence & Analysis issued their own report, inexplicably repeating the same claims that the fusion center had made. ?Like the fusion center report, DHS stated the allegations as fact, not as theory, claim or hunch,? the Senate report says, noting that DHS guidelines forbid the department from reporting on information if it?s just a theory, claim or hunch. The author of the DHS report, a senior reports officer in the Intelligence and Analysis branch, claimed in his report that the information was based on ?first and secondhand knowledge of information? that was ?deemed reliable.? The report never indicated that the information was based on conjecture. In a slide that the I&A office prepared for an intelligence briefing it was stated emphatically that the Illinois water district?s SCADA system had ?experienced a network intrusion from a Russian IP address? and said that the perpetrator hijacked an ?authorized user account? and that ?system controls were manipulated resulting in a pump burnout.? The information was included in a daily intelligence briefing that went to Congress and the intelligence community. A week after the DHS intelligence report was released, investigators from DHS?s Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) arrived in Illinois to investigate the apparent intrusion. They quickly determined, after speaking with the contractor whose name had shown up in the logs, that the fusion center and the DHS intelligence report were wrong and that the failed pump was not the result of a hack attack at all. ?Almost no part of the initial reports of the incident had been accurate ? not the fusion center report, or DHS?s own intelligence report, or its intelligence briefing,? write the Senate investigators in their report. ?The only fact that they got right was that a water pump in a small illinois water district had burned out.? On Nov. 22, the DHS released a statement saying that there was no evidence to back the fusion center claims that the utility had suffered a cyber intrusion, that any credentials were stolen or that any malicious activity was behind the failed water pump. On Nov. 30, after Wired published a story identifying the contractor who had logged into the system from Russia and revealed the true facts behind the ?cyber intrusion?, DHS pointed the finger at the fusion center for releasing information that had not been verified. A spokeswoman for the Illinois State Police, which is responsible for the fusion center, pointed the finger at local representatives of DHS, FBI and other agencies who she said were responsible for compiling information that gets released by the fusion center. And then DHS pointed another finger back at the fusion center, saying if the report had been DHS-approved, six different offices would have had to sign off on it. ?Because this was an Illinois [fusion center] product, it did not undergo such a review,? a DHS official told Wired at the time. But according to the Senate report, DHS had indeed released its own separate report that restated the same false accusations that the fusion center report had stated. When Senate investigators asked officials from the I&A office about their report, the officials acknowledged that they had not included caveats in the report to indicate that the information was uncorroborated and based on hypotheses, but they defended their hurried reporting by saying there was ?a premium for getting [intelligence reports] out.? And despite the fact that their office is called the Office of Intelligence & Analysis, they told investigators that ?analytical judgements are saved? ? that is, they?re not included in such reports. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 07:24:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 08:24:48 -0400 Subject: [Infowarrior] - PDF of Senate report on DHS fusion centers Message-ID: Senate Permanent Subcommittee on Investigations Federal Support for Fusion Centers Report ? 141 pages ? October 3, 2012 ? 3.8 MB http://publicintelligence.net/hsgac-fusion-centers/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 07:26:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 08:26:42 -0400 Subject: [Infowarrior] - Top admen beg Microsoft to switch off 'Do Not Track' in IE 10 Message-ID: <86A9005E-CF8C-4983-A582-41468D054D19@infowarrior.org> (Cry me a river, folks. --rick) Top admen beg Microsoft to switch off 'Do Not Track' in IE 10 Browser 'blocks our adverts choice and competition' By Gavin Clarke ? Get more from this author Posted in Media, 3rd October 2012 12:01 GMT Microsoft is in hot water with big-brand advertisers over its implementation of Do-Not-Track by default in the latest iteration of its Internet Explorer browser. The ad-slingers say Internet Explorer 10?s Do-Not-Track feature will hurt advertisers, consumers and competition. The Association of National Advertisers (ANA) has published an open letter to Microsoft?s chief executive Steve Ballmer, senior vice president and general counsel Brad Smith and chief research and strategy officer Craig Mundie opposing the fact DNT will be turned on by default in Windows 8?s browser. The letter comes less than a month before Windows 8 is due to be released to the public on new PCs and tablets. The ANA, of which Microsoft is a member, reckoned DNT-by-default offers the ?wrong? choice for consumers by requiring them to "opt in" should they wish data relating to their web surfing habits to be tracked. For advertisers, IE10 will potentially block their ability to collect data on 43 per cent of netizens in the US using Microsoft?s browser ? that statistic is IE?s current market share in the US according to StatCounter. That data, the ad body argues, fuels economic growth on the internet and supports online services that "define the consumer online experience". Thirty-nine ANA members have put their names to the letter, including AT&T, Dell, Ford Motor Company, IBM, Intel, Kellogg, Nestle, McDonalds and Wal-Mart....... < - > http://www.theregister.co.uk/2012/10/03/ie_10_dnt_default_advertisers_letter/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 07:52:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 08:52:35 -0400 Subject: [Infowarrior] - Facebook Sells More Access to Members Message-ID: <6D3D41AD-810F-467F-BC04-42645C353319@infowarrior.org> ? TECHNOLOGY ? October 1, 2012 Facebook Sells More Access to Members http://online.wsj.com/article/SB10000872396390443862604578029450918199258.html?mod=WSJ_hpp_sections_tech#printMode By GEOFFREY A. FOWLER Facebook Inc. is experimenting with new ways to leverage its greatest asset?personal data on about 900 million people?reigniting concerns about privacy. The strategy: selling access to its users. Facebook is experimenting with new ways to leverage its greatest asset-personal data on about 900 million people-reigniting concerns about privacy. Geoff Fowler reports on digits. Photo: Getty Images. To amp up the effectiveness of its ads, Facebook in recent months has begun allowing marketers to target ads at users based on the email address and phone number they list on their profiles, or based on their surfing habits on other sites. It has also started selling ads that follow Facebook members beyond the confines of the social network. Rankling privacy advocates most, Facebook is using its data trove to study the links between Facebook ads and members' shopping habits at brick-and-mortar stores, part of an effort to prove the effectiveness of its $3.7 billion annual ad business to marketers. Facebook hasn't said which advertisers participate in the studies. In principle, they allow a marketer like a shampoo maker to learn, in aggregate, how much viewing an ad on Facebook increases sales across a range of retailers. Facebook is making the moves, which show some early success, as it faces investor pressure to become a bigger player in digital advertising. But in doing so, the Menlo Park, Calif., company treads a fine line between using consumer data to attract marketer dollars and living up to its promises to users and regulators to keep that data private. "We have been working to make it easier for marketers to reach the right people at the right time and place," said Gokul Rajaram, who manages Facebook's ad products. He added the latest ad changes are done "in a way that respects user privacy." Facebook executives including Chief Operating Officer Sheryl Sandberg are trumpeting the social network's latest offerings to Madison Avenue during Advertising Week events this week. Many of Facebook's new services echo ad-targeting capabilities that companies such as Google Inc. and Yahoo Inc. have offered for years, and Facebook said it takes pains to follow industry data practices. Facebook maintains it doesn't sell data about individual users to advertisers, or even let them directly see the data. But privacy advocates say Facebook deserves special scrutiny because it has in many cases more personal information about people's real identities than other Internet companies, raising the potential for abuse. At the core of Facebook's expanding ad strategy is the fact that the social network knows a lot about its users' true identities. While Google largely makes inferences about people based on their searching and browsing habits, Facebook is built on people volunteering personal information that's valuable to marketers, including names, friends, phone numbers and tastes. In September, Facebook began allowing marketers with their own lists of email addresses and phone numbers to target ads at specific groups of Facebook users of at least 20 at a time. Facebook matches up that outside data with information users have entered into their profile. A clothing store, for example, could use the service to target customers based on their past purchase habits, or a bank could target ads just at customers with high bank balances. Over the summer, Facebook also began using its identity data to experiment with selling ads on other websites and apps. Facebook recently began placing ads on game site Zynga .com, for instance, and in September announced it would begin placing ads on third-party smartphone apps. In both cases, it can target ads to specific people because they're logged in using their Facebook accounts. Analysts think the experiments point to Facebook eventually establishing its own advertising network, making Facebook ads omnipresent across the Web and smartphones. Mr. Rajaram said the company is still testing how well the ads on outside sites work. Zynga Inc. declined to comment. User data is also helping Facebook bolster the sales pitch about the effectiveness of its ads. In August, the social network disclosed it was working with data-mining company Datalogix to track whether seeing ads on Facebook leads users to buy more products from those advertisers in physical stores. Datalogix collects information from retailers about what products customers buy in stores, and works with Facebook to compare that to email addresses and other data about Facebook users to understand which of those people may have seen Facebook ads for particular products. Whether you are bullish or bearish on Facebook, you must ultimately focus on the company's quest to obtain eyeballs. MarketWatch's Jon Friedman looks at how the company can add to its already eye-popping world-wide roll of 955 million users. (Photo: AP) The tests, which have run on nearly 50 Facebook ad campaigns, show that in 70% of cases, $1 spent on Facebook advertising leads to $3 in incremental sales, Facebook said. Privacy experts said Facebook's actions, while not unusual in the online ad industry, deserve special scrutiny. Last week, the Electronic Privacy Information Center filed a complaint with the Federal Trade Commission over Facebook's new business practices, particularly its relationship with Datalogix and an ad-buying service called Facebook Exchange. For years, Facebook users have known they "might be targeted based on what they posted online, but that was separate from what you did off of Facebook or in the real world," said David Jacobs, EPIC's consumer protection counsel. "Now the rules have changed and this information is being matched or cross-referenced. There is an issue with changing the rules on people." EPIC said Facebook had violated a settlement the company made with regulators in July that requires the social network to clearly disclose and obtain consent from users before sharing information with a third party. EPIC says the FTC hasn't responded publicly to the complaint. A Datalogix spokesman said the EPIC complaint is without merit. Facebook said it is confident it is compliant with its legal obligations. In the process of matching up the data with Datalogix, it said, both sides obscure their data from the other so they can't use it to build profiles of people. The retailers and the advertiser don't get data about individual Facebook members?they only get a PowerPoint file with aggregate data about the effectiveness of a campaign. "We believe our business model is fully compatible with honoring privacy," said Facebook's chief privacy officer, Erin Egan. The open question is whether Facebook users will find the services unsettling enough to stop using the site. Facebook executives said users click on better-targeted ads?which is a sign that they like them. Some of the new ad tactics are showing success. Online retailer Shoebuy, a unit of IAC/InterActiveCorp, over the summer participated in a test that allows marketers to show ads to Facebook users based on what they've looked at elsewhere online. Using Facebook Exchange, Shoebuy placed ads on Facebook.com only to members who recently viewed shoes on its site. In some cases, the ads featured shoes they had looked at on Shoebuy.com, a practice called retargeting. To target Shoebuy's ads, Facebook didn't track the shoppers itself. Instead, third-party marketing company TellApart Inc. identified when Facebook members recently used their browsers to also visit the shopping site. TellApart then acts as an ad broker, offering to buy ads targeting those people. In the process, neither side swaps personal information, these companies say. The result was impressive, said Shoebuy Chief Marketing Officer James Keller. While he declined to say how much money his company spent, he said the ads provided at least a seven times return on investment. Previously, Facebook "has not been the best place for us to advertise," he said. "Now we are taking whatever inventory we can in the Facebook Exchange because it is working." Write to Geoffrey A. Fowler at geoffrey.fowler at wsj.com A version of this article appeared October 2, 2012, on page B1 in the U.S. edition of The Wall Street Journal, with the headline: Facebook Sells More Access to Members. From rforno at infowarrior.org Wed Oct 3 13:48:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 14:48:34 -0400 Subject: [Infowarrior] - Chris Dodd: Hollywood's Most Predictable Dissembler Message-ID: <2914DAC6-D905-40F2-BF2B-9A41D4BCDE9F@infowarrior.org> Chris Dodd: Hollywood's Most Predictable Dissembler from the make-it-stop dept http://www.techdirt.com/articles/20121003/01003820577/chris-dodd-hollywoods-most-predictable-dissembler.shtml There were actually a few different interesting events happening in San Francisco last night, all of which were tempting, but it was impossible not to head over to The Commonwealth Club to hear former Senator and current MPAA boss Chris Dodd being interviewed by former SF mayor and current California Lieutenant Governor Gavin Newsom. Given pretty much everything we've written about Dodd during his short tenure at the MPAA, I could have guesssed most of what he was going to say... and, indeed, there were few surprises. As in the past, he stuck to his favorite themes since the defeat of SOPA, pretending to extend an olive branch to Silicon Valley, to talk about how we all need to "work together," but ignoring that Silicon Valley has tried repeatedly to help Hollywood innovate, and every time we're called thieves for doing so. Or, worse, Hollywood starts demanding ever increasing fees, making it impossible to build a profitable business, or innovators are told to make the product worse to slow the inevitable move into the future. What Dodd really means is not that he wants Silicon Valley to help Hollywood innovate, but rather wants Silicon Valley to figure out ways to prop up the obsolete parts of Hollywood's business models with technological forms of protectionism. As per usual, Dodd also tried to completely ignore the fact that there were many, many times during the crafting of SOPA and PIPA that the tech industry asked for a seat at the table, and Dodd's MPAA rejected it. He ignored the fact that, during the height of the debate, when Senator Feinstein tried to broker a meeting between top tech companies and Hollywood studios, it was the MPAA studios who rejected the meeting. When asked directly (after the on-stage interview) about the failures of the MPAA itself to actually work with the tech industry, Dodd more or less tried to pass it off on past MPAA leadership, despite much of it happening under his watch. And, of course, Dodd continues to focus on the tech industry as being who he needed to talk to... and not the public. This, honestly, is the biggest problem and misconception with Dodd's approach to all of this. He's still viewing it as a fight between the tech industry and the movie industry. He still hasn't figured out that it was really the users of technology -- i.e., the public at large -- who form the key party here. While speaking at the Commonwealth Club is one way to "reach out" (though, it didn't seem like there were very many tech industry folks there), that's not the people he needs to reach (I would guess that the majority of the audience were AARP members). What Dodd could have done is actually met with the public. He could have gone on Reddit and done an AMA. Even the President of the US can do that -- why not Chris Dodd? Perhaps it's because Dodd and the MPAA know that the folks on Reddit would actually fact check his bogus statements in real time. Because if there's one other common thread through Dodd's speeches since the whole SOPA/PIPA fight blew up, it's that he often has a rather loose relationship with something called "facts." And last night was no exception. He, once again, argued that the movie industry employs 2.1 million people. As the Congressional Research Service has shown, the actual number is 374,000 -- oh, and it's growing, except possibly at theaters, but that's got everything to do with consolidation, not copyright issues. Dodd's bizarre move of the night was to use The Hurt Locker as his key example of why we need greater copyright protectionism. He argued that the movie was a financial disaster, because of piracy. Unfortunately, the evidence says... no freaking way. The movie had a production budget of $15 million. Yet, it made $17 million in the domestic box office, $33 million in the international box office, and then another $34 million on DVD. And that doesn't count any additional licensing, such as for Netflix streaming or TV broadcast. So, between box office and DVD rentals, we're talking a take of $84 million on a $15 million production budget. Another report claims that the movie was rented 8 million times, and was purchased on pay-per-view or VOD another 3 million times by mid-2010 (and probably plenty more since then). So there's likely to be a few more millions to pile on top there. Now, that doesn't include the marketing budget, but the same report that details the rentals also highlights that the studio behind The Hurt Locker, Summit Entertainment, didn't spend that much on marketing the flick. In fact, people in the article complain that "Summit is not spending any money." Even if we go crazy and assume that Summit spent twice the production budget on marketing (so another $30 million in marketing the film), it seems pretty clear that the movie did quite well. To argue that it was in trouble due to piracy is simply hogwash. Even worse, Dodd conveniently left out that the producers of The Hurt Locker sued tens of thousands of fans, and called any fans who criticized this bizarre move morons and thieves. He also ignored that among those that the producers sued was a dead man. So far, this strategy of suing fans has not met with legal success. Either way, you'd think such things would be relevant, but Dodd didn't mention them at all. In fact, quite bizarrely, he later claimed that one of the things the movie industry learned from the failures of the recording industry was that suing "the kids" who are file sharing is "misguided." And yet his one shining example of a movie decimated by piracy (even though it wasn't) is a film whose producers directly sued over 20,000 of "the kids" and continues to do so? Really? Perhaps this is why Chris Dodd doesn't want to have an open discussion with the public. The public might call him out (and, if you were wondering, people could only submit written questions at the event, rather than getting to stand up and ask). Again, when Dodd was asked about The Innocence of Muslims film, after first distancing himself from it and noting that it was not an MPAA production, Dodd delivered a stirring defense of free speech, directly arguing that he "gets uncomfortable" with the idea of the movie industry "becoming a cop on speech." That's kind of funny, because so many of his efforts are about forcing others -- mainly the tech and broadband industries -- to "become cops" on expression. There were a couple points at which Dodd went into his current favorite stump speech. Newsom asked him a question about whether Hollywood was "all red carpets." That had to have been fed to him by Dodd, who has been using the line about how Hollywood is not all red carpets for months now. He then does his "pull on the heartstrings" bit, about how the makeup artist and "the guy behind the microphone" are all suffering because of piracy -- but he fails to explain how. Again, the industry is making more films than ever before, and they're actually doing pretty damn well. He also ignores the real reason why those people might be suffering: because they're union employees, and the big MPAA studios have been trying to do non-union productions or move filming offshore to avoid having to pay American salaries. Finally, he did the politician thing where he made statements that he'll ignore later or weasel out of at some point. He talked about how he would "do anything and everything... to protect the vitality of the internet." Yet, it was under his watch, and via direct MPAA suggestion and later pressure, that both SOPA and PIPA included DNS blocking which would have undermined the internet in a big, bad way. In fact, from what we've heard, even when Congress talked about dropping DNS blocking early on, it was Dodd's MPAA who was adamant that it had to stay in. Later, he also claimed that SOPA and PIPA were dead and that they needed a completely different approach. When asked directly afterwards, he insisted that he didn't think there would be any more legislation... but, of course, he left out the international trade forums that the MPAA has its fingers deeply in. Things like ACTA and TPP are heavily influenced by the MPAA, and while ACTA is on life support, the TPP is still very much alive, and may be significantly worse. So, don't think for a second that the MPAA isn't still pushing legislative and regulatory "solutions" to its perceived problem. All in all, there was nothing too surprising, but it all highlights, yet again, how Chris Dodd is absolutely the wrong person for the job. There was no visionary talk. There was no recognition of a truly new approach. There was no recognition of the public's concerns. There was no realization that the talk needs to be with the public, not with top execs from a few big tech companies. In other words, he's still doing business as usual, when what the MPAA really needs is a visionary who will actually recognize that the path forward is learning to embrace, not fear, innovation, and working with the public to understand what they want and to try to fulfill that. The MPAA needs a visionary right now, and that's not Chris Dodd. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 13:50:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 14:50:08 -0400 Subject: [Infowarrior] - MPAA chief admits: SOPA and PIPA "are dead, they're not coming back." Message-ID: <188FC636-3AA2-49CE-8346-E06B055E39F0@infowarrior.org> (until they make a comeback, that is. you know how much Hollywood loves them sequels. ---rick) MPAA chief admits: SOPA and PIPA "are dead, they're not coming back." Chris Dodd adds: "Six strikes" enforcement by ISPs will be "educational," "not a law." by Joe Mullin - Oct 3 2012, 2:05pm EDT http://arstechnica.com/tech-policy/2012/10/mpaa-chief-admits-sopa-and-pipa-are-dead-theyre-not-coming-back/ SAN FRANCISCO, CALIFORNIA?MPAA CEO Chris Dodd didn't seem eager to talk about the aftermath of SOPA when he spoke at San Francisco's Commonwealth Club on Tuesday night. The former Connecticut senator would have preferred to wax poetic about innovation, California, and the collaboration between Hollywood and Silicon Valley. "Every studio I deal with has a distribution agreement with Google," said Dodd. "We've divided up this discussion in a way that doesn't really get us moving along as a people." He couldn't ignore it for long. Gavin Newsom brought it up only briefly, but reporters approached Dodd after the event to get more details on how he viewed the SOPA aftermath, as well as the MPAA's Internet lobbying more generally. SOPA and its sister bill PIPA were both definitively killed off earlier this year after an overwhelming campaign of online action by citizens and tech companies. Dodd sounded chastened, with a tone that was a far cry from the rhetoric the MPAA was putting out in January. "When SOPA-PIPA blew up, it was a transformative event," said Dodd. "There were eight million e-mails [to elected representatives] in two days." That caused senators to run away from the legislation. "People were dropping their names as co-sponsors within minutes, not hours," he said. "These bills are dead, they're not coming back," said Dodd. "And they shouldn't." He said the MPAA isn't focused on getting similar legislation passed in the future, at the moment. "I think we're better served by sitting down [with the tech sector and SOPA opponents] and seeing what we agree on." Still, Dodd did say that some of the reaction to SOPA and PIPA was "over the top"?specifically, the allegations of censorship, implied by the black bar over Google search logo or the complete shutdown of Wikipedia. "DNS filtering goes on every day on the Internet," said Dodd. "Obviously it needs to be done very carefully. But five million pages were taken off Google last year [for IP violations]. To Google's great credit, it recently changed its algorithm to a point where, when there are enough complaints about a site, it moves that site down on their page?which I applaud." Dodd also continued to laud the "six strikes" plan that US Internet providers have agreed to enforce on behalf of the entertainment industry, insisting that it's an "educational" program aimed at illegal downloads. "If people are aware they're downloading illegal content, they'll go to a legal service," he said. "It's an experiment to see if we can get cooperation. It's not a law?you don't go to jail." The MPAA won't have any kind of back-door to subscriber records at Verizon or other ISPs, Dodd said. After the event, an EFF attorney in the audience asked, "Why wasn't that spirit of cooperation in the room when SOPA was drafted?" "I don't know," answered Dodd. "There was no widespread conversation." Dodd seemed to think SOPA just wasn't seen as particularly controversial when it was first introduced, with nearly half the Senate listed as co-sponsors. "Going after foreign, rogue sites was not seen as an illegitimate idea," he noted. The bill may have been seen as an easy vote, until stiff resistance was seen in January. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 13:53:58 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 14:53:58 -0400 Subject: [Infowarrior] - T-Mobile and MetroPCS to merge Message-ID: <82823F29-9631-40EF-9FCA-F83989361940@infowarrior.org> Guess I'll keep my TMo no-contract monthly 4G contract as-is for now, since one only knows how this will turn out! --rick Bonn, Germany; Bellevue, WA; and Richardson, TX ? October 3, 2012 ? Deutsche Telekom (XETRA: DTE; ?Deutsche Telekom?) and MetroPCS Communications, Inc. (NYSE: PCS; ?MetroPCS?) today announced that they have signed a definitive agreement to combine T-Mobile USA (?T-Mobile?) and MetroPCS. This transaction will create the leading value carrier in the U.S. wireless marketplace, which will deliver an enhanced customer experience through a wider selection of affordable products and services, deeper network coverage and a clear-cut technology path to one common LTE network. The combined company, which will retain the T-Mobile name, will have the expanded scale, spectrum and financial resources to aggressively compete with the other national U.S. wireless carriers. < - > http://newsroom.t-mobile.com/articles/t-mobile-metropcs-combine --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 3 15:34:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Oct 2012 16:34:05 -0400 Subject: [Infowarrior] - The Government Can Be Transparent About International Negotiations... If It's Unhappy With Them Message-ID: <0BC62F2E-5572-4711-B2C3-3A3DAAA06D34@infowarrior.org> The Government Can Be Transparent About International Negotiations... If It's Unhappy With Them http://www.techdirt.com/articles/20121002/01583820566/government-can-be-transparent-about-international-negotiations-if-its-unhappy-with-them.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 4 07:22:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Oct 2012 08:22:51 -0400 Subject: [Infowarrior] - Pentagon Sets New Framework for Security Policy Message-ID: Pentagon Sets New Framework for Security Policy http://www.fas.org/blog/secrecy/?p=7775 The Department of Defense this week established a new Defense Security Enterprise that is intended to unify and standardize the Department?s multiple, inconsistent security policies. The new security framework ?shall provide an integrated, risk-managed structure to guide DSE policy implementation and investment decisions, and to provide a sound basis for oversight and evolution.? The Defense Security Enterprise, launched October 1 by DoD Directive 5200.43, is a response to the often incoherent and internally contradictory state of DoD security policy. An Inspector General report earlier this year said that there were at least 43 distinct DoD policies on security that could not all be implemented together. ?The sheer volume of security policies that are not coordinated or integrated makes it difficult for those at the field level to ensure consistent and comprehensive policy implementation,? the DoD IG wrote. (?DoD Security Policy is Incoherent and Unmanageable, IG Says,? Secrecy News, September 4, 2012.) But under the new Defense Security Enterprise, ?Standardized security processes shall be implemented, to the maximum extent possible and with appropriate provisions for unique missions and security environments,? the DoD directive said. The new structure is supposed to ?ensure that security policies and programs are designed and managed to improve standards of performance, economy, and efficiency.? But the directive does not explain how to proceed if ?performance, economy, and efficiency? prove to be incompatible objectives. Nor does it provide a working definition for the crucial concept of ?risk management.? This term, often contrasted with ?risk avoidance,? implies an increased tolerance for risk (i.e. risk of failure). But the practical meaning (or the limit) of this tolerance is nowhere made explicit. The Defense Security Enterprise will be managed by ?a core of highly qualified security professionals,? the DoD directive said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 5 13:44:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Oct 2012 14:44:37 -0400 Subject: [Infowarrior] - Experts troll 'biggest security mag in the world' Message-ID: (c/o AJR) Experts troll 'biggest security mag in the world' with DICKish submission http://www.theregister.co.uk/2012/10/05/hakin9_silliness/ By John Leyden ? Get more from this author Posted in Media, 5th October 2012 09:31 GMT Security researchers have taken revenge on a publishing outlet that spams them with requests to write unpaid articles ? by using a bogus submission to satirise the outlet's low editorial standards. Hakin9 bills rather grandly bills itself as the "biggest IT security magazine in the world", published for 10 years, and claims to have a database of 100,000 IT security specialists. Many of these security specialists are regularly spammed with requests to submit articles, without receiving any payment in return. Rather than binning another of its periodic requests, a group of researchers responded with a nonsensical article entitled DARPA Inference Checking Kludge Scanning, which Warsaw-based Hakin9 published in full, apparently without checking. The gobbledygook treatment appeared as the first chapter in a recent eBook edition of the magazine about Nmap, the popular security scanner. In reality there's no such thing as DARPA Inference Checking Kludge Scanning (or DICKS, for short) and the submission was a wind-up. Nonetheless an article entitled Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning appeared as the lead chapter in recent eBook guide on Nmap by Hakin9. This content is normally only available to paid subscribers. However the rib-tickling chapter can still be found here (PDF), perhaps for a limited time only. "Maybe they were sick of Hakin9's constant please-write-an-unpaid-article-for-us spam and decided to submit some well-crafted gibberish in response," security researcher Gordon Lyon (Fyodor) wrote in a post to the popular seclists mailing list last week. "They clearly chose that title so just so they could refer to it as DICKS throughout the paper. There is even an ASCII penis in the 'sample output' section, but apparently none of this raised any flags from Hakin9's 'review board'." The nine-page article includes references to "the 10th-percentile latency of NMAP, as a function of popularity of IPv7". While the writers cite 27 references, including seminal journal articles like "Towards the Synthesis of Vacuum Tubes" and "Decoupling 802.11 Mesh Networks From Hierarchical Databases in DNS". All, of course, complete cobblers from the authors, credited as Jon Oberheide, Nico Waisman, Matthieu Suiche, Chris Valasek, Yarochkin Fyodor, the Grugq, Jonathan Brossard and Mark Dowd. "All credit for the Hakin9 article belongs to @endrazine [Jonathan Brossard] http://seclists.org/nmap-dev/2012/q3/1050 Hopefully the end result will be less Hakin9 spam in your inbox," said Jon Oberheide, in a Twitter update. Lyon - the original developer of Nmap - reckons the authors used the Automatic CS Paper Generator as a starting point but this remains unconfirmed. Amusingly, Hakin9 is now threatening unspecified legal action unless Lyon pulls the guide and his initial post ridiculing the publication of the nonsensical article. "I guess they expected the security community to be impressed by their DICKS, but instead they faced scorn and ridicule," Lyon writes in a follow-up post to seclists. "Now they're so embarrassed by everyone mocking their DICKS that they had their lawyer send me a removal demand." Despite these quasi-legal threats, Lyon (along with several other security researchers) still received a request to submit an article to Hakin9 on Wednesday. "Anyone have good ideas for what I should submit? Maybe a paper on the Continuously Updating Nmap Technology System," Lyon suggested. The incident prompted one advertiser to withdraw support from Hakin9. "We have officially withdrawn any advertisement investment from HAKIN9 in response to the nmap guide fiasco," eLearnSecurity said. The whole episode recalls the so-called Sokal hoax. Alan Sokal, a physics professor at New York University, submitted a nonsensical article to Social Text, an academic journal of postmodern cultural studies in 1996. The submission was designed to test whether the journal would publish an article "liberally salted with nonsense if it (a) sounded good and (b) flattered the editors' ideological preconceptions," as Sokal explains. Social Text, much like Hakin9, fell for the ruse. We approached Hackin9 for a comment on this story but are yet to hear back. We'll update as and when we hear more. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 5 19:26:32 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Oct 2012 20:26:32 -0400 Subject: [Infowarrior] - CISPA Author Ramps Up The FUD: Claims He Can't Sleep At Night Due To 'Unusual Source' Threatening Us Message-ID: <890ABD77-A6FE-48A5-A62E-566109507F13@infowarrior.org> CISPA Author Ramps Up The FUD: Claims He Can't Sleep At Night Due To 'Unusual Source' Threatening Us from the oh-come-on dept Rep. Mike Rogers, who introduced CISPA, the infamous cybersecurity bill that was absolutely horrible when it came to privacy, is apparently trying to ramp up the FUD to get CISPA back on the legislative calendar, despite the Senate's decision to go in another direction (which eventually stalled out). In a new interview, he talked mysteriously about new threats from "unexpected sources" and even claimed he couldn't sleep at night because of them. But -- shh! -- he can't really talk about specifics: < - > http://www.techdirt.com/articles/20121004/14540520597/cispa-author-ramps-up-fud-claims-he-cant-sleep-night-due-to-unusual-source-threatening-us.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 6 09:58:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 6 Oct 2012 10:58:34 -0400 Subject: [Infowarrior] - SHA1 crypto algorithm underpinning Internet security could fall by 2018 Message-ID: <19B400CB-5580-474C-AA43-7C1B7AE4FFB6@infowarrior.org> SHA1 crypto algorithm underpinning Internet security could fall by 2018 Attacks on weaker MD5 algorithm show how devastating a crack could be. by Dan Goodin - Oct 6 2012, 9:32am EDT http://arstechnica.com/security/2012/10/sha1-crypto-algorithm-could-fall-by-2018/ A widely used cryptographic algorithm used to secure sensitive websites, software, and corporate servers is weak enough that well-financed criminals could crack it in the next six years, a cryptographer said. The prediction about the SHA1 algorithm, posted recently to a hash function mailing list sponsored by the National Institute of Standards and Technology, is based on calculations its author and fellow cryptographers admit are rough. The back-of-the-envelope math also incorporates several assumptions that are by no means certain. At the same time, the ability to carry out a reliable "collision attack" on SHA1 would have catastrophic effects on the security of the Internet. Similar collision attacks on the weaker MD5 algorithm provide an example of how dire and widespread the resulting harm could be. The Flame espionage malware, which the US and Israel are believed to have unleashed to spy on sensitive Iranian networks, wielded such an exploit to hijack Microsoft's Windows Update mechanism so the malicious program could spread from computer to computer inside an infected network. Separately, in 2008, a team of computer scientists and security researchers used the technique to forge a master secure sockets layer certificate that could authenticate virtually any website of their choosing. SHA1 is considerably more resistant than MD5 to collision attacks, in which two different plaintext sources generate the same ciphertext, or digital signature. As a result, SSL certificate authorities, software companies, and most other security-minded organizations have discontinued use of MD5 in favor of SHA1, or better yet SHA2, which is believed to be stronger still. (Just this week, NIST designated an algorithm known as Keccak to be SHA3.) Cryptographers have long presumed these more advanced algorithms will suffer the same fate as MD5, as computers' processing speeds become ever faster. With SHA1 a staple in digital certificates that certify the authenticity of websites, commercial software, and credentials used to administer corporate servers, a practical attack on it anytime soon would come with dire consequences. "When it does happen, it's going to be a disaster, because SHA1 is everywhere," said Matthew Green, a professor specializing in cryptography at Johns Hopkins University. "You could be Microsoft, you could be Google, if you were able to get an attack on SHA1." Some provisions mandated by the Federal Information Processing Standard currently require the use of SHA1. SHA1 and other hash algorithms generate a digital fingerprint that in theory is unique for each different file or text input they sign. When the underlying plaintext is altered in even miniscule ways, the signature changes. The algorithms are used cryptographically to prove that no unauthorized changes have been made to websites or software code. Collision attacks undermine this assurance by allowing attackers to forge the cryptographic signatures provided by the algorithm. Based on the rough calculations of Jesse Walker, an Intel employee and a designer of a SHA3 runner-up algorithm known as Skein, SHA1 may fall sooner than many expected. He reached that conclusion based on the continuing growth of computing speed and the advent of cloud services such as Amazon's EC2, which allow people to rent commodity servers for as little as 4 cents per hour. "A collision attack is therefore well within the range of what an organized crime syndicate can practically budget by 2018, and a university research project by 2021," Walker wrote, according to a transcript included in a blog post by fellow cryptographer Bruce Schneier. Walker went on to say his assumptions didn't take into consideration the use of graphical processing units and other optimized hardware, so "the need to transition from SHA-1 for collision resistance functions is probably more urgent than this back-of-the-envelope analysis suggests." Walker's estimate is also based on the assumption a collision attack exploiting SHA1 would be based on a technique laid out earlier this year by Marc Stevens, a cryptographer from the Centrum Wiskunde & Informatica in Amsterdam. If attackers came up with a more efficient method for bringing about a collision attack?as the world-class cryptographers behind Flame did?that might also be a factor that would accelerate the downfall of SHA1. "The point is," Schneier concluded, "that we in the community need to start the migration away from SHA-1 and to SHA-2/SHA-3 now." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 6 09:59:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 6 Oct 2012 10:59:43 -0400 Subject: [Infowarrior] - Local cops now paid with federal money to troll IRC Message-ID: Your tax dollars at work: local cops now paid with federal money to troll IRC US DOJ issues $2.4 million in new grants for intellectual property enforcement. by Cyrus Farivar - Oct 5 2012, 9:00pm EDT http://arstechnica.com/tech-policy/2012/10/your-tax-dollars-at-work-local-cops-now-paid-with-federal-money-to-troll-irc In a speech before an assembled crowd of law enforcement officials in Maryland this week, Attorney General Eric Holder announced the winners of a new federal grant that will send hundreds of thousands of dollars to 13 agencies in an effort to step up enforcement of copyright and trademark laws. The Intellectual Property Law Enforcement Grant Award, which became available in January 2012, was given to a wide variety of local law enforcement groups, including the City of Austin, the City of Orlando, the County of Sacramento, the Virginia State Police, and most oddly, the City of Central Point, Oregon (population: 13,000). "Although these awards will be utilized in a variety of ways, they will help to achieve our common goals: to advance prosecutions?as well as prevention and education activities?related to IP theft," Holder said in a speech at the event on Wednesday. "Without question, these new investments are coming at a critical time. As our country continues to recover from once-in-a-generation economic challenges, the need to defend IP rights?and to protect Americans from IP theft?has never been more urgent. We have seen?far too often?that IP crimes are not victimless. Not only can they devastate individual lives and legitimate businesses, they also undermine our nation?s financial stability, can jeopardize the health of our citizens, and even threaten our national security." The announcement marked the latest step in a series of moves that the Department of Justice (DOJ) has taken in clamping down on piracy and counterfeit goods. The DOJ has made no secret of its unilateral approach to seizing domain names and other digital property through "Operation in our Sites," illustrated most notably in the takedown and indictment of Megaupload in early January 2012. The Bureau of Justice Assistance, the DOJ agency that administers the grant program, wrote in its 18-page January 2012 application document (PDF), citing a 2009 Rand Corporation report (PDF) linking IP theft to organized crime. The document, however, ignores the 2011 major international study that basically countermands that conclusion. As we reported at the time, that study found "?no evidence? of systematic links between piracy and serious organized crime or terrorism." Still, Washington, DC hopes that this new money can be used as a way to enhance existing agencies and give them a boost to target counterfeit drugs and physical goods, in addition to unauthorized copies of digital software and media. It will also surely give federal authorities a stronger window into catching piracy operations in various parts of the country. In interviews with three grant recipients, the money will be used to target those various elements of IP crime?some called it a "game-changer." However, civil libertarian and legal experts question if this is a good use of federal money to enhance investigation and prosecution of non-violent crimes, particularly in large urban areas of the country, like Los Angeles, Chicago, New York, and San Antonio. "We too often see law enforcement overreach and target alleged copyright infringement in the name of protecting public safety when many more clear threats to public safety actually exist," said Julie Samuels, a staff attorney at the Electronic Frontier Foundation. "When this happens, it's important to ask ourselves if this is really how we want our tax dollars spent. More often than not, the answer to that question is no." St. Louis' new piracy honeypot In St. Louis, David Marzullo, a police spokesperson told Ars that the city would be using its grant money to form a "area task force consisting of federal, state, and local law enforcement agencies to share resources and increase enforcement of existing state and federal IP laws." Marzullo also provided Ars with the 10-page grant application for $200,000 that St. Louis submitted?it cites counterfeit goods as a notable problem in St. Louis. "We also know that criminal gangs and organized crime are involved with the production and distribution of counterfeit consumer goods because we encountered these networks while investigating intellectual property crimes in the City of St. Louis," the document states. However, the document also points out an obvious problem with spending money on IP crime. Most people, particularly in poorer and more gang-ridden areas of the city are likely more concerned with actual violence, rather than a guy on the street selling pirated CDs. "Unfortunately, district detectives and uniformed patrol officers are overwhelmed with calls for service that are considered more serious in nature (robbery, assaults, burglaries, motor vehicle thefts) where there is an immediate threat of danger to the public," the grant application continues. "District detectives must prioritize assignments and the districts do not have the staffing or expertise to pro-actively investigate intellectual property crimes occurring in their districts." The grant will transfer two detectives (each to be paid a base salary of $56,229 per year, plus overtime) to the Major Fraud/Cyber Crimes Section. However, the grant also will make sure that St. Louis increases "the number of investigations resulting in the arrest, seizure and the presentation of evidence?for those persons responsible for knowingly distributing copyrighted software, movies, or music over the Internet." The grant also states that it the St. Louis Police Department would manage the use of an "undercover co-located server," designed to "search popular Peer-2-Peer and Internet Relay Chat networks for the distribution of copyrighted software, movies and music from locations in and around the City of St. Louis." The grant concludes by noting that its effectiveness "will be measured in the number of new investigations, arrests and cases referred for prosecution for intellectual property crimes by the detectives assigned to the Major Fraud/Cyber Crimes Section." Julie Samuels, the EFF staff attorney, called this goal "troubling." "We hope that the St. Louis police department complies with all necessary protocol and includes the required due process controls when it implements this program," she added. California to enhance coordination, expand caseload In addition to St. Louis, California?s Department of Justice was one of the grantees, and like many of its counterparts, will receive $200,000 in 2013 for this new program. Robert Morgester, Senior Assistant Attorney General in California, told Ars that the California Department of Justice would be using the money for three main objectives: to "coordinate IP crime investigation in California," to "refer completed [investications] for state, local, or federal prosecution," and to conduct at least three law enforcement trainings, "as a way to help local cops better enforce IP rules in the Golden State." Morgester added that the $200,000 would represent about "one-tenth" of the annual $2 million budget for his eCrime Unit, and the new funds would cause a doubling of the unit?s current caseload of eight to 16. The majority of the grant money would be used, not for anything new, but rather, to pay for overtime, he acknowledged. Morgester said that the extra money would significantly enhance how investigations and prosecutions can be carried out. "Anytime you serve a search warrant?that search warrant is going to take more than eight hours of employee time," he said. "One of the challenges in the government is getting approval of overtime for agents." By being given this federal mandate to spend this money specifically on IP issues, Morgester said that it would enable the unit to become more proactive, rather than reactive. "I got a grant that says ?thou shalt do IP crime,?" he said. "It makes it far easier for me to justify the expenditure of resources for these types of crimes." Don't forget about those knockoff Louis Vuitton bags! Other agencies, however, that aren?t dealing with as much on the digital side, are more concerned with the confiscation of knockoff clothing, handbags and other items. In Riverside County, California (population: 2.1 million), the assistant district attorney told Ars that they would be spending most of its $200,000 on hiring a new prosecutor and investigator that would deal specifically with IP. "We have 120 investigators total," Creg Datig, the assistant district attorney of Riverside County, told Ars. "We are going to devote one full-time investigator specifically for IP crime as a result of this grant." Currently, the county has 12 investigations into IP crimes, but Datig asserted that the grant would allow them to expand to "as many as we can successfully detect and prosecute." He noted that these new officials would spend some of their time working also on "public outreach," not only to law enforcement agencies in the county, but also to ordinary citizens. "We?re talking about reaching out by radio, TV spots, by posters, or pamphlets that we hand out and say ?Look, you might think you got a bargain for getting a Ralph Lauren shirt for $1, but you helped a criminal market their goods,?" he said. "A lot of this property counterfeiting is linked to organized crime. There?s money to be made. Anytime there?s money to be made by ripping somebody off, there?s organized crime there." Datig added that while Riverside County did not deal with digital IP issues as much as other cities or counties in the country, it has encountered significant cases of trademark violations in counterfeit goods. "At this point, we?ve had cases that range from over $2 million of counterfeit property," he added. "We have cases ranging from that much all the way down to counterfeited CDs, where the total amount might be $100 or less. It seems as though it?s like kicking over a rock?the more we focus on this particular area the more activity we see." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 6 10:15:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 6 Oct 2012 11:15:48 -0400 Subject: [Infowarrior] - Your right to resell your own stuff is in peril Message-ID: <95539DEF-D578-4608-B732-4D200A854FDE@infowarrior.org> (c/o KJM) Oct. 4, 2012, 12:03 a.m. EDT Your right to resell your own stuff is in peril It could become illegal to resell your iPhone 4, car or family antiques By Jennifer Waters, MarketWatch http://www.marketwatch.com/Story/story/print?guid=AEC86DBA-0DA1-11E2-AC22-002128049AD6 CHICAGO (MarketWatch) ? Tucked into the U.S. Supreme Court?s busy agenda this fall is a little-known case that could upend your ability to resell everything from your grandmother?s antique furniture to your iPhone 4. At issue in Kirtsaeng v. John Wiley & Sons is the first-sale doctrine in copyright law, which allows you to buy and then sell things like electronics, books, artwork and furniture as well as CDs and DVDs, without getting permission from the copyright holder of those products. Under the doctrine, which the Supreme Court has recognized since 1908, you can resell your stuff without worry because the copyright holder only had control over the first sale. Put simply, though Apple has the copyright on the iPhone and Mark Owen does on the book ?No Easy Day,? you can still sell your copies to whomever you please whenever you want without retribution. That?s being challenged now for products that are made abroad and if the Supreme Court upholds an appellate court ruling it would mean that the copyright holders of anything you own that has been made in China, Japan or Europe, for example, would have to give you permission to sell it. ?It means that it?s harder for consumers to buy used products and harder for them to sell them,? said Jonathan Bland, an adjunct professor at Georgetown University Law Center, who filed a friend-of-the-court brief on behalf of the American Library Association, the Association of College and Research Libraries and the Association for Research Libraries. ?This has huge consumer impact on all consumer groups.? Another likely result is that it would hit you financially because the copyright holder would now want a piece of that sale. It could be your personal electronic devices or the family jewels that have been passed down from your great-grandparents who immigrated from Spain. It could be a book that was written by an American writer but printed and bound overseas or an Italian painter?s artwork. It has implications for a variety of wide-ranging U.S. entities including libraries, musicians, museums and even resale juggernauts eBay and Craigslist. U.S. libraries, for example, carry some 200 million books from foreign publishers. ?It would be absurd to say anything manufactured abroad can?t be bought or sold here,? said Marvin Ammori, a First Amendment lawyer and Schwartz Fellow at the New American Foundation who specializes in technology issues. The case stems from Supap Kirtsaeng?s college experience. A native of Thailand, Kirtsaeng came to the U.S. in 1997 to study at Cornell University. When he discovered that his textbooks, produced by Wiley, were substantially cheaper to buy in Thailand than they were in Ithaca, N.Y., he rallied his Thai relatives to buy the books and ship them to him in the U.S. He then sold them on eBay, making upwards of $1.2 million, according to court documents. Wiley, which admitted that it charged less for books sold abroad than it did in the U.S., sued him for copyright infringement. Kirtsaeng countered with the first-sale doctrine. In August 2011, the U.S. Court of Appeals for the Second Circuit upheld a lower court?s ruling that anything that was manufactured overseas is not subject to the first-sale principle. Only American-made products or ?copies manufactured domestically? were. ?That?s a non free-market capitalistic idea for something that?s pretty fundamental to our modern economy,? Ammori said. Both Ammori and Bland worry that a decision in favor of the lower court would lead to some strange, even absurd consequences. For example, it could become an incentive for manufacturers to have everything produced overseas because they would be able to control every resale. It could also become a weighty issue for auto trade-ins and resales, considering about 40% of most U.S.-made cars carry technology and parts that were made overseas. This is a particularly important decision for the likes of eBay and Craigslist, whose very business platform relies on the secondary marketplace. If sellers had to get permission to peddle their wares on the sites, they likely wouldn?t do it. Moreover, a major manufacturer would likely go to eBay to get it to pull a for-sale item off the site than to the individual seller, Ammori said. In its friend-of-the-court brief, eBay noted that the Second Circuit?s rule ?affords copyright owners the ability to control the downstream sales of goods for which they have already been paid.? What?s more, it ?allows for significant adverse consequences for trade, e-commerce, secondary markets, small businesses, consumers and jobs in the United States.? Ammori, for one, wonders what the impact would be to individual Supreme Court justices who may buy and sell things of their own. ?Sometimes it?s impossible to tell where things have been manufactured,? said Ammori, who once bought an antique desk from a Supreme Court justice. ?Who doesn?t buy and sell things? Millions of Americans would be affected by this.? If the Supreme Court does rule with the appellate court, it?s likely the matter would be brought to Congress to force a change in law. Until then, however, consumers would be stuck between a rock and a hard place when trying to resell their stuff. The Supreme Court is scheduled to hear oral arguments on the case on Oct. 29. Copyright ? 2012 MarketWatch, Inc. All rights reserved. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 7 11:19:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Oct 2012 12:19:56 -0400 Subject: [Infowarrior] - =?windows-1252?q?Microsoft_DMCA_Notice_=91Mistake?= =?windows-1252?q?nly=92_Targets_BBC=2C_Techcrunch=2C_Wikipedia_and_U=2ES?= =?windows-1252?q?=2E_Govt?= Message-ID: Microsoft DMCA Notice ?Mistakenly? Targets BBC, Techcrunch, Wikipedia and U.S. Govt ? Ernesto ? October 7, 2012 http://torrentfreak.com/microsofts-bogus-dmca-notices-censor-bbc-cnn-wikipedia-spotify-and-more-121007/ Over the last year Microsoft asked Google to censor nearly 5 million webpages because they allegedly link to copyright infringing content. While these automated requests are often legitimate, mistakes happen more often than one might expect. In a recent DMCA notice Microsoft asked Google to censor BBC, CNN, HuffPo, TechCrunch, Wikipedia and many more sites. In another request the software giant seeks the removal of a URL on Spotify.com. In recent months the number of DMCA takedown requests sent out by copyright holders has increased dramatically, and it?s starting to turn the Internet into a big mess. One of the problems is that many rightsholders use completely automated systems to inform Google and other sites of infringements. That these automated tools aren?t always spot on is nicely illustrated by a recent DMCA notice sent to Google on behalf of Microsoft. Claiming to prevent the unauthorized distribution of Windows 8 Beta the software company listed 65 ?infringing? web pages. However, nearly half of the URLs that Google was asked to remove from its search results have nothing to do with Windows 8. This apparent screw up in the automated filter mistakenly attempts to censor AMC Theatres, BBC, Buzzfeed, CNN, HuffPo, TechCrunch, RealClearPolitics, Rotten Tomatoes, ScienceDirect, Washington Post, Wikipedia and even the U.S. Government. Judging from the page titles and content the websites in question were targeted because they reference the number ?45?. Pirated copies? Unfortunately this notice is not an isolated incident. In another DMCA notice Microsoft asked Google to remove a Spotify.com URL and on several occasions they even asked Google to censor their own search engine Bing. The good news is that Google appears to have white-listed a few domains, as the BBC and Wikipedia articles mentioned in the DMCA notice above were not censored. However, less prominent sites are not so lucky and the AMC Theatres and RealClearPolitics pages are still unavailable through Google search today. As we have mentioned before, the DMCA avalanche is becoming a bigger problem day after day. Microsoft and other rightsholders are censoring large parts of the Internet, often completely unfounded, and there is absolutely no one to hold them responsible. Websites can?t possibly verify every DMCA claim and the problem will only increase as more takedown notices are sent week after week. Right now rightsholders and the anti-piracy outfits they employ have absolutely no incentive to improve the accuracy of their automated takedown systems, so perhaps it?s time for them to be punished? Just a thought. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 7 11:26:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Oct 2012 12:26:52 -0400 Subject: [Infowarrior] - WaPo: In-depth on Congresscritter wealth Message-ID: Special Report - Capitol Assets A Washington Post examination of the intersection between the personal finances of lawmakers and their work on Capitol Hill. View the series. http://www.washingtonpost.com/investigations/capitol-assets-congresss-wealthiest-mostly-shielded-in-deep-recession/2012/10/06/5a70605c-102f-11e2-acc1-e927767f41cd_story.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 8 08:40:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Oct 2012 09:40:17 -0400 Subject: [Infowarrior] - The Patent, Used as a Sword Message-ID: <392AD035-38B7-41C4-B130-B278F524A79C@infowarrior.org> The Patent, Used as a Sword By CHARLES DUHIGG and STEVE LOHR Published: October 7, 2012 A series examining challenges posed by increasingly globalized high-tech industries. < - > http://www.nytimes.com/2012/10/08/technology/patent-wars-among-tech-giants-can-stifle-competition.html From rforno at infowarrior.org Mon Oct 8 09:23:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Oct 2012 10:23:34 -0400 Subject: [Infowarrior] - Huawei, ZTE Provide Opening for China Spying, Report Says Message-ID: Huawei, ZTE Provide Opening for China Spying, Report Says By Eric Engleman - Oct 8, 2012 http://www.bloomberg.com/news/print/2012-10-07/huawei-zte-provide-opening-for-china-spying-report-says.html Huawei Technologies Co. and ZTE Corp. (763), China?s two largest phone-equipment makers, provide opportunities for Chinese intelligence services to tamper with U.S. telecommunications networks for spying, according to a congressional report to be released today. The House intelligence committee report says the two companies failed to cooperate with a yearlong investigation and to adequately explain their U.S. business interests and relationship with the Chinese government, according to a draft provided by the panel. ?Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems,? says the report from the committee?s chairman, Michigan Republican Mike Rogers, and its top Democrat, Maryland Representative C.A. ?Dutch? Ruppersberger. The House investigation found ?credible? reports of illegal behavior by Huawei, including immigration violations, bribery and corruption, based on statements from current and former employees, according to the report. Allegations will be referred to federal agencies including the Homeland Security and the Justice departments, according to the report, which didn?t provide full details or identify the accusers. ?Political Distractions? Suggestions that Huawei ?is somehow uniquely vulnerable to cyber mischief? are baseless, William Plummer, a Washington- based spokesman for the company, said in an e-mail. These ?ignore technical and commercial realities, recklessly threaten American jobs and innovation, do nothing to protect national security, and should be exposed as dangerous political distractions,? Plummer said. David Dai, a Shenzhen-based spokesman for ZTE, said the company couldn?t comment until after seeing the full report. He supplied a letter the company provided to the committee on Sept. 25 that stated ZTE is neither owned nor directed by China?s government or the Chinese Communist Party. ?ZTE is committed to provide maximum cybersecurity through transparent, comprehensive, and continuous standards-based assessments of ZTE software, firmware, and hardware,? the company said in the letter. ZTE shares fell 6 percent to HK$12.60 at the close of Hong Kong trading, the biggest decline since Aug. 27. The stock has lost 48 percent this year, compared with a 13 percent gain for the benchmark Hang Seng Index. ?Economic Espionage? Rogers and Ruppersberger announced the probe of the Chinese companies last November, citing concerns about hacking into U.S. systems and theft of intellectual property. U.S. counterintelligence officials called China the world?s biggest perpetrator of economic espionage in a report last year, saying the theft of sensitive data is accelerating and jeopardizing an estimated $398 billion in U.S. research spending. ?Private-sector entities in the United States are strongly encouraged to consider the long-term security risks associated with doing business with either ZTE or Huawei for equipment or services,? the report says. The U.S. Congress should end its prejudice against Chinese companies and do more to promote trade, Foreign Ministry spokesman Hong Lei said at a briefing in Beijing today. ?Chinese telecommunications companies have conducted their international operations based on market-economy principles,? Hong said. ?Their investments in the U.S. reflect the mutual benefits brought about by U.S.-China trade relations.? Military Ties Internal Huawei documents supplied by a former employee showed the company provides ?special network services? to an entity the former employee believes is an ?elite cyber-warfare unit? within the Chinese army, according to the report. The documents ?appear authentic? and suggest Huawei officials weren?t forthcoming about research and development on the military?s behalf, the report says. The report describes a series of meetings between the panel?s members and representatives of the two companies. Ruppersberger and Minnesota Republican Representative Michele Bachmann were among those who met in Hong Kong last May with Ren Zhengfei, Huawei?s founder and chief executive officer. Ren founded Huawei in 1987 after leaving the Chinese army, and his military ties have been a focus of attention by U.S. lawmakers. Executives for Huawei and ZTE, both based in Shenzhen, China, denied links to Chinese espionage at an intelligence committee hearing last month, saying they aren?t controlled by China?s government. The companies said they favor independent audits of technology vendors? hardware and software as a way to ensure that devices and networks are secure. Market Roadblocks The report?s conclusions may create more U.S. roadblocks for the Chinese companies in the U.S. market. Huawei has backed away from business deals after U.S. objections, dropping a bid with Bain Capital Partners LLC to buy computer-equipment maker 3Com Corp. in 2008, and unwinding the purchase of patents from a computer-services company, 3Leaf Systems Inc., last year. The U.S. Commerce Department last year barred Huawei from participating in a nationwide emergency network, citing security concerns. The U.S. Committee on Foreign Investment in the U.S., an interagency panel that reviews acquisitions of domestic companies by non-U.S. entities, should block acquisitions involving Huawei and ZTE because of security threats, the intelligence committee report says. To contact the reporter on this story: Eric Engleman in Washington at eengleman1 at bloomberg.net To contact the editor responsible for this story: Bernard Kohn at bkohn2 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 8 09:41:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Oct 2012 10:41:44 -0400 Subject: [Infowarrior] - Google Wants to Be a Bank Now Message-ID: <2AA71A68-318C-47EE-95A8-0D3E68AA4B0D@infowarrior.org> Google Wants to Be a Bank Now Adam Clark Estes http://www.theatlanticwire.com/business/2012/10/google-wants-be-bank-now/57691/ Google, the search engine company that also happens to do 35 other things, is expanding its horizons once again with a new financial services division. On Monday, the multi-billion dollar corporation is set to launch a new credit business in the United Kingdom with plans to expand to other countries in the next few weeks, according to the Financial Times. Based on what we know so far, the program will let businesses take out a line of credit -- between $200 and $10,000 -- to spend on Google's money-making AdWords program. Google's treasurer Brent Callinicos told the FT that businesses just "weren't buying Adwords as much as they need to," and a pilot program in the United States last year showed that offering loans made customers advertise more. Callinicos admitted that the company is "not doing this to lose money" and they're also "not trying to run the financing business as a profit centre." Starting in the U.S. and then spreading to other countries, however, Google will issue credit cards as part of the new financing program, with initial interest rates for small- to medium-sized businesses at a competitive 8.99 percent. The move comes just a few days after news emerged that Amazon was launching its own loan business. Though details are still unconfirmed since Amazon hasn't formally launched the program, Amazon Lending will provide capital to small business to stock up on inventory before the holiday seasons. Since Amazon takes a cut of all the sales through its website, helping small shops sell more goods makes great sense. "These spot loans will help these folks grow by getting them extra cash to buy more product," said Scot Wingo, chief executive of e-commerce advisory firm ChannelAdvisor, told the Mercury News. "This is definitely cheaper than credit cards and faster and easier than banks, so may fill a big hole for sellers." Don't expect to see Google and Amazon ATMs on the street corner any time soon, though. For now, both of the companies' programs will focus on commercial loans. Of course, this is a company that's already busy trading energy, rigging up high-speed WiFi in middle America, developing self-driving cars and trying to make everybody look like Star Trek characters. So who knows how far they're willing to go. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 8 11:19:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Oct 2012 12:19:52 -0400 Subject: [Infowarrior] - The Writing Revolution Message-ID: <73A8BCA6-63E6-4D6B-94DC-FCA17A747670@infowarrior.org> The Writing Revolution By Peg Tyre For years, nothing seemed capable of turning around New Dorp High School?s dismal performance?not firing bad teachers, not flashy education technology, not after-school programs. So, faced with closure, the school?s principal went all-in on a very specific curriculum reform, placing an overwhelming focus on teaching the basics of analytic writing, every day, in virtually every class. What followed was an extraordinary blossoming of student potential, across nearly every subject?one that has made New Dorp a model for educational reform. < - > http://www.theatlantic.com/magazine/print/2012/10/the-writing-revolution/309090/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 8 17:48:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Oct 2012 18:48:29 -0400 Subject: [Infowarrior] - =?windows-1252?q?Fwd=3A_Twitter=3A_It=92s_time_fo?= =?windows-1252?q?r_patent_trolls_to_bear_the_costs_of_frivolous_lawsuits?= References: <7685B535-4F1D-4D1F-B700-610590A48A44@gizmopartners.com> Message-ID: > From: Chris B > > http://gigaom.com/2012/10/08/twitter-time-for-trolls-to-pay-full-price-for-patent-mischief/ > > Twitter is an engineering company, and engineers like to innovate. Twitter is also well known, and, as a result, we receive patent threats and lawsuits from time to time. Many of these are baseless, and our policy is to fight them with all our might. In fact, we have never agreed to pay to settle a patent suit. > > Still, even meritless lawsuits cost us money in attorney fees, and force our engineers to spend time with lawyers rather than improving our product. For example, we recently won a case regarding U.S. Patent No. 6,408,309, entitled ?Method and System for Creating an Interactive Virtual Community of Famous People.? After a trial before a jury, we managed to prove that we didn?t infringe and that the asserted claims from the patent were invalid. This patent was ?invented? by a patent lawyer, Dinesh Agarwal. According to his own testimony at trial, Mr. Agarwal had no computer science or programming background, and he thought up the whole idea while he was shopping for groceries. > > As Judge Posner recently observed in his article, ?Why There Are Too Many Patents in America,? this patent is a perfect example of a patent issued by the Patent Office with a near-zero cost-of-invention. It cost Mr. Agarwal nothing to create his patent, and it cost him nothing to bring the lawsuit (the law firm of Friedman, Suder & Cooke took his case on contingency fee). When you hear engineers complaining that the patent system is broken, a system that last year issued a record-breaking 247,000 new patents, this is the type of thing they are talking about. > > According to the American Intellectual Property Law Association (AIPLA)?s 2011 survey, an average patent lawsuit costs between $900,000 to $6,000,000 to defend. In the last month and a half alone, Twitter has received three new patent troll lawsuits. The law currently does not allow us to recover the millions of dollars in fees we spent to defend ourselves ? nor does it compensate us for the time spent by many Twitter employees who worked on the case. The law only allows us to ask for certain types of minor fees, which is why the court was only able to order this particular patent troll to pay us $10,447.85. > > There is a bill that was introduced in Congress several weeks ago, by Representatives Peter DeFazio and Jason Chaffetz, which would try to change that. The SHIELD Act would put the financial responsibility for these sorts of trivial patent lawsuits on the patent trolls themselves. We support efforts like the SHIELD Act to improve our current patent system. > > Ben Lee is legal counsel at Twitter. From rforno at infowarrior.org Tue Oct 9 08:26:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 09:26:52 -0400 Subject: [Infowarrior] - OT: Skydiver Felix Baumgartner set to break sound barrier Message-ID: <36D1F816-E4EC-40F6-BB01-37028435CF53@infowarrior.org> (Lift-off in 3 minutes. --rick) Skydiver Felix Baumgartner set to break sound barrier By Jonathan Amos Science correspondent, BBC News, Roswell http://www.bbc.co.uk/news/science-environment-19860249 The Austrian skydiver Felix Baumgartner will attempt to become the first human to break the sound barrier unaided by a vehicle. He is going to jump out of a balloon at more than 120,000ft (36.5km) above Roswell, New Mexico. In the near vacuum at that altitude, he should accelerate beyond about 690mph (1,110km/h) within 40 seconds. If all goes well, he will open a parachute near the ground to land softly in the desert, 10 minutes later. The 43-year-old adventurer - famous for jumping off skyscrapers - is under no illusions about the dangers he faces. Where he is going, the air pressure is less than 2% of what it is at sea level, and it is impossible to breathe without an oxygen supply. Others who have tried to break the existing records for the highest, fastest and longest freefalls have lost their lives in the process. "If something goes wrong, the only thing that might help you is God," says Baumgartner. "Because if you run out of luck, if you run out of skills, there is nothing left and you have to really hope he is not going to let you down." Lift-off from Roswell airport will occur no earlier than 0730 local time (1330 GMT; 1430BST). --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 9 08:33:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 09:33:54 -0400 Subject: [Infowarrior] - Congress: Fear Chinese Networking Companies! But Ignore That China Makes All Our Networking Equipment! Message-ID: <03858FF3-D35C-4A18-939B-72C3660BAA24@infowarrior.org> Congress: Fear Chinese Networking Companies! But Ignore That China Makes All Our Networking Equipment! http://www.techdirt.com/articles/20121008/17080120649/congress-fear-chinese-networking-companies-ignore-that-china-makes-all-our-networking-equipment.shtml ......Yes, it's entirely possible that Huawei and ZTE are doing something bad -- but you'd think any report claiming that would have a lot more evidence than what's in this report. Of course, considering it's by the same FUD-spewing folks responsible for CISPA, perhaps we should get used to the fact that FUD without evidence is their standard operating procedure. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 9 12:48:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 13:48:00 -0400 Subject: [Infowarrior] - DHS: Our Reports To Congress Are Successful Bulls--t Message-ID: <7E5AAC1A-4B10-4F67-9D16-5171CA2AAE50@infowarrior.org> (The last line is telling -- one only wonders how much other official fiction 'generates interest' for idiotic government programs. --rick) DHS: Our Reports To Congress Are Successful Bullsh--t from the yeah,-we-already-kinda-figured dept Okay, it's official. I no longer believe that our Department of Homeland Security is an actual government agency with important work to do. No, I now believe that it is a series of highly subtle performance art pieces designed to make us laugh at the sheer audacity of dumb government. We already know about the agency's boss, who is in charge of cybersecurity, not bothering to use the internet. And then there is the DHS's highly touted fusion centers being both a waste of money and a detriment to the very freedoms they're supposedly protecting. But Tim K writes in about a rather stunning admission by DHS officials of a bogus DHS report on a water pumping facility. It essentially amounts to: "sure the report is a complete lie, but it was a successful lie." Don't believe me? Officials behind the false claims told Senate investigators that such reports weren?t meant to be ?finished intelligence? and that despite their report?s inaccuracies and sloppy wording they considered it to be a ?success.? ?[It did] exactly what it?s supposed to do ? generate interest,? DHS officials told Senate investigators. < - > http://www.techdirt.com/articles/20121004/18132820601/dhs-our-reports-to-congress-are-successful-bullshit.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 9 12:48:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 13:48:14 -0400 Subject: [Infowarrior] - Paging Comrade Lovejoy Message-ID: Ministry Seeks to Shield Children From Public Wi-Fi THE ST. PETERSBURG TIMES The St. Petersburg Times Published: October 5, 2012 (Issue # 1729) http://www.sptimesrussia.com/index.php?action_id=2&story_id=36293 MOSCOW ? The Communications and Press Ministry has proposed banning children from using Wi-Fi networks in public, potentially making cafes, restaurants and other locations providing the service responsible for enforcing the law. An official with the ministry?s Federal Mass Media Inspection Service, known as Roskomnadzor, said the ban should apply to people under 18 years old. Locations providing Wi-Fi access would be held legally responsible for implementing the rule, and failing to meet the proposed measure would result in a fine ranging from 20,000 rubles to 50,000 rubles ($640 to $1,600), Vedomosti reported Thursday. In Moscow alone, thousands of cafes, fast-food outlets and restaurants, as well as many parks, shopping malls and hotels, have Wi-Fi networks, which let laptop and handheld-computer users go online without a cable or modem. Maxim Ksenzov, one of the watchdog?s deputy directors, announced the plan at a Wednesday conference with Internet media representatives, Vedomosti reported, citing participants in the conference. Ksenzov said the proposal is tied to the Internet restriction law that comes into effect Nov. 1, allowing the government to block Web pages that fit the law?s definition of material harmful to child welfare. Under that law, the government can force websites, website-hosting companies and Internet service providers to block offending sites. Watchdog spokesman Vladimir Pikov told RIA-Novosti the service hasn?t decided whether Wi-Fi providers or owners of businesses offering their own Wi-Fi would be responsible under the law. Citizens are no longer considered minors in Russia when they reach the age of 18, but people can obtain permission from regional authorities to marry at 16 and can get a motorcycle license at that age. At national cafe chain Shokoladnitsa, ?there are no methods at present that make it possible to identify the age of users logging on to the free Wi-Fi in our shops,? said Gennady Sbytov, the company's vice president for information technology. ?We see a solution to the [broader] issue in restricting access to certain web portals, in accordance with the law, for all guests,? he said by e-mail. ?That way, Wi-Fi access would remain available.? Sbytov said any Wi-Fi restriction at Shokoladnitsa would happen only if required by law. Also affected by the proposal would be other major food chains providing free Wi-Fi, such as Subway, McDonald's and Kofe Khaus. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 9 14:24:32 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 15:24:32 -0400 Subject: [Infowarrior] - Sesame Workshop Response to Campaign Ads Message-ID: http://www.sesameworkshop.org/our-blog/2012/10/09/sesame-workshop-response-to-campaign-ads/ Sesame Workshop Response to Campaign Ads "Sesame Workshop is a nonpartisan, nonprofit organization and we do not endorse candidates or participate in political campaigns. We have approved no campaign ads, and as is our general practice, have requested that the ad be taken down." .... which is in response to this.... Big Bird - Obama for America TV Ad http://www.youtube.com/watch?feature=player_embedded&v=bZxs09eV-Vc (Anyone other than the Obama campaign not see this coming???) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 9 16:10:57 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Oct 2012 17:10:57 -0400 Subject: [Infowarrior] - White Hat Perspective on Cyber Security & Other Internet Issues Message-ID: The Greater Washington Chapter of the Internet Society & HacDC Invite you to attend a panel discussion about: A White Hat Perspective on Cyber Security & Other Internet Issues Tuesday, October 16, 2012 from 6:00 PM to 8:00 PM (EDT) Washington, DC The term hacker is often used pejoratively. In reality, a hacker is someone who finds a clever and creative solution to a programming problem. Hacker culture typically advocates free and open source software and community based thinking. Malevolent hackers or ?crackers? or ?black hats?, are the ones that we need to worry about. Thus, the distinction between white hat and black hat hackers. Recently, many white hat hackers convened in Las Vegas for the annual DefCon, where they learned about the latest in cybersecurity hacking. Two of our panelists were there. HacDC is a community organization in DC dedicated to the collaborative use of technology. HacDC is part of a global trend in amateur engineering clubs that have come to be known as ?hackerspaces.? Centered on physical locations that function as shared workshops, these spaces support ?makers? whose work bridges the realms of art and technology and who share a passion for putting old technology to new and creative purposes. Join us at HacDC for a spirited discussion about Cyber Security and other pressing Internet Issues. Learn more about security from the hacker?s point of view. How do their goals and values affect their perspectives, and how does this impact the Internet? http://white-hat.eventbrite.com/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 07:03:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 08:03:29 -0400 Subject: [Infowarrior] - DHS to start testing drones over US for 'public safety' Message-ID: (Funny how nearly anything controversial and/or eventually bad for the masses begins "for public safety" eh? --rick) DHS to start testing drones over US for 'public safety' Get short URL email story to a friend print version Published: 09 October, 2012, 20:14 http://rt.com/usa/news/dhs-us-public-safety-019/ Don?t be surprised if you catch a federal fleet of sneaky spy drones soaring over your head in the near future, but don?t be too terrified ? it?s all in the name of public safety. The US Department of Homeland Security is asking the makers of small unmanned aerial vehicles to submit their crafts for consideration as the agency ramps up the construction of a full-fledged surveillance state across America. The DHS plans to soon conduct drone tests over the Fort Sill, Oklahoma US Army base, and they?re already soliciting spy planes from the private sector so they can select what kind of UAV to use. According to a request for information published on the Federal Business Opportunities website recently, the DHS is determined to begin drone tests over the military base soon and is seeking submissions from drone makers that don?t mind making a few bucks by having their products put into the US airspace to conduct sweeping surveillance. The Borders and Maritime Security Division of the DHS ?will conduct flight testing and evaluation of airborne sensors and small unmanned aerial systems,? the request reads, and now invites vendors to submit drones to be tested ?under a wide variety of simulated but realistic and relevant real-world operation scenarios.? The solicitation says that drones will be evaluated to see how well they perform law enforcement operations and conduct search and rescue missions, but once a craft is handed over to the DHS then the details will be put under lock and key. Specifically, the call for work says, "the information within each test report will be classified as For Official Use Only, and will not be shared with the general public." Given that the department has already addressed the issue of acquiring drones to give the DHS a better eye of domestic doings, though, those law enforcement operations in question could very well transcend away from legitimate uses and quickly cause civil liberty concerns from coast-to-coast. Homeland Security Janet Napolitano told a House Committee panel in July that the DHS was ?looking at drones that could be utilized to give us situational awareness in a large public safety [matter] or disaster? and the next piece of the puzzle is already being put into place. With their latest solicitation, the DHS acknowledges that it is specifically testing a ?Robotic Aircraft For Public Safety,? but the components necessary to be considered suggest that any drone adopted by the agency will be brought in for sweeping surveillance. The solicitation request requires that all drones be equipped with Electro-Optical/Infra-Red sensors, as well as the technology to sniff out certain chemicals from thousands of feet from above. The UAV must also have an integrated laser designator, can be hand-launched by a single person and must be able to be remotely managed by a pilot with only one day of training. The Federal Aviation Administration is working towards putting the finishing touches on rules and regulations for widespread domestic drone use, and the agency expects as many as 30,000 UAVs will be in America?s airspace by the decade?s end. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 07:09:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 08:09:46 -0400 Subject: [Infowarrior] - Endeavour's flyover via FA18 video Message-ID: <2FA6728D-17E0-4785-82E5-0D677B753939@infowarrior.org> Shuttle Endeavour's California flyover, as seen from an FA18 http://boingboing.net/2012/10/09/shuttle-endeavours-californi.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 07:13:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 08:13:23 -0400 Subject: [Infowarrior] - Facebook Fought SEC to Keep Mobile Risks Hidden Before IPO Crash Message-ID: <987A1F8B-8682-4548-A7FC-0E8102FDD839@infowarrior.org> Facebook Fought SEC to Keep Mobile Risks Hidden Before IPO Crash By Linda Sandler, Brian Womack and Douglas MacMillan - Oct 10, 2012 12:01 AM ET http://www.bloomberg.com/news/2012-10-10/facebook-fought-sec-to-keep-mobile-risks-hidden-before-ipo-crash.html When Facebook Inc. (FB) filed its proposal Feb. 1 to go public, it touted the effectiveness of ads linked to customers? friends, citing research from Nielsen, the audience-counting company. Barbara Jacobs, an assistant director for corporation finance at the U.S. Securities and Exchange Commission, was skeptical, as she and her staff vetted the filing to ensure Facebook had disclosed all material information to investors. The claim appeared to be drawn from marketing materials, not a Nielsen study, she wrote to Chief Financial Officer David Ebersman, 42. She gave him an ultimatum: Produce the study and provide Nielsen?s consent for use of the data -- or don?t use it, she wrote to Ebersman on Feb. 28. Facebook dropped the reference after initial resistance. The incident was part of a two-and-a-half-month volley of messages among SEC officials, Ebersman and Facebook?s law firm Fenwick & West LLP. A dozen letters, published a month after the May 17 IPO on the SEC?s website, depict a management team hesitant to disclose information and still guessing at even rudimentary aspects of its business just weeks before the company held the largest-ever technology initial public offering. Many of the issues raised by the SEC and now unnerving investors were foreshadowed in the then-private correspondence between the SEC and Facebook. ?They were given the benefit of the doubt when they went public that they were ready for prime time,? said Michael Pachter, a managing director at Wedbush Securities Inc. ?They still haven?t proved that they are.? Mobile Users On the most critical issue facing Facebook?s future as a public company -- whether it could make money from the soaring number of mobile users, who see fewer ads than other customers - - the letters show executives holding back crucial details until the SEC pushed for further disclosure. Noting that Facebook was counting some mobile users twice, Jacobs wrote on March 22: ?Please explain to us how you determined that your metrics are not overstated.? Only eight days before the IPO, on May 9, did Facebook make clear in a filing that that daily mobile customers were increasing faster than advertising growth, potentially hurting revenue and profits. It was the strongest public signal that the IPO could fall short of its high expectations. The issue of mobile users is even more relevant today as Facebook, based in Menlo Park, California, announced on Oct. 4 it now counted one billion users worldwide, up from 845 million at the year?s start. More than half of them, or 600 million, access Facebook through a mobile device, a number that grew 41 percent this year. ?Increasingly Skeptical? ?We?ve been growing increasingly skeptical of some of their monetization methods,? Richard Greenfield, an analyst at BTIG Research, told Bloomberg Television on Oct. 8, referring to Facebook?s struggles to get revenue from mobile users. He cut his rating on the shares to sell. Facebook went forward pricing the IPO at $38 a share. That was 107 times trailing 12-month earnings, making it more expensive than 99 percent of all companies in the Standard & Poor?s 500 Index at the time. The SEC has no say in setting IPO prices. Once called the IPO of the century, Facebook has dropped 45 percent through Oct. 5. That?s the worst offer-to-date performance of any U.S. IPO raising at least $1.5 billion since 2007, when MF Global Holdings Ltd. (MFGLQ) went public, according to data compiled by Bloomberg. Ashley Zandy, a spokeswoman for Facebook, declined to comment for this story. Retail Investors The losses were acute for retail investors. They were allocated an unusually high proportion of shares after institutional investors balked. And they didn?t get the same flurry of warning calls from Facebook officials who, days before the IPO, privately advised securities firm analysts to lower earnings and profit estimates -- largely on the dearth of revenue from mobile users. ?It has been clear from the beginning that the insiders were bailing given that they sold $10 billion of shares and continued to sell as the lock-up period expired,? said Francis Gaskins, president of IPOdesktop.com, an independent IPO research firm in Marina del Rey, California. ?They clearly knew that the company?s best growth rate was behind them and the stock was overvalued.? By the time the final amended prospectus was filed May 16, a day before the company went public, Facebook had over the weeks included the mobile data and many of the material facts the SEC had demanded. SEC Correspondence What investors didn?t see until a month after the IPO were the letters that pushed Facebook to disclose in detail such key financial challenges as decelerating revenue growth, user count and its dependence on gaming company Zynga Inc. (ZNGA) -- all issues that arose in prominence after it became a public company. Publishing the SEC letters beforehand would be ?a better way to get the information to the market than an amended filing,? said Peter Henning, a former SEC lawyer who teaches at Wayne State University in Detroit. ?The SEC is a better soap box than the filings.? Even a summary of points would be helpful for investors, Henning said, should the SEC decide that disclosing the letters would exert undue influence over market sentiment. ?As an investor you want all the information you can get, and that would certainly be one of the pieces,? money manager Michael Holland, chairman of Holland & Co., said of the correspondence. He chose not to buy Facebook at the IPO because it was more expensive than Apple Inc. and Google Inc., he said. ?Complete Picture? Current SEC policy is to release correspondence no earlier than 20 business days after the IPO. The SEC doesn?t post correspondence ?real time,? said John Nester, a spokesman, because ?people could misinterpret our questions to companies about their disclosure before companies have had opportunities to provide a complete picture.? By law, ?a company is responsible for its own disclosures,? he said. Luigi Zingales, a finance professor at the University of Chicago?s Booth School of Business, said Facebook should have delayed the IPO after it cut its forecasts. Analysts said the late revisions were surprising and almost unprecedented. ?When you have a significant change in your forecasts it?s good business practice to postpone the IPO so that the market has more time to understand what?s going on,? Zingales said. By the time the letters were published, the stock was cratering, on the way to losing half its $38 IPO price and erasing as much as $49 billion in market capitalization. The stock that sold for $16 billion in the IPO was worth $8.6 billion as of Oct. 8, data compiled by Bloomberg show. Month?s Salary Ryan Cefalu, a 34-year-old data-systems manager and father of two in Baton Rouge, Louisiana, said he bought about $4,000, or about a month?s salary, in Facebook stock and has lost about $2,050 on paper. ?The IPO went terribly,? he said. ?I expected it to go up for a couple days at least before it went it down. That never happened. It never had a chance to.? The SEC continues to investigate Facebook?s IPO to determine whether any material information was omitted or misrepresented. The SEC is conducting an ?in-depth review of all the participants? in the IPO, SEC Chairman Mary Schapiro said in an interview that aired Sept. 28 on Bloomberg Television. She declined to elaborate. The Senate Banking Committee is also looking into the matter, and has held meetings ?with a range of involved parties including Facebook, Nasdaq, Morgan Stanley (MS), and the SEC,? said Sam Gilford, press secretary for the Senate committee, in an e- mailed statement. Legendary Transformation Facebook?s eight-year transformation into the largest social-networking service is the stuff of legend. Born of marathon late-night coding sessions by Mark Zuckerberg and his Harvard University schoolmates, Facebook swiftly expanded beyond being a site for college kids into a network linking people from across the country, and eventually, the globe. An IPO loomed as the investor base widened, reflecting insiders? desire to sell. It was also spurred by SEC financial disclosure requirements for companies that have more than 500 shareholders. All the while, the public caught glimpses of Facebook?s potential valuation from high-profile private investments -- like Microsoft Corp. (MSFT)?s purchase of a 1.6 percent stake, which gave Facebook a $15 billion valuation, or a $1.5 billion private placement managed by Goldman Sachs (GS) Group Inc. valuing Facebook at $50 billion. Stock ?Hysteria? Facebook trading on secondary market-maker SecondMarket Inc. suggested a market cap of $85 billion in July 2011, seven months before Facebook disclosed on Feb. 1 that it planned a share sale. ?Before the underwriters were even selected, hysteria about this stock was already out of control,? Erik Gordon, a professor at the University of Michigan?s Ross School of Business, said in a phone interview. It?s not unusual for a company going public to tussle with the SEC over what should be included in its prospectus. Yet Jacobs?s inquiries underscored growing concern within the SEC over the way newer consumer Web companies account for increasingly large user bases, according to a person with knowledge of the matter. The regulator is spending more time scouring user-growth metrics and requiring more details, said this person, who asked not to be named because the SEC?s review process is confidential. Jacobs?s Team Last year the agency pressed Groupon Inc. (GRPN) to abandon an accounting method that made the then-unprofitable daily coupon business look profitable by hiding certain marketing costs, a person familiar with the matter said at the time. Julie Mossler, a spokeswoman for Chicago-based Groupon, declined to comment. The official whose name became most closely associated with the prodding of Facebook is the SEC?s Jacobs, whose eight-person information technologies and services team at the SEC?s Disclosure Operations Office was tasked with reviewing the Facebook filings that began Feb. 1. Jacobs, who is 51 in public records, has held various roles at the SEC since 1989, once proposing rules to let small companies price securities on a delayed basis, according to her profile on the Practising Law Institute?s website. She holds law degrees from the University of San Francisco and Georgetown Law Center. Her letters were addressed to Ebersman, who joined Facebook as chief financial officer in 2009 after holding the same title at drugmaker Genentech Inc. from 2005 until early 2009. A graduate of Brown University with a degree in economics and international relations, Ebersman replaced Gideon Yu, who left after Facebook said it wanted a successor with experience in running a public company. Zynga Questions Facebook?s responses were signed by Jeffrey Vetter, 46, of the Mountain View, California, law firm Fenwick & West. He declined to comment. Vetter, who joined Fenwick in 1995, has also helped prepare public offerings for companies including Fusion-io Inc. and Jive Software Inc. By the end of February, the SEC had amassed a list of 92 matters on which it sought further information. An area of concern: Facebook?s reliance on Zynga, which makes the five most popular games played on Facebook including ?Texas HoldEm Poker.? When Zynga missed earnings estimates in July, Facebook?s stock tumbled 8.5 percent, underscoring their interdependence. At first Facebook?s filing said Zynga accounted for 12 percent of 2011 revenue. After further prodding, Vetter said that Facebook last year got 19 percent of revenue from Zynga - -12 percent from processing fees of virtual goods and 7 percent from ads on pages generated by Zynga apps. Rival Services The SEC also got Facebook to include a warning that Zynga, which had recently begun offering games on its own and other websites, could lure Facebook users away, hurting Facebook financially. ?Zynga may choose to try to migrate users from existing Facebook-integrated games to other websites or platforms,? Facebook disclosed. As a result, ?Our financial results may be adversely affected,? it said. Concerns related to Zynga drove JPMorgan Chase & Co. (JPM) and Morgan Stanley to cut their price targets for Facebook last week. They cited lower expectations for revenue from Facebook?s payments business after Zynga reduced forecasts. Dani Dudeck, a spokeswoman for Zynga, declined to comment. Revenue Details Jacobs also asked Facebook why it hadn?t included data on revenue generated by each user, a ?key? indicator of performance. Vetter dismissed the request on March 7, saying that the company prefers to look at ?overall growth in users? and ?overall revenue in evaluating the business.? Unswayed, the SEC carried out revenue-per-user calculations itself, which Facebook only then included in a revised filing on April 23. The figures showed revenue worldwide from each monthly active user declining, to $1.21 in the first quarter from $1.38 in the fourth, a seasonal drop, according to Facebook. They also revealed that per-user revenue was lower in Asia, at just 53 cents down from 56 cents in the fourth quarter. One of the most contentious issues was Facebook?s halting disclosure of the number and growth of mobile users of Facebook, where they were located, and how it would derive revenue from them. In its initial filing, known as an S-1, the company said mobile usage of Facebook increased around the world and numbered 425 million ?monthly active users? in December 2011. It acknowledged that it hadn?t proven it could ?monetize? people using only mobile devices, where the absence of ads may ?negatively affect our revenue and financial results.? ?Excessive Expenses? Jacobs responded on Feb. 28 by asking for a ?more detailed? discussion of these key challenges. If the company?s attempts to monetize those mobile users fail, she wrote, then ?ensure? that your disclosure addresses the potential consequences to revenue, ?rather than just stating that they ?may be negatively affected.?? Vetter filed a revised prospectus on March 7, disclosing that Facebook?s monetization strategy could run up ?excessive expenses.? Still, in a letter the same day he resisted Jacobs?s effort to reveal the number of users who ?primarily access? Facebook through mobile devices, saying they didn?t have a ?reliable? count. Facebook would disclose the number of daily active mobile users only ?for the staff?s reference,? not in its registration statement, Vetter wrote. That number showed a big jump, to an estimated 58 million mobile-only Facebook users on Dec. 31, 2011, from 23 million on March 31, 2010. Mobile-Only Jacobs asked for the impact on revenue of greater mobile use, only to be told by Vetter that Facebook couldn?t ?specifically assess the impact? as those users may also be using personal computers to get onto Facebook. When asked how many new users were mobile only, he estimated that 69 million, or 44 percent, of the 156 million new users might be mobile- only. Asked about the geographical breakdown of mobile users, Vetter said it didn?t have a reliable count. For instance, he said, the company counted as Canadian many BlackBerry (RIMM) users around the world because the servers are based in Canada. This prompted Jacobs to question whether Facebook?s then- overall user count of 845 million might be wrong as a result of the fuzzy number of mobile users. Facebook said it believed its data were ?reasonably accurate? as overall data eliminated the multiple counting of mobile users. Ad Disclosure On May 9, Facebook released a disclosure to investors cautioning about the growth in mobile users exceeding growth of ads. It was a pivotal admission -- and one of the first warnings that drew widespread attention from analysts and investors. On that same day, Zuckerberg, Ebersman and Chief Operating Officer Sheryl Sandberg were in the midst of the road show to pitch the stock to investors. Investor relations staff at Facebook began placing a battery of calls to equity analysts with a dour warning: sales for the second quarter and full year wouldn?t likely match its earlier guidance, according to people familiar with the situation. Analysts adjusted their forecasts down and shared them verbally with their firms? institutional clients, whose demand for the stock sagged as a result, people with knowledge of the matter said on May 10. Sharing that information only with institutions isn?t unusual, and it?s legal as long as they don?t do it in writing. Market ?Mistrust? Still, said finance professor Zingales, ?The fact that some institutional investors got access to a company?s information that was not available to ordinary investors creates the perception that there are two sets of rules and increases the mistrust in the market.? Despite the cautionary signs, on May 15 Facebook and Morgan Stanley executives raised the asking price to a range of $34 to $38 from $28 to $35. A day later they also increased the number of shares being sold by 25 percent to 421.2 million. That was an effort to create a stronger buffer against a price decline in August when insiders and early investors were allowed to sell their stock, said one person familiar with the matter. The lock- up period was for only three months, unusually short compared to the average six months. Pricing Decision The final pricing decision was worked out in a May 17 conference call joined by the highest ranks of Facebook and lead underwriter Morgan Stanley. On the call were Ebersman, Michael Grimes, Morgan Stanley?s global co-head of its technology investment banking group, and Morgan Stanley CEO James Gorman, an unusual appearance by an investment bank?s chief that reflected the importance it ascribed to the IPO, people familiar with the matter said May 23. JPMorgan and Goldman Sachs executives joined in too. They reached consensus on pricing the IPO at the top of the $34 to $38 range, as a lower level would have signaled weakness in demand, said one of the people close to the situation. Contention also arose over the volume of shares that should be set aside for retail customers. Facebook went into the road show with the intention of shifting more shares than usual to retail investors, according to the same person. Goldman Sachs, one of the banks in the IPO, pushed back against the idea, arguing that it was hard to gauge retail demand and that those investors tend to sell quickly at the first sign of a stock?s volatility, the person said. Including Users Yet Facebook wanted the larger retail allocation to let its users take part in the IPO, the person said. In the end, 25 percent of the shares sold at the IPO were allocated to retail investors, other people have said. That exceeds the average amount of 15 percent. On the first day the lock-ups expired, Aug. 16, Facebook declined 6.3 percent to $19.87. Those shares freed up made up only 14 percent of the total 1.91 billion that will eventually be unlocked. ?Perhaps management should have seen that the party was getting out of hand, and should have understood that the hangover would be wicked,? said Lise Buyer, principal at Class V Group in Portola Valley, California. There were no headaches for investors who bought equity while Facebook was still private and were able to sell at the $38 IPO price. Goldman Sachs sold 24.3 million shares, which raised $924 million at the IPO price, doubling its original investment. Greylock Partners made 18 times its initial investment, selling 7.6 million shares for $289 million. Microsoft sold 6.6 million shares, which raised $249 million, more than quintupling its initial stake. Few Appearances Spokesmen for Morgan Stanley, Goldman Sachs and JPMorgan declined to comment. Company executives did little to help their cause among shareholders during Facebook?s first months as a newly public company. After Zuckerberg?s presentations for investors during the pre-IPO road show, the CEO went four months with few public appearances, doing a July 13 interview with Bloomberg News and defending the company?s projections on a July 26 call with analysts. Apart from contributions to that call, which covered second-quarter results, Ebersman and Sandberg also shied away from the limelight. Silence over the plunging share price and growth prospects did little to allay investors? anxiety, said Paul Argenti, a professor at Dartmouth College?s Tuck School of Business in Hanover, New Hampshire. ?Amateurish? Approach ?There should be more public appearances by the CEO, there should be ongoing media relations activities that help give confidence to investors,? Argenti said. ?I don?t see any of that going on. I see the exact opposite. It?s amateurish.? Zuckerberg returned to the public eye in a Sept. 11 on- stage interview at the TechCrunch Disrupt conference in San Francisco. He acknowledged that the company had made missteps in executing a mobile strategy. Based on the amount of time users spend on mobile, he said, the company should eventually make ?a lot more money? via wireless devices than through desktops. Since May, the company has rolled out new advertising services for its mobile versions. That includes an offering that lets game makers on its service target users to download their applications on smartphones. Lockup Expirations Facebook stock has reversed part of the losses suffered since the IPO, climbing 14 percent to $20.23 yesterday since hitting a record low of $17.73 on Sept. 4. Yet the shares will probably come under more pressure starting in mid-October, when holders of more than a billion shares, many of them employees, will be permitted to sell. At $20 a share, Facebook trades at 42 times estimated 2012 profit, still more than twice Google (GOOG)?s price of less than 18 times profit. Among more than 40 lawsuits related to Facebook?s offering, some investors blame their losses on trading errors by Nasdaq, where Facebook is listed. Others claim company managers didn?t disclose revised revenue forecasts in the days before the stock started to trade publicly on May 18, or they didn?t warn that a surge in mobile users would slash revenue. Facebook has said the suits, which have been consolidated under one judge in federal court in New York, lack merit. If Facebook can prove it disclosed all the risks adequately pre- IPO, the suits may be an uphill battle for investors. ?Huge Risk? The IPO proved a harsh lesson to first-time investors like Linda Lantz, an online marketer in Granite Bay, California, who bought 100 shares in the offering with hopes of Internet riches. After losing close to $1,500 in the four months since, Lantz has an appreciation for the difficulty in valuing social media companies with many users and relatively small profits, she said in an interview. ?The problem with Facebook is that it?s not a tangible good, and because it?s not a tangible good, people can?t feel and touch it, and it definitely has a huge risk of doing what it did,? Lantz said, ?and that?s to go down.? To contact the reporters on this story: Linda Sandler in New York at lsandler at bloomberg.net; Brian Womack in San Francisco at bwomack1 at bloomberg.net; Douglas MacMillan in San Francisco at dmacmillan3 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 10:25:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 11:25:13 -0400 Subject: [Infowarrior] - Dying woman gets security pat-down at Sea-Tac Message-ID: <62996584-E33E-4C5A-A5F6-0DC6D405E816@infowarrior.org> Dying woman gets security pat-down at Sea-Tac By JOEL MORENO, KOMO-TV Published 10:33 a.m., Tuesday, October 9, 2012 A dying woman says a a security pat-down at Sea-Tac Airport left her embarrassed in front of crowds of people. Michelle Dunaj says screeners checked under bandages from recent surgeries and refused to give her a private search when she requested one. Dunaj, who is dying of leukemia, carried a large amount of prescription drugs through Sea-Tac to head to Hawaii for what would be one of the last trips of her life. She called Alaska Airlines ahead of time to request a wheelchair and to ask how her medicines should be separated for the security line. "I did everything they asked me to do, so I didn't think it would be an issue," she said. But Dunaj says nothing went right at the security checkpoint. Read more: http://www.seattlepi.com/local/komo/article/Dying-woman-gets-security-pat-down-at-Sea-Tac-3932417.php#ixzz28uUXwYbW --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 12:35:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 13:35:28 -0400 Subject: [Infowarrior] - Silent Circle Builds A Secure, Seductive Fortress Around Your Smartphone Message-ID: http://www.fastcompany.com/3001938/phil-zimmermanns-silent-circle-builds-secure-seductive-fortress-around-your-smartphone Phil Zimmermann's Silent Circle Builds A Secure, Seductive Fortress Around Your Smartphone BY NEAL UNGERLEIDER | OCTOBER 5, 2012 The cryptography legend is teaming up with two ex-Navy SEALs to offer encrypted phone calls, video conferencing, and text messages with no learning curve whatsoever. The target market? Businesspeople and government employees traveling abroad. In the 1990s, cryptography pioneer and Pretty Good Privacy (PGP) creator Phil Zimmermann faced federal criminal investigation. His encryption software was so strong, it was charged, there was fear it violated arms trafficking export controls. Now Zimmermann has launched a new startup that provides industrial strength encryption for smartphone users. And this time around, his business partners include two ex-Navy SEALs. Subscribers will pay $20 a month, which includes unlimited subscriber-to-subscriber conversations, encrypted video conferencing, encrypted text messaging, encrypted email, and storage. Text messages will only be encrypted when sent to other Silent Circle subscribers. Outdialing to public telephone networks (in which Silent Circle users' ends are secure but the other end is insecure) will be optional with an additional fee. For an additional $39 a month, Silent Circle is offering 3000 calling minutes for the United States, Canada, and Puerto Rico. However, release of the encrypted email product has been delayed "so that they can focus on the launch of" the other products. Silent Circle was originally supposed to launch on September 17 before being pushed back to October.Silent Circle, which launches on October 15, is a secure communications product for Android and iOS that works on a paid subscription model. Users will have access to encrypted phone calls, emails, VoIP videoconferencing, SMS text messages, and MMS multimedia messages. Security varies depending on whether communications are made to another user on Silent Circle's closed network, or to an outside user. Text and multimedia messages are wiped from a phone's registry after a pre-determined amount of time, and communications within the network are allegedly completely secure. ?Almost all of the companies in enterprise and defense that came to us, 60% of their problems are away from the office," says Zimmermann. "Everyone has a solution [for security] inside your building and inside your network, but the big concern of the large multinational companies coming to us is when the employees are coming home from work, they're on their iPhone, Android, or iPad emailing and texting. They're in a hotel in the Middle East. They're not using secure email. They're using Gmail to send PDFs. At the same time, the companies can't mandate what employees put on their personal iPads.Once installed, Silent Circle has a simple interface that requires no learning curve to encrypt communications. The project's target market, according to Zimmermann, are troops serving abroad, foreign businesspeople in countries known for surveillance of electronic communications, government employees, human rights activists, and foreign activists. For enterprise sales, Silent Circle will be marketed direct to employees as a security measure which they can deduct from their travel expenses. While the company appears to be focusing on the mobile market, a secure Windows VoIP communications product will be released on October 15th as well; full desktop versions for Windows and Mac will be launched at a later date. Zimmerman claims that, "there isn't a commercial service out there that you can trust," just before underscoring his company's primary ambition: "Where do you build that trust into an elegant platform?? Zimmermann's partners at Silent Circle are PGP Corporation cofounder Jon Callas and former Navy SEALs Mike Janke and Vic Hyder. Both Hyder and Janke have both been involved with security consultant businesses (Hyder at Trident Crisis Management Group and Janke at SOC) and have extensive ties to the close-knit community of military contractors serving overseas. In conversations with the press, the team emphasizes their mix of computer security bona fides and special forces experience. Besides the two SEALs, the company's employees also include three British ex-SAS communications experts. The startup's secret sauce is the dead-simple interface of their secure communications products. Both the iOS and Android versions are skinned to look like their respective systems' dialing/text message systems. Video conferencing strongly resembles Skype. Subscribers will have ten-digit identification numbers which resemble phone numbers (and which, Silent Circle claims, will become phone numbers at a later date). Zimmermann deliberately contrasts this to his experience at PGP, which he tells Fast Company ?went over to enterprise so much that it was neglecting the individual. This, however, was all about the individual. It was very appealing to me. It sounded like a market that needed to use this--I spent a lot of years trying to tell people who didn't care about cryptography why they had to care about crypto, now here are people who already do.? Unlike PGP, which required a steep learning curve, Silent Circle's peer-to-peer encryption does not require any training or prior experience. Silent Circle, in fact, pushed back their release date by more than a month in order to fine-tune their product before public release. The company boasts that they use open source peer-reviewed encryption and offer redundant servers abroad; encryption and hashing algorithms used by Silent Circle include Elliptic Curve Cryptography (P-384), Advanced Encryption Standard (AES-256), and Secure Hash Algorithm (SHA-256). Users will also be offered options for the Skein hash function, as well as the Twofish and Threefish ciphers. These functions and ciphers are commonly used in other encryption tools.Of course, any encryption tool is only as good as the encryption it provides. If Silent Circle promises secure encryption, they need to deliver it to their customers. Another high-profile encryption tool, Cryptocat, was at the center of controversy earlier this year when Wired's Patrick Ball raised serious concerns about its effectiveness. For encryption tools, which are frequently used by dissidents living under repressive regimes and others with legitimate reasons to avoid government surveillance, the consequences of failed encryption can be deadly. According to Zimmermann and Janke, all products use device-to-device encryption. PGP RSA public key encryption will be used for emails, ZRTP for video and voice, and a custom instant message protocol called SCimp, which, Silent Circle says, is currently in the peer review process, will be open sourced with white papers to follow. The email product will be a Sparrow-like app with 100% peer-to-peer encryption. Text messages will be encrypted device-to-device with a special option to set a timer that will erase them from the registry. As a bootstrapped for-profit encryption firm, Silent Circle's financial health will only be as good as the product they put forward. ?We delayed the launch so that we'd be absolutely sure our company had everything,? Zimmerman told Fast Company. Silent Circle stresses that their product offers secure communications within the networks and only uses Canadian servers that are outside of U.S. government control. Canada has far more stringent data privacy regulations than either the United Stations or the European Union, meaning that users' encrypted communications are less likely to be intercepted by American authorities. Zimmermann and Janke noted that law enforcement and outside parties would not be able to snoop on communications conducted via Silent Circle; they also noted that law enforcement are frequent users of services such as Tor, which they use to avoid surveillance by outside intelligence agencies. The company also stressed that only users would be able to decrypt secure conversations; Silent Circle will not have eavesdropping abilities. Besides the Canadian servers, additional servers will be added in Switzerland. Hyder, Janke, Zimmermann, and Callas all emphasized that their company was a ?double-only-Nixon-can-go-to-China-thing? where their combination of cryptography bona fides and military connections opened more potential markets than either would have on their own. Silent Circle is aggressively chasing after companies who will steer individual employees their way as customers, even down to offering pre-paid encryption gift cards called ?Ronin Cards.? Purchase for most of Silent Circle's encryption products will be through the company's website and the secure phone call and text message applications will be sold through Apple and Google's app stores. While the company talks a great deal about Silent Circle's benefits for activists abroad, the $20 a month subscription fee filters many of them out. It seems more likely that the primary market will likely be corporations, governments, consultants, military serving abroad, and military contractors. According to the company, a deliberate choice was made to sidestep procurement cycles and market their product directly to users as a tool to be placed on expense accounts. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 18:30:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 19:30:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?Three_Drugs_to_Be_Tested_for_Use?= =?windows-1252?q?_in_Preventing_Alzheimer=92s?= Message-ID: <3186EA13-D47D-4123-A342-A127310929E8@infowarrior.org> October 10, 2012 Three Drugs to Be Tested for Use in Preventing Alzheimer?s By GINA KOLATA http://www.nytimes.com/2012/10/11/health/alzheimers-prevention-studies-to-test-three-drugs.html Scientists have selected three different types of Alzheimer?s drugs to be tested in the first large-scale international attempt to prevent the disease in people who are otherwise doomed to get it. It is one of three studies with the same goal that will start early next year. This one involves 160 people from the United States, Britain and Australia with a variety of gene mutations that cause Alzheimer?s with absolute certainty. Most of the test subjects will have no symptoms yet of the degenerative disease that ravages the brain, destroying memory and thought. But they would be expected to start showing signs of problems with memory and thinkingwithin five years unless the drugs work. The hope is that by intervening early, the disease might be headed off. Another study starting next year involves an extended family in Colombia that shares the same mutation. Anyone who inherits that mutated gene get Alzheimer?s disease. A third study will involve people in the United States age 70 and older who seem perfectly healthy and who do not have any known Alzheimer?s mutations but in whom, brain scans show, the disease is starting to manifest itself. In recent years, as studies involving people who already have Alzheimer?s have failed, researchers increasingly have called for studies in those who do not yet have the disease, arguing that the time to intervene is before the brain is irreversibly damaged. So the new study with people who are destined to get Alzheimer?s unless a drug can stop it is a way to test that idea. ?It?s an exciting opportunity,? said Dr. Ronald Petersen, director of the Alzheimer?s Disease Research Center at the Mayo Clinic, who is not involved with the study. Maria C. Carrillo, vice president of medical and scientific relations at the Alzheimer?s Association, said the results would come quickly. Within a few years, as researchers simultaneously compare the three approaches to stopping the disease, they should know which drug, if any, is going to work. The association contributed $4.2 million to the study, more than twice as much as it has ever spent on a grant, Dr. Carrillo said. The announcement comes at a time of transition for Alzheimer?s research. In recent years, investigators have discovered methods of spotting and tracking the progression of the disease before any clinical symptoms appear, using brain scans and spinal taps and sensitive tests of memory. They have led to what many think is the start of a new era in which drugs can be assessed without waiting for effects on profound symptoms. That is a goal of the study whose drugs were announced on Wednesday. Known as DIAN TU, for Dominantly Inherited Alzheimer?s Network Trials Unit, it was designed to get the most information possible in as short a time as possible. Three-quarters of the subjects will get one of three drugs aimed at beta amyloid, a protein that forms the hard, barnaclelike plaques on the brain that are the hallmark of Alzheimer?s. The drugs were chosen from among 15 that drug companies offered, said Dr. Randall Bateman, the study?s principal investigator. A committee assessed them, looking for drugs with the best evidence of effectiveness and the least likelihood of dangerous side effects. One concern, for example, is something called ARIA, for amyloid related imaging abnormality. People with the abnormality may have no signs that anything is wrong, but brain scans show what looks like a change in neural connections. ARIA is a rare side effect of some experimental Alzheimer?s drugs, and it is not clear what it means, but it is a concern and will monitored closely, Dr. Bateman said. For the first two years of the study, researchers will follow the subjects with scans and memory tests, looking for signs that the drugs are working. If one or more seems clearly effective, they will switch all the subjects to it and continue the study, looking for clinical benefits. The drugs to be tested are gantenerumab, made by Roche, which binds to clumps of amyloid and allows it to be removed from the brain, and two drugs by Lilly. One, known as LY2886721, blocks an enzyme, beta-secretase, used to make amyloid. The other, solanezumab, attaches itself to amyloid that is floating free in the brain before it clumps into plaques, facilitating its removal. Solanezumab was recently tested in people with mild to moderate Alzheimer?s and appeared to have no effect on the disease. But Lilly also handed over all of its data to a group of academic researchers, giving them complete control of the presentation of their analysis and publication, and the group noticed something interesting. The investigators pooled data from the company?s two large clinical trials of the drugs. In their extensive analysis, presented Monday at the American Neurological Association meeting in Boston, they reported that it improved Alzheimer?s dementia, particularly in mild cases. ?This is the best news we?ve had in a decade,? said Dr. Paul Aisen, an Alzheimer?s researcher at the University of California, San Diego. Dr. Aisen helped analyze the Lilly data and is also a member of the DIAN committee that helped select the drugs for the clinical trial. DIAN is hoping that the same sort of exquisitely sensitive cognitive tests will provide the first sign that one of the drugs is working. If any of the drugs come to market, they will be expensive, which raises issues of how patients will ever be able to pay for them. Researchers said they would face that issue when they come to it. ?Right now we have to get treatments that work,? said Dr. Rachelle S. Doody, director of the Alzheimer?s Disease and Memory Disorders Center at the Baylor College of Medicine. ?Then we can put pressure on to bring down the cost.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 18:39:47 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 19:39:47 -0400 Subject: [Infowarrior] - Apple Maps Accidentally Reveals Secret Taiwan Base Message-ID: <097FCDC7-2647-4A3B-8597-9AA8D216D7C5@infowarrior.org> Home > iOS 6 Problems: Apple Maps Accidentally Reveals Secret Taiwan Base http://www.ibtimes.com/print/ios-6-problems-apple-maps-accidentally-reveals-secret-taiwan-base-844145 Apple Maps has experienced [1] plenty of hilarious and embarrassing blunders since it debuted with iOS 6 on Sept. 19, but the imperfect [2] mapping application had never gotten into any real trouble, until now. After one Taiwanese newspaper snapped and printed a satellite photo of a top-secret military base from the new Maps application running on an iPhone 5, the defense ministry of Taiwan on Tuesday publicly requested [3] Apple blur the sensitive images of the country?s classified military installations. ?Regarding images taken by commercial satellites, legally we can do nothing about it,? said David Lo, the spokesman of the defense ministry, in a statement to Taiwanese reporters on Tuesday. ?But we?ll ask Apple to lower the resolution of satellite images of some confidential military establishments the way we?ve asked Google in the past.? The top-secret radar base, which is located in the northern county of Hsinchu, contains a highly-advanced ultra-high-frequency long-range radar that military officials say can detect missiles launched as far away as the city of Xinjiang, which is located in a northwest province of China. The radar system was obtained via US-based defense group Raytheon in 2003, and is still being constructed with hopes to be completed by the end of this year. According to Taiwan?s defense ministry, the radar cost $1.23 billion to purchase and will cost more to finish and maintain, but the country feels these measures are important to give its citizens a few minutes of extra warning in case of a Chinese missile attack. With constant tensions between the two countries since Taiwan started governing itself in 1949 ? China doesn?t see it that way, considering it part of its territory ?awaiting reunification, by force if necessary? -- and 1,600 ballistic missiles reportedly aimed at the island, Taiwan has every reason to keep its defenses top secret. While the Taiwanese government had previously worked with Google to blur out secret buildings in its Google Earth software, Apple said it has still not yet received a formal request from the defense ministry. Taiwan PR company Bravo, which handles the media relations between the government and the Cupertino, Calif.-based computer company, refused to speculate on how Apple would respond to Taiwan?s request. Meanwhile, Apple engineers are working around the clock to fix all of the issues and instabilities in iOS 6 Maps, and there?s much work to be done. While colorful and beautiful, Apple Maps is often inaccurate and lacks major features like local search, which makes it extremely limited as an application to explore, instead of merely navigate, the world. Some of the most laughable inaccuracies of iOS 6 Maps have been documented in a Tumblr blog mockingly called, ?The Amazing iOS 6 Maps [4].? Source URL: http://www.ibtimes.com/ios-6-problems-apple-maps-accidentally-reveals-secret-taiwan-base-844145 Links: [1] http://www.ibtimes.com/apple-maps-ios-6-review-its-no-google-maps-its-not-ilost-either-795153 [2] http://www.ibtimes.com/ios-6-maps-how-report-problem-apple-807975 [3] http://phys.org/news/2012-10-taiwan-apple-blur-sensitive-military.html [4] http://theamazingios6maps.tumblr.com/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 18:46:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 19:46:38 -0400 Subject: [Infowarrior] - Senator Opens Inquiry of Information Brokers Message-ID: <9E9F2DEE-CF84-4963-9253-A27FCC15CAE3@infowarrior.org> October 10, 2012 Citing Deep Data Collections, Senator Opens Inquiry of Information Brokers By NATASHA SINGER http://www.nytimes.com/2012/10/11/technology/senator-opens-investigation-of-data-brokers.html The multibillion-dollar data brokerage industry, a growing force in online marketing, is drawing intensified government scrutiny. On Wednesday, Senator John D. Rockefeller IV, Democrat of West Virginia, opened an extensive investigation of nine leading information brokers. Because Americans now conduct much of their daily business online, the senator said he was concerned that ?an unprecedented amount? of personal, medical and financial information about people could be collected, mined and sold, to the potential detriment of consumers. ?An ever-increasing percentage of their lives will be available for download, and the digital footprint they will inevitably leave behind will become more specific and potentially damaging, if used improperly,? Mr. Rockefeller, who is the chairman of the Senate Committee on Commerce, Science and Transportation, wrote in letters to the data brokers. ?It is critical that we understand what information companies like yours are already collecting and selling.? Linda A. Woolley, the acting chief executive of the Direct Marketing Association, a trade group, called the senator?s investigation ?a baseless fishing expedition.? ?I hope Senator Rockefeller understands what he?s tampering with,? she said in an e-mailed statement. The Senate investigation represents the second Congressional inquiry into the industry?s practices this year. In July, Representative Edward J. Markey, Democrat of Massachusetts, and Representative Joe L. Barton, Republican of Texas, co-chairmen of the Bipartisan Congressional Privacy Caucus, began a House inquiry into data compilers, which is ongoing. And the Federal Trade Commission has been looking into the practices of about a dozen major data brokers. Data brokers collect a wide variety of information from public sources and third parties, including details like consumers? financial status, race or ethnicity, buying history, hobbies, health concerns, travel preferences, Internet providers and social networks. The companies often use the information for a practice called ?database marketing? ? that is, using data mining to help clients like retailers, banks and airlines tailor marketing pitches to their best customers or identify potential new ones. Collecting, analyzing and selling such information for marketing purposes is perfectly legal. Indeed, it?s a huge business. Some data brokers have said they maintain several thousand details on the majority of adults in the United States. But some legislators and regulators say they are concerned that neither they nor consumers know the extent of the material that data brokers collect; whom they disclose or sell it to; and exactly what they are doing with it. Unlike consumer reporting agencies, which are required by federal law to show people their own credit reports and allow them to correct errors, data brokers are not required to show consumers information collected about them for marketing purposes. Earlier this year in a report on protecting consumer privacy, the F.T.C. urged the industry to create a centralized Web portal where consumers could learn about companies? practices and their options for controlling information collected about them. The agency also recommended that Congress pass legislation giving people access to information that data brokers hold about them. Underlying regulators? efforts is their concern that some information brokers could create financial dossiers about individuals that are akin to credit reports and use them to unfairly exclude individual consumers from certain offers or charge some people higher prices than others. ?There are data brokers whose marketing lists may not cross the line into credit reports but come very close,? said Julie Brill, a member of the F.T.C. ?The question is whether the lists are being used for marketing purposes or for something very close to credit purposes.? Industry representatives say that data-based marketers use consumer marketing data for legitimate commercial practices, not for regulated purposes like making offers of credit or insurance. They add that collecting marketing data benefits consumers because it allows companies to send people offers for products and services they are interested in. It also increases efficiency because companies know ahead of time not to send pitches for, say, lawn mowers to people who live in apartments. ?Consumers love getting what they want ? information, products, benefits, upgrades ? when they want it,? said Ms. Woolley of the Direct Marketing Association. ?There is no evidence that data-driven marketing harms consumers in any way.? On Wednesday, Mr. Rockefeller sent letters of inquiry to established database marketers like Acxiom, headquartered in Little Rock, Ark.; credit reporting agencies like Experian and Equifax, which have separate marketing arms; and newer companies, like Rapleaf and Datalogix, that specialize in helping companies pursue online and mobile consumers. Mr. Rockefeller asked each company to provide extensive business details about its data collection operations since Jan. 1, 2009. Scott Howe, the chief executive of Acxiom, said the company looked ?forward to continuing to work with the Congress to help the members gain a deeper understanding of Acxiom?s business and how people and the economy benefit from the appropriate use of data.? In an e-mail, Demitra L. Wilson, a spokeswoman for Equifax, said the company is not a data broker and that the only a small portion of its business involves unregulated, aggregated data about consumers. And Gerry Tschopp, a spokesman for Experian, said the company welcomed the opportunity to discuss ?the benefits of the appropriate use of consumer data? with legislators. Representatives of Datalogix and Rapleaf did not immediately respond to e-mail and phone requests for comment. Mr. Rockefeller asked the companies to respond by Nov. 2. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 10 21:34:49 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2012 22:34:49 -0400 Subject: [Infowarrior] - Letting us in on a secret Message-ID: <451ADB69-5EA4-4884-97B5-7C1EEB8A0745@infowarrior.org> Letting us in on a secret By Dana Milbank http://www.washingtonpost.com/opinions/dana-milbank-letting-us-in-on-a-secret/2012/10/10/ba3136ca-132b-11e2-ba83-a7a396e6b2a7_print.html When House Republicans called a hearing in the middle of their long recess, you knew it would be something big, and indeed it was: They accidentally blew the CIA?s cover. The purpose of Wednesday?s hearing of the Oversight and Government Reform Committee was to examine security lapses that led to the killing in Benghazi last month of the U.S. ambassador to Libya and three others. But in doing so, the lawmakers reminded us why ?congressional intelligence? is an oxymoron. Through their outbursts, cryptic language and boneheaded questioning of State Department officials, the committee members left little doubt that one of the two compounds at which the Americans were killed, described by the administration as a ?consulate? and a nearby ?annex,? was a CIA base. They did this, helpfully, in a televised public hearing. Rep. Jason Chaffetz (R-Utah) was the first to unmask the spooks. ?Point of order! Point of order!? he called out as a State Department security official, seated in front of an aerial photo of the U.S. facilities in Benghazi, described the chaotic night of the attack. ?We?re getting into classified issues that deal with sources and methods that would be totally inappropriate in an open forum such as this.? A State Department official assured him that the material was ?entirely unclassified? and that the photo was from a commercial satellite. ?I totally object to the use of that photo,? Chaffetz continued. He went on to say that ?I was told specifically while I was in Libya I could not and should not ever talk about what you?re showing here today.? Now that Chaffetz had alerted potential bad guys that something valuable was in the photo, the chairman, Darrell Issa (R-Calif.), attempted to lock the barn door through which the horse had just bolted. ?I would direct that that chart be taken down,? he said, although it already had been on C-SPAN. ?In this hearing room, we?re not going to point out details of what may still in fact be a facility of the United States government or more facilities.? May still be a facility? The plot thickened ? and Chaffetz gave more hints. ?I believe that the markings on that map were terribly inappropriate,? he said, adding that ?the activities there could cost lives.? In their questioning and in the public testimony they invited, the lawmakers managed to disclose, without ever mentioning Langley directly, that there was a seven-member ?rapid response force? in the compound the State Department was calling an annex. One of the State Department security officials was forced to acknowledge that ?not necessarily all of the security people? at the Benghazi compounds ?fell under my direct operational control.? And whose control might they have fallen under? Well, presumably it?s the ?other government agency? or ?other government entity? the lawmakers and witnesses referred to; Issa informed the public that this agency was not the FBI. ?Other government agency,? or ?OGA,? is a common euphemism in Washington for the CIA. This ?other government agency,? the lawmakers? questioning further revealed, was in possession of a video of the attack but wasn?t releasing it because it was undergoing ?an investigative process.? Or maybe they were referring to the Department of Agriculture. That the Benghazi compound had included a large CIA presence had been reported but not confirmed. The New York Times, for example, had reported that among those evacuated were ?about a dozen CIA operatives and contractors.? The paper, like The Washington Post, withheld locations and details of the facilities at the administration?s request. But on Wednesday, the withholding was on hold. The Republican lawmakers, in their outbursts, alternated between scolding the State Department officials for hiding behind classified material and blaming them for disclosing information that should have been classified. But the lawmakers created the situation by ordering a public hearing on a matter that belonged behind closed doors. Republicans were aiming to embarrass the Obama administration over State Department security lapses. But they inadvertently caused a different picture to emerge than the one that has been publicly known: that the victims may have been let down not by the State Department but by the CIA. If the CIA was playing such a major role in these events, which was the unmistakable impression left by Wednesday?s hearing, having a televised probe of the matter was absurd. The chairman, attempting to close his can of worms, finally suggested that ?the entire committee have a classified briefing as to any and all other assets that were not drawn upon but could have been drawn upon? in Benghazi. Good idea. Too bad he didn?t think of that before putting the CIA on C-SPAN. danamilbank at washpost.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 08:12:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 09:12:36 -0400 Subject: [Infowarrior] - Sprint may be bought by Softbank Message-ID: <86519302-3752-4D07-90E3-06080A415F11@infowarrior.org> Softbank Is Said to Be in Talks to Buy Control of Sprint By Jeffrey McCracken and Yoshinori Eki - Oct 11, 2012 7:49 AM ET http://www.bloomberg.com/news/2012-10-11/softbank-said-to-be-in-talks-to-buy-control-of-sprint.html Softbank Corp. (9984), Japan?s third- largest mobile-phone company, is in talks to buy control of Sprint Nextel Corp. (S), according to two people familiar with the matter. Softbank is seeking two-thirds of the U.S. company, said one of the people, who asked not to be identified because the discussions are private. Softbank is in discussions to acquire the stake for more than 1.5 trillion yen ($19 billion), Japan?s Nikkei newspaper reported on its website, without saying where it got the information. The deal would give Softbank a base for entering the U.S. market with a compatible carrier that uses similar equipment made by Sweden?s Ericsson AB, the Nikkei reported. Softbank, the fastest-growing Japanese mobile phone provider, this month agreed to pay 180 billion yen for smaller local rival eAccess Ltd. (9427) Bill White, a spokesman for Overland, Kansas-based Sprint, declined to comment. To contact the reporters on this story: Jeffrey McCracken in New York at jmccracken3 at bloomberg.net; Yoshinori Eki in Tokyo at yeki at bloomberg.net To contact the editor responsible for this story: Peter Elstrom at pelstrom at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 08:28:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 09:28:17 -0400 Subject: [Infowarrior] - Intelligence agencies turn to crowdsourcing Message-ID: Code Red | 10 October 2012 Intelligence agencies turn to crowdsourcing http://www.bbc.com/future/story/20121009-for-all-of-our-eyes-only/2 For 50 years, James Bond's womanising has been central to his appeal. How does his sex life compare with an average man? The upcoming release of the James Bond movie Skyfall, combined with the 50th anniversary of the franchise, has sent fans of the suave spy into overdrive. Speculation about the plot and who will sing the theme tune (Adele), has been joined by stories that pick apart everything from his ingenious - but scientifically dubious - gadgets to the ins and outs of his sex life. But now, James Bond fans and wannabe spies alike may have the ultimate outlet for their spy ambitions. Research firm Applied Research Associates, has just launched a website that invites the public?meaning anyone, anywhere?to sign up and try their hand at intelligence forecasting. The website is part of an effort, sponsored by the Intelligence Advanced Research Projects Activity (Iarpa), to understand the potential benefits of so-called crowdsourcing for predicting future events. Crowdsourcing aims to use the ?wisdom of crowds? and was popularised by projects like Wikipedia. Like Darpa, its better-known counterpart in the Pentagon, Iarpa funds far-out research ideas. However, Iarpa works on ideas that could eventually be used by the likes of the Central Intelligence Agency (CIA), rather than the military. ?The goal that Iarpa has is to eventually transition this to the intelligence community, and use it for something like the National Intelligence Estimates,? says Jenn Carter, who works on the project. There?s good reason for Iarpa?s interest in finding new ways to collect useful information: the intelligence community has often been blasted for its failure to forecast critical world events, from the fall of the Soviet Union to the Arab Spring that swept across North Africa and the Middle East. It was also heavily criticized for its National Intelligence Estimate in 2002, which supported claims that Iraq had weapons of mass destruction. Those failures raised larger questions about how the intelligence agencies come up with forecasts, which is usually a deliberative process involving a large number of analysts. The Iarpa project, known officially as Aggregative Contingent Estimation, is looking at whether crowdsourcing can result in more accurate forecasts about future events than those traditional forms of intelligence estimation. Applied Research Associates actually started the project last year with another website called Forecasting Ace, which had over 2,000 registered contributors making predictions on everything from the future of space exploration to political elections. On the new website, Global Crowd Intelligence, the company hopes that number will grow substantially by making forecasting more like a game of spy versus spy. ?When we contacted our contributors, they said we should try to make the whole process more fun,? says Dirk Warnaar, the principal investigator for the project. Indeed, what users wanted, it turned out, was something competitive, so that?s what the company has given them. The new website rewards players who successfully forecast future events by giving them privileged access to certain ?missions,? and also allowing them to collect reputation points, which can then be used for online bragging rights. When contributors enter the new site, they start off as junior analysts, but eventually progress to higher levels, allowing them to work on privileged missions. The game works by allowing the newly minted analysts to choose from any number of ?missions? to forecast. The forecasts incorporated in the website run the gamut, from those that obviously might be of theoretical interest to intelligence agencies, like a ?government force will gain control of the Somali town of Kismayo before 1 November 2012,? to market predictions, such as the likelihood that Apple will introduce a mini-iPad by a specific date. Analysts attach a specific percentage to the even, such as 80% probability, and then wager ?reputation points? on their forecast. They win points, depending on how close their forecast matches reality. The more points you win, the higher you progress. The idea of crowdsourcing geopolitical forecasting is increasing in popularity, and not just for spies. Wikistrat, a private company touted as ?the world?s first massively multiplayer online consultancy,? was founded in 2002, and is using crowdsourcing to generate scenarios about future geo-political events. It recently released a report based on a crowdsourced simulation looking at China?s future naval powers. Warnaar says that Wikistrat?s approach appears to rely on developing ?what-if scenarios,? rather than attaching a probability to a specific event happening, which is the goal of the Iarpa project. Of course, the ultimate question is: how good are the crowd?s predictions? Warnaar compares this science to weather forecasting, which albeit imperfect, still provides useful and reasonably accurate information on future events. Part of what helps weather forecasters improve their prediction is constant feedback: if they predict rain, and they get it wrong (or right), they instantly learn. ?This constant feedback makes them well-calibrated,? says Warnaar. In fact, this sort of ?self-calibration? is how one of the crowdsourcing models works: if the ?crowd,? predicts that an event is going to happen with an 80% probability, but in reality this should have been 60% (crowds tend to be overconfident), then the model is able to aggregate all of the information to churn out a more accurate prediction. The system is also designed to ensure that any efforts to sabotage forecasts are minimized. ?Everyone can make forecasts but not all of those forecasts are included in our models and each forecast may have a different weight,? says Warnaar. ?You would therefore have to be a consistently good forecaster to be able to influence the aggregate forecast with a rogue prediction, but even then your forecast must be consistent with your previous pattern.? To catch any potential rogue elements, the system also flags up any unusual activity for further scrutiny. ?So far we?ve not found any evidence that a single forecaster or group of forecasters was able to purposely skew the results,? he says. The project is already yielding results: in the first year, Warnaar says, they were able to show that the crowdsourced forecasts were 25% more accurate than forecasts produced by a control group, which involved simply averaging the forecasts made by a number of individuals. The plan is double that accuracy over the next year to 50%. In addition to improving intelligence forecasts, the research may also yield other benefits, such as understanding what type of person is better at predicting future events. ?There is very little research that points to what makes a good forecaster,? says Warnaar. Those working on the current project are careful to note that the current project is about research, not spying. The names and personal information of the users are not provided to Iarpa, only the results of the forecast. Users entering the site must provide an email, but not a real name, and only answer two questions: whether they are over the age of 18 and if they are American citizens. But for those who dream of being James Bond, or conversely, worry that their predictions could be used by spies, the website has a simple disclaimer: ?Forecast topics are not related to actual intelligence operations.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 08:31:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 09:31:37 -0400 Subject: [Infowarrior] - Australian Government Censors Draft Snooping Laws Message-ID: http://yro.slashdot.org/story/12/10/11/0230258/australian-government-censors-draft-snooping-laws coolstoryhansel writes "Stating that release of the draft legislation is not in the public interest [PDF] because it would prejudice decision making processes already in train, the Attorney General's Department has denied the release of the draft laws that would see wide-scale dragnet surveillance implemented along with an expansion of law enforcement powers for the purposes of 'national security'. Serkowski, speaking for the Pirate Party who lodged the FOI request labelled the Department response as 'disgraceful and troubling' saying the decision is 'completely trashing any semblance or notion of transparency or participative democratic process of policy development.'" --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 16:47:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 17:47:34 -0400 Subject: [Infowarrior] - =?windows-1252?q?SOPA_Is_Back!_=85_As_a_Ransomwar?= =?windows-1252?q?e_Virus?= Message-ID: SOPA Is Back! ? As a Ransomware Virus ? Ernesto ? October 11, 2012 http://torrentfreak.com/sopa-is-back-as-a-ransomware-virus-121011/ After historic Internet protests in January the SOPA anti-piracy bill was defeated. However, this week several reports have pointed to a rather unfortunate SOPA comeback. Not in Congress, but as a nasty cryptovirus that locks up people?s computers and accuses them of distributing copyright infringing files. Infected users can get their data back after a payment of $200 ? at least, that?s what the virus makers promise. The Stop Online Piracy ACT (SOPA) was a major threat to the Internet. The bill introduced draconian censorship tools for the Government and copyright holders, that worried the public and many key Internet companies including Reddit, Google and Wikipedia. After months of protest, the bill was eventually killed off following the Internet Blackout earlier this year. But that doesn?t mean SOPA is no longer a threat. This week ?the bill? was resurrected by a virus maker, who has been warning users of infected computers that their IP-address is on a blacklist after it was discovered distributing illegal content. SOPA Ransomware As a result, the SOPA virus holds all files on the host computer ransom. ?Your computer is locked!? the splash screen above warns, adding: If you see a warning.txt or warning screen, it means your IP address was included in S.O.P.A. Black List. One or more of the following items were made from your PC: 1. Downloading or distributing audio or video files protected by Copyright Law. 2. Downloading or distributing illegal content (child porn, phishing software, etc.) 3. Downloading or distributing Software protected by Copyright Law. As a result of these infringements based on Stop Online Piracy Act (H.R. 3261) your PC and files are now blocked. The SOPA virus is so-called ransomware, meaning that it holds computers hostage and only promises to free data after victims hand over cash. In the U.S. and Canada people are instructed to pay with a MoneyPak prepaid voucher, and in other parts of the world they can use Western Union. Those who don?t pay within three days are in trouble, the virus maker warns. ?WARNING!!!: If you don?t pay the fine within 72 HOURS at the amount of 200 USD, all your computer data will be erased.? People who are affected should of course ignore all the above. Searching online for ?Stop Online Piracy Automatic Protection System Removal?? is a better option, there are plenty of ways to defeat the resurrected SOPA and get your data back. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 17:18:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 18:18:44 -0400 Subject: [Infowarrior] - New 'Strategic Capabilities' Office Imagines Ways To Deal With Emerging Threats Message-ID: <29949BFD-783C-4688-9551-2F762E1B1061@infowarrior.org> DefenseAlert New 'Strategic Capabilities' Office Imagines Ways To Deal With Emerging Threats Posted on InsideDefense.com: October 11, 2012 http://insidedefense.com/201210112412680/Inside-Defense-Daily-News/DefenseAlert/new-strategic-capabilities-office-imagines-ways-to-deal-with-emerging-threats/menu-id-61.html A new Pentagon office is spearheading efforts to cultivate cutting-edge technological concepts that could give U.S. forces new advantages against sophisticated military adversaries. The Strategic Capabilities Office was formed this summer in the research and engineering directorate of the Pentagon's acquisition shop, according to government officials. It is headed by William Roper, who previously worked as the Missile Defense Agency's director for engineering. "The new Strategic Capabilities Office (SCO) was established by AT&L in 2012 to conduct analysis in support of ongoing efforts to shape and counter emerging threats with emphasis on innovative and architecture-level, cross-service and cross-Defense/Intelligence concepts," Lt. Col. Melissa Morgan, a Pentagon spokeswoman, said in a written response to questions about the office. "The specific details of the work of the SCO are classified," she added. The new office reports to the Pentagon's acquisition executive through Zachary Lemnios, the assistant secretary of defense for research and engineering. A Pentagon official familiar with the new Strategic Capabilities Office said it is working on projects that are traditionally carried out by the Defense Advanced Research Projects Agency. Another source, a former military official and now a Pentagon consultant, expects the new office will "drive some change." The Obama administration?s strategic defense guidance, issued in January, states that "work needs to be done to ensure the United States, its allies, and partners are capable of operating in A2/AD [anti-access, area denial], cyber, and other contested operating environments." The document notes the Defense Department will "encourage a culture of change" and "sustain key streams of innovation that may provide significant long-term payoffs." The existence of the SCO was mentioned in a draft charter this summer for a new high-level Pentagon body that was being formed to identify policy issues associated with "pivoting" the U.S. military to the Asia-Pacific region -- a chief goal behind the administration's new defense strategy (DefenseAlert, Aug. 1). That draft charter called for a standing group of senior officials to focus on Asia-Pacific matters for the Deputy's Management Action Group (DMAG), that would include the director of the new SCO in its deliberations. The approved charter for the DMAG Asia-Pacific group, dated Aug. 22 and marked "for official use only," is silent on the role of the new SCO, according to sources familiar with the document. - Jason Sherman --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 20:39:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 21:39:40 -0400 Subject: [Infowarrior] - WikiLeaks Goes Behind Paywall, Anonymous Cries Foul Message-ID: <55F14C59-D694-4035-AA1D-0B1C145FFAAB@infowarrior.org> WikiLeaks Goes Behind Paywall, Anonymous Cries Foul ? By David KravetsEmail Author ? 10.11.12 ? 6:56 PM http://www.wired.com/threatlevel/2012/10/wikileaks-paywall-anonymous/ Secret-spilling site WikiLeaks has moved millions of documents behind a paywall, prompting blowback from elements of an underground ally, the hacking group Anonymous, including one well-known member to conclude that it ?cannot support anymore what WikiLeaks has become.? Upon clicking on any of the site?s documents, including ?Cablegate: 250,000 US Embassy Diplomatic Cables,? which is said to have came from alleged WikiLeaks-leaker Bradley Manning, WikiLeaks visitors are taken to a page with a video that lambastes Barack Obama and ends with WikiLeaks chief Julian Assange asking for donations. To access documents, one can donate, share the video on Facebook or tweet it. The fullscreen overlay cannot be closed unless a donation is made or something is shared, though the video does not appear over every document dump. < - > ?The conclusion for us is that we cannot support anymore what Wikileaks has become ? the One Man Julian Assange show. But we also want to make clear that we still support the original idea behind Wikileaks: Freedom of information and transparent governments. Sadly we realize that Wikileaks does not stand for this idea anymore. The overlay on WikiLeaks can be circumvented by disabling JavaScript, and many Anonymous docs can be found on mirror sites around the net that lack the paywall. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 11 21:32:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2012 22:32:40 -0400 Subject: [Infowarrior] - Panetta Spells Out DOD Roles in Cyberdefense Message-ID: <8EBD9DFA-A4A8-4E26-AC4D-9A75087D48B4@infowarrior.org> And yet another senior government executive talking about "cyber Pearl Harbors" .... when will these folks move away from using such idiotic and sensational perspectives in discussing cyber issues??? --- rick Panetta Spells Out DOD Roles in Cyberdefense By Jim Garamone American Forces Press Service http://www.defense.gov/news/newsarticle.aspx?id=118187 WASHINGTON, Oct. 11, 2012 ? Defense Secretary Leon E. Panetta spelled out in detail the Defense Department?s responsibility in cybersecurity during a speech to the Business Executives for National Security meeting in New York, today. Panetta has stressed the importance of cybersecurity since taking office last year. In addition, the secretary has warned about a ?cyber Pearl Harbor? many times, including during testimony before Congress. The speech before BENS aboard the USS Intrepid Museum is the secretary?s clearest discussion to date of DOD?s responsibility in the cyber domain. ?A cyber attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11,? he said in prepared remarks. ?Such a destructive cyber terrorist attack could paralyze the nation.? The secretary pointed to denial of service attacks that many large U.S. corporations have suffered in recent weeks, but also cited a more serious attack in Saudi Arabia. In that attack a sophisticated virus called ?Shamoon? infected computers at the Saudi Arabian state oil company, ARAMCO. ?Shamoon included a routine called a ?wiper,? coded to self-execute,? he said. ?This routine replaced crucial system files with an image of a burning U.S. flag. It also put additional ?garbage? data that overwrote all the real data on the machine. The more than 30,000 computers it infected were rendered useless, and had to be replaced.? There was a similar attack later in Qatar. ?All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date,? Panetta said. Enemies target computer control systems that operate chemical, electricity and water plants, and guide transportation networks. ?We also know they are seeking to create advanced tools to attack these systems and cause panic, destruction and even the loss of life,? he said. ?An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals,? he said. ?They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.? Cyber attacks could be part of a major attack against the United States, and this could mean the cyber Pearl Harbor the secretary fears. This is ?an attack that would cause physical destruction and loss of life, paralyze and shock the nation and create a profound new sense of vulnerability,? he said. DOD has a supporting role in cyber defense, he said. The Department of Homeland Security is the lead federal agency, with the FBI having lead on law enforcement. Still the overall DOD mission is to defend the United States. ?We defend. We deter. And if called upon, we take decisive action,? the secretary said. ?In the past, we have done so through operations on land and at sea, in the skies and in space. In this new century, the United States military must help defend the nation in cyberspace as well.? DOD has responsibility for defending its own networks, and can also help deter attacks. ?Our cyber adversaries will be far less likely to hit us if they know we will be able to link them to the attack, or that their effort will fail against our strong defenses,? he said. ?The Department has made significant advances in solving a problem that makes deterring cyber adversaries more complex: the difficulty of identifying the origins of an attack.? DOD has improved its capability of tracking attacks to point of origin. ?Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests,? he said. But improved defenses will not stop all cyber attacks. ?If we detect an imminent threat of attack that will cause significant physical destruction or kill American citizens, we need to have the option to take action to defend the nation when directed by the President,? Panetta said. ?For these kinds of scenarios, the Department has developed the capability to conduct effective operations to counter threats to our national interests in cyberspace. ?Let me be clear that we will only do so to defend our nation, our interests, or our allies,? he continued. ?And we will only do so in a manner consistent with the policy principles and legal frameworks that the Department follows for other domains, including the law of armed conflict.? DOD is finalizing a comprehensive change to rules of engagement in cyberspace. ?The new rules will make clear that the Department has a responsibility not only to defend DOD?s networks, but also to be prepared to defend the nation and our national interests against an attack in or through cyberspace,? he said. ?These new rules will make the Department more agile and provide us with the ability to confront major threats quickly.? The private sector, government, military and international partners operate in cyberspace. ?We all share the responsibility to protect it,? he said. ?Therefore, we are deepening cooperation with our closest allies with a goal of sharing threat information, maximizing shared capabilities, and deterring malicious activities.? All U.S. leaders have discussed cyber security with foreign leaders. Panetta raised the issue with Chinese leaders during his recent trip to Beijing. ?I underscored the need to increase communication and transparency so that we can avoid misunderstanding or miscalculation in cyberspace,? he said. ?That is in the interest of the United States, and it is in the interest of China.? But businesses have the greatest interest in cybersecurity. Businesses depend on a safe, secure, and resilient global digital infrastructure, and businesses own and run many of the critical networks the nation depends on. ?To defend those networks more effectively, we must share information between the government and the private sector about threats in cyberspace,? the secretary said. While there has been progress in sharing public-private cyber information, ?we need Congress to act to ensure this sharing is timely and comprehensive,? he said. ?Companies should be able to share specific threat information with the government without the prospect of lawsuits hanging over their head. And a key principle must be to protect the fundamental liberties and privacy in cyberspace that we are all duty-bound to uphold.? Baseline standards must be set for cyber security and that means Congress must act, Panetta said. He said the bipartisan Cybersecurity Act of 2012 ?has fallen victim to legislative and political gridlock. That is unacceptable to me, and it should be unacceptable to anyone concerned with safeguarding our national security.? One option under consideration, Panetta said, is an executive order to enhance cybersecurity measures. ?There is no substitute for comprehensive legislation, but we need to move as far as we can in the meantime,? he said. ?We have no choice because the threat we face is already here. Congress has a responsibility to act. The President has a Constitutional responsibility to defend the country.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 06:34:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 07:34:16 -0400 Subject: [Infowarrior] - =?windows-1252?q?Pentagon_Chief_Reveals_=91Classi?= =?windows-1252?q?fied=92_Cyber_Threats_=85_That_You_Read_in_August?= Message-ID: <7CD39428-4339-4D40-AB79-38696304D064@infowarrior.org> Pentagon Chief Reveals ?Classified? Cyber Threats ? That You Read in August ? By Noah Shachtman ? October 11, 2012 | ? 9:45 pm | ? Categories: Info War ? http://www.wired.com/dangerroom/2012/10/panetta-cyber/ It was billed as the first major address by an American Secretary of Defense on cybersecurity ? complete with newly declassified information about the nature of the network threat. In the end, it was another helping of heated rhetoric on cybersecurity from a Pentagon that regularly produces panicky pronouncements. And the classified information? Stuff you could?ve read on our sister blog Threat Level or other cybersecurity sites back in August. Appearing in New York City before the tuxedo-clad Business Executives for National Security, Defense Secretary Leon Panetta issued a familiar warning, that ?a cyber attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11. Such a destructive cyber terrorist attack could paralyze the nation.? It?s an alarm he?s sounded before. But in the following sentences of Thursday?s address aboard the retired aircraft carrier U.S.S. Intrepid , Panetta presented what he called new examples ?of the kinds of attacks what we have already experienced? ? harbingers, if not perfect examples, of a coming catastrophe. ?In recent weeks, as many of you know, some large U.S. financial institutions werehit by so-called ?Distributed Denial of Service? attacks. These attacks delayed or disrupted services on customer websites,? Panetta said. ?While this kind of tactic isn?t new, the scale and speed was unprecedented.? He?s right: DDoS attacks aren?t new at all (even if this particular attack did cause some financial institutions? online banking operations to flutter). But Panetta is off about these strikes? unprecedented nature. ?These are big, but we?ve seen this big before,? said Neal Quinn, chief operating officer of Prolexic, a firm that specializes in mitigating DDoS attacks. ?We?ve seen events this big in the past.? Panetta then proceeded to describe what was, in his words, ?probably the most destructive attack that the private sector has seen to date.? This was a disclosure that senior defense officials billed as a major public unveiling of previously unclassified information. Panetta described the Shamoon malware, which infected tends of thousands of computers at the Saudi Arabian state oil company Aramco and at Qatar?s RasGas company. ?This routine replaced crucial system files with an image of a burning U.S. flag. It also put additional ?garbage? data that overwrote all the real data on the machine,? he said. 30,000 machines eventually had to be disinfected before they could be brought back online, making this an extremely serious attack. And the websites for the two energy companies went down for days. But it?s unclear exactly how destructive the infection really was. Aramco and RasGas both said their ?core businesses[es] of oil and gas exploration, production and distribution? were unaffected by the malware. If that?s the case, then Shamoon may not have been quite such an apocalyptic moment Panetta described. None of this is news, if you?ve been paying attention to the steady stream of public pronouncements from security researchers and from the companies themselves ? not to mention the coverage of the attacks by reporters on the cybersecurity beat. But senior defense officials said Panetta?s words on Shamoon were, in fact, secret information ? until the Pentagon chief took the step of declassifying them. ?To my knowledge, there?s been no one who?s officially acknowledged these attacks. And we have deemed them to this point classified and our knowledge of them to be classified,? a senior defense official, who spoke under condition of anonymity, told reporters before the speech. As Foreign Policy recently noted, it?s not easy for Pentagon officials to talk about network defense, much of which the military deems classified. But what often undercuts these officials? message is that it?s the U.S. ? and not some outside adversary ? that launched the most damaging cyber attack publicly acknowledged to date. Stuxnet, which helped destroy a thousand Iranian centrifuges, was the work of American and Israeli forces, U.S. officials recently admitted, not some rogue hackers, and not some boogeyman in Beijing. It?s the fear that a similar sort of strike could be turned on us that keeps many within the Pentagon and intelligence community tossing in their beds. Recently, the military and the White House have cracked open the once-deadbolted door of secrecy on U.S. offensive cyber operations. In August, the U.S. Air Force announced its interest in finding new methods to ?destroy, deny, degrade, disrupt, deceive, corrupt, or usurp the adversaries [sic] ability to use the cyberspace domain for his advantage.? The week before, a former top American commander in Afghanistan bragged to a technology conference about his troops? ability to hack militant communications. The day before that, the Pentagon?s leading research division announced a new, $110 million program to help warplanners assemble and launch online strikes in a hurry and make cyber attacks a more routine part of U.S. military operations. Yet these offensive activities were largely left out of Panetta?s talk Thursday night. Instead, the Defense Secretary mentioned simply that ?if a crippling cyber attack were launched against our nation, the American people must be protected. And if the Commander-in-Chief orders a response, the Defense Department must be ready to act.? Compared to his description of the network threat, it was a rather understated assertion. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 06:47:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 07:47:28 -0400 Subject: [Infowarrior] - Wheeler: The myth of American military superiority. Message-ID: ForeignPolicy.com October 11, 2012 Not All That It Can Be The myth of American military superiority. By Winslow Wheeler http://www.foreignpolicy.com/articles/2012/10/11/not_all_that_it_can_be You hear it routinely during congressional events involving defense issues, when a defense secretary wants to protect his budget (or his legacy), and when candidate Barack Obama or his operatives defend the administration's national security record: The American armed forces are "the best in the world." It has become such an unremarkable bit of conventional wisdom that the comment is usually prologue to some other point the speaker wants to make. Many think that because the United States spends multiples of any conceivable opponent or even combinations of them, has the largest modern navy and air force, and can operate all over the world, there is no conceivable enemy or enemies that can take on America successfully. The history of warfare is full of this kind of arrogance before the fall; it has occurred from the beginnings of recorded warfare until today. Consider Xerxes and Darius against Greece in antiquity, the British in America in 1775, the Russians before their war with Japan in 1904, and the United States in 1964 facing Vietnam. History has recorded these and numerous other conflicts when the "wrong" side won the war, and there are still more examples from campaigns and individual battles. If spending or the size and breadth of forces were the sole determinants of success, the British and French would have won in 1940, the Russians would have repelled the Germans in 1941, the British would have won in Malaysia in 1942, and the wars in Iraq and Afghanistan would not have been the disasters they are. When I have suggested that America's military might not be "the best," the inevitable question is, "Against whom? Name an opponent who can beat us." History is not kind to those who are so sure they know the future, and in today's vapid culture the confident prediction of supremacy is articulated in the absence of anything beyond a superficial bean count of forces and hardware -- sometimes not even that. There are far more subtle and supremely powerful forces at play in deciding who wins in warfare than the stuff that occupies the hollow defense debates in the American political spectrum. As a nation, Americans mostly ignore those deciding elements. As American strategist John Boyd explained cogently, material elements come in a poor third in deciding which side wins in conflict -- after moral and mental factors. Instead, in the debate that today dominates the American political-military system on both sides of the political spectrum, two main props sustain the "we are the best" advocates. The first is America's spectacular performance on the battlefield when, even after the post-Cold War budget reductions of George H.W. Bush's and Bill Clinton's administrations, U.S. armed forces "used Saddam Hussein as a speed bump" in 2003. The second, they say, is America's vastly superior military technology, which, while expensive, gives the country the essential winning edge that no one can match. The example of America's victory over Saddam is particularly inapt. Iraq's armed forces were a speed bump: Their leadership was hopelessly politicized and grossly incompetent, and their uniformed combat personnel were demoralized and unwilling to fight even before the first bombs were dropped. They were assessed as literally the worst in the world by the Center for Strategic and International Studies, and as some have noted, the performance of the U.S. military leadership -- even at the field-command level -- in that war was an embarrassment. In Iraq and Afghanistan, U.S. forces often showed real guts and skill at the tactical level, but the heroism of soldiers and Marines notwithstanding, it should be remembered that they have fought enemies with no air force or navy and not much infantry equipment beyond home-built road mines, AK-47 rifles, and rocket-propelled grenades. We also heard a lot of bombast after the first war with Iraq, Operation Desert Storm in 1991; then, the technologists declared a "revolution in military affairs." The Government Accountability Office (GAO) spent two years looking at that: The air campaign should more accurately be characterized as bombing a tethered goat led by a military jackass, and even then, the air campaign did not live up to the hype. The high-cost "silver bullet" of the war, the F-117 stealth light bomber, badly underperformed its puffery. For example, in contrast to claims that "alone and unafraid" it destroyed Saddam's air defense system in the first hours of the first night, the F-117s actually had help from 167 non-stealthy aircraft and were confirmed by the Defense Intelligence Agency's bomb-damage assessments to have effectively destroyed only two of the 15 air defense targets assigned to them that first night. Overall, the GAO found that effectiveness did not correlate with cost and that on many dimensions the ultralow-cost A-10 close-combat attack aircraft was the top performer. Nothing is changed today; the bluster is as frequent and hollow. Typical examples are unmanned drones, such as the MQ-9 Reaper and the Air Force's F-22 fighter. The real-world performance of the MQ-9 Reaper is actually rather pathetic. With a tiny payload of an extremely limited selection of weapons and very poor ability to find targets to which it is not precisely shepherded, the Reaper is incapable of defending itself, and it is several times more expensive than manned aircraft that are more effective, such as the A-10. Also, it crashes so routinely that the Air Force appears to not even report all "mishaps" on the appropriate website. Yet, such drones are slavishly characterized as a revolution in warfare, yet again, and technologists are talking proudly about future nuclear bombers that are "optionally manned." The F-22 fighter is described by the Air Force as an "exponential leap in warfighting capabilities." A review of the data shows the F-22 to be more expensive and less impressive than the hype would have you believe. For one thing, the cost for each F-22 is not the $143 million the Air Force asserts but rather a whopping $412 million, according to the GAO. The plane was supposed to be less expensive to operate than the F-15C; instead, it is 50 percent more. For another, its radar-evading "stealth" capability is significantly limited, as we know from two F-117 "stealth" casualties in the 1999 Kosovo air war, and its ability to detect, identify, and engage enemy aircraft at very long range with radar-controlled missiles relies on a technology that has repeatedly failed in combat. Finally, the F-22 compares roughly in close-in air combat toearly versions of the F-15 and F-16. This June, that unexceptional agility was on display when German pilots flew Eurofighter Typhoons successfully against F-22s in mock dogfights. Because the F-22 is so expensive to fly and difficult to maintain, its pilots get too few hours in the air to train -- half of what fighter pilots got in previous decades. Worse, a controversy has raged over how safe the F-22 is to its own pilots. Powerful toxins populate the areas where the F-22 derives its oxygen for the pilot, and despite an Air Force explanation that "contamination" has nothing to do with the physiological problems pilots have experienced, some observers are deeply skeptical that the Air Force is taking the proper care to protect F-22 pilots. Already two pilots have been killed in accidents in which those toxins are very possibly at play. Even though pilot skill is a dominating factor in air combat, the U.S. Air Force provides few in-air training hours and requires pilots to fly aircraft that are not free of potential poisons. These are not the signs of a first-rate military organization. That it is people, not hardware, that provide the winning edge in warfare was clearly expressed at the end of the first Iraq war when the U.S. commander, Gen. Norman Schwarzkopf, stated that had the two sides switched equipment, the United States still would have won its lopsided victory. There are many veterans of other wars who agree. Indeed, Napoleon said it succinctly 200 years ago: "The moral is to the physical as three to one." Just as those F-22 pilots had difficulties against some highly skilled Typhoon aircrew, the United States can expect to encounter smart, skillful enemies in the future. The country has been surprised by opponents it had assumed were inferior -- for example in the Vietnam War -- and by crude but highly effective technology it failed to anticipate, such as handmade road mines (decorously called improvised explosive devices) in Iraq and Afghanistan. The "we are the best in the world" foolishness is prologue to wars of choice making America pay dearly, just as the country discovered immediately after the arrogantly predicted "cakewalk" against Iraq -- a prediction that contemplated no "after." Both sides of the American political spectrum persistently cheapen this debate. Republican presidential candidate Mitt Romney spoke for the right when he attacked Obama for "deep and arbitrary" cuts in the defense budget (cuts that actually were neither deep nor arbitrary) at the Virginia Military Institute (VMI) on Oct. 8. He also alleged that Obama is responsible for reducing the size of the U.S. Navy to a post-World War II low and for putting the Air Force "out of business." To fix all this, Romney will do things like spend more money and put the F-22 back into production. He ignores that Obama is spending on defense at a rate well above any other post-World War II president, and Romney doesn't mention that Obama inherited a U.S. Navy and an Air Force from George W. Bush that were already at post-World War II lows. Most significantly, Romney is oblivious to the fact that the shrinkage has been occurring as the non-war parts of the defense budget increased by a trillion dollars from 2001 to 2010. Romney's proposal to put the very disappointing F-22 back into production is a classic example of "solving" the problem by making it worse: At many times the price of the F-15 it replaces, the F-22 can only be bought in such small numbers -- at greatly increased total cost -- that the overall inventory shrinks and ages as the Pentagon is forced to retire as few ancient F-15s as possible. The disingenuousness of Romney's cheap shot on defense spending is exceeded only by the ignorance of his solution and silly pander to ill-informed conventional wisdom. In his VMI speech, Romney also made a seemingly conscious attempt to walk his previously expressed adventurism into the closest; some hostile rhetorical flourishes aside, he sounded a lot like Obama. It remains entirely unclear, however, whether Romney is merely Etch-A-Sketching away the neoconservative premise that, with U.S. armed forces being the best in the world, the United States can andshould use them in still more adventures, such as Iran. He may be asking for even more future trouble than does Obama. Many on the left do not exactly distinguish themselves in the overall debate. While they are typically far more accurate in characterizing what increases or decreases have or have not occurred in the defense budget, most Democrats persist in the notion that Obama has husbanded a U.S. military that remains the best in the world. The shrinkage is OK because the newer -- even if preposterously expensive -- equipment is more capable, both individually and collectively. It has all the hallmarks of a political argument of convenience, and it ignores as much evidence as the right does when it asserts that the amount of money spent measures thehealth of overall U.S. forces. Were Romney running for reelection to a second term, he too would be crowing the "best in the world" rhetoric, and it would be in the face of still further shrinkage and aging despite the heaps of extra money he would strain to pile on to America's less-bang-for-more-bucks defenses. The empty rhetoric that U.S. armed forces are the best masks serious problems that have been festering for decades. Obama tolerates the problems; candidate Romney would make them even worse. All of it will continue until leaders emerge who understand that more money has meant more decay, and less money can mean the start of reform. ##### Winslow Wheeler is director of the Straus Military Reform Project at the Center for Defense Information. Previously, he worked for 31 years on national security issues for Republican and Democratic senators on Capitol Hill and for the Government Accountability Office. He is editor of the anthology The Pentagon Labyrinth: 10 Short Essays to Help You Through It. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 06:56:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 07:56:06 -0400 Subject: [Infowarrior] - Snooper's Charter: 19, 000 Emails Against, 0 In Favour Message-ID: Snooper's Charter: 19,000 Emails Against, 0 In Favour Published 14:15, 11 October 12 http://blogs.computerworlduk.com/open-enterprise/2012/10/uk-snoopers-charter-19000-emails-against-0-in-favour/index.htm Back in August, I urged people to respond to the consultation on the truly dreadful Draft Communications Bill, aka Snooper's Charter. Obviously, I wasn't alone in doing that: many organisations concerned about the impact on civil liberties in this country have done the same. For example, both 38 Degrees and Open Rights Group (ORG) provided suggested texts and asked people to contact the Joint Parliamentary Committee that has been considering the Bill - and doing rather a good job of it, I must say. A document from the Committee, pointed out by Simon Phipps, provides some stats for the impact of these campaigns: At 12.42 on 21 August the Committee?s website received the first of over 18,000 emails generated in response to a call by the website 38 Degrees. Pretty impressive. Here are the numbers for ORG: At 12.34 the following day the Committee received the first of some 600 emails generated by the Open Rights Group whose Director, Jim Killock, gave oral evidence to the Committee on 11 July. An order of magnitude lower, but still useful. The Joint Parliamentary Committee makes a comparison to an earlier campaign against a proposed bill, the Assisted Dying for the Terminally Ill Bill, and comments: The distinction is that while in the case of that Bill opinion was fairly evenly divided, we have not seen a single email supporting the draft Communications Data Bill, or even agreeing that there may be a case for the security services and law enforcement agencies having greater access to communications data than they do at present. Got that? Out of 19,000 emails received by the Committee on the subject of the proposed Draft Communications Bill, not a single one was in favour of it, or even agreed with its premise. Has there ever been a bill so universally rejected by the public in a consultation? Clearly, it must be thrown out completely. Unfortunately, I can't give a link to the document itself, because the address I used less than an hour ago brings up this: The link you gave does not work, either because the page it points to has been deleted or moved. If you clicked on a link, please inform the site?s webmaster that the link is faulty. Probably just a temporary glitch - you know how these things happen... Update: Luckily, it seems Simon Phipps kept a copy of the document. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 07:14:09 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 08:14:09 -0400 Subject: [Infowarrior] - WH Issues Directive on Intelligence Community Whistleblowers Message-ID: <4DB1AD53-2BD5-4D11-9AB1-E6228534B3B8@infowarrior.org> Obama Issues Directive on Intelligence Community Whistleblowers http://www.fas.org/blog/secrecy/2012/10/ppd_19.html President Obama yesterday issued Presidential Policy Directive 19 on ?Protecting Whistleblowers with Access to Classified Information.? The directive generally prohibits official reprisals against an intelligence community employee who makes a ?protected disclosure? concerning unlawful activity or ?waste, fraud, and abuse.? It does not authorize disclosure of classified information outside of official channels to the press or the public. The directive was occasioned by the ongoing failure of Congress to extend the protections of the Whistleblower Protection Act to intelligence community employees. The new presidential directive, reported today by Joe Davidson in the Washington Post, was welcomed by whistleblower advocacy organizations. ?While this directive is not a panacea, it begins to fill a large void in whistleblower protections and lays the framework for more government accountability where it is sorely needed,? said Angela Canterbury of the Project on Government Oversight. ?Because the President directs agencies to create procedures for internal review of claims, we will be very interested in the rulemaking and strength of the due process rights in practice.? ?For the first time, intelligence community employees have free speech rights to challenge fraud, waste and abuse within agency channels,? said Tom Devine of the Government Accountability Project, while cautioning that ?Until agencies adopt implementing regulations, no one whose new rights are violated will have any due process to enforce them.? ?This policy directive represents a significant breakthrough, but it is no substitute for Congress to legislate permanent rights for national security whistleblowers, with third party enforcement the same as for other employees,? Mr. Devine said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 09:40:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 10:40:38 -0400 Subject: [Infowarrior] - AT&T Starts Six-Strikes Anti-Piracy Plan Next Month, Will Block Websites Message-ID: <1F505555-9CA6-487C-8F13-722B2264693A@infowarrior.org> *yawwwwwn* They still don't get it. --rick AT&T Starts Six-Strikes Anti-Piracy Plan Next Month, Will Block Websites ? Ernesto ? October 12, 2012 A set of leaked internal AT&T training documents obtained by TorrentFreak reveal that the Internet provider will start sending out anti-piracy warning notices to its subscribers on November 28. Customers whose accounts are repeatedly flagged for alleged copyright infringements will have their access to frequently visited websites blocked, until they complete an online copyright course. It?s expected that most other participating ISPs will start their versions of the anti-piracy plan on the same date. < - > http://torrentfreak.com/att-starts-six-strikes-anti-piracy-plan-next-month-will-block-websites-121012/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 12 15:25:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2012 16:25:23 -0400 Subject: [Infowarrior] - Reading someone's Gmail doesn't violate federal statute, court finds Message-ID: Reading someone's Gmail doesn't violate federal statute, court finds SC court says Gmail not "electronic storage" by Stored Communications Act. by Cyrus Farivar - Oct 11 2012, 11:10pm EDT http://arstechnica.com/tech-policy/2012/10/reading-someones-gmail-doesnt-violate-federal-statute-court-finds/ In a case decided on Wednesday, the South Carolina Supreme Court ruled that accessing someone?s online e-mail without their permission doesn?t violate the 1986-era Stored Communications Act (SCA). Though they differed in their reasoning, the justices were unanimous in ruling that e-mail stored in the cloud (like Gmail or Yahoo Mail) does not meet the definition of electronic storage as written in the statute. This new decision creates a split with existing case law (Theofel v. Farey-Jones) as decided in a 2004 case decided by the Ninth Circuit Court of Appeals. That decision found that an e-mail message that was received, read, and left on a server (rather than being deleted) did constitute storage "for purposes of backup protection," and therefore was also defined as being kept in "electronic storage." Legal scholars point to this judicial split as yet another reason why the Supreme Court (and/or Congress) should take up the issue of the Stored Communications Act. "This [South Carolina] decision is more evidence of how intractable and inconsistent our statutory electronic surveillance regime has become," Woodrow Hartzog, a professor at the Cumberland School of Law at Samford University, told Ars. "All of the discussions regarding backups, temporary copies, and the read/unread distinction seem to have very little to do with the way that most people perceive their use of e-mail. Ultimately, this problem is likely best resolved by the legislature, but the specifics of a politically palatable update to the SCA have yet to be fully agreed upon." Hertzog pointed out though, that in a case like this, there could still be federal liability under the Computer Fraud and Abuse Act. Under the SCA, cops can go after anyone?s e-mail so long as its deemed to be "relevant to an investigation," which is a low legal threshold. The logic, at the time, was that prior to webmail with large amounts of online storage, everyone had to download their e-mail?so, if you hadn?t bothered to actually download your e-mail, it was deemed to have been effectively abandoned. A tale of love, gone awry The case here, known as Jennings v. Jennings (PDF), involves a woman (Gail Jennings) who suspected her husband (Lee Jennings) was cheating on her. The wife?s daughter-in-law (Holly Broome) managed to access Lee?s e-mail by correctly guessing his security questions, and got a hold of messages between him and his paramour. Broome shared those messages with Gail?s divorce attorney, and her private investigator that she had hired for the purpose of advancing her own divorce case. Lee Jennings sued his wife, her attorney, and her investigator, under several laws, including the Stored Communications Act, which only allows for a civil suit if the e-mails that were accessed without authorization were in "electronic storage." The district court granted summary judgment in favor of the defendants on all claims?a decision that was then overturned on appeal. The Supreme Court of South Carolina has now reversed that decision, albeit for varying reasons. What exactly is "electronic storage" ? The United States Code defines "electronic storage" under the SCA as: "(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for the purposes of backup protection of such communication." Because the definition of "electronic storage" has two components, the storage clause (A), and a purpose clause (B), Justices Hearn and Kittredge found that because Jennings had no other copies of his e-mail (they only existed through the Yahoo e-mail online interface), they could not have possibly been a backup. "We decline to hold that retaining an opened e-mail constitutes storing it for backup protection under the Act," the two judges wrote. "The ordinary meaning of the word ?backup? is ?one that serves as a substitute or support.? Thus, Congress's use of ?backup? necessarily presupposes the existence of another copy to which this e-mail would serve as a substitute or support. We see no reason to deviate from the plain, everyday meaning of the word "backup," and conclude that as the single copy of the communication, Jennings' e-mails could not have been stored for backup protection.? Chief Justice Jean Hoefer Toal, with Justice Donald Beatty concurring, ruled that the e-mails here are not a backup, because they were not created by the ISP for the purpose of actually creating a duplicate file. "In my view, electronic storage refers only to temporary storage, made in the course of transmission, by an ECS provider, and to backups of such intermediate communications," Justice Toal wrote. "Under this interpretation, if an e-mail has been received by a recipient's service provider but has not yet been opened by the recipient, it is in electronic storage." The fifth justice, Costa Pleicones, agreed in his opinion. However, he articulated a distinct definition between the relationships of the two clauses in question here. "I view these two types of storage as necessarily distinct from one another: one is temporary and incidental to transmission; the other is a secondary copy created for backup purposes by the service provider," he wrote. "Therefore, an e-mail is protected if it falls under the definition of either subsection (A) or (B). It does not end the inquiry to find that the e-mails at issue were not in temporary storage during the course of transmission (subsection (A)). Accordingly, because the e-mails in this case were also not copies made by Jennings?s service provider for purposes of backup (subsection (B)), they were not protected by the SCA. I therefore concur in result." No clear judicial standard While this case deals with a fairly narrow subsection of the SCA?what constitutes electronic storage?it?s yet another example that the Stored Communications Act needs more judicial review at the very least, and possibly an entire overhaul. "This is an issue that really calls out for US Supreme Court review," writes Orin Kerr, a privacy expert and professor of law at George Washington University. "Internet providers often have a national customer base. A provider in one state or circuit can have millions of customers in any other state or circuit. Given the national customer base, any disagreement among lower courts causes major headaches: ISPs don?t know which rule to follow. Making matters even more worrisome, it?s not at all clear whether the legal standard should be based on where the litigation arises or where the ISP is located. United States v. Weaver, 636 F. Supp. 2d 768 (C.D. Ill. 2009), nicely raised the problem: If the rights concerning records held by an ISP in California are litigated in Illinois, Weaver held, the Illinois court is not bound by the interpretation of the Ninth Circuit. Under that approach, the privacy protection varies based on where the litigation arises, which can be almost anywhere. That kind of dynamic creates a strong need for a uniform reading of the statute." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 13 08:20:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2012 09:20:48 -0400 Subject: [Infowarrior] - Pentagon's Plan X: How It Could Change Cyberwarfare Message-ID: <3CA55128-3D8E-4405-9135-0A04C3F13B35@infowarrior.org> (+1 to Adam's quotes. --rick) Christian Science Monitor (csmonitor.com) October 12, 2012 http://www.csmonitor.com/USA/Military/2012/1012/Pentagon-s-Plan-X-how-it-could-change-cyberwarfare Pentagon's Plan X: How It Could Change Cyberwarfare The Pentagon has always been secretive about its desire and ability to carry out offensive cyberwarfare. Now, Plan X makes it clear that offensive cyberattacks will be in the Pentagon playbook. By Anna Mulrine, Staff writer Washington--The same Pentagon futurologists who helped create the Internet are about to begin a new era of cyberwarfare. For years, the Pentagon has been open and adamant about the nation's need to defend itself against cyberattack, but its ability and desire to attack enemies with cyberweapons has been cloaked in mystery. Next week, however, the Pentagon's Defense Advance Research Products Agency (DARPA) will launch Plan X ? an effort to improve the offensive cyberwarfare capabilities ?needed to dominate the cyber battlespace,? according to an announcement for the workshop. Though the program will be closed to the press, the relatively public message is a first for the Pentagon. For one, it shows that the Pentagon is now essentially treating its preparations for cyberwar the same way it treats its preparations for any potential conventional war. Just as it takes bids from aerospace companies to develop new jet fighters or helicopters, Plan X will look at bids from groups that can help it plan for cyberwarfare and expand technologies. Moreover, it opens a window into the highly secretive world of offensive cyberwarfare. No longer is it unclear whether the US is in the business of planning Stuxnet-style cyberattacks. Plan X indicates that such capabilities ? which experts say could range from taking out electrical grids to scrambling computer networks in top-secret facilities to causing the pacemaker implanted in an enemy official to go haywire ? will be an explicit part of the military playbook. ?If we can have a robust public discussion of nuclear weapons why not a robust discussion of cyberstrategy?? says Jim Lewis, director of the Technology and Public Policy program at the Center for Strategic and International Studies in Washington. ?Up until now, cyber has been kind of ad hoc. What they?re doing now is saying that this is going to be a normal part of US military operations.? The US is already engaged in offensive cyberwar. Media reports claim that the US helped develop and deploy the Stuxnet digital worm, which inflicted serious harm on Iran?s uranium enrichment program. In his most wide-ranging speech to date on cyber warfare Thursday, Defense Secretary Leon Panetta hinted at the need for increased offensive capabilities, warning that America ?won?t succeed in preventing a cyber attack through improved defenses alone.? ?If we detect an imminent threat of attack that will cause significant physical destruction in the United States or kill American citizens, we need to have the option to take action against those who would attack us, to defend this nation when directed by the president,? Mr. Panetta said. ?For these kinds of scenarios, the department has developed the capability to conduct effective operations to counter threats to our national interests in cyberspace.? But the lack of discussion surrounding offensive cyber capabilities ? and a clear US military plan for pursuing them ? has been a significant roadblock for US military forces interested in honing those skills, says retired Col. Joe Adams, a former West Point professor who coached the military academy?s cyber team. In the past there has been a ?skittishness about teaching cadets offensive skills like how to hack? into systems, says Dr. Adams, now executive director of research and cybersecurity for Merritt Network, Inc. ?We?ve really ramped up the defensive part, but there hasn?t been any work done to identify people who have the intuitive ability to conduct operations on the offensive side.? Many of the threats the US faces ? and may in turn inflict on other countries and non-state actors ? will be nuanced. The notion of a ?cyber Pearl Harbor,? as Panetta has characterized it, is a misnomer, Adams adds. ?Everybody?s looking for a cyber Pearl Harbor ? we don?t need a Pearl Harbor to really mess things up. That?s the very nature of this advanced, persistent threat: We?re not kicking people?s doors in anymore.? Instead, cyber incursions will be more subtle. Just imagine what could happen in a hospital, Adams says. ?I don?t even have to turn off the refrigerators. I just have to change the thermostat so they?re too warm, or too cold, or make some blood supplies go bad, or spoil a little medicine, or just reroute where they send ambulance alerts.? In particular, offensive cyberskills ?are more art than science,? says Adams. ?These kids need to be screened right, and they need to be utilized. A career path in the military is built on building their skills, but also retaining them. We?ve done really poorly with that.? Part of the problem is that American military training has long emphasized traditional skills, which are often are at odds with developing cyber warriors. You could have an outstanding cyberthinker in a class, but tradition dictates that ?he?s going to be a tank platoon leader, or a rifle platoon ? he?s going to have to prove himself as an Army officer before they?re going to make use of his talent,? says Adams. In the meantime, his cyberskills atrophy. ?The cadets I was teaching, there just wasn?t another outlet for them in the military yet.? Plan X is designed to help the Pentagon ?understand the cyber battlespace? and to develop skills in ?visualizing and interacting with large-scale cyber battlespaces,? according to the DARPA proposal. These, too, are unique skills that must be cultivated within the military, says Adams. ?Another art piece is mapping a network [that could be a potential target]. How do you do it ? and how do you do it subtly ? without knocking things over and turning things off? And if it?s hostile, how do we do it without getting caught?? Plan X hints at some of these needs ? and makes it clear that the Pentagon is grappling with how to establish a framework for fighting cyberwar, too. ?Plan X is an attempt by the national security bureaucracy to come to grips with the multitude of issues around use of cyberweapon in an offensive form ? the legal, diplomatic, ethical issues,? says Matthew Aid, a historian and author of "Intel Wars: The Secret History of the Fight Against Terror." ?We can?t have a public discussion about Stuxnet, about these brand new weapons ? or their ethical implications ? until the White House pulls back just a little the veil of secrecy that surrounds the entire program,? Mr. Aid adds. For example, Stuxnet revealed how unwieldy such weapons can be when it inadvertently ?jumped? into friendly computer systems that were never meant to be targeted. Indeed, ?One of the biggest problems in cyberwarfare is the potential for collateral damage,? says Mr. Lewis of the Center for Strategic and International Studies. ?You just can?t attack stuff and not worry that innocent civilians will be harmed ? you have to take steps to mitigate the risk.? Aid says now is the time to have these conversations. ?We can only see one tenth of one percent lurking beneath the surface ? what?s beneath the surface scares ... me," he says. "This is combat ? this is war by a by a different name.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 13 11:31:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2012 12:31:54 -0400 Subject: [Infowarrior] - How the Western world is limiting free speech Message-ID: Shut up and play nice: How the Western world is limiting free speech By Jonathan Turley http://www.washingtonpost.com/opinions/the-four-arguments-the-western-world-uses-to-limit-free-speech/2012/10/12/e0573bd4-116d-11e2-a16b-2c110031514a_print.html Free speech is dying in the Western world. While most people still enjoy considerable freedom of expression, this right, once a near-absolute, has become less defined and less dependable for those espousing controversial social, political or religious views. The decline of free speech has come not from any single blow but rather from thousands of paper cuts of well-intentioned exceptions designed to maintain social harmony. In the face of the violence that frequently results from anti-religious expression, some world leaders seem to be losing their patience with free speech. After a video called ?Innocence of Muslims? appeared on YouTube and sparked violent protests in several Muslim nations last month, U.N. Secretary General Ban Ki-moon warned that ?when some people use this freedom of expression to provoke or humiliate some others? values and beliefs, then this cannot be protected.? It appears that the one thing modern society can no longer tolerate is intolerance. As Australian Prime Minister Julia Gillard put it in her recent speech before the United Nations, ?Our tolerance must never extend to tolerating religious hatred.? A willingness to confine free speech in the name of social pluralism can be seen at various levels of authority and government. In February, for instance, Pennsylvania Judge Mark Martin heard a case in which a Muslim man was charged with attacking an atheist marching in a Halloween parade as a ?zombie Muhammed.? Martin castigated not the defendant but the victim, Ernie Perce, lecturing him that ?our forefathers intended to use the First Amendment so we can speak with our mind, not to piss off other people and cultures ? which is what you did.? Of course, free speech is often precisely about pissing off other people ? challenging social taboos or political values. This was evident in recent days when courts in Washington and New York ruled that transit authorities could not prevent or delay the posting of a controversial ad that says: ?In any war between the civilized man and the savage, support the civilized man. Support Israel. Defeat jihad.? When U.S. District Judge Rosemary Collyer said the government could not bar the ad simply because it could upset some Metro riders, the ruling prompted calls for new limits on such speech. And in New York, the Metropolitan Transportation Authority responded by unanimously passing a new regulation banning any message that it considers likely to ?incite? others or cause some ?other immediate breach of the peace.? Such efforts focus not on the right to speak but on the possible reaction to speech ? a fundamental change in the treatment of free speech in the West. The much-misconstrued statement of Justice Oliver Wendell Holmes that free speech does not give you the right to shout fire in a crowded theater is now being used to curtail speech that might provoke a violence-prone minority. Our entire society is being treated as a crowded theater, and talking about whole subjects is now akin to shouting ?fire!? The new restrictions are forcing people to meet the demands of the lowest common denominator of accepted speech, usually using one of four rationales. Speech is blasphemous This is the oldest threat to free speech, but it has experienced something of a comeback in the 21st century. After protests erupted throughout the Muslim world in 2005 over Danish cartoons depicting the prophet Muhammad, Western countries publicly professed fealty to free speech, yet quietly cracked down on anti-religious expression. Religious critics in France, Britain, Italy and other countries have found themselves under criminal investigation as threats to public safety. In France, actress and animal rights activist Brigitte Bardot has been fined several times for comments about how Muslims are undermining French culture. And just last month, a Greek atheist was arrested for insulting a famous monk by making his name sound like that of a pasta dish. Some Western countries have classic blasphemy laws ? such as Ireland, which in 2009 criminalized the ?publication or utterance of blasphemous matter? deemed ?grossly abusive or insulting in relation to matters held sacred by any religion.? The Russian Duma recently proposed a law against ?insulting religious beliefs.? Other countries allow the arrest of people who threaten strife by criticizing religions or religious leaders. In Britain, for instance, a 15-year-old girl was arrested two years agofor burning a Koran. Western governments seem to be sending the message that free speech rights will not protect you ? as shown clearly last month by the images of Nakoula Basseley Nakoula, the YouTube filmmaker, being carted away in California on suspicion of probation violations. Dutch politician Geert Wilders went through years of litigation before he was acquitted last year on charges of insulting Islam by voicing anti-Islamic views. In the Netherlandsand Italy, cartoonists and comedians have been charged with insulting religion through caricatures or jokes. Even the Obama administration supported the passage of a resolution in the U.N. Human Rights Council to create an international standard restricting some anti-religious speech (its full name: ?Combating Intolerance, Negative Stereotyping and Stigmatization of, and Discrimination, Incitement to Violence and Violence Against, Persons Based on Religion or Belief?). Egypt?s U.N. ambassador heralded the resolution as exposing the ?true nature? of free speech and recognizing that ?freedom of expression has been sometimes misused? to insult religion. At a Washington conference last yearto implement the resolution, Secretary of State Hillary Rodham Clinton declared that it would protect both ?the right to practice one?s religion freely and the right to express one?s opinion without fear.? But it isn?t clear how speech can be protected if the yardstick is how people react to speech ? particularly in countries where people riot over a single cartoon. Clinton suggested that free speech resulting in ?sectarian clashes? or ?the destruction or the defacement or the vandalization of religious sites? was not, as she put it, ?fair game.? Given this initiative, President Obama?s U.N. address last month declaring America?s support for free speech, while laudable, seemed confused ? even at odds with his administration?s efforts. Speech is hateful In the United States, hate speech is presumably protected under the First Amendment. However, hate-crime laws often redefine hateful expression as a criminal act. Thus, in 2003, the Supreme Court upheld the conviction of a Virginia Ku Klux Klan member who burned a cross on private land. The court allowed for criminal penalties so long as the government could show that the act was ?intended to intimidate? others. It was a distinction without meaning, since the state can simply cite the intimidating history of that symbol. Other Western nations routinely bar forms of speech considered hateful. Britain prohibits any ?abusive or insulting words? meant ?to stir up racial hatred.? Canada outlaws ?any writing, sign or visible representation? that ?incites hatred against any identifiable group.? These laws ban speech based not only on its content but on the reaction of others. Speakers are often called to answer for their divisive or insulting speech before bodies like the Canadian Human Rights Tribunal. This month, a Canadian court ruled that Marc Lemire, the webmaster of a far-right political site, could be punished for allowing third parties to leave insulting comments about homosexuals and blacks on the site. Echoing the logic behind blasphemy laws, Federal Court Justice Richard Mosley ruled that ?the minimal harm caused .?.?. to freedom of expression is far outweighed by the benefit it provides to vulnerable groups and to the promotion of equality.? Speech is discriminatory Perhaps the most rapidly expanding limitation on speech is found in anti-discrimination laws. Many Western countries have extended such laws to public statements deemed insulting or derogatory to any group, race or gender. For example, in a closely watched case last year, a French court found fashion designer John Gallianoguilty of making discriminatory comments in a Paris bar, where he got into a cursing match with a couple using sexist and anti-Semitic terms. Judge Anne-Marie Sauteraud read a list of the bad words Galliano had used, adding that she found (rather implausibly) he had said ?dirty whore? at least 1,000 times. Though he faced up to six months in jail, he was fined. In Canada, comedian Guy Earle was charged with violating the human rights of a lesbian couple after he got into a trash-talking session with a group of women during an open-mike night at a nightclub. Lorna Pardysaid she suffered post-traumatic stress because of Earle?s profane language and derogatory terms for lesbians. The British Columbia Human Rights Tribunal ruled last year that since this was a matter of discrimination, free speech was not a defense, and awarded about $23,000 to the couple. Ironically, while some religious organizations are pushing blasphemy laws, religious individuals are increasingly targeted under anti-discrimination laws for their criticism of homosexuals and other groups. In 2008, a minister in Canada was not only forced to pay fines for uttering anti-gay sentiments but was also enjoined from expressing such views in the future. Speech is deceitful In the United States, where speech is given the most protection among Western countries, there has been a recent effort to carve out a potentially large category to which the First Amendment would not apply. While we have always prosecuted people who lie to achieve financial or other benefits, some argue that the government can outlaw any lie, regardless of whether the liar secured any economic gain. One such law was the Stolen Valor Act, signed by President George W. Bush in 2006, which made it a crime for people to lie about receiving military honors. The Supreme Court struck it down this year, but at least two liberal justices, Stephen Breyer and Elena Kagan, proposed that such laws should have less of a burden to be upheld as constitutional. The House responded with new legislation that would criminalize lies told with the intent to obtain any undefined ?tangible benefit.? The dangers are obvious. Government officials have long labeled whistleblowers, reporters and critics as ?liars? who distort their actions or words. If the government can define what is a lie, it can define what is the truth. For example, in Februarythe French Supreme Court declared unconstitutional a law that made it a crime to deny the 1915 Armenian genocide by Turkey ? a characterization that Turkey steadfastly rejects. Despite the ruling, various French leaders pledged to pass new measures punishing those who deny the Armenians? historical claims. The impact of government limits on speech has been magnified by even greater forms of private censorship. For example, most news organizations have stopped showing images of Muhammad, though they seem to have no misgivings about caricatures of other religious figures. The most extreme such example was supplied by Yale University Press, which in 2009 published a book about the Danish cartoons titled ?The Cartoons That Shook the World? ? but cut all of the cartoons so as not to insult anyone. The very right that laid the foundation for Western civilization is increasingly viewed as a nuisance, if not a threat. Whether speech is deemed imflammatory or hateful or discriminatory or simply false, society is denying speech rights in the name of tolerance, enforcing mutual respect through categorical censorship. As in a troubled marriage, the West seems to be falling out of love with free speech. Unable to divorce ourselves from this defining right, we take refuge instead in an awkward and forced silence. jturley at law.gwu.edu Jonathan Turley is the Shapiro professor of public interest law at George Washington University. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 13 22:57:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2012 23:57:34 -0400 Subject: [Infowarrior] - Truth, lies, and art before and after Photoshop Message-ID: Is this shopped? Truth, lies, and art before and after Photoshop A new exhibit at the Metropolitan Museum is Photoshopping like it's 1859 By Joshua Kopstein on October 12, 2012 10:01 am < - > http://www.theverge.com/2012/10/12/3489356/is-this-shopped-truth-lies-and-art-before-and-after-photoshop --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 14 13:24:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2012 14:24:05 -0400 Subject: [Infowarrior] - Felix completes 24 mile spacejump Message-ID: <7107E463-3BF3-4319-8B00-615517EFBA6D@infowarrior.org> Felix Baumgartner, Professional Daredevil, Lands After Jump of More Than 24 Miles Awesome video, too. http://www.washingtonpost.com/blogs/innovations/post/felix-baumgartner-tries-record-breaking-jump-again-live-blog/2012/10/14/b7ddfc18-159d-11e2-be82-c3411b7680a9_blog.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 14 13:25:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2012 14:25:43 -0400 Subject: [Infowarrior] - Skydiver lands safely after historic jump from edge of space Message-ID: <5FB092F0-4ECE-4346-90B6-C93A9B61392F@infowarrior.org> Skydiver lands safely after historic jump from edge of space By Josh Levs. Dugald McConnell, and Brian Todd, CNN updated 2:20 PM EDT, Sun October 14, 2012 http://www.cnn.com/2012/10/14/us/skydiver-record-attempt/index.html (CNN) -- Skydiver Felix Baumgartner landed safely on the ground Sunday after a record-shattering free fall from the edge of space. "He made it -- tears of joy from Mission Control," the team said in a live feed. Baumgartner left the capsule attached to a huge helium balloon at 128,000 feet -- 24 miles up. After an initial free fall, he opened his parachute and glided down to the ground, where he smiling and hugging members of his team. His mother, watching from Mission Control, had tears in her eyes. With nothing but a space suit, helmet and parachute, Baumgartner hoped to be the first person to break the sound barrier without the protection of a vehicle. Even before jumping, he set a record for floating higher in a balloon -- about 24 miles -- than anyone else before. At that height, more than three times the cruising altitude of an average airliner, the thin air provides so little resistance that after just 40 seconds, he was expected to be free-falling faster than 690 miles per hour. The Austrian daredevil, dubbed "Fearless Felix," was prepared, having "done the hard work," his coach Andy Walshe told reporters last week. Baumgartner ascended steadily in a capsule hanging from a helium balloon. Then he opened the hatch, climbed out, jumped off the step with a bunny hop, and formed a crouched "delta" position to maximize his acceleration. The plan: to fall most of the way in less than five minutes, then deploy a parachute for the final 5,000 feet to earth. The attempt has serious risks. He and his team have practiced how he can avoid getting trapped in a dangerous "horizontal spin." His life will also depend on the integrity of his pressure suit, since temperatures could hit 70 degrees below zero Fahrenheit or lower, and the atmosphere will be so thin that his blood would vaporize if he were unprotected. If he loses consciousness during the five-minute plunge, he will survive only if his parachute deploys automatically. Another unknown: the effects on the body of breaking the sound barrier. While reaching such speeds can cause stress on an aircraft, planners for this jump believe there will be little effect on Baumgartner because he will be at an altitude at which there is so little air that shock waves are barely transmitted. Opinion: The space adventure you can't miss After a weather delay of several hours on Sunday morning, the balloon rose from its launch site at 11:30 a.m. ET, with Baumgartner in a capsule hanging beneath it. He almost made an attempt Tuesday from his launch site in Roswell, New Mexico. But as he was waiting in his capsule for the giant helium balloon to finish inflating, a gust of wind twisted the balloon like a spinnaker, and ruined it. Baumgartner is an Austrian helicopter pilot and former soldier who has parachuted from such landmarks as the Petronas Towers in Malaysia and the Christ the Redeemer statue in Rio de Janeiro. He has been preparing for his latest feat for five years -- both physically and mentally. "You have to remember all the procedures," he said in an interview during testing for the jump. "You know you're in a really hostile environment. And you cannot think about anything else. You have to be focused. Otherwise, you're gonna die." The balloon being used is light and translucent. The material is only .0008 of an inch thick, one-tenth as thick as a sandwich bag, and it will change shape and size as it rises. After Tuesday's launch was scrubbed, Baumgartner tweeted, "We've made it so far, there's no way turning back." The 43-year-old former military parachutist is backed up by the Red Bull Stratos team, which includes a former NASA crew surgeon, record-breaking aviators, and designers of innovative aircraft. Skydiver aims for supersonic jump from the edge of space Baumgartner has previously parachuted from such landmarks as the Petronas Towers in Malaysia and the Christ the Redeemer statue in Rio de Janeiro. He has been preparing for his latest feat for five years -- both physically and mentally. "You have to remember all the procedures," he said in an interview during testing for the jump. "You know you're in a really hostile environment. And you cannot think about anything else. You have to be focused. Otherwise, you're gonna die." The balloon being used is light and translucent. The material is only .0008 of an inch thick, one-tenth as thick as a sandwich bag, and it will change shape and size as it rises. The pressurized helmet and suit, which restrict Baumgartner's mobility and together weigh 100 pounds, have been equipped with sensors and recorders to measure everything from his speed to his heart rate. Cameras on the ground and on the capsule are transmitting live images of his attempt at www.youtube.com/user/redbull. The record for such a jump is currently held by Col. Joe Kittinger, who in 1960 jumped from 102,800 feet as part of a U.S. Air Force mission. More than 50 years later, Kittinger is a consultant on Baumgartner's effort, and will be the one from mission control who speaks to Baumgartner over the headset throughout the attempt. After a test jump earlier this year, when the two lost communication with each other, Baumgartner told CNN he realized how much he relies on Kittinger as a mentor. "Immediately you can feel how lonely you feel," Baumgartner said. "I wanted to hear the voice because I am so used to this. Every time we have been practicing on the ground, Joe was talking to me. So I am used to the voice, and [it] makes me feel safe." Kittinger has also been giving Baumgartner advice on what to expect during his attempt. For example, he said, when you're at an altitude so high that you see the curvature of the earth, "there's no way you can tell how fast you're going, because there's no visual cues." He also learned the importance of patience back when he was making jumps, Kittinger told reporters last week. "On one occasion, I waited 30 days to launch a stratospheric balloon," he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 14 13:29:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2012 14:29:42 -0400 Subject: [Infowarrior] - Why Are Americans So Easy to Manipulate? Message-ID: Why Are Americans So Easy to Manipulate? Sunday, 14 October 2012 11:02 By Bruce E Levine, AlterNet | News Analysis http://truth-out.org/news/item/12102-why-are-americans-so-easy-to-manipulate?tmpl=component&print=1 What a fascinating thing! Total control of a living organism! ? psychologist B.F. Skinner The corporatization of society requires a population that accepts control by authorities, and so when psychologists and psychiatrists began providing techniques that could control people, the corporatocracy embraced mental health professionals. In psychologist B.F. Skinner?s best-selling book Beyond Freedom and Dignity (1971), he argued that freedom and dignity are illusions that hinder the science of behavior modification, which he claimed could create a better-organized and happier society. During the height of Skinner?s fame in the 1970s, it was obvious to anti-authoritarians such as Noam Chomsky (?The Case Against B.F. Skinner?) and Lewis Mumord that Skinner?s worldview?a society ruled by benevolent control freaks?was antithetical to democracy. In Skinner?s novel Walden Two (1948), his behaviorist hero states, ?We do not take history seriously,? to which Lewis Mumford retorted, ?And no wonder: if man knew no history, the Skinners would govern the world, as Skinner himself has modestly proposed in his behaviorist utopia.? As a psychology student during that era, I remember being embarrassed by the silence of most psychologists about the political ramifications of Skinner and behavior modification. In the mid-1970s, as an intern on a locked ward in a state psychiatric hospital, I first experienced one of behavior modification?s staple techniques, the ?token economy.? And that?s where I also discovered that anti-authoritarians try their best to resist behavior modification. George was a severely depressed anti-authoritarian who refused to talk to staff, but for some reason, chose me to shoot pool with. My boss, a clinical psychologist, spotted my interaction with George, and told me that I should give him a token?a cigarette?to reward his ?prosocial behavior.? I fought it, trying to explain that I was 20 and George was 50, and this would be humiliating. But my boss subtly threatened to kick me off the ward. So, I asked George what I should do. George, fighting the zombifying effects of his heavy medication, grinned and said, ?We'll win. Let me have the cigarette.? In full view of staff, George took the cigarette and then placed it into the shirt pocket of another patient, and then looked at the staff shaking his head in contempt. Unlike Skinner, George was not ?beyond freedom and dignity.? Anti-authoritarians such as George?who don?t take seriously the rewards and punishments of control-freak authorities?deprive authoritarian ideologies such as behavior modification from total domination. Behavior Modification Techniques Excite Authoritarians If you have taken introductory psychology, you probably have heard of Ivan Pavlov?s ?classical conditioning? and B.F. Skinner's ?operant conditioning.? An example of Pavlov's classical conditioning? A dog hears a bell at the same time he receives food; then the bell is sounded without the food and still elicits a salivating dog. Pair a scantily clad attractive woman with some crappy beer, and condition men to sexually salivate to the sight of the crappy beer and buy it. The advertising industry has been using classical conditioning for quite some time. Skinner's operant conditioning? Rewards, like money, are ?positive reinforcements?; the removal of rewards are ?negative reinforcements?; and punishments, such as electric shocks, are labeled in fact as "punishments." Operant conditioning pervades the classroom, the workplace and mental health treatment. Skinner was heavily influenced by the book Behaviorism (1924) by John B. Watson. Watson achieved some fame in the early 1900s by advocating a mechanical, rigid, affectionless manner in child rearing. He confidently asserted that he could take any healthy infant, and given complete control of the infant?s world, train him for any profession. When Watson was in his early 40s, he quit university life and began a new career in advertising at J. Walter Thompson. Behaviorism and consumerism, two ideologies that achieved tremendous power in the 20th century, are cut from the same cloth. The shopper, the student, the worker, and the voter are all seen by consumerism and behaviorism the same way: passive, conditionable objects. Who are Easiest to Manipulate? Those who rise to power in the corporatocracy are control freaks, addicted to the buzz of power over other human beings, and so it is natural for such authorities to have become excited by behavior modification. Alfie Kohn, in Punished by Rewards (1993), documents with copious research how behavior modification works best on dependent, powerless, infantilized, bored, and institutionalized people. And so for authorities who get a buzz from controlling others, this creates a terrifying incentive to construct a society that creates dependent, powerless, infantilized, bored, and institutionalized people. Many of the most successful applications of behavior modification have involved laboratory animals, children, or institutionalized adults. According to management theorists Richard Hackman and Greg Oldham in Work Redesign (1980), ?Individuals in each of these groups are necessarily dependent on powerful others for many of the things they most want and need, and their behavior usually can be shaped with relative ease.? Similarly, researcher Paul Thorne reports in the journal International Management (?Fitting Rewards,? 1990) that in order to get people to behave in a particular way, they must be ?needy enough so that rewards reinforce the desired behavior.? It is also easiest to condition people who dislike what they are doing. Rewards work best for those who are alienated from their work, according to researcher Morton Deutsch (Distributive Justice, 1985). This helps explain why attention-deficit-hyperactivity disorder (ADHD)-labeled kids perform as well as so-called ?normals? on boring schoolwork when paid for it (see Thomas Armstrong?s The Myth of the A.D.D. Child, 1995). Correlatively, Kohn offers research showing that rewards are least effective when people are doing something that isn?t boring. In a review of the literature on the harmful effects of rewards, researcher Kenneth McGraw concluded that rewards will have a detrimental effect on performance under two conditions: ?first, when the task is interesting enough for the subjects that the offer of incentives is a superfluous source of motivation; second, when the solution to the task is open-ended enough that the steps leading to a solution are not immediately obvious.? Kohn also reports that at least 10 studies show rewards work best on simplistic and predictable tasks. How about more demanding ones? In research on preschoolers (working for toys), older children (working for grades) and adults (working for money), all avoided challenging tasks. The bigger the reward, the easier the task that is chosen; while without rewards, human beings are more likely to accept a challenge. So, there is an insidious incentive for control-freaks in society?be they psychologists, teachers, advertisers, managers, or other authorities who use behavior modification. Specifically, for controllers to experience the most control and gain a ?power buzz,? their subjects need to be infantilized, dependent, alienated, and bored. The Anti-Democratic Nature of Behavior Modification Behavior modification is fundamentally a means of controlling people and thus for Kohn, ?by its nature inimical to democracy, critical questioning, and the free exchange of ideas among equal participants.? For Skinner, all behavior is externally controlled, and we don?t truly have freedom and choice. Behaviorists see freedom, choice, and intrinsic motivations as illusory, or what Skinner called ?phantoms.? Back in the 1970s, Noam Chomsky exposed Skinner?s unscientific view of science, specifically Skinner?s view that science should be prohibited from examining internal states and intrinsic forces. In democracy, citizens are free to think for themselves and explore, and are motivated by very real?not phantom?intrinsic forces, including curiosity and a desire for justice, community, and solidarity. What is also scary about behaviorists is that their external controls can destroy intrinsic forces of our humanity that are necessary for a democratic society. Researcher Mark Lepper was able to diminish young children?s intrinsic joy of drawing with Magic Markers by awarding them personalized certificates for coloring with a Magic Marker. Even a single, one-time reward for doing something enjoyable can kill interest in it for weeks. Behavior modification can also destroy our intrinsic desire for compassion, which is necessary for a democratic society. Kohn offers several studies showing ?children whose parents believe in using rewards to motivate them are less cooperative and generous [children] than their peers.? Children of mothers who relied on tangible rewards were less likely than other children to care and share at home. How, in a democratic society, do children become ethical and caring adults? They need a history of being cared about, taken seriously, and respected, which they can model and reciprocate. Today, the mental health profession has gone beyond behavioral technologies of control. It now diagnoses noncompliant toddlers with attention deficit hyperactivity disorder, oppositional defiant disorder, and pediatric bipolar disorder and attempts to control them with heavily sedating drugs. While Big Pharma directly profits from drug prescribing, the entire corporatocracy benefits from the mental health profession?s legitimization of conditioning and controlling. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 14 19:04:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2012 20:04:02 -0400 Subject: [Infowarrior] - FCC to allow encryption of basic cable Message-ID: FCC to allow encryption of basic cable, with a few strings that Boxee approves of By Ben Drawbaugh posted Oct 14th 2012 6:14PM http://www.engadget.com/2012/10/14/fcc-to-allow-encryption-of-basic-cable-with-a-few-strings-that/ As you might expect, the cable industry has been taking measures to protect its business by asking the FCC to allow encryption of basic cable -- something that has never been done and that many have rightly opposed. The FCC responded by releasing new rules on Friday and while cable operators will be able allowed to encrypt all their channels, it isn't without a few strings. The Boxee blog voiced its approval of those strings, which basically amounts to a requirement that when an operator encrypts, it also needs to make basic channels accessible via IP -- with or without some hardware in your home -- so that Boxee and others can still tune in. The other, less interesting stipulation, is that you might be entitled to at least one free set-top box or CableCARD for up to five years, depending on what package you subscribe to or if you are on Medicaid. The free hardware will only be for existing customers who apply within four months of when your provider rolls out the basic cable encryption. The real loser here are those few who actually use the Clear-QAM tuner in their TV, or perhaps those that use HTPC software that'll never get an update. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 15 07:18:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2012 08:18:28 -0400 Subject: [Infowarrior] - OT: Cuba Almost Became a Nuclear Power in 1962 Message-ID: <6E0C779F-436C-454E-A738-A2EF70693CD0@infowarrior.org> Cuba Almost Became a Nuclear Power in 1962 The scariest moment in history was even scarier than we thought. BY SVETLANA SAVRANSKAYA | OCTOBER 10, 2012 http://www.foreignpolicy.com/articles/2012/10/10/cuba_almost_became_a_nuclear_power_in_1962?print=yes&hidecomments=yes&page=full Cuba would have become the first nuclear power in Latin America 50 years ago, if not for the dynamics captured in this remarkable verbatim transcript -- published here for the first time -- of Fidel Castro's excruciating meeting with Soviet deputy prime minister Anastas Mikoyan, on November 22, 1962. The document comes from the personal archive of his son, the late Sergo Mikoyan, which was donated to the National Security Archive and which appears for the first time in English this month in the new book, The Soviet Cuban Missile Crisis. Long after the world thought the Cuban Missile Crisis had ended, with Soviet leader Nikita Khrushchev's withdrawal of his medium-range nuclear missiles announced on October 28 -- and two days after President John F. Kennedy announced the lifting of the quarantine around Cuba -- the secret crisis still simmered. Unknown to the Americans, the Soviets had brought some 100 tactical nuclear weapons to Cuba -- 80 nuclear-armed front cruise missiles (FKRs), 12 nuclear warheads for dual-use Luna short-range rockets, and 6 nuclear bombs for IL-28 bombers. Even with the pullout of the strategic missiles, the tacticals would stay, and Soviet documentation reveals the intention of training the Cubans to use them. But Fidel Castro was livid. Khrushchev had not consulted or even informed Castro about any deals with the Americans -- Fidel heard about the missile withdrawal from the radio. The Cuban leader refused to go along with any onsite inspections in Cuba, and raised further demands. The Soviets had their own Cuban crisis: They had to take back what the Americans called the "offensive weapons," get the U.S. to confirm its non-invasion pledge, and most importantly, keep Cuba as an ally. At the Soviet Presidium, everyone agreed only one man could achieve such a resolution: Anastas Mikoyan. Mikoyan arrived in Cuba on November 2, 1962, and over 20 days of often-bitter conversations with Cuban leaders -- culminating in this tense meeting -- Mikoyan began to appreciate the danger tactical nuclear weapons posed if they were left on the island, especially in Cuban hands. On one day, Castro would refuse to see Mikoyan; on another, Fidel would order his anti-aircraft crews to shoot at the American surveillance planes. The final straw apparently came on November 20, when Castro sent instructions to Cuba's representative at the United Nations, Carlos Lechuga, to mention "we have tactical nuclear weapons, which we should keep" -- partly as leverage in negotiations over inspections, also to establish the fact that the weapons were in Cuban possession. Extremely worried, Mikoyan cabled the Soviet Presidium that he now planned to inform the Cuban leader that all tactical nuclear weapons would be withdrawn from Cuba. Mikoyan had to break this unpleasant news to his hosts, and he had to do it in such a way that they would remain Soviet allies. This four-hour conversation on November 22 provided the final blow to the Cuban revolutionaries, now that the Soviet Union was removing all the weapons for which Cuba had to suffer so much. Castro opened the conversation saying that he was in a bad mood because Kennedy stated in his speech that all nuclear weapons were removed from Cuba, but surely the tacticals were still on the island. Mikoyan confirmed that "the Soviet government has not given any promises regarding the removal of the tactical nuclear weapons. The Americans do not even have any information that they are in Cuba." But the Soviet government itself, said Mikoyan, not under U.S. pressure, has now decided to take them back. Castro's mood only got worse. Now the tacticals were coming out. Already the Soviets had given in to American pressure on the IL-28 bombers (technically the bombers could reach Florida so they qualified as "offensive" and they were nuclear capable). Mikoyan tried to persuade Castro that "as far as Il-28s are concerned, you know yourself that they are outdated. Presently, it is best to use them as a target plane." Castro retorts: "And why did you send them to us then?" Castro was very emotional and at times rough with Mikoyan -- he criticized the Soviet military for failing to camouflage the missiles, for not using their anti-aircraft launchers to shoot down U.S. U-2 spy planes, essentially allowing them to photograph the sites. He went back to the initial offer of missiles and stated that the Cubans did not want the missiles, they only accepted the weapons as part of "fulfilling their duty to the socialist camp." The Cubans were ready to die in a nuclear war and were hoping that the Soviet Union would be also willing "to do the same for us." But the Soviets did not treat the Cubans as a partner, they caved in under U.S. pressure, and did not even consult the Cubans about the withdrawal. Castro expressed the humiliation the Cubans felt: "What do you think we are? A zero on the left, a dirty rag. We tried to help the Soviet Union to get out of a difficult situation." In desperation, Castro almost begged Mikoyan to leave the tactical warheads in Cuba, especially because the Americans were not aware of them and they were not part of the agreement between Kennedy and Khrushchev. Castro claimed that the situation now was even worse than it was before the crisis -- Cuba was defenseless, and the U.S. non-invasion assurances did not mean much for the Cubans. But Mikoyan rejected Castro's pleas and cited a (nonexistent) Soviet law proscribing the transfer of nuclear weapons to third countries. Castro had a suggestion: "So you have a law that prohibits transfer of tactical nuclear weapons to other countries? It's a pity. And when are you going to repeal that law?" Mikoyan was non-committal: "We will see. It is our right [to do so]." This ended Cuba's hope to become a Latin American nuclear power. Ironically, if the Cubans were a little more pliant, and a little less independent, if they were more willing to be Soviet pawns, they would have kept the tactical nuclear weapons on the island. But they showed themselves to be much more than just a parking lot for the Soviet missiles. Cuba was a major independent variable of the Cuban Missile Crisis. Mikoyan treated his Cuban hosts with great empathy and respect, while being highly critical of his own political and military leadership. He admired the genuine character of the Cuban revolution, he saw its appeal for Latin America. But he also saw the danger of the situation spiraling out of control probably better than other leaders in this tense triangle, and thus brought about the final resolution of the crisis. The following transcript was prepared by a Soviet note-taker, with the Soviet ambassador to Cuba, Alexandr Alexeyev, translating for Mikoyan.... http://www.foreignpolicy.com/articles/2012/10/10/cuba_almost_became_a_nuclear_power_in_1962?print=yes&hidecomments=yes&page=full --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 15 08:26:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2012 09:26:17 -0400 Subject: [Infowarrior] - Google: Spacejump set new YouTube record Message-ID: <52A1DFB5-B63B-4891-A17B-8E7A4A8D82BE@infowarrior.org> Skydiver Baumgartner sets YouTube live view record Austrian skydiver Felix Baumgartner smashed a number of records with his "edge of space" stunt - including for live streaming. More than eight million people flocked to their devices to watch the 43-year-old break the speed of sound live on Google's YouTube site. It is the largest number of concurrent live streams in the website's history, Google UK confirmed to the BBC. Mr Baumgartner also broke the record for the highest freefall. He jumped from a capsule taken to 128,100ft (24 miles; 39km) above New Mexico in the US by a giant helium balloon. It took nine minutes for him to reach the ground. < -- > http://www.bbc.co.uk/news/technology-19947159 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 15 11:21:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2012 12:21:18 -0400 Subject: [Infowarrior] - First Head Cam Video of Supersonic Space Jump Message-ID: First Head Cam Video of Supersonic Space Jump http://gizmodo.com/5951725/first-head-cam-footage-from-daredevils-space-jump --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 18 08:35:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 09:35:13 -0400 Subject: [Infowarrior] - Obama Pursuing Leakers Sends Warning to Whistle-Blowers Message-ID: <45BFB51A-B142-4C8D-A94B-EF0DF37FB2E0@infowarrior.org> Obama Pursuing Leakers Sends Warning to Whistle-Blowers By Phil Mattingly and Hans Nichols - Oct 17, 2012 Eric Holder, attorney general under President Barack Obama, has prosecuted more government officials for alleged leaks under the World War I-era Espionage Act than all his predecessors combined, including law-and-order Republicans John Mitchell, Edwin Meese and John Ashcroft. The indictments of six individuals under that spy law have drawn criticism from those who say the president?s crackdown chills dissent, curtails a free press and betrays Obama?s initial promise to ?usher in a new era of open government.? < - > http://www.bloomberg.com/news/print/2012-10-18/obama-pursuing-leakers-sends-warning-to-whistle-blowers.html From rforno at infowarrior.org Thu Oct 18 08:35:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 09:35:18 -0400 Subject: [Infowarrior] - Google Throws Open Doors to Its Top-Secret Data Center Message-ID: <8F55BA95-55A1-435E-8664-FDF92C9B9EB0@infowarrior.org> Google Throws Open Doors to Its Top-Secret Data Center ? By Steven LevyEmail Author ? 10.17.12 ? 7:30 AM http://www.wired.com/wiredenterprise/2012/10/ff-inside-google-data-center/all/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 18 08:35:24 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 09:35:24 -0400 Subject: [Infowarrior] - Studio To Amazon Instant Video Customer: Thanks For The $$$. Enjoy Your Blank Screen. Message-ID: Studio To Amazon Instant Video Customer: Thanks For The $$$. Enjoy Your Blank Screen. http://www.techdirt.com/articles/20121017/16282620737/studio-to-amazon-instant-video-customer-thanks-enjoy-your-blank-screen.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 18 08:35:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 09:35:34 -0400 Subject: [Infowarrior] - New "Surveillance-Proof" App To Secure Communications Has Governments Nervous Message-ID: <5636501E-64EA-4B60-B17B-A0F3AF6E9420@infowarrior.org> New "Surveillance-Proof" App To Secure Communications Has Governments Nervous Silent Circle promises to make encryption easy for everyone. By Ryan Gallagher|Posted Tuesday, Oct. 16, 2012, at 6:00 PM ET http://www.slate.com/articles/technology/future_tense/2012/10/silent_circle_mike_janke_s_iphone_app_makes_encryption_easy_governments.single.html From rforno at infowarrior.org Thu Oct 18 08:35:41 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 09:35:41 -0400 Subject: [Infowarrior] - Apple Forced to Run Public Apology in 14pt Arial Message-ID: <0CE65968-BEF5-49EA-B90C-6CFD46715442@infowarrior.org> Apple Forced to Run Public Apology in 14pt Arial Jamie Condliffe http://gizmodo.com/5952790/apple-forced-to-run-public-apology-in-14pt-arial Having lost its appeal against the UK High Court of Justice's ruling, which decided Samsung's tablet designs didn't infringe on the iPad, Apple is being forced to make a public apology. The best bit? The judge in question has described how it has to do it. Apple will have to post notices on its website, and in newspapers, explaining why it's sorry. In Arial. With a font size no smaller than 14 pts. Brilliant. The case in question had previously thrown out Apple's complaints, when Judge Colin Birss explained that the Galaxy tablets "do not have the same understated and extreme simplicity which is possessed by the Apple design... They are not as cool." As a result, Biriss judged that consumers were unlikely to confuse the two tablets, meaning that Samsung's product didn't infringe on Apple's registered design. This particular legal battle just keeps getting better. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 18 19:13:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 20:13:22 -0400 Subject: [Infowarrior] - Charles Carreon Still Dishing Out Threats & Intimidation... While Hiding From Court Summons Message-ID: <7C945F1B-A826-455F-9CEB-1228DCCFB018@infowarrior.org> Charles Carreon Still Dishing Out Threats & Intimidation... While Hiding From Court Summons http://www.techdirt.com/articles/20121018/11253620752/charles-carreon-still-dishing-out-threats-intimidation-while-hiding-court-summons.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 18 20:25:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 21:25:16 -0400 Subject: [Infowarrior] - Megaupload Is Dead. Long Live Mega! Message-ID: Megaupload Is Dead. Long Live Mega! ? By Charles Graeber ? 10.18.12 ? 6:30 AM They?ve been indicted by the U.S. government for conspiracy and briefly thrown in jail, but Kim Dotcom and his partners in the digital storage locker Megaupload have no intention of quitting the online marketplace. Instead the co-defendants plan to introduce a much-anticipated new technology later this year that will allow users to once again upload, store, and share large data files, albeit by different rules. They revealed details of the new service exclusively to Wired. They call it Mega and describe it as a unique tool that will solve the liability problems faced by cloud storage services, enhance the privacy rights of internet users, and provide themselves with a simple new business. Meanwhile, critics fear that Mega is simply a revamped version of Megaupload, cleverly designed to skirt the old business?s legal issues without addressing the concerns of Internet piracy. < - > http://www.wired.com/threatlevel/2012/10/megaupload-mega/ From rforno at infowarrior.org Thu Oct 18 21:18:58 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2012 22:18:58 -0400 Subject: [Infowarrior] - Should Industry Face More Cybersecurity Mandates? Message-ID: (Eight points of view.....-rick) Should Industry Face More Cybersecurity Mandates? http://www.nytimes.com/roomfordebate/2012/10/17/should-industry-face-more-cybersecurity-mandates/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 07:48:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 08:48:26 -0400 Subject: [Infowarrior] - Google may cut off France Message-ID: <57C9CAC7-3F9E-47C1-8F9F-9462162E1DD9@infowarrior.org> 18 October 2012 Last updated at 12:44 ET Google threatens French media ban over proposed law http://www.bbc.co.uk/news/technology-19996351 Google has threatened to exclude French media sites from search results if France goes ahead with plans to make search engines pay for content. In a letter sent to several ministerial offices, Google said such a law "would threaten its very existence". French newspaper publishers have been pushing for the law, saying it is unfair that Google receives advertising revenue from searches for news. French Culture Minister Aurelie Filippetti also favours the idea. She told a parliamentary commission it was "a tool that it seems important to me to develop". Ad tax Google France had said earlier that the plan "would be harmful to the internet, internet users and news websites that benefit from substantial traffic" that comes via Google's search engine. It said it redirected four billion clicks to French media pages each month. Print newspapers have seen their incomes gradually eroded in recent years as consumers and advertisers turn to the web. Previously the French government has considered introducing a tax on online advertising revenues but it later dropped the plan, worried it would hurt small local companies more than global internet giants. "France has a track record of enacting laws to protect its local media interest that seem out of step with the conventional wisdom in other markets," said Adrian Drury, an analyst with research firm Ovum. "The question is whether by returning a search result Google is infringing the copyright of a site. The publishers will continue to contest this, but the general consensus is that it is not," he added. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 07:48:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 08:48:38 -0400 Subject: [Infowarrior] - Minnesota: Free courses are a no-no Message-ID: <360A9B88-BF43-4936-9174-5FD4E7A3839A@infowarrior.org> Minnesota Gives Coursera the Boot, Citing a Decades-Old Law October 18, 2012, 4:56 am By Katherine Mangan Coursera offers free, online courses to people around the world, but if you live in Minnesota, company officials are urging you to log off or head for the border. The state?s Office of Higher Education has informed the popular provider of massive open online courses, or MOOC?s, that Coursera is unwelcome in the state because it never got permission to operate there. It?s unclear how the law could be enforced when the content is freely available on the Web, but Coursera updated its Terms of Service to include the following caution: < - > http://chronicle.com/blogs/wiredcampus/minnesota-gives-coursera-the-boot-citing-a-decades-old-law/40542 From rforno at infowarrior.org Fri Oct 19 07:48:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 08:48:48 -0400 Subject: [Infowarrior] - 18-month-old baby yanked from airplane for being on no-fly list Message-ID: (c/o AJR) 18-month-old baby yanked from airplane for being on no-fly list Get short URL email story to a friend print version Published: 10 May, 2012, 22:44 http://rt.com/usa/news/list-tsa-jetblue-riyannas-950/ The TSA successfully prevented an alleged terrorist from boarding a JetBlue flight out of Florida on Tuesday. Initial reports describe the suspect as having curly brown hair, around 33 inches in height and really into drinking milk from a bottle. The 18-month old daughter of two New Jersey-born Americans of Middle Eastern descent was reportedly the reason for sending Transportation Security Administration agents onto an about-to-depart plane in Ft. Lauderdale, Florida this week. The parents of the girl, who wish to remain anonymous, say the entire incident is absurd. Riyanna?s mother tells Fort Lauderdale?s WPBF 25 News that she was approached by an airline employee late Tuesday while onboard a JetBlue plane readying for departure. According to her, she was informed that TSA agents were waiting to speak with the family back inside the terminal. "And I said, 'For what?'" Riyanna's mother tells the network. "And he said, 'Well, it's not you or your husband. Your daughter was flagged as no fly.?? ?I said, 'Excuse me?'" the mother recalls. The family then exited the plan to answer questions from the TSA. They don?t quite buy the story that it was their daughter that demanded an investigation, though. "It's absurd," Riyanna?s father adds. "It made no sense. Why would an 18-month-old child be on a no-fly list?" The parents say that, for 30 minutes, they stood around a terminal at the Ft. Lauderdale Airport while there flight was halted. "We were put on display like a circus act because my wife wears a hijab," claims the father. "We were humiliated," he says. "We were embarrassed. We were picked on." Eventually the family was cleared to once more board the aircraft, but the child?s parents say they were too embarrassed to seat themselves again amid the chaos. In the aftermath, they have asked the TSA for an apology ? they have yet to receive one. What has materialized, however, is a statement from the TSA that has the agency adjusting the blame towards JetBlue, not the federal security screeners. ?TSA did not flag this child as being on the No Fly list,? the agency says in a statement released to the Huffington Post. ?TSA was called to the gate by the airline and after talking to the parents and confirming through our vetting system, TSA determined the airline had mistakenly indicated the child was on a government watch list." When questioned by WPBF, JetBlue said the incident was an issue for the TSA; the TSA told the network that it was an issue with the airline and would not be investigating it. Riyanna?s father says he intends to consult with an attorney. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 07:50:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 08:50:01 -0400 Subject: [Infowarrior] - The Purpose of National Security Policy, Declassified Message-ID: <7634EFBC-13A7-49A9-8B5B-5655A9CD9334@infowarrior.org> Reading the bit about the Reagan document, I couldn't help but think of how much of it, like some controversial religious texts, can be disavowed as "heresy" since their contents can underrmine the self-perceived legitimacy and self-claimed purpose in the world. --rick The Purpose of National Security Policy, Declassified [Oct. 17th, 2012] http://www.fas.org/blog/secrecy/2012/10/nsdd_238.html The most fundamental purpose of national security policy is not to keep the nation safe from physical attack but to defend the constitutional order. At least, that is what President Reagan wrote in a Top Secret 1986 directive. ?The primary objective of U.S. foreign and security policy is to protect the integrity of our democratic institutions and promote a peaceful global environment in which they can thrive,? President Reagan wrote in National Security Decision Directive 238 on ?Basic National Security Strategy,? which was partially declassified in 2005. In a list of national security objectives, the directive does note the imperative ?to protect the United States? from military, paramilitary, or terrorist attack.? But that is not the primary objective, according to the Reagan directive. Defense of the Constitution evidently takes precedence. The first purpose of national security policy is ?to preserve the political identity, framework and institutions of the United States as embodied in the Declaration of Independence and the Constitution,? President Reagan wrote. This is a remarkable statement, for several reasons. First, it recognizes that the political identity and institutions of the United States are not simply a given, but that they are vulnerable to many types of threats and must be actively defended and sustained. This task is not normally assigned the urgency or the priority given to ?national security.? Second, the directive distinguishes between constitutional governance and physical security. Not every measure intended to promote security is constitutional. And not every act in defense of democratic self-governance is likely to promote public safety. (The American Revolution was not calculated to increase ?homeland security.? Quite the opposite.) Sometimes a choice between the two is required. President Reagan indicated what he thought the choice should be. And third, the directive is remarkable because its rhetoric was so imperfectly realized by the Reagan Administration (and egregiously defied in the Iran-Contra Affair) and has been largely abandoned by its successors. ?Defending our Nation against its enemies is the first and fundamental commitment of the Federal Government,? wrote President George W. Bush in his 2002 National Security Strategy, skipping over President Reagan?s ?primary? objective. Likewise, ?As President, I have often said that I have no greater responsibility than protecting the American people,? President Obama wrote in his National Strategy for Counterterrorism. The Reagan directive invites reflection on what U.S. national security policy would look like if it were truly structured above all ?to protect the integrity of our democratic institutions.? In a section of the directive that was only classified Confidential, President Reagan contrasted the U.S. with the Soviet Union, which was described as its polar opposite. ?Our way of life, founded upon the dignity and worth of the individual, depends on a stable and pluralistic world order within which freedom and democratic institutions can thrive. Yet, the greatest threat to the Soviet system, in which the State controls the destiny of the individual, is the concept of freedom itself.? ?The survival of the Soviet system depends to a significant extent upon the persistent and exaggerated representation of foreign threats, through which it seeks to justify both the subjugation of its own people and the expansion of Soviet military capabilities well beyond those required for self-defense,? President Reagan wrote. Numerous Presidential directives from the Reagan Administration have been declassified in recent years and have released by the Reagan Library, though others still remain partially or completely classified. Many of the declassified directives provide a fascinating account that enlarges and enriches the public record of events of the time. Only last year, for example, a 1985 directive (NSDD-172) on ?Presenting the Strategic Defense Initiative? was finally declassified. This year, NSDD 159 on ?Covert Action Policy Approval and Coordination Procedures? (1985) was declassified. NSDD 207 on ?The National Program for Combatting Terrorism? (1986) was declassified in 2008. Among other things, that directive ordered the Attorney General to ?Review the Freedom of Information Act (FOIA) and determine whether terrorist movements or organizations are abusing its provisions.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 07:59:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 08:59:02 -0400 Subject: [Infowarrior] - Black Monday Echoes With Computers Failing to Restore Confidence Message-ID: Black Monday Echoes With Computers Failing to Restore Confidence By Nina Mehta, Rita Nazareth and Whitney Kisling - Oct 18, 2012 http://www.bloomberg.com/news/print/2012-10-19/black-monday-echoes-with-computers-failing-to-restore-confidence.html A quarter century after the worst one-day stock crash in history, measures to prevent a repeat are failing to keep investors from losing confidence in the market. The 23 percent plunge in the Dow Jones Industrial Average (INDU) on Oct. 19, 1987, came amid signs of a slowing economy, the threat of higher taxes and concern among individuals that trading was rigged for insiders. Today?s investors have pulled $440 billion from U.S. equity mutual funds since 2008 and sent trading to the lowest levels in at least four years, retrenching after the worst financial crisis since the Great Depression and the May 2010 stock crash, data compiled by Bloomberg and the Investment Company Institute show. While Procter & Gamble Co. (PG) and McDonald?s Corp. are up more than 800 percent since 1987, protections adopted after the crash couldn?t stop unharnessed computer trading from erasing almost $900 billion of value in less than 20 minutes on May 6, 2010, based on data compiled by Bloomberg. E.E. ?Buzzy? Geduld, 69, who oversaw about 60 equity traders 25 years ago at Herzog, Heine & Geduld Inc. and now runs investment firm Cougar Trading LLC, says crashes happen when investors become convinced they?ve lost control. ?In 1987 everybody tried to go to the exit at the same time, but the exit door wasn?t big enough,? Geduld said in a telephone interview. ?You had literally a panic. Fast forward to 2012. The volumes we can handle are gigantic, but the exit door hasn?t changed in size.? Abandoning Stocks Individuals are abandoning stocks even after U.S. Federal Reserve Chairman Ben S. Bernanke held interest rates close to zero for a fourth year, valuations for the Dow remain 23 percent below the level at the market peak in October 2007, and exchanges installed safeguards following the so-called flash crash in 2010. U.S. stocks are in the 44th month of a bull market that has restored $9 trillion in share value, data compiled by Bloomberg show. Average daily volume for U.S. equities was 6 billion shares in the third quarter, the lowest level since at least 2008 and about half the 10.9 billion average in the first three months of 2009. The total has decreased for 12 of the last 13 quarters as investors pulled money from American stock mutual funds for a record fifth year, according to data compiled by Bloomberg and Washington-based ICI. The retreat from equities has been fueled by memories of 2008, when the Dow slumped 34 percent during the worst economic contraction in seven decades. Europe?s struggle to contain debt turmoil, which pushed daily swings in the Standard & Poor?s 500 Index to twice the five-decade average last year, and mishaps such as Knight Capital Group Inc. (KCG)?s trading malfunction on Aug. 1 also hurt investor confidence. ?Scares People? ?Today when there?s volatility, it scares people to death,? Timothy Ghriskey, 57, the chief investment officer at Solaris Group LLC, which manages about $2 billion in Bedford Hills, New York, said in a phone interview. ?What it has taught me is that there?s no such thing as a free lunch. You can theoretically protect yourself on the downside, but when things come unhinged, nothing?s going to protect you.? Stocks crashed in 1987 two months after the end of a five- year bull market in which the Dow average tripled. The 30-stock gauge was up 37 percent through the first nine months of the year before losing 9.5 percent in the week ended Oct. 16. The decline came amid concern that 10-year bond rates, then at about 10 percent, would increase and speculation that Congress planned to kill tax benefits for leveraged buyouts. Black Monday On Black Monday, Japan?s Nikkei 225 Stock Average (NKY) fell 2.4 percent. By midday, stocks in London were down 10 percent. In New York, 11 of the 30 Dow components didn?t open in the first hour of trading. The Dow went on to fall 508 points, while the S&P 500 tumbled to 224 from 282. In 1987 panic spread on Wall Street by phone and ticker tape. About $1 trillion in stock-market value was erased in four days, according to a report by a task force led by Treasury Secretary Nicholas Brady in January 1988. It took more than a year to restore it, compared with a week following the retreat on May 6, 2010. Mike Earlywine, 47, a hedge-fund trader at Ecofin Ltd. whose first job was as a clerk at Salomon Brothers Inc. in New York, witnessed the magnitude of the 1987 plunge on the streets of New York?s financial district. ?We walked out to the exchange and literally people were spilling out,? Earlywine said. ?You?re standing there in the street on the sidewalk and people were coming out of the exits and falling over, and guys were literally weeping into guys? shoulders saying, ?It?s gone, it?s all gone.? One guy with tears streaming down his face is trying to comfort the other who?s also got tears on his face.? Closing Down The onslaught of selling almost capsized U.S. markets on Oct. 20 and led regulators to eventually adopt coordinated halts across stocks and futures markets to prevent a recurrence, according to David Ruder, chairman of the Securities and Exchange Commission in 1987 and now a professor at Northwestern University?s School of Law in Chicago. ?The most frightening part of that whole week was the thought that the NYSE might have to close because it did not have sufficient demand,? Ruder, a member of the advisory committee formed after the flash crash to make recommendations to the Commodity Futures Trading Commission and SEC, said by phone. ?The theory of the circuit breakers was that if there were predetermined stopping points for the market then the market participants would know this wasn?t a panic closing.? The challenge of handling about 600 million shares a day on Oct. 19 and Oct. 20, more than three times the New York Stock Exchange?s daily average earlier that year, led securities firms to automate trade processing and increase their capacity for volume. New Rules The NYSE also imposed stiffer capital requirements for specialists after the 1987 crash and restricted use of a system that delivered trade requests directly to specialists to limit disruption from index arbitrage in volatile markets. Nasdaq Stock Market mandated that its market makers quote on the Small Order Execution System after individual investors couldn?t get through to brokers who didn?t answer phones on Black Monday. The NYSE and futures operator Chicago Mercantile Exchange approved separate curbs on intraday price moves in 1988. The focus was on mechanisms that would slow or briefly halt their respective market when trading became disruptive, Leo Melamed, the CME?s former chairman, said in a phone interview. They were later made uniform across equity-index futures and securities. Circuit Breakers The plunge in May 2010 didn?t trigger those circuit breakers. The Dow average fell 9.2 percent, most of it between 2:30 p.m. and 3 p.m., after aggressive selling of so-called E- mini S&P 500 futures by a mutual fund company caused a flight of liquidity. As equity market makers and other providers of bids and offers withdrew, trades in individual stocks took place at prices including fractions of 1 cent and $99,999.99. While the flash crash wasn?t caused by high-frequency traders, their habit of buying and selling rapidly led to the sudden removal of liquidity, kicking off a related plunge in stocks, a report by the SEC and CFTC said on Sept. 30, 2010. Curbs instituted after that crash, which halt stocks when they move 10 percent in five minutes, will be updated in February when the broad-market triggers adopted following the 1987 rout are overhauled. Amid increased automation, exchanges and brokers are also debating the benefits of so-called kill switches that would shut off a firm?s trading if it exceeds a certain level of activity or breaches pre-set parameters. One Market Both plunges accelerated as selling pressure in the futures market seeped into stocks. ?From an economic viewpoint, what have been traditionally seen as separate markets -- the markets for stocks, stock index futures, and stock options -- are in fact one market,? the Brady Report said. ?To a large extent, the problems of mid-October can be traced to the failure of these market segments to act as one.? As equities tumbled 25 years ago, Wall Street tickers couldn?t keep up and back offices worked into the night for months to cope with record volume on the New York Stock Exchange and Nasdaq. Within the exchange there was scant information about what was causing the selloff, according to Kenneth Polcari, a managing director in ICAP PLC?s equities unit. Traders at the NYSE could only see scrolling headlines, not full stories, he said in a phone interview. ?Sell, Sell? ?Customers were calling and entering orders an hour earlier than usual,? said Polcari, who worked at William Latham & Co. in 1987. ?You could feel from the minute you picked up the phone that this would be a different kind of day. You could tell it from their voices, you could see it in their orders. Instead of 10,000 shares in GE or Coke or Johnson & Johnson, it was, ?Sell 150,000 -- sell, sell, sell.?? Some clerical people at Salomon Brothers didn?t go home for days, according to James Leman, who oversaw a trading floor support staff of more than 100 for equities and fixed income in the firm?s One New York Plaza headquarters. People slept on cots in their offices or got hotel rooms so they could process the surge in trade tickets and resolve problems with transactions that had missing information, no time stamps or incorrect terms, he said. ?The records were manual,? said Leman, managing director at consulting firm Westwater Corp. in New York. ?We had paper tickets and paper floor reports. There was no PC, no e-mail. We were living on computer runs coming out of a mainframe computer.? Automated Exchange The NYSE, predominantly a market run by and for humans in 1987, is now an automated exchange with so-called designated market makers overseeing trading in their assigned stocks. There are four main market makers on the exchange?s trading floor, including Getco LLC, one of the largest automated trading firms, compared to more than 50 specialists at the time of the crash. Nasdaq has since shifted from a phone-based dealer market to an exchange that matches buy and sell orders electronically. Both NYSE Euronext (NYX) and Nasdaq OMX Group Inc. (NDAQ) are public companies that each own three U.S. securities exchanges and have branched beyond equities into options, futures and technology services. CME Group Inc. (CME) is the world?s largest exchange company by market value. Regulators should require brokers to be able to handle a certain multiple of trading, perhaps 10 times the normal volume, to limit disruptions that could worsen a panic, according to Geduld of Cougar Trading. They should also mandate that high- frequency firms have sufficient capital to complete transactions during the day if the market closes, he said. Firms need the ?capacity and financial wherewithal to withstand a crazy day,? Geduld said. Flash Crash More than 19 billion shares traded in the 2010 flash crash on dozens of different venues, including platforms known as dark pools and among brokers matching orders away from exchanges. The number of market makers on the NYSE had fallen to five from 25 since 2000 as the business of providing liquidity became dominated by hundreds of automated traders across markets with less stringent rules about when they must buy and sell. Both routs proved to be buying opportunities. Within 10 years of the 1987 crash the Dow average had quadrupled and investors were enjoying the biggest bull market ever. After falling 999 points on May 6, 2010, the gauge ended the day down 348. The Dow rose 6.5 percent through the end of the year. ?Twenty-five years later we?re still talking about the impact of technology on the markets and what kinds of solutions could be created to try to soften the movements,? Ken Leibler, president of the American Stock Exchange in 1987, now a consultant, said in a phone interview. ?With high-frequency trading, there are tremendous amounts of trading done, but now it?s done in thousandths of a second,? he said. ?The problem is similar today to what it was back then. The solutions are also likely to be ways to halt trading.? To contact the reporters on this story: Nina Mehta in New York at nmehta24 at bloomberg.net; Rita Nazareth in New York at rnazareth at bloomberg.net; Whitney Kisling in New York at wkisling at bloomberg.net To contact the editor responsible for this story: Lynn Thomasson at lthomasson at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 08:06:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 09:06:13 -0400 Subject: [Infowarrior] - British Intelligence Looking for Recruits with Gaming Skills Message-ID: (By contrast, US intelligence officials were absolutely thrilled to know they hired an awesome gamer named Leeroy Jenkins. --rick) British Intelligence Looking for Recruits with Gaming Skills 4:30 AM - October 19, 2012 by Jane McEntegart - source: Tom's Hardware US http://www.tomshardware.com/news/Spies-Gaming-Bletchley-Park-Video-Games-Recruits,18525.html#xtor=RSS-181 The UK's Government Communications Head Quarters, also known as GCHQ, has announced a new apprenticeship scheme for young people and is specifically looking for recruits from the "Xbox generation." Foreign Secretary William Hague announced the new scheme during a speech at Bletchley Park, home to the National Codes Centre and the National Museum of Computing. "[...] Today, I am announcing a new development programme for Apprentices, which will help to identify and develop talent in school and university age students and give opportunities to 70 new recruits for GCHQ and our other Intelligence Agencies," said Hague, adding that GCHQ will no longer only recruit annual, nor will it be looking only for those with a university degree. Instead, the Government Communications HQ will be looking for individuals with relevant experience or vocation qualifications as part of an effort to attract a wide pool of talent. Hague said if the UK is to maintain a leading role on cyber issues, it must 'harness' experts from the 'Xbox generation' who have grown up a digital world filled with social media, interactive gaming, and global connectivity. The Foreign Office says those participating in the SIA Apprentices scheme will be part of a two-year program that will offer a Foundation degree in Communications, Security and Engineering from De Montfort University and a Level 4 Diploma in IT, Software, Web and Telecommunications Professional competence. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 13:58:41 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 14:58:41 -0400 Subject: [Infowarrior] - TSA Removes X-Ray Body Scanners From Major Airports Message-ID: TSA Removes X-Ray Body Scanners From Major Airports by Michael Grabell ProPublica, Oct. 19, 2012, 10:37 a.m. http://www.propublica.org/article/tsa-removes-x-ray-body-scanners-from-major-airports The Transportation Security Administration has been quietly removing its X-ray body scanners from major airports over the last few weeks and replacing them with machines that radiation experts believe are safer. The TSA says it made the decision not because of safety concerns but to speed up checkpoints at busier airports. It means, though, that far fewer passengers will be exposed to radiation because the X-ray scanners are being moved to smaller airports. The backscatters, as the X-ray scanners are known, were swapped out at Boston Logan International Airport in early October. Similar replacements have occurred at Los Angeles International Airport, Chicago O'Hare, Orlando and John F. Kennedy in New York, the TSA confirmed Thursday. The X-ray scanners have faced a barrage of criticism since the TSA began rolling them out nationwide after the failed underwear bombing on Christmas Day 2009. One reason is that they emit a small dose of ionizing radiation, which at higher levels has been linked to cancer. In addition, privacy advocates decried that the machines produce images, albeit heavily blurred, of passengers' naked bodies. Each image must be reviewed by a TSA officer, slowing security lines. The replacement machines, known as millimeter-wave scanners, rely on low-energy radio waves similar to those used in cell phones. The machines detect potential threats automatically and quickly using a computer program. They display a generic cartoon image of a person's body, mitigating privacy concerns. "They're not all being replaced," TSA spokesman David Castelveter said. "It's being done strategically. We are replacing some of the older equipment and taking them to smaller airports. That will be done over a period of time." He said the TSA decided to move the X-ray machines to less-busy airports after conducting an analysis of processing time and staffing requirements at the airports where the scanners are installed. The radiation risk and privacy concerns had no bearing on the decision, Castelveter said. Asked about the changes, John Terrill, a spokesman for Rapiscan ? which makes the X-ray scanners ? wrote in an email, "No comment on this." The TSA is not phasing out X-ray body scanners altogether. The backscatter machines are still used for screening at a few of America's largest 25 airports, but the TSA has not confirmed which ones. Last week, Gateway Airport in Mesa, Ariz., installed two of the machines. Moreover, in late September, the TSA awarded three companies potential contracts worth up to $245 million for the next generation of body scanners ? and one of the systems, made by American Science & Engineering, uses backscatter X-ray technology. The United States remains one of the only countries in the world to X-ray passengers for airport screening. The European Union prohibited the backscatters last year "in order not to risk jeopardizing citizens' health and safety," according to a statement at the time. The last scanners were removed from Manchester Airport in the United Kingdom last month. Here's a side-by-side comparison of the two types of body scanners the TSA uses. The X-ray scanner looks like two blue refrigerator-sized boxes. Unseen to the passenger, a thin beam scans left and right and up and down. The rays reflect back to the scanner, creating an image of the passenger's body and any objects hidden under his or her clothes. The millimeter-wave scanner looks like a round glass booth. Two rotating antennas circle the passenger, emitting radio frequency waves. Instead of creating a picture of the passenger's body, a computer algorithm looks for anomalies and depicts them as yellow boxes on a cartoon image of the body. According to many studies, including a new one conducted by the European Union, the radiation dose from the X-ray scanner is extremely small. It has been repeatedly measured to be less than the dose received from cosmic radiation during two minutes of the airplane flight. Using those measurements, radiation experts have studied the cancer risk, with estimates ranging from six to 100 additional cancer cases among the 100 million people who fly every year. Many scientists say that is trivial, considering that those same 100 million people would develop 40 million cancers over the course of their lifetimes. And others, including the researchers who did the EU study, have said that so much is unknown about low levels of radiation that such estimates shouldn't be made. Still, the potential risks have led some prominent scientists to argue that the TSA is unnecessarily endangering the public because it has an alternative ? the millimeter-wave machine ? which it also deems highly effective at finding explosives. "Why would we want to put ourselves in this uncertain situation where potentially we're going to have some cancer cases?" David Brenner, director of Columbia University's Center for Radiological Research, told ProPublica last year. "It makes me think, really, why don't we use millimeter waves when we don't have so much uncertainty?" Although there has been some doubt about the long-term safety of the type of radio frequency waves used in the millimeter-wave machines, scientists say that, in contrast to X-rays, such waves have no known mechanism to damage DNA and cause cancer. The TSA has said that having both technologies encourages competition, leading to better detection capabilities at a lower cost. But tests in Europe and Australia suggest the millimeter-wave machines have some drawbacks. They were found to have a high false-alarm rate, ranging from 23 percent to 54 percent when figures have been released. Even common things such as folds in clothing and sweat have triggered the alarm. In contrast, Manchester Airport officials told ProPublica that the false-alarm rate for the backscatter was less than 5 percent. No study comparing the two machines' effectiveness has been released. The TSA says its own results are classified. Each week, the agency reports on various knives, powdered drugs and even an explosives detonator used for training that have been found by the body scanners. But Department of Homeland Security investigators reported last year that they had "identified vulnerabilities" with both types of machines. And House transportation committee chairman John Mica, R-Fla., who has seen the results, has called the scanners "badly flawed." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 19 14:00:29 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2012 15:00:29 -0400 Subject: [Infowarrior] - Scanning the Scanners: A Side-by-Side Comparison Message-ID: <65D9D2F0-F528-43B3-BA1C-08FCE9A4349B@infowarrior.org> Scanning the Scanners: A Side-by-Side Comparison by Lena Groeger ProPublica, Dec. 28, 2011, 9:42 a.m. By 2014, the Transportation Security Administration plans to deploy body scanners at almost every airport security lane in America. The TSA uses two types of scanners: the millimeter wave and the X-ray backscatter. In our ongoing investigation, we?ve exposed details about each scanner?s health risks, false alarm rates and effectiveness. But to break it down further, here?s a side-by-side comparison of both types. Passengers can decline either scanner and get a pat-down instead. http://www.propublica.org/special/scanning-the-scanners-a-side-by-side-comparison --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 20 14:35:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2012 15:35:34 -0400 Subject: [Infowarrior] - Regarding 'Cyber Pearl Harbor' Message-ID: <5DA1CB6D-0482-4E8C-BC69-AFADF05544A4@infowarrior.org> 'Cyber Pearl Harbor' Posted by Mikko @ 16:52 GMT -- Mikko Hypponen http://www.f-secure.com/weblog/archives/00002446.html US Defense Secretary Leon E. Panetta has warned that the United States faces a possible 'Cyber Pearl Harbor' attack by foreign computer hackers. Is the risk level really so high? In order to estimate the risk of an attack, you have to understand your enemy. There are various players behind the online attacks, with completely different motives and with different techniques. If you want to effectively defend against attacks, you have to be able to estimate who is most likely going to attack you, and why. A common fear people have is that somebody would somehow take down the internet. If we forget the technical difficulties of such an attack, let?s think for a moment who would want to do that and why. Spammers and online crime gangs definitely wouldn?t want to take down the internet, as they need it to earn their living. Hactivists groups or movements like Anonymous probably wouldn?t really want to do it either, as these people practically live online. And a foreign nation-state could probably benefit much more by tapping internet traffic, using the net for espionage or by inserting forged traffic. We can apply a similar thinking model to any other critical infrastructure sector, including electricity distribution, water supply, nuclear systems and so on. Some of them are more likely to be targeted than others, but the defense must start from understanding the enemy. It?s quite clear that real-world crisis in the future are very likely to have cyber components as well. If we look for offensive cyber attacks that have been linked back to a known government, we mostly find attacks that have been launched by United States, not against them. So far, antivirus companies have found five different malware attacks linked to operation 'Olympic Games' run by US and Israel. When New York Times ran the story linking US Government and the Obama administration to these attacks, White House started an investigation on who had leaked the information. Note that they never denied the story. They just wanted to know who leaked it. As United States is doing offensive cyber attacks against other countries, certainly other countries feel that they are free to do the same. Unfortunately the United States has the most to lose from attacks like these. -- Mikko Hypponen --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 20 14:37:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2012 15:37:48 -0400 Subject: [Infowarrior] - D.C. rakes in $85m from traffic cameras Message-ID: <5AEF7741-E051-4314-B216-9BFEDF0BB53E@infowarrior.org> Seeing where/when/how they pop up around town definitely suggests this is a money-making scheme in many cases. Not always, but many. --rick D.C. rakes in $85m from traffic cameras October 18, 2012 | 8:00 pm http://washingtonexaminer.com/d.c.-rakes-in-85m-from-traffic-cameras/article/2511160#.UIL9EoXgLyL The District took in nearly $85 million in its most recent fiscal year from its sprawling network of speed and red-light cameras, shattering its previous record and inflaming an ongoing debate about ticket-based fines. According to statistics from the District's chief financial officer, the city collected $84.9 million in "automated traffic enforcement" revenues through the end of September, when the city's 2012 fiscal year concluded. In the 2011 fiscal year, the District logged about $55 million in traffic camera fines, a record at the time. The final 2012 fiscal year statistics, which came days after several D.C. lawmakers introduced a measure to reduce speed camera fines, intensified the prospects for an end-of-the-year legislative clash. Ward 2 D.C. Councilman Jack Evans said it would be a challenge to persuade lawmakers to slash fines now that they've been on the books for years. "It's going to be tough," Evans said. "When the fines were established, there should have been more discussion about them." While the bill has drawn support from nearly a half-dozen legislators, Mayor Vincent Gray, who has dismissed allegations that the cameras are essentially ATMs for the District government, has not yet embraced the measure. Gray has said he would need to evaluate how much a reduction in fines would cut at the city's bottom line and that he was working on his own proposals to pitch to lawmakers. But he also hit back hard at the allegation that the cameras are merely present to generate millions of dollars in cash. "The public safety aspect for me is first and foremost," Gray told The Washington Examiner on Thursday. "We didn't necessarily see it as a revenue raiser because it raised more money than we thought it was going to raise. Obviously, the money will help to do other things in the city, but my priority will continue to be on public safety." But camera opponents have long contended that the devices are high-tech antidotes for budget shortfalls, a perspective that didn't wane Thursday. "This year, we'll have more revenue than ever and more citations than ever before," said John Townsend, of AAA Mid-Atlantic. "They're closing holes in the budget." Ward 6 Councilman Tommy Wells, a sponsor of the proposal to lower fines, leveled a similar accusation. "The administration and some of my colleagues view this as a way to make money for the government," Wells said. "The funding is there to reduce the fines. The question is will my colleagues see this as a windfall to fund their pet projects?" But the District government is far from the only local government to boost its bank account with camera tickets. Between September 2011 and September 2012, Prince George's County authorities issued more than 463,000 tickets and collected $7.8 million in fines. And Montgomery County has taken in about $30 million in camera-based fines since the 2009 fiscal year, with another $5 million expected next year. Examiner Staff Writers Rachel Baye and Liz Farmer contributed to this report. ablinder at washingtonexaminer.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Oct 20 14:39:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2012 15:39:05 -0400 Subject: [Infowarrior] - Anti-traffic-cam countermeasure Message-ID: <5309A3F0-9400-49D0-B19B-8C5BA88677FD@infowarrior.org> Anti-traffic-cam countermeasure Cory Doctorow at 4:03 pm Fri, Oct 19 NoPhoto is Jonathan Dandrow's electronic countermeasure for traffic-cameras. It's a license-plate frame that uses sensors to detect traffic-cameras, and floods the plate with bright light that washes out the plate number when the cameras take the picture. It's presently a prototype, but he's seeking $80,000 through Indiegogo to get UL certification and go into production. Dandrow believes that traffic cameras are unconstitutional, because "if you do commit a traffic violation, you should have your constitutionally guaranteed right to face your accuser ? and that your accuser should not win by default just because it happens to be a camera that can?t talk in court." His device is made in the USA, and (he says) it is legal to use in the US. < - > http://boingboing.net/2012/10/19/anti-traffic-cam-countermeasur.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 21 10:22:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2012 11:22:14 -0400 Subject: [Infowarrior] - US No-fly list strands man in on island in Hawaii Message-ID: <5EE88324-49AE-42C1-BE97-53BDCE016441@infowarrior.org> Oct 19, 7:20 PM EDT No-fly list strands man in on island in Hawaii By AUDREY McAVOY Associated Press http://hosted.ap.org/dynamic/stories/U/US_STRANDED_IN_HAWAII?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2012-10-19-19-20-58 JOINT BASE PEARL HARBOR-HICKAM, Hawaii (AP) -- Hawaii is a paradise for most visitors. But it was Wade Hicks Jr.'s prison for five days. The 34-year-old from Gulfport, Miss., was stranded in the islands this week after being told he was on the FBI's no-fly list during a layover for a military flight from California to Japan. The episode left Hicks scrambling to figure out how he'd get home from Hawaii without being able to fly. Then he was abruptly removed from the list on Thursday with no explanation. It also raised questions beyond how he landed on the list: How could someone on a list intelligence officials use to inform counterterrorism investigations successfully fly standby on an Air Force flight? Hicks said he was traveling to visit his wife, a U.S. Navy lieutenant who's deployed in Japan. He hitched a ride on the military flight as is common for military dependents, who are allowed to fly on scheduled routes when there's room. Hicks said that during his layover at Joint Base Pearl Harbor-Hickam, a U.S. Immigration and Customs Enforcement agent told him he was on the no-fly list and wouldn't be allowed on a plane. "I said, `How am I supposed to get off this island and go see my wife or go home?' And her explanation was: `I don't know,'" Hicks said. Hicks said he was shocked and thought they must have had the wrong person because he doesn't have a criminal record and recently passed an extensive background check in Mississippi to get a permit to carry a concealed weapon. But the agent said his name, Social Security number and date of birth matched the person prohibited from flying, Hicks said. He wasn't told why and wondered whether his controversial views on the Sept. 11 terrorist attacks played a role. Hicks said he disagrees with the 9/11 Commission's conclusions about the attacks. A Homeland Security spokesman referred questions to the FBI Terrorist Screening Center, which maintains the report. A spokesman for the center declined to comment on Hicks' case. The government doesn't disclose who's on the list or why someone might have been placed on it. The list of roughly 20,000 people and about 500 to 600 Americans includes names and classified evidence against suspected terrorists who are not allowed to fly in U.S. airspace. The list can be updated within minutes, so it's possible Hicks was added to the list while in midair from Travis Air Force Base in California to Hawaii. A spokesman for Defense Secretary Leon Panetta's office said passengers who fly standby on military flights are screened against the FBI's list only on international flights. Domestic passengers are screened only through an internal military system, not the Advanced Passenger Information System run by Customs and Border Protection. "It's scary to know that something like this can happen in a free country. You're not accused of any crime. You haven't been contacted by anyone. No investigation has been done. No due process has taken place," he said. He got a hotel room at the Pearl Harbor naval base while he worked things out. Being on the list didn't stop him from staying on a base that's home to submarines, cruisers and destroyers. Hicks said he called politicians in Mississippi and Hawaii and brainstormed ways to get home with friends, speculating on taking a private plane, a cruise ship or even a fishing boat from Alaska. He then got a call on Thursday that he had been removed from the no-fly list. Hicks planned to take a military flight back to California on Friday to meet his wife, who will be coming from Japan, and said he plans to seek to recoup his added travel costs from the government. --- Associated Press writer Eileen Sullivan in Washington contributed to this report. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 21 10:24:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2012 11:24:16 -0400 Subject: [Infowarrior] - The foreign policy debate we should be having Message-ID: The foreign policy debate we should be having By David Ignatius http://www.washingtonpost.com/opinions/stop-fiddling-around-on-foreign-policy/2012/10/19/be072db6-19f4-11e2-bd10-5ff056538b7c_story.html As Barack Obama and Mitt Romney prepare for Monday night?s debate on foreign policy, they could do some useful last-minute cribbing by reading an article titled ?The Risks of Ignoring Strategic Insolvency.? It?s one of the best summaries I?ve seen of an urgent problem they should discuss honestly. The article poses the basic question of whether American power needs to be ?resized? to fit a changing world. If the United States fails to trim its ambitions, and tries to stretch its resources ever further to cover all its traditional commitments, the article contends, it is doomed to failure ? with the inevitable consequence that the fabric of American power will rip. The author of this provocative argument is Michael J. Mazarr, a professor of strategy at the National War College. It appears in the current issue of the Washington Quarterly, published by the Center for Strategic and International Studies. It was recommended to me by a Pentagon official, and as I read it, I thought: This is what the candidates should be thinking about, rather than the next harvest of gaffes. Mazarr doesn?t see the decline of American power, per se, but its overextension. He likens the current U.S. position to that of Great Britain in the 1890s ? a powerful country that kept making commitments overseas, to the point that, as Princeton professor Aaron Friedberg said in a 1988 study, ?there seemed no way of avoiding eventual insolvency.? Britain simply couldn?t afford all the promises it had made. Here?s Mazarr?s basic point: ?The very definition of grand strategy is holding ends and means in balance to promote the security and interests of the state. Yet, the postwar U.S. approach to strategy is rapidly becoming insolvent and unsustainable.? He sees several factors creating this imbalance: U.S. budget problems (obviously); the rise of new global players that resist American direction (China, Iran, Egypt, take your pick); the United States? increasing difficulty in imposing military solutions (as in Iraq and Afghanistan), and the growing war-weariness of the American people. These are strategic facts of life. But every time a new crisis comes along, the ?correct? political response is: America should fix it. There?s no benefit in our system for saying: Hey, wait a minute. Or for deciding (as Ronald Reagan did coldbloodedly with Lebanon in 1984) that spending U.S. taxpayer money to save a small, strategically unimportant country doesn?t make sense. When you watch the debate Monday night, ask yourself whether the candidates are thinking strategically. Are they repeating rhetorical tropes about the United States as the ?indispensable power? that can resolve any crisis? Or are they weighing commitments carefully to make sure that they can deliver what they promise? What bothers me about this campaign is that both candidates prefer the safe shibboleths of American power to a serious discussion. Romney espouses the traditional, 21-gun-salute version, with its vision of a ?shining city on a hill? and a unique calling to global leadership. And he talks about increasing the military budget as if that?s axiomatically a good thing. But he doesn?t explain how we?ll pay for this five-course meal of power, or how the country will digest it. My guess is that Obama, deep down, favors a more restrained version of American power, but he rarely says so in public. To speak openly about reduced global ambitions might sound un-American. So he, too, gets sucked into the strategic vision of an unbounded nation that will, in John F. Kennedy?s immortal but outdated words, ?pay any price, bear any burden.? When countries don?t prioritize, they begin to lose credibility. And as the credibility of American power declines, so does its diplomatic leverage. To maintain the image of power, the United States continues heavy defense spending. But as Mazarr notes, rather than spending more dollars on crucial new systems (he cites cyber, unmanned vehicles, stealth and long-range precision strikes) the United States continues to procure politically popular ?legacy? weapons, such as aircraft carriers and fighter jets. What lessons do the candidates learn from the troubled campaigns in Iraq and Afghanistan, where Americans fought so bravely and spent so much ? and achieved so little? What weapons systems do they think we could use less of? How will they tailor new commitments (Syria? Iran?) so they don?t make the insolvency problem worse? I?d love a foreign policy debate where the candidates, rather than scoring points, made sense. davidignatius at washpost.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 21 10:59:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2012 11:59:44 -0400 Subject: [Infowarrior] - Internet providers to begin warning customers who pirate content Message-ID: <550D8BDC-AD4D-480D-B9F0-C2430BCF4AB8@infowarrior.org> ("We accuse you, and even if we're wrong, you need to pay us $35 to research the case." Which, roughly translated means that for Hollywood, "heads they win, tails, they kindasorta get something anyway." --rick) Internet providers to begin warning customers who pirate content By Heather Kelly, CNN updated 7:57 PM EDT, Thu October 18, 2012 | Filed under: Web The Center for Copyright Information says a new system will warn users when accounts are used to illegally download content. http://www.cnn.com/2012/10/18/tech/web/copyright-alert-system/index.html (CNN) -- It is about to get a bit more difficult to illegally download TV shows, movies or music online. A new alert system, rolling out over the next two months, will repeatedly warn and possibly punish people violating digital copyrights. The Copyright Alert System was announced last July and has been four years in the making. If you use AT&T, Cablevision, Comcast, Time Warner, or Verizon as your Internet service provider, you could receive the first of one of these notes starting in the next two months. The Internet provider is delivering the message, but the legwork is being done by the copyright owners, which will monitor peer-to-peer networks such as BitTorrent. They use a service called MarkMonitor, which uses a combination of people and automated systems to spot illegal downloading. It will collect the IP addresses of offenders, but no personal information. The IP addresses are turned over to the Internet providers, which will match up the address with the right customer and send the notification. The warning system is described as a graduated response. First the Internet provider will let the customer know that their Internet connection is being used do download content illegally. The note will include information to steer them away from their life of crime, including tips on how they can download content legally. There will also be tips on securing Internet connections, just in case you were unaware that your neighbor was downloading season three of "Dexter" using your unprotected wireless network. "The progressive series of alerts is designed to make consumers aware of activity that has occurred using their Internet accounts, educate them on how they can prevent such activity from happening again," the CCI said in its announcement today. After the educational phase, the customers will be asked to acknowledge that they received the warning. If they continue to download content illegally, the alerts will threaten mild punishments, such as forcing the copyright violator to read "educational materials," or throttling their Internet connection so that it is slow, making it harder to download large files. Today's announcement claims that terminating the Internet service is not one of the options. If a customer feels they are being wrongly accused, they can ask for a review, which will cost them $35 according to the Verge. The entire system will be overseen by an organization called the Center for Copyright Information, which includes content owners, such as the Motion Picture Association of America and Recording Industry Association of America, as well as individual members including Disney, Sony Pictures, Fox, EMI and Universal. Each ISP will have a slightly different version of the system. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 21 11:29:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2012 12:29:51 -0400 Subject: [Infowarrior] - DHS realigns cyber office into five divisions Message-ID: <127FA42F-B471-451B-AD12-ECAAC0285BD0@infowarrior.org> DHS realigns cyber office into five divisions Friday - 10/19/2012, 2:01pm EDT http://www.federalnewsradio.com/?nid=473&sid=3085029 By Jason Miller The Homeland Security Department's Office of Cybersecurity and Communications is expanding to five divisions from three and creating a performance-management office. DHS is reorganizing CS&C in light of its increased responsibilities and improved stature in the federal and private sector cyber communities. "Our new structure will result in an organization more capable of agile operations; of forming stronger partnerships; and of professionally, efficiently, and effectively enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure," wrote Mike Locatis, the assistant secretary of the Office of Cybersecurity and Communications, in an internal memo obtained by Federal News Radio. "This realignment also centralizes common support functions of budget, finance, and acquisitions, information management and human capital." DHS Secretary Janet Napolitano approved CS&C's realignment plan earlier this week. Locatis came to CS&C in April after spending 18 months as the Energy Department's chief information officer. A request for comment from DHS's National Protection and Programs Directorate, which CS&C falls under, was not immediately returned. Congress created the Cybersecurity and Communications Office in 2006 with three divisions: ? National Communications System ? National Cybersecurity Division ? Office of Emergency Communications Federal Network Security Under the realignment plan, Cybersecurity and Communications will elevate and rename two of the subdivisions. The Federal Network Security unit goes from being a branch of the National Cybersecurity Division to its own division, and DHS split its responsibilities into two new groups: the Federal Network Resilience (FNR) division and the Network Security Deployment (NSD) division. John Streufert will lead FNR, which will oversee the continuous monitoring initiative and the operational aspects of the Federal Information Security Management Act (FISMA). Federal Network Resilience also will develop and deploy cybersecurity capabilities and standards with civilian agency partners, identify cybersecurity best practices and use automation tools, and perform audits and testing on federal networks. Network Security Deployment The Network Security Deployment (NSD) division will be led by Brendan Goode and includes the National Cybersecurity Protection System and the Cyberscope tool. Agencies submit continuous monitoring data into Cyberscope. NSD also gathers requirements for CS&C technical programs and operating capabilities, and coordinates managed services with the private sector for functions such as continuous monitoring-as-a-service or other situational awareness services. National Cybersecurity and Communications Integration Center The National Cybersecurity and Communications Integration Center (NCIC), led by Larry Zelvin, will bring together the assorted operational offices, including the U.S. Computer Emergency Readiness Team (U.S. CERT), the Control Systems Security Program, the National Coordinating Center and national level exercises ? all under one division. The NCIC will provide full-time monitoring, information sharing, analysis and incident response capabilities, including running the Einstein 3A program. It coordinates with federal cyber centers and runs the "red and blue teams" to provide analysis on network, data, threats and vulnerabilities. The Stakeholder Engagement and Cyber Infrastructure Resilience division DHS created a new office to work with the private sector. The Stakeholder Engagement and Cyber Infrastructure Resilience division will be led by Jenny Menna and includes the National Security Telecommunications Advisory Committee, private-sector coordination efforts, education and cyber workforce initiatives and standards work. The stakeholder-engagement office will ensure there is strategic alignment of all stakeholder and other outside group activities and provides customer relationship and logistical management. Office of Emergency Communications The fifth division, the Office of Emergency Communications, which is led by Ron Hewitt, keeps the same name, but expands its responsibilities by adding the functions of the National Communications System. OEC will support public safety efforts including providing training and technical assistance to improve emergency communications readiness, coordinating public-private response activities and works on interoperability policy. Additionally, the realignment plan creates the Enterprise Performance Management Office, led by a senior executive service member. It will be responsible for "strategic planning, performance planning and measurement that cuts across all CS&C programs," Locatis wrote. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 07:07:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 08:07:56 -0400 Subject: [Infowarrior] - =?windows-1252?q?Six-Strikes_=93Independent_Exper?= =?windows-1252?q?t=94_Is_RIAA=92s_Former_Lobbying_Firm?= Message-ID: <0F7FD7F3-3BEB-4038-AB8D-9193B761FD64@infowarrior.org> Of course it is. As if there was any doubt. --rick Six-Strikes ?Independent Expert? Is RIAA?s Former Lobbying Firm Next month the file-sharing habits of millions of BitTorrent users in the United States will be monitored as part of an agreement between the MPAA, RIAA, and all the major ISPs. To guarantee the accuracy of the evidence that will be used for the accusations the parties agreed to hire an impartial and independent technology expert. However, their commitment to this promise is now in doubt as the hired experts have turned out to be a former RIAA lobbying group. < - > http://torrentfreak.com/six-strikes-independent-expert-is-riaas-former-lobbying-firm-121022/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 10:58:11 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 11:58:11 -0400 Subject: [Infowarrior] - OpEd: The Opiate of Exceptionalism Message-ID: <467E350A-BA50-4245-B2AD-7BBF3F3A88C1@infowarrior.org> News Analysis The Opiate of Exceptionalism By SCOTT SHANE Published: October 19, 2012 http://www.nytimes.com/2012/10/21/sunday-review/candidates-and-the-truth-about-america.html Washington IMAGINE a presidential candidate who spoke with blunt honesty about American problems, dwelling on measures by which the United States lags its economic peers. What might this mythical candidate talk about on the stump? He might vow to turn around the dismal statistics on child poverty, declaring it an outrage that of the 35 most economically advanced countries, the United States ranks 34th, edging out only Romania. He might take on educational achievement, noting that this country comes in only 28th in the percentage of 4-year-olds enrolled in preschool, and at the other end of the scale, 14th in the percentage of 25-to-34-year-olds with a higher education. He might hammer on infant mortality, where the United States ranks worse than 48 other countries and territories, or point out that, contrary to fervent popular belief, the United States trails most of Europe, Australia and Canada in social mobility. The candidate might try to stir up his audience by flipping a familiar campaign trope: America is indeed No. 1, he might declare ? in locking its citizens up, with an incarceration rate far higher than that of the likes of Russia, Cuba, Iran or China; in obesity, easily outweighing second-place Mexico and with nearly 10 times the rate of Japan; in energy use per person, with double the consumption of prosperous Germany. How far would this truth-telling candidate get? Nowhere fast. Such a candidate is, in fact, all but unimaginable in our political culture. Of their serious presidential candidates, and even of their presidents, Americans demand constant reassurance that their country, their achievements and their values are extraordinary. Candidates and presidents generally oblige them, Barack Obama and Mitt Romney included. It is permissible, in the political major leagues, for candidates to talk about big national problems ? but only if they promise solutions in the next sentence: Unemployment is too high, so I will create millions of jobs. It is impermissible to dwell on chronic, painful problems, or on statistics that challenge the notion that the United States leads the world ? a point made memorably in a tirade by the dyspeptic anchorman played by Jeff Daniels in the HBO drama ?The Newsroom.? ?People in this country want the president to be a cheerleader, an optimist, the herald of better times ahead,? says Robert Dallek, the presidential historian. ?It?s almost built into our DNA.? This national characteristic, often labeled American exceptionalism, may inspire some people and politicians to perform heroically, rising to the level of our self-image. But during a presidential campaign, it can be deeply dysfunctional, ensuring that many major issues are barely discussed. Problems that cannot be candidly described and vigorously debated are unlikely to be addressed seriously. In a country where citizens think of themselves as practical problem-solvers and realists, this aversion to bad news is a surprising feature of the democratic process. ?I think there?s more of a tendency now than in the past to avoid discussion of serious problems,? says Allan J. Lichtman, a political historian at American University. ?It has a pernicious effect on our politics and on governing, because to govern, you need a mandate. And you don?t get a mandate if you don?t say what you?re going to do.? American exceptionalism has recently been championed by conservatives, who accuse President Obama of paying the notion insufficient respect. But the self-censorship it produces in politicians is bipartisan, even if it is more pronounced on the left for some issues and the right for others. FOR instance, Democrats are more loath than Republicans to look squarely at the government debt crisis indisputably looming with the aging of baby boomers and the ballooning cost of Medicare. Republicans are more reluctant than Democrats to acknowledge the rise of global temperatures and its causes and consequences. But both parties, it is fair to say, prefer not to consider either trend too deeply. Both parties would rather avert their eyes from such difficult challenges ? because we, the people, would rather avert our eyes. Talk to any political pro about this phenomenon and one name inevitably comes up: Jimmy Carter, who has become a sort of memento mori for American politicians, like the skulls in Renaissance paintings that reminded viewers of their mortality. Mr. Carter, they will say, disastrously spoke of a national ?crisis of confidence? and failed to project the optimism that Americans demand of their presidents. He lost his re-election bid to sunny Ronald Reagan, who promised ?morning in America? and left an indelible lesson for candidates of both parties: that voters can be vindictive toward anyone who dares criticize the country and, implicitly, the people. This is a peculiarly American brand of nationalism. ?European politicians exercise much greater freedom to address bluntly the uglier social problems,? says Deborah Lea Madsen, professor of American studies at the University of Geneva. An American politician who speaks too candidly about the country?s faults, she went on to say, risks being labeled with that most devastating of epithets: un-American. The roots of this American trait are often traced to the famous shipboard sermon the Puritan lawyer John Winthrop preached on his way to help found the Massachusetts Bay Colony nearly five centuries ago. ?We must consider,? he said, ?that we shall be as a city upon a hill ? the eyes of all people are upon us.? Winthrop?s metaphor has had a long life in American speechifying, prominently quoted by both President John F. Kennedy and Reagan. But if, for Winthrop, the image was something the colony should aspire to, for modern politicians it is often a boast of supposed accomplishment, a way of combating pessimists and asserting American greatness, whatever the facts. Could a presidential candidate today survive if he promised to wage a war on poverty, as President Lyndon B. Johnson did in 1964? It seems unlikely, and one reason may be that Johnson?s effort fell short, revealing the agonizing difficulty and huge cost of trying to change the lives of the poor. Indeed, in the current fiscal environment, promising an ambitious effort to reduce poverty or counter global warming might imply big new spending, which is practically and politically anathema. And given the increasing professionalization of politics, any candidate troubled by how the United States lags its peers in health or education has plenty of advisers and consultants to warn him never to mention it on the stump. ?Nobody wants to be the one who proposed taking the position that got the candidate in trouble,? says Martha Joynt Kumar, a political scientist at Towson University who studies presidential communications. Of course, the reason talking directly about serious American problems is risky is that most voters don?t like it. Mark Rice, who teaches American studies at St. John Fisher College in Rochester, N.Y., said students often arrived at his classes steeped in the notion that the United States excelled at everything. He started a blog, Ranking America, to challenge their assumptions with a wild assortment of country comparisons, some sober (the United States is No. 1 in small arms ownership) and others less so (the United States is tied for 24th with Nigeria in frequency of sex). ?Sure, we?re No. 1 in gross domestic product and military expenditures,? Mr. Rice says. ?But on a lot of measures of quality of life, the U.S. ranking is far lower. I try to be as accurate as I can and I avoid editorializing. I try to complicate their thinking.? //////A reporter in the Washington bureau of The New York Times. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 11:14:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 12:14:36 -0400 Subject: [Infowarrior] - Skype for Windows 8 is coming: Always on, always in your contacts Message-ID: <34CDB8B3-6BAA-440E-BBEA-65BBB4778350@infowarrior.org> (Not sure I like this idea, unless it can be disabled. ---rick) Original URL: http://www.theregister.co.uk/2012/10/22/skype_windows_8/ Skype for Windows 8 is coming: Always on, always in your contacts By Anna Leach Posted in Windows 8, 22nd October 2012 15:47 GMT Microsoft has dropped the veil on the next version of Skype a few days before it launches on Thursday with Windows 8. The video chat service has been reworked to be always-on and compatible with the live tiles and asymmetric grid that are at the core of the new user interface. Skype for Windows 8 will be "immersive and effortless" claims Microsoft [1] announcing that it will be permanently on in Windows 8 with users able to receive calls or instant messages from Skype contacts at anytime without specifically having to log in. < - > http://www.theregister.co.uk/2012/10/22/skype_windows_8/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 13:50:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 14:50:52 -0400 Subject: [Infowarrior] - Amazon takes the TSA approach Message-ID: (c/o AJR) Amazon Wipes Customer's Account, Locks All Ebooks, Says 'Find A New Retailer' When She Asks Why http://www.techdirt.com/articles/20121022/07340420786/amazon-wipes-customers-account-locks-all-ebooks-says-find-new-retailer-when-she-asks-why.shtml Techdirt has been warning people for several years that they don't really own the ebooks they have on their Amazon Kindles. The most famous demonstration of this was the sudden disappearance of ebook versions of George Orwell's 1984 and Animal Farm (you can't make this stuff up.) But that's nothing compared to what an Amazon customer in Norway now claims the company has done: shut down her Amazon account permanently and locked her Kindle -- all without explanation. < - > Unhelpfully, then, Amazon simply re-iterated that the newly-closed account was "related" to another, previously blocked account, wouldn't say why, and emphasized that this was an irrevocable ban, even to the extent of refusing to allow the person accused of this unspecified transgression to open any other account at any point in the future. < - > Of course, this is a totally Kafkaesque situation: found guilty of a crime you are not allowed to know, with no way to appeal. Over on Boing Boing, Cory Doctorow has an interesting theory about what might be the issue here: --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 13:56:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 14:56:16 -0400 Subject: [Infowarrior] - Apple's Licensing Offer To Samsung Raises Questions About FRAND Rates Message-ID: Apple's Licensing Offer To Samsung Raises Questions About FRAND Rates and What's Behind the Attacks on Google ~pj Monday, October 22 2012 @ 08:11 AM EDT One of the exhibits Samsung has now made public tells an interesting tale. It's the slide presentation [PDF] that Apple showed Samsung when it first tried (and failed) to get Samsung to license Apple's patents prior to the start of litigation. While some of the numbers were earlier reported on when the exhibit was used at trial, the slides themselves provide more data -- specifically on the difference between what Apple wanted Samsung to pay for Windows phones and for Android phones. The slides punch huge holes in Apple's FRAND arguments. Apple and Microsoft complain to regulators about FRAND rates being excessive and oppressive at approximately $6 per unit, or 2.4%; but the Apple offer was not only at a much higher rate, it targeted Android in a way that seems deliberately designed to destroy its ability to compete in the marketplace. < - > http://www.groklaw.net/article.php?story=20121022054044954 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 14:38:07 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 15:38:07 -0400 Subject: [Infowarrior] - The Pirate Bay Moves to The Cloud Message-ID: <15C10DE5-AFFF-4BDE-B0B7-51A5541550B1@infowarrior.org> (c/o AJR) The Pirate Bay Moves to The Cloud Insists They're Now Virtually Impossible to Take Down by Karl Bode Thursday 18-Oct-2012 In the hopes of making global efforts to shut down the website nearly impossible, The Pirate Bay this week announced on their website that they've shifted their entire operation to the cloud. The website is now serving up its bevy of copyrighted goods using a smattering of cloud providers from around the world, a move the group says will not only reduce takedown threats, but will cut costs, improve reliability, and improve security. From the website's announcement that popped up after the five-minute down time needed to make the switch: < - > http://www.dslreports.com/shownews/The-Pirate-Bay-Moves-to-The-Cloud-121694 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 14:40:47 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 15:40:47 -0400 Subject: [Infowarrior] - Stingrays: The Biggest Technological Threat to Cell Phone Privacy You Don't Know About Message-ID: https://www.eff.org/deeplinks/2012/10/stingrays-biggest-unknown-technological-threat-cell-phone-privacy October 22, 2012 | By Hanni Fakhoury and Trevor Timm Stingrays: The Biggest Technological Threat to Cell Phone Privacy You Don't Know About On Friday, EFF and the ACLU submitted an amicus brief in United States v. Rigmaiden, a closely-followed case that has enormous consequences for individuals' Fourth Amendment rights in their home and on their cell phone. As the Wall Street Journal explained today, the technology at the heart of the case invades the privacy countless innocent people that have never even been suspected of a crime. Rigmaiden centers around a secretive device that federal law enforcement and local police have been using with increased frequency: an International Mobile Subscriber Identity locator, or ?IMSI catcher.? These devices allows the government to electronically search large areas for a particular cell phone's signal?sucking down data on potentially thousands of innocent people along the way?while attempting to avoid many of the traditional limitations set forth in the Constitution. How Stingrays Work The Stingray is a brand name of an IMSI catcher targeted and sold to law enforcement. A Stingray works by masquerading as a cell phone tower?which your mobile phone sends signals to every 7 to 15 seconds whether you are on a call or not? and tricks your phone into connecting to it. As a result, the government can figure out who, when and where you are calling, the precise location of every device within the range, and with some devices, even capture the content of your conversations. (Read the Wall Street Journal?s detailed explanation for more.) Given the breadth of information that it can stealthily obtain, the government prefers the public and judges alike not know exactly how Stingrays work and they have even argued in court that it should be able to keep its use of the technology secret. The Electronic Privacy Information Center has filed a FOIA request for more information on Stingrays, but the FBI is dragging its feet and is sitting on 25,000 pages of documents explaining the device. The Rigmaiden Case: An Illusory Warrant In Rigmaiden, the government asked a federal judge in Northern California to order Verizon to assist in locating the defendant, who was a suspect in a tax fraud scheme. But after they received an order telling Verizon to provide the location information of an Aircard they thought to be the defendant?s, the government took matters into their own hands: they claimed this authorization somehow permitted its own use of a Stingray. Not only did the Stringray find the suspect, Rigmaiden, but it also got the records of every other innocent cell phone user nearby. The government now concedes that the use of the device was a ?search? under the Fourth Amendment and claims it had a warrant, despite the fact that, as we explain in our brief, ?the Order directs Verizon to provide the government with information and assistance, but nowhere authorizes the government to search or seize anything.? In fact, the government's application made no mention of an IMSI catcher or a Stingray, and only has a brief sentence about its plans buried at the end of an 18-page declaration: ?the mobile tracking equipment ultimately generate[s] a signal that fixes the geographic position of the Target Broadband Access Card/Cellular Telephone.? A judge initially signed off on this order, but clearly, the government did not accurately and adequately explain what it was really up to. General Warrants: Unconstitutional, All You Can Eat Data Buffets Beyond the government's conduct in this specific case, there is an even broader danger in law enforcement using these devices to locate suspects regardless of whether they explain the technology to judges: these devices allow the government to conduct broad searches amounting to ?general warrants,? the exact type of search the Fourth Amendment was written to prevent. A Stingray?which could potentially be beamed into all the houses in one neighborhood looking for a particular signal?is the digital version of the pre-Revolutionary war practice of British soldiers going door-to-door, searching Americans? homes without rationale or suspicion, let alone judicial approval. The Fourth Amendment was enacted to prevent these general fishing expeditions. As the Supreme Court has explained, a warrant requires probable cause for all places searched, and is supposed to detail the scope of the search to ensure ?nothing is left to the discretion of the officer executing the warrant?. But if uninformed courts approve the unregulated use of Stingrays, they are essentially allowing the government to enter into the home via a cellular signal at law enforcement?s discretion and rummage at will without any supervision. The government can?t simply use technology to upend centuries of Constitutional law to conduct a search they would be prevented from doing physically. Stingrays Collect Data on Hundreds of Innocent People And when police use a stingray, it?s not just the suspects? phone information the device sucks up, but all the innocent people around such suspect as well. Some devices have a range of ?several kilometers,? meaning potentially thousands of people could have their privacy violated despite not being suspected of any crime. This is another fact the government didn?t fully explain to the magistrate judge in Rigmaiden. The government now claims it protected privacy by deleting all third party data on its own after it collected it. But the government?s unilateral decision to binge and purge comes with its own consequences. Now there?s no way to know what exactly the government obtained when it used the device. Had the government told the court what it really was planning on doing and the amount of information it would obtain, the court may have exercised its constitutional role of ensuring the government narrowed its search. After all, it was for the court, not the government, to decide how best to balance the government?s need for information with third-party privacy, and any suspect?s future interest in access to potentially exculpatory information. Enough Warrantless Excursions Unfortunately, US government excuses for conducting warrantless searches are becoming all too familiar. Whether it?s the hundreds of thousands of searches for cell phone location information, the skyrocketing of warrantless surveillance of who and when you?re calling, or the NSA?s still-active warrantless wiretapping program, Americans are seeing their Fourth Amendment privacy rights under attack from all angles. We hope in this case and others like it, the court will prevent such violations of privacy from occuring again. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 22 18:38:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2012 19:38:34 -0400 Subject: [Infowarrior] - Amazon Cloud Service Goes Down and Takes Popular Sites With It Message-ID: <3C762C6B-3FFA-4C46-AA1E-43007720A9D3@infowarrior.org> October 22, 2012, 3:58 pm17 Comments Amazon Cloud Service Goes Down and Takes Popular Sites With It By NICOLE PERLROTH 7:11 p.m. | Updated Updated throughout. http://bits.blogs.nytimes.com/2012/10/22/amazon-cloud-service-goes-down-and-takes-some-popular-web-sites-with-it/ Some services at Amazon.com?s data centers went down Monday afternoon, taking with them a number of popular Web sites and services, including Flipboard and Foursquare. Amazon reported problems at data centers in Northern Virginia that appeared to have had a ripple effect across the Internet, as many companies depend on the company?s cloud service to run their businesses. Several frustrated customers took to Twitter to complain. In June, an electrical storm caused problems at the same Northern Virginia data centers and took down sites including Netflix, Pinterest and Instagram for a weekend. The companies that were affected by the latest shutdown scrambled to respond. ?Like many other services, we?ve been taken down by the outage,? said Erin Gleason, a spokeswoman for Foursquare, the mobile check-in service. ?Both the site and the app are inaccessible right now.? Ms. Gleason said the company was still awaiting guidance and updates from Amazon about when its service might be restored. Another start-up, Airbnb, attempted to reassure its members via Twitter. ?Apologies. Our site is having a case of the Mondays,? the company posted. Tera Randall, a representative for Amazon, said in an e-mail that the problems only involved one zone of the company?s service and were affecting ?a portion of customers in that zone.? She declined to elaborate on when service might be restored or what percentage of the company?s overall cloud computing business was involved. A status message on Amazon?s Web site said that the company?s cluster of cloud computing services in Virginia were ?currently experiencing degraded performance.? By late evening, at least one service that suffered as a result of the outage, Pinterest, showed signs of coming back to life. ?The site issues we were experiencing should be resolved and you can pin to your hearts content again,? the company wrote on Twitter. ?Thanks again for your understanding!? This post has been revised to reflect the following correction: Correction: October 22, 2012 In a previous version of this post, the full name of Amazon's EC2 Web service was given as Elastic Cloud Computing; it is Elastic Compute Cloud. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 23 18:41:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2012 19:41:22 -0400 Subject: [Infowarrior] - What my father would have said about the TSA Message-ID: <4823F968-E561-4A60-A8B1-6FCB10EA335F@infowarrior.org> http://tsanewsblog.com/5338/news/what-my-father-would-have-said-about-the-tsa/ What my father would have said about the TSA by PHILIP WEBER on AUGUST 23, 2012 My father fathered the way they did on black-and-white TV, though not so much Ward Cleaver as Ralph Kramden (if he and Alice had had kids). He went to work, Mom stayed home. Every night we ate dinner together, but I don?t remember Dad ever saying much. When he did, it was so unusual that it stuck with you. I was a latecomer, a product of the more permissive 1960s. That was the Vietnam era, a time when people weren?t feeling so good about their government. One night at dinner ? I was maybe 10 or 12 years old ? I was relating the story of a discussion at school about the Pledge of Allegiance. I opined that it was rather foolish to pledge allegiance to ?a piece of cloth on a stick.? I was a precocious kid in a turbulent time, what did you expect? Dad, a World War II veteran, looked up, fixed his gaze on me and said, ?A lot of people died defending that piece of cloth on a stick.? A dozen words, give or take. It may have been the only civics lesson he ever gave me, but I?ve carried it with me for 40-some years. I suspect I?ll carry it to my grave. I?m thinking about Dad while I wait in line at the airport. They?re ordering an older man to stand on the mat with his arms extended so they can pat him down. A blue-shirted agent struts like the cock of the walk. Whenever I watch this I seethe. Today I seethe out loud. A 20-something traveler in line near me perks up. ?Dude, why so angry?? he asks. Yes, he called me dude. I start to talk about idiocy of the liquids rule, then the body scanners and the pat downs. My fellow traveler interrupts, ?Dude,chill! It?s no big deal.? I fear my head will explode. Here?s the thing: I think it is a big deal. Not because I?m some kind of prude who is afraid to have his junk touched; not because I have anything to hide. Just because. Just because ?the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.? The Fourth Amendment. Pure poetry. When the odious Patriot Act was first enacted a decade ago some of us screamed that the government had no business looking at phone records and bank records without a search warrant. Overwhelmed with fear of another 9/11, many people disagreed. Maybe it was best, they reasoned, to stand back and let the feds give everybody?s checkbook and cell phone the once-over, just to make sure there were no calls or cash going to crazed jihadists. I quoted Ben Franklin ? we all quoted Ben Franklin: ?They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.? America thought about that, did some mental calculus, and decided that maybe some liberties weren?t really so essential. I remember someone telling a reporter, ?I don?t send money to al Qaeda. Go ahead and look at my bank account if you want, I got nothing to hide.? I look again at the young man in line near me. Since he was 12 years old he?s been doing the same calculus, making the liberty-for-security trade-off. He?s used to it. No big deal. Just chill. The whole notion of privacy must seem strange to him. He came of age in a time when we carry our cell phones to the dinner table. Sure, it can be annoying, but it?s really valuable when someone needs us right away. He came of age in a time when there are cameras on every street corner, which has really cut down on vandalism (not). He came of age in a time when the supermarket knows what kind of breakfast cereal I buy, which is really convenient because they send me a coupon whenever Apple Jacks is on sale. Considering all the benefits, are we really giving up that much? That?s when I hear Dad?s voice: ?A lot of people died defending that piece of cloth on a stick.? I would add, ?and those words on parchment.? And suddenly I can articulate what?s been gnawing at me all this time: It may be old-fashioned, it may be quaint, it may not be of use or of interest to you, but a lot of people thought the 4th Amendment was pretty damned important at one time, and goddamn it, dude, whatever you or the TSA trolls on the message boards may think, it?s not yours to give away. And it sure as hell isn?t John Pistole?s to take. So don?t tell me to chill out. It is a big deal. It?s one huge deal. And if I sound pissed off then at least you?re paying attention. I do not consent to the scanners. I do not consent to the pat downs. For now, I may have to endure them if I want to fly, but you?ll trample my civil rights without my consent, thank you. In the meantime, while we wait for the courts or the Congress to redress this case of monumental government malfeasance, there?s one thing I can adjudicate all by myself, and that?s the right of you, my carefree traveling companion, to speak on my behalf. Let me be clear: neither you nor any blogger nor editorial writer nor pundit should presume to tell me that it?s no big deal. I?ll decide what?s a big deal to me. Post your location on Foursquare if you like. Play out the dissolution of your marriage on Facebook. Tweet your every thought: obtuse, profound, poetic, or profane. And if you?d like to invite the government to read your emails, I can?t stop you. It?s your choice to give up your privacy, but don?t think for a second that you have permission to bargain away the right of the people to be secure in their homes and papers and persons. I think that might have been what Dad was trying to say. Call it a piece of cloth on a stick if you like, and feel free not to recite the words if that?s important to you. But recognize that a whole lot of us might respectfully disagree. There?s one more thing. I said a moment ago that this was a liberty-for-security trade-off. It?s not. It?s a liberty-for-nothing trade-off. The scanners don?t work. The patdowns are pointless. The screeners aren?t screened. No one knows what?s in the cargo hold. You want to strip us of the 4th Amendment ? hell, you want to strip usnaked ? and what you?ve offered in exchange is security theater. Now I like the theater, but a civil right is too high a ticket price for this particular show. It?s too high for a season pass. It?s too high for lifetime access to every performance in every theater on Broadway. Why so angry, Dude? Because you so casually bargained away a right that my father and your father and their parents and their parents? parents fought to preserve. Why so angry? Because you?re too obtuse to even realize what you?ve done. Why so angry? Because now you?re trying to compel me to do the same. Why so angry? Because we almost let you succeed, without demanding so much as a coupon for Apple Jacks out of the deal. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 24 09:54:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2012 10:54:46 -0400 Subject: [Infowarrior] - U.S. intends to keep adding names to kill lists Message-ID: <5C76C25B-B110-4563-8FA2-9791BF8B1662@infowarrior.org> Plan for hunting terrorists signals U.S. intends to keep adding names to kill lists By Greg Miller http://www.washingtonpost.com/world/national-security/plan-for-hunting-terrorists-signals-us-intends-to-keep-adding-names-to-kill-lists/2012/10/23/4789b2ae-18b3-11e2-a55c-39408fbe6a4b_print.html Over the past two years, the Obama administration has been secretly developing a new blueprint for pursuing terrorists, a next-generation targeting list called the ?disposition matrix.? The matrix contains the names of terrorism suspects arrayed against an accounting of the resources being marshaled to track them down, including sealed indictments and clandestine operations. U.S. officials said the database is designed to go beyond existing kill lists, mapping plans for the ?disposition? of suspects beyond the reach of American drones. Although the matrix is a work in progress, the effort to create it reflects a reality setting in among the nation?s counterterrorism ranks: The United States? conventional wars are winding down, but the government expects to continue adding names to kill or capture lists for years. Among senior Obama administration officials, there is a broad consensus that such operations are likely to be extended at least another decade. Given the way al-Qaeda continues to metastasize, some officials said no clear end is in sight. ?We can?t possibly kill everyone who wants to harm us,? a senior administration official said. ?It?s a necessary part of what we do. .?.?. We?re not going to wind up in 10 years in a world of everybody holding hands and saying, ?We love America.? ? That timeline suggests that the United States has reached only the midpoint of what was once known as the global war on terrorism. Targeting lists that were regarded as finite emergency measures after the attacks of Sept. 11, 2001, are now fixtures of the national security apparatus. The rosters expand and contract with the pace of drone strikes but never go to zero. Meanwhile, a significant milestone looms: The number of militants and civilians killed in the drone campaign over the past 10 years will soon exceed 3,000 by certain estimates, surpassing the number of people al-Qaeda killed in the Sept. 11 attacks. The Obama administration has touted its successes against the terrorist network, including the death of Osama bin Laden, as signature achievements that argue for President Obama?s reelection. The administration has taken tentative steps toward greater transparency, formally acknowledging for the first time the United States? use of armed drones. Less visible is the extent to which Obama has institutionalized the highly classified practice of targeted killing, transforming ad-hoc elements into a counterterrorism infrastructure capable of sustaining a seemingly permanent war. Spokesmen for the White House, the National Counterterrorism Center, the CIA and other agencies declined to comment on the matrix or other counterterrorism programs. Privately, officials acknowledge that the development of the matrix is part of a series of moves, in Washington and overseas, to embed counterterrorism tools into U.S. policy for the long haul. White House counterterrorism adviser John O. Brennan is seeking to codify the administration?s approach to generating capture/kill lists, part of a broader effort to guide future administrations through the counterterrorism processes that Obama has embraced. CIA Director David H. Petraeus is pushing for an expansion of the agency?s fleet of armed drones, U.S. officials said. The proposal, which would need White House approval, reflects the agency?s transformation into a paramilitary force, and makes clear that it does not intend to dismantle its drone program and return to its pre-Sept. 11 focus on gathering intelligence. The U.S. Joint Special Operations Command, which carried out the raid that killed bin Laden, has moved commando teams into suspected terrorist hotbeds in Africa. A rugged U.S. outpost in Djibouti has been transformed into a launching pad for counterterrorism operations across the Horn of Africa and the Middle East. JSOC also has established a secret targeting center across the Potomac River from Washington, current and former U.S. officials said. The elite command?s targeting cells have traditionally been located near the front lines of its missions, including in Iraq and Afghanistan. But JSOC created a ?national capital region? task force that is a 15-minute commute from the White House so it could be more directly involved in deliberations about al-Qaeda lists. The developments were described by current and former officials from the White House and the Pentagon, as well as intelligence and counterterrorism agencies. Most spoke on the condition of anonymity because of the sensitivity of the subject. These counterterrorism components have been affixed to a legal foundation for targeted killing that the Obama administration has discussed more openly over the past year. In a series of speeches, administration officials have cited legal bases, including the congressional authorization to use military force granted after the Sept. 11 attacks, as well as the nation?s right to defend itself. Critics contend that those justifications have become more tenuous as the drone campaign has expanded far beyond the core group of al-Qaeda operatives behind the strikes on New York and Washington. Critics note that the administration still doesn?t confirm the CIA?s involvement or the identities of those who are killed. Certain strikes are now under legal challenge, including the killings last year in Yemen of U.S.-born al-Qaeda operative Anwar al-Awlaki and his 16-year-old son. Counterterrorism experts said the reliance on targeted killing is self-perpetuating, yielding undeniable short-term results that may obscure long-term costs. ?The problem with the drone is it?s like your lawn mower,? said Bruce Riedel, a former CIA analyst and Obama counterterrorism adviser. ?You?ve got to mow the lawn all the time. The minute you stop mowing, the grass is going to grow back.? An evolving database The United States now operates multiple drone programs, including acknowledged U.S. military patrols over conflict zones in Afghanistan and Libya, and classified CIA surveillance flights over Iran. Strikes against al-Qaeda, however, are carried out under secret lethal programs involving the CIA and JSOC. The matrix was developed by the NCTC, under former director Michael Leiter, to augment those organizations? separate but overlapping kill lists, officials said. The result is a single, continually evolving database in which biographies, locations, known associates and affiliated organizations are all catalogued. So are strategies for taking targets down, including extradition requests, capture operations and drone patrols. Obama?s decision to shutter the CIA?s secret prisons ended a program that had become a source of international scorn, but it also complicated the pursuit of terrorists. Unless a suspect surfaced in the sights of a drone in Pakistan or Yemen, the United States had to scramble to figure out what to do. ?We had a disposition problem,? said a former U.S. counterterrorism official involved in developing the matrix. The database is meant to map out contingencies, creating an operational menu that spells out each agency?s role in case a suspect surfaces in an unexpected spot. ?If he?s in Saudi Arabia, pick up with the Saudis,? the former official said. ?If traveling overseas to al-Shabaab [in Somalia] we can pick him up by ship. If in Yemen, kill or have the Yemenis pick him up.? Officials declined to disclose the identities of suspects on the matrix. They pointed, however, to the capture last year of alleged al-Qaeda operative Ahmed Abdulkadir Warsame off the coast of Yemen. Warsame was held for two months aboard a U.S. ship before being transferred to the custody of the Justice Department and charged in federal court in New York. ?Warsame was a classic case of ?What are we going to do with him?? ? the former counterterrorism official said. In such cases, the matrix lays out plans, including which U.S. naval vessels are in the vicinity and which charges the Justice Department should prepare. ?Clearly, there were people in Yemen that we had on the matrix,? as well as others in Pakistan and Afghanistan, the former counterterrorism official said. The matrix was a way to be ready if they moved. ?How do we deal with these guys in transit? You weren?t going to fire a drone if they were moving through Turkey or Iran.? Officials described the matrix as a database in development, although its status is unclear. Some said it has not been implemented because it is too cumbersome. Others, including officials from the White House, Congress and intelligence agencies, described it as a blueprint that could help the United States adapt to al-Qaeda?s morphing structure and its efforts to exploit turmoil across North Africa and the Middle East. A year after Defense Secretary Leon E. Panetta declared the core of al-Qaeda near strategic defeat, officials see an array of emerging threats beyond Pakistan, Yemen and Somalia ? the three countries where almost all U.S. drone strikes have occurred. The Arab spring has upended U.S. counterterrorism partnerships in countries including Egypt where U.S. officials fear al-Qaeda could establish new roots. The network?s affiliate in North Africa, al-Qaeda in the Islamic Maghreb, has seized territory in northern Mali and acquired weapons that were smuggled out of Libya. ?Egypt worries me to no end,? a high-ranking administration official said. ?Look at Libya, Algeria and Mali and then across the Sahel. You?re talking about such wide expanses of territory, with open borders and military, security and intelligence capabilities that are basically nonexistent.? Streamlining targeted killing The creation of the matrix and the institutionalization of kill/capture lists reflect a shift that is as psychological as it is strategic. Before the attacks of Sept. 11, 2001, the United States recoiled at the idea of targeted killing. The Sept. 11 commission recounted how the Clinton administration had passed on a series of opportunities to target bin Laden in the years before the attacks ? before armed drones existed. President Bill Clinton approved a set of cruise-missile strikes in 1998 after al-Qaeda bombed embassies in East Africa, but after extensive deliberation, and the group?s leader escaped harm. Targeted killing is now so routine that the Obama administration has spent much of the past year codifying and streamlining the processes that sustain it. This year, the White House scrapped a system in which the Pentagon and the National Security Council had overlapping roles in scrutinizing the names being added to U.S. target lists. Now the system functions like a funnel, starting with input from half a dozen agencies and narrowing through layers of review until proposed revisions are laid on Brennan?s desk, and subsequently presented to the president. Video-conference calls that were previously convened by Adm. Mike Mullen, then-chairman of the Joint Chiefs of Staff, have been discontinued. Officials said Brennan thought the process shouldn?t be run by those who pull the trigger on strikes. ?What changed is rather than the chairman doing that, John chairs the meeting,? said Leiter, the former head of the NCTC. The administration has also elevated the role of the NCTC, which was conceived as a clearinghouse for threat data and has no operational capability. Under Brennan, who served as its founding director, the center has emerged as a targeting hub. Other entities have far more resources focused on al-Qaeda. The CIA, JSOC and U.S. Central Command have hundreds of analysts devoted to the terrorist network?s franchise in Yemen, while the NCTC has fewer than two dozen. But the center controls a key function. ?It is the keeper of the criteria,? a former U.S. counterterrorism official said, meaning that it is in charge of culling names from al-Qaeda databases for targeting lists based on criteria dictated by the White House. The criteria are classified but center on obvious questions: Who are the operational leaders? Who are the key facilitators? A typical White House request will direct the NCTC to generate a list of al-Qaeda operatives in Yemen involved in carrying out or plotting attacks against U.S. personnel in Sanaa. The lists are reviewed at regular three-month intervals during meetings at the NCTC headquarters that involve analysts from other organizations, including the CIA, the State Department and JSOC. Officials stress that these sessions don?t equate to approval for additions to kill lists, an authority that rests exclusively with the White House. With no objections ? and officials said those have been rare ? names are submitted to a panel of National Security Council officials that is chaired by Brennan and includes the deputy directors of the CIA and the FBI, as well as top officials from the State Department, the Pentagon and the NCTC. Obama approves the criteria for lists and signs off on drone strikes outside Pakistan, where decisions on when to fire are made by the director of the CIA. But aside from Obama?s presence at ?Terror Tuesday? meetings ? which generally are devoted to discussing terrorism threats and trends rather than approving targets ? the president?s involvement is more indirect. ?The president would never come to a deputies meeting,? a senior administration official said, although participants recalled cases in which Brennan stepped out of the situation room to get Obama?s direction on questions the group couldn?t resolve. The review process is compressed but not skipped when the CIA or JSOC has compelling intelligence and a narrow window in which to strike, officials said. The approach also applies to the development of criteria for ?signature strikes,? which allow the CIA and JSOC to hit targets based on patterns of activity ? packing a vehicle with explosives, for example ? even when the identities of those who would be killed is unclear. A model approach For an administration that is the first to embrace targeted killing on a wide scale, officials seem confident that they have devised an approach that is so bureaucratically, legally and morally sound that future administrations will follow suit. During Monday?s presidential debate, Republican nominee Mitt Romney made it clear that he would continue the drone campaign. ?We can?t kill our way out of this,? he said, but added later that Obama was ?right to up the usage? of drone strikes and that he would do the same. As Obama nears the end of his term, officials said the kill list in Pakistan has slipped to fewer than 10 al-Qaeda targets, down from as many as two dozen. The agency now aims many of its Predator strikes at the Haqqani network, which has been blamed for attacks on U.S. forces in Afghanistan. In Yemen, the number of militants on the list has ranged from 10 to 15, officials said, and is not likely to slip into the single digits anytime soon, even though there have been 36 U.S. airstrikes this year. The number of targets on the lists isn?t fixed, officials said, but fluctuates based on adjustments to criteria. Officials defended the arrangement even while acknowledging an erosion in the caliber of operatives placed in the drones? cross hairs. ?Is the person currently Number 4 as good as the Number 4 seven years ago? Probably not,? said a former senior U.S. counterterrorism official involved in the process until earlier this year. ?But it doesn?t mean he?s not dangerous.? In focusing on bureaucratic refinements, the administration has largely avoided confronting more fundamental questions about the lists. Internal doubts about the effectiveness of the drone campaign are almost nonexistent. So are apparent alternatives. ?When you rely on a particular tactic, it starts to become the core of your strategy ? you see the puff of smoke, and he?s gone,? said Paul Pillar, a former deputy director of the CIA?s counterterrorism center. ?When we institutionalize certain things, including targeted killing, it does cross a threshold that makes it harder to cross back.? For a decade, the dimensions of the drone campaign have been driven by short-term objectives: the degradation of al-Qaeda and the prevention of a follow-on, large-scale attack on American soil. Side effects are more difficult to measure ? including the extent to which strikes breed more enemies of the United States ? but could be more consequential if the campaign continues for 10 more years. ?We are looking at something that is potentially indefinite,? Pillar said. ?We have to pay particular attention, maybe more than we collectively have so far, to the longer-term pros and cons to the methods we use.? Obama administration officials at times have sought to trigger debate over how long the nation might employ the kill lists. But officials said the discussions became dead ends. In one instance, Mullen, the former Joint Chiefs chairman, returned from Pakistan and recounted a heated confrontation with his counterpart, Gen. Ashfaq Parvez Kayani. Mullen told White House and counterterrorism officials that the Pakistani military chief had demanded an answer to a seemingly reasonable question: After hundreds of drone strikes, how could the United States possibly still be working its way through a ?top 20? list? The issue resurfaced after the U.S. raid that killed bin Laden. Seeking to repair a rift with Pakistan, Panetta, the CIA director, told Kayani and others that the United States had only a handful of targets left and would be able to wind down the drone campaign. A senior aide to Panetta disputed this account, and said Panetta mentioned the shrinking target list during his trip to Islamabad but didn?t raise the prospect that drone strikes would end. Two former U.S. officials said the White House told Panetta to avoid even hinting at commitments the United States was not prepared to keep. ?We didn?t want to get into the business of limitless lists,? said a former senior U.S. counterterrorism official who spent years overseeing the lists. ?There is this apparatus created to deal with counterterrorism. It?s still useful. The question is: When will it stop being useful? I don?t know.? Karen DeYoung, Craig Whitlock and Julie Tate contributed to this report. ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 24 12:02:09 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2012 13:02:09 -0400 Subject: [Infowarrior] - Russia broadens definition of treason Message-ID: <06823477-1A2D-4894-99B6-898B6BFE7CB4@infowarrior.org> http://www.ft.com/cms/s/0/df6865e2-1d1e-11e2-a17f-00144feabdc0.html#ixzz2AEkIYmaM October 23, 2012 4:16 pm Russia broadens definition of treason By Charles Clover in Moscow Russia has broadened its definition of treason, in a move prompting fears that state authorities will have a new weapon to clamp down on the press and non-governmental organisations. The law was passed on Tuesday by the lower house of parliament, one of several pieces of legislation overseen by President Vladimir Putin and seemingly designed to clamp down on political opposition. The changes and additions to an existing law on state secrets will make it illegal not only to pass on state secrets but also to receive, transmit or publicise them. ?It is a very worrying situation, you could become a traitor or a spy without even knowing it,? said Igor Kolyapin, head of the Nizhny Novgorod-based Committee Against Torture. ?Anyone who does not have access to state secrets does not, by definition, know what is secret and what isn?t. How thus can they thus be understood to carry responsibility for this?? The legislation strengthens an existing treason law and makes it a crime to divulge sensitive information not just to foreign governments, but to international organisations. It also makes it easier to prosecute treason cases ? formerly prosecutors had to show ?hostile intent?, but that has been substituted for easier to prove criteria where they merely have to show a threat to state security. Under the new legal definition, someone providing the European Court of Human Rights information on abuses in Russia, for example, could be prosecuted for revealing state secrets, said Pavel Chikov, head of Agora, the human rights group. ?Even the transmission of information on election fraud could be construed as state treason,? he said. Parliamentarians from the ruling United Russia party defended the law, saying it had been reworked to reflect earlier criticism that it was too broad. Pavel Krasheninnikov, a parliamentary deputy from the party, was quoted by Ria Novosti, the state news agency, as saying the latest version of the law had been rewritten to avoid being ?too expansive in its interpretation?. The law was originally submitted in December 2008 in the aftermath of the short war between Russia and Georgia, but was quietly shelved by the relatively liberal President Dmitry Medvedev. However, it has been revived after Mr Putin returned to the Kremlin for a third term in May. Andrei Soldatov, a journalist who covers Russia?s security services, said the laws had apparently had the desired effect of producing a chill in the political climate and self-censorship among journalists and experts. ?The government doesn?t need to implement this law, they just need to pass the law and everyone will become more cautious,? he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 25 08:05:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2012 09:05:37 -0400 Subject: [Infowarrior] - Shifting Mood May End Blank Check for U.S. Security Efforts Message-ID: <48F8660D-E574-47CF-9627-A82C49A236FD@infowarrior.org> October 24, 2012 Shifting Mood May End Blank Check for U.S. Security Efforts By SCOTT SHANE http://www.nytimes.com/2012/10/25/us/politics/rethinking-an-open-checkbook-for-a-security-colossus.html?hp&_r=1&&pagewanted=print WASHINGTON ? Last week, a Bangladeshi student was charged in an F.B.I. sting operation with plotting to blow up the Federal Reserve Bank in New York. A Somali-American man was convicted of sending young recruits from Minneapolis to a terrorist group in Somalia. In Libya, extremists responsible for the killing of four Americans last month in Benghazi remained at large. The drumbeat of terrorism news never quite stops. And as a result, for 11 years since the Sept. 11 attacks, the security colossus constructed to protect the nation from Al Qaeda and its ilk has continued to grow, propelled by public anxiety, stunning advances in surveillance technology and lavish spending ? about $690 billion over a decade, by one estimate, not including the cost of the wars in Iraq and Afghanistan. Now that may be changing. The looming federal budget crunch, a sense that major attacks on the United States are unlikely and new bipartisan criticism of the sprawling counterterrorism bureaucracy may mean that the open checkbook era is nearing an end. While the presidential candidates have clashed over security for American diplomats in Libya, their campaigns have barely mentioned domestic security. That is for a reason: fewer than one-half of 1 percent of Americans, in a Gallup poll in September, said that terrorism was the country?s most important problem. But the next administration may face a decision: Has the time come to scale back security spending, eliminating the least productive programs? Or, with tumult in the Arab world and America still a prime target, would that be dangerous? Many security experts believe that a retrenchment is inevitable and justified. ?After 9/11, we had to respond with everything we had, not knowing what would work best,? said Rick Nelson, a former Navy helicopter pilot who served in several counterterrorism positions and is now at the Center for Strategic and International Studies. ?That?s a model we can no longer afford, financially or politically.? Michael V. Hayden, who led both the National Security Agency and the Central Intelligence Agency in the years after the Sept. 11 attacks, agrees that the time will come for security spending to be scaled back and believes that citizens need to decide when that should happen. Personally, he would wait a while longer. ?I would stand fast for now,? said Mr. Hayden, who is an adviser to Mitt Romney. In the view of most specialists, the danger to United States territory from Al Qaeda and its allies is far less than it was in 2001. Al Qaeda?s leaders have been relentlessly hunted, its ideology was rejected by most of the young Muslims who led the Arab revolts, and its recruits in the United States have been few. Of more than 160,000 homicides in the country since Sept. 11, 2001, just 14 were carried out by Qaeda sympathizers in the name of jihad. Some of the credit is no doubt due to domestic security efforts, which cost $470 billion in federal money, $110 billion in state and local budgets and $110 billion in private-sector spending from 2002 to 2011, according to John Mueller, a political scientist at Ohio State University. That money has paid for an alphabet soup of new agencies: the Department of Homeland Security, the Office of the Director of National Intelligence, the National Counterterrorism Center, the Terrorist Screening Center and many others, each with a supporting cast of contractors. Old agencies like the C.I.A. and the F.B.I. have bulked up, and a record 4.8 million people hold security clearances. Any move to trim the counterterrorism bureaucracy will face daunting opposition. Some Americans will worry that cutbacks could put them at risk. Members of Congress will fear being labeled soft on terrorism. Lobbyists will fight to protect the lucrative domestic security sector. For years, counterterrorism programs have been met mostly with cheerleading on Capitol Hill, despite billions spent on programs that turned out to be troubled or ineffective: ?puffer? machines for airport screening that were warehoused, a high-tech surveillance program on the border with Mexico that was shut down, costly machines to sniff city air for biological weapons that produced too many false positives. No previous Congressional criticism of counterterrorism programs, however, has been quite so scathing as a bipartisan Senate subcommittee report this month on more than 70 ?fusion centers? nationwide, created to help federal, state and local authorities share threat information. The two-year investigation found that the centers had failed to help disrupt a single terrorist plot, even as they spent hundreds of millions of taxpayer dollars and infringed on civil liberties. But the reaction to the report illustrated why it will be difficult to cut even marginal programs. Senior senators, the Department of Homeland Security and a half-dozen law enforcement groups rushed to criticize the report and defend the centers, which, not coincidentally, provide jobs and spending in every state. Philip B. Heymann, a Harvard law professor and a former deputy attorney general, said that after every war there had been an adjustment that shrank the security establishment and eased wartime controls to restore the balance of power between the government and the citizenry. ?If you want the America we built over 200 years, we always have to be looking for ways to ratchet back these controls when it?s safe,? said Mr. Heymann, who is writing a book on the subject. ?If we tried, we could find a number of places where we could move back toward the normal of 2000 without reducing security.? Like other intelligence officials after 2001, Mr. Hayden was whipsawed by public wrath: first, for failing to prevent the Sept. 11 attacks, and then, a few years later, for having permitted the National Security Agency to eavesdrop on terrorism suspects in the United States without court approval. Perhaps, as a result, he often says that the American people need to instruct the government on where to draw the line. He told an audience at the University of Michigan last month, for instance, that while a plot on the scale of the Sept. 11 attacks was highly unlikely, smaller terrorist strikes, like the shootings by an Army psychiatrist at Fort Hood in Texas in 2009, could not always be stopped. ?I can actually work to make this less likely than it is today,? Mr. Hayden said. ?But the question I have for you is: What of your privacy, what of your convenience, what of your commerce do you want to give up?? A big problem for Mr. Hayden?s formula is government secrecy, which makes it tough for any citizen to assess counterterrorism programs, their value and their intrusion on people?s privacy. Ubiquitous new technology has made it far easier for agencies to keep watch on Americans, using cellphones that track location, Internet monitoring, video surveillance cameras, facial recognition software and license plate readers. And the government increasingly taps into the huge amounts of data that companies gather. ?I think the greatest threat to privacy these days is the enormous amount of data in the hands of private companies that could be misused ? either by the government or by companies,? said John Villasenor, an electrical engineer at the University of California, Los Angeles, who studies the social impact of technology. ?Today almost everything we do is recorded by default.? Consider the counterterrorism databases that the F.B.I. has built, largely in secret, with names like Investigative Data Warehouse and Foreign Terrorist Tracking Task Force Data Mart. One public glimpse ? a heavily redacted 2006 list of materials in the Data Mart obtained by Wired magazine under the Freedom of Information Act ? suggests the sweep of information being gathered: sprawling data collections from dozens of government agencies, on subjects like suspicious bank transactions and lost passports; voluminous records from commercial data collectors like Acxiom, ChoicePoint and Accurint (which alone accounted for 175 million entries); even hotel guest records. An F.B.I. spokesman, Christopher M. Allen, declined to provide a current list of data in the system. But he said F.B.I. rules gave ?greater overall protections for privacy than the law requires? and were strictly enforced by bureau lawyers. Such official assurances do not comfort civil libertarians. Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a Washington watchdog group, said that the easing of government incursions on privacy and rights that traditionally followed a war may not come this time, because the technology-driven ?architecture of surveillance and security? remained in place. ?We?re still left with this largely unaccountable infrastructure,? Mr. Rotenberg said. ?As long as we don?t begin to dismantle that, I?m not sure we will ever move past 9/11.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 25 19:25:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2012 20:25:01 -0400 Subject: [Infowarrior] - Boeing Successfully Tests Microwave Missile That Takes Out Electronic Targets Message-ID: <6ABCC0BF-EE6C-4DF6-AA4A-1C8A6898AC2A@infowarrior.org> Boeing Successfully Tests Microwave Missile That Takes Out Electronic Targets October 25, 2012 8:57 AM http://stlouis.cbslocal.com/2012/10/25/boeing-successfully-tests-microwave-missile-that-takes-out-electronic-targets/ HILL AIR FORCE BASE, Utah (CBS St. Louis) ? Boeing successfully tests a new missile that can take out electronic targets with little collateral damage. The aerospace company tested the microwave missile last week on a two-story building on the Utah Test and Training Range where computers and electronic systems were turned on to gauge the effects of the missile?s radio waves, according to a Boeing press release. The missile, known as CHAMP (Counter-electronics High-powered Advanced Missile Project), fired a burst of High Powered Microwaves at the building, successfully knocking out the electronic systems and computers, and even taking out the television cameras recording the test. ?This technology marks a new era in modern-day warfare,? Keith Coleman, CHAMP program manager for Boeing Phantom Works, said in the press release. ?In the near future, this technology may be used to render an enemy?s electronic and data systems useless even before the first troops or aircraft arrive.? Seven targets were taken out in total during the one-hour test which left no collateral damage. Coleman believes this can be a huge advancement forward in non-lethal warfare. ?Today we turned science fiction into science fact,? Coleman said in the press release. James Dodd, vice president of Advanced Boeing Military Aircraft, is hoping to get these microwave missiles in the field sooner rather than later. Members of the U.S. Air Force Research Laboratory Directed Energy Directorate and Raytheon Ktech also took part in the test. Boeing Defense, Space & Security division is headquartered in St. Louis. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 25 19:52:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2012 20:52:06 -0400 Subject: [Infowarrior] - New DMCA exemptions/rulings announced Message-ID: <12D71793-D183-4E67-9A22-FB64D052B32B@infowarrior.org> Once again DC creates social and technical chaos, all in a feeble attempt to preserve the aging business models of certain industries. Idiocy, thy reign is Washington. --rick Jailbreaking now legal under DMCA for smartphones, but not tablets http://arstechnica.com/tech-policy/2012/10/jailbreaking-now-legal-under-dmca-for-smartphones-but-not-tablets/ Arbitrary rulings illustrate fundamental brokenness of the DMCA. by Timothy B. Lee - Oct 25 2012, 6:45pm EDT The Digital Millennium Copyright makes it illegal to "circumvent" digital rights management schemes. But when Congress passed the DMCA in 1998, it gave the Librarian of Congress the power to grant exemptions. The latest batch of exemptions, which will be in force for three years, were announced on Thursday. Between now and late 2015, there will be five categories of circumvention that will be allowed under the Librarian's rules, one fewer than the current batch of exemptions, which was announced in July 2010. The new exemptions take effect October 28. The new batch of exemptions illustrate the fundamentally arbitrary nature of the DMCA's exemption process. For the next three years, you'll be allowed to jailbreak smartphones but not tablet computers. You'll be able to unlock phones purchased before January 2013 but not phones purchased after that. It will be legal to rip DVDs to use an excerpt in a documentary, but not to play it on your iPad. None of these distinctions makes very much sense. But Congress probably deserves more blame for this than the Librarian of Congress. Disability access to e-books The first exemption applies to "literary works, distributed electronically, that are protected by technological measures which either prevent the enabling of read-aloud functionality or interfere with screen readers or other applications or assistive technologies." The work must have been purchased legitimately through "customary channels," such that "the rights owner is remunerated." A similar version of the exemption was offered in 2010, but that one allowed circumvention only if "all existing e-book editions of the work contain access controls" that inhibit disabled access. Disability groups urged the Librarian to drop this restriction, arguing that "despite the rapid growth of the e-book market, most e-book titles remain inaccessible due to fragmentation within the industry and differing technical standards and accessibility capabilities across platforms." That meant that the rule effectively required disabled users to own multiple devices?a Kindle, a Nook, and an iPad, for example?in order to gain access to a full range of e-books. The Librarian accepted this argument and allowed circumvention by disabled users even if a work is available in an open format on another platform. Jailbreaking for iPhones but not iPads The new rules allow circumvention of "computer programs that enable wireless telephone handsets to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the telephone handset." In other words, jailbreaking is permitted for "telephone handsets," as it was under the 2010 rules. What about tablets? No dice. The Librarian "found significant merit to the opposition?s concerns that this aspect of the proposed class was broad and ill-defined, as a wide range of devices might be considered 'tablets,' notwithstanding the significant distinctions among them in terms of the way they operate, their intended purposes, and the nature of the applications they can accommodate. For example, an e-book reading device might be considered a 'tablet,' as might a handheld video game device or a laptop computer." The Librarian ruled that "the record lacked a sufficient basis to develop an appropriate definition for the 'tablet' category of devices, a necessary predicate to extending the exemption beyond smartphones." No more unlocking In 2006 and 2010, the Librarian of Congress had permitted users to unlock their phones to take them to a new carrier. Now that's coming to an end. While the new rules do contain a provision allowing phone unlocking, it comes with a crippling caveat: the phone must have been "originally acquired from the operator of a wireless telecommunications network or retailer no later than ninety days after the effective date of this exemption." In other words, phones you already have, as well as those purchased between now and next January, can be unlocked. But phones purchased after January 2013 can only be unlocked with the carrier's permission. Why the change? The Librarian cited two key factors. One is a 2010 ruling that held that when you purchase software, you don't actually own it. Rather, you merely license it according to the terms of the End User License Agreement. The Librarian argued that this undermined the claim that unlocking your own phone was fair use. Also, the Librarian found that there are more unlocked phones on the market than there were three years ago, and that most wireless carriers have liberal policies for unlocking their handsets. As a result, the Librarian of Congress decided that it should no longer be legal to unlock your cell phone without the carrier's permission. DVDs: Excerpts, but no space-shifting The most complicated exemption focuses on DVDs. Between now and 2015, it will be legal to rip a DVD "in order to make use of short portions of the motion pictures for the purpose of criticism or comment in the following instances: (i) in noncommercial videos; (ii) in documentary films; (iii) in nonfiction multimedia e-books offering film analysis; and (iv) for educational purposes in film studies or other courses requiring close analysis of film and media excerpts, by college and university faculty, college and university students, and kindergarten through twelfth grade educators." A similar exemption applies for "online distribution services." The Librarian also allowed DVDs to be decrypted to facilitate disability access. Specifically, it's now legal "to access the playhead and/or related time code information embedded in copies of such works and solely for the purpose of conducting research and development for the purpose of creating players capable of rendering visual representations of the audible portions of such works and/or audible representations or descriptions of the visual portions of such works to enable an individual who is blind, visually impaired, deaf, or hard of hearing, and who has lawfully obtained a copy of such a work, to perceive the work." But the Librarian did not allow circumvention for space-shifting purposes. While public interest groups had argued that consumers should be allowed to rip a DVD in order to watch it on an iPad that lacks a built-in DVD drive, the Librarian concluded that no court has found that such "space shifting" is a fair use under copyright law. Public Knowledge, one of the groups that had advocated the exception, argued that the Librarian's ruling "flies in the face of reality." PK's Michael Weinberg noted that this reasoning implies that "every person who has ever ripped a CD to put on her iPod is a copyright infringer. Even the RIAA has recognized that such activity is, in their words, 'perfectly lawful.'" A broken system The space-shifting ruling is a good illustration of the fundamental brokenness of the DMCA. In order to convince the Librarian to allow DVD ripping in order to watch it on an iPad, a court would first need to rule that doing so falls under copyright's fair use defense. To get such a ruling, someone would have to rip a DVD (or sell a DVD-ripping tool), get sued in court, and then convince a judge that DVD ripping is fair use. But in such a case, the courts would probably never reach the fair use question, because?absent an exemption from the Librarian of Congress?circumvention is illegal whether or not the underlying use of the work would be a fair use. So no fair use ruling without an exemption, and no exemption without a fair use ruling. A classic catch-22. This "triennial review" process is broken in other ways as well. Exemptions apply to the act of circumvention, but not to the separate provisions prohibiting "trafficking" in circumvention tools. So blind people who happen to be programmers are now free to write their own software to strip the DRM off their Kindle e-books in order to have them read aloud. But most blind people are not programmers. And anyone who supplies a blind person with the software needed to strip DRM from e-books is violating the "trafficking" provisions of the law even if the customer's use of the software is otherwise legal. Finally, the case-by-case nature of the exemption process makes it inevitable that we'll get arbitrary results. For example, there's no logical reason why it should be legal to jailbreak an iPhone but illegal to jailbreak an iPad. But because no one presented the Librarian of Congress with a sufficiently precise definition of "tablet," this illogical result will be the law of the land for the next three years. Here's a better approach: circumventing copy protection schemes shouldn't be against the law in the first place. DRM schemes harm legitimate users more than they deter piracy. Indeed, as the phone unlocking example illustrates, many uses of DRM have nothing to do with copyright infringement in the first place. Rather, they're a convenient legal pretext for limiting competition and locking consumers into proprietary products. We shouldn't be using copyright law as a backdoor means to give such anti-competitive practices the force of law. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Oct 25 19:55:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2012 20:55:06 -0400 Subject: [Infowarrior] - ISC2 set for a shakeup? Message-ID: <61BFEF59-E67F-449D-AF37-81A7398D2449@infowarrior.org> 'Four horsemen' posse: This here security town needs a new sheriff Body which issues CISSP tin stars set for shakeup? By John Leyden ? Get more from this author http://www.theregister.co.uk/2012/10/18/isc2_election/ Posted in Security, 18th October 2012 11:21 GMT As the overpriced beers flowed and dusk approached in central London pubs surrounding the venue of RSA Europe last week, talk often turned towards the (ISC)2 security certification body. (ISC)2, which administers the widely recognised Certified Information Systems Security Professional (CISSP) qualification, was "a waste of money" and its board of directors "filled with a bunch of out-of-touch boobs" who are unaware of the practical issues in the working life of an infosec professional, we heard. Membership fees for the organisation are $85 a year. But what do the 80,000 (ISC)2 members get in return? A cursory search reveals that the beer-fuelled criticism is matched by a series of critical blog posts by respected members of the security community, including Jack Daniel, co-founder of the BSides security conference, and other security honchos such as Rob Graham. Many of these blog posts note that upcoming (ISC)2 elections in late November offer a chance to make a change. (ISC)2 directors are elected for a three-year term. Four of the 13 seats on the board are up for re-election this time around. As well as the six candidates on the approved slate there will also be a chance to vote for two alternative (unendorsed) candidates, one standing on a reform ticket. Eligible (ie, fully paid-up) members of (ISC)2 also have the opportunity to cast their vote for a write-in candidate. More details on the (ISC)2 board election process can be found here. Now it seems that a group of radicals wish to infiltrate the group. The "Four Horsemen of the Impending Infosec Apocalypse" - prospective candidates for the (ISC)2 election who not included on the official slate - have put themselves forward for election. Only one of the four - Dave Lewis (@gattaca) - made the cut. Scot Terban, Boris Sverdlik and Chris Nickerson all fell short. Another candidate, Diana-Lynn Contesti, will appear on the official ballot papers. Contesti was previously on the board but is not an incumbent. Manifestos for members of the loosely formed "freak ticket" alliance can be found by searching for (ISC)2 on infosecisland.com. There's also a CSOonline article on Lewis's candidacy and desire to restore the integrity of the CISSP exam. Both Lewis and Contesti are Canadian residents. The two successful unendorsed candidates managed to get 500 nominations from (ISC)2 members, via emails in support of their candidacy from registered accounts, before a 17 September deadline. Pulling off this not-inconsiderable feat means that their names will appear on the ballot for the upcoming election. Signing the petition to get someone on the ballot does not commit members to vote for them in the actual election. Of the two unendorsed candidates, only Lewis represents reform. The lack of choice among the rest is likely to irk critics of the organisation, who are not difficult to find. "I think (ISC)2 and the CISSP just need to go away, be put on an ice floe and sent out to sea - but since that seems unlikely, I?ll support folks who want to make a change," writes Daniel, in characteristically caustic style. "Wim Remes made it to the board last year from a write-on candidacy, let?s see if we can get more - at least on the ballot." Another critic, NovaInfosec.com (an association of infosec professionals in the Washington DC area) writes: "Keeping the same old guard on the board will simply result in a certification that continues to be disconnected from the day-to-day practical aspects of today?s security professionals. The first step to reconnect the ISC2 board with the practical aspects of today?s infosec pro is to get more community representation." And there's more along the same lines from Rob Graham of Errata Security, who writes: "The best known professional certification in cybersecurity is the 'CISSP' (by the (ISC)? organisation), but it?s horrible. The test givers are incompetent. The organization is corrupt. Its ethics are unethical. It?s a typical example of rent-seeking behavior rather than a badge of quality. These problems have only gotten worse over the last decade as the organization has resisted reform." Graham, like Daniel, praised the election of Wim Remes to the board last year as part of a much-needed reform process. Remes is is a manager in risk and assurance practice at Ernst & Young in Belgium. But what really appeals to those who dislike the stuffed shirts is his work organising the well-regarded BruCON security conference and presenting at BlackHat. Remes told El Reg that he might have joined in with the criticism last year himself but 10 months on the (ISC)2 board has shifted his opinion. The board of (ISC)2 is made up of representatives from academia, industry and internet committees. Unlike critics, Remes doesn't think the group is out of touch. "We need fresh blood but we don't want to throw our history away," he said. "The present board are a diverse bunch who are well in touch with what's happening in security, and knowledgeable." "They're not stuffy types... and not on the board just to be on the board. (ISC)2 is less bureaucratic than I thought it would be," he added. CISSP certification helps people to get or retain jobs in information security but it's not mandatory to have any qualification to have a job in the profession. Remes cites the fact that the 80,000 membership of (ISC)2 is going up as evidence that the organisation is still relevant and focused on the needs of its members. The (ISC)2 board meets face to face quarterly in diverse and sometimes exotic locations as well as taking part in more regular teleconferences. Although the board is in charge of governing (ISC)2, the day-to-day running of the organisation is left to a management team. John Colley, managing director for EMEA and co-chair of the European advisory board for (ISC)2, said members get two broad categories of benefit. The first is "continuing professional education opportunities", he said. "We do this by staging online and face to face events with the (ISC)2 Secure series and Think Tank sessions and by negotiating concessions and discounts at major industry events around the region," Colley explained. The second major benefit cited by Colley is that "(ISC)2 provides a voice for the community, develops recognition for the profession itself and facilitates opportunities to give back to society." The latter, in particular, sounds a bit woolly. Against this Colley said that (ISC)2 member volunteers will be presenting to an audience of over 3,000 schoolchildren in the UK during Get Safe Online Week (22-26 October). (ISC)2 is also developing an application security challenge for Cybersecurity Challenge UK, a government-backed scheme aimed at filling the growing security skills gap by attracting newcomers to the infosecurity profession, he said. Remes highlighted networking opportunities organised by local chapters and the ability to share best practice as a key benefit of remaining a CISSP. Colley added that the thorny issue of what members get for their $85 (?53) membership fees crops up every year, normally around the time of board elections. "To understand the value received for AMFs [annual membership fees], we made a concerted effort to ask the members in this region what they are looking for from (ISC)2," he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 26 07:53:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2012 08:53:59 -0400 Subject: [Infowarrior] - Judge Protects Cellphone Data On 4th Amendment Grounds, Cites Government's Technological Ignorance Message-ID: Judge Protects Cellphone Data On 4th Amendment Grounds, Cites Government's Technological Ignorance from the they're-RIGHTS,-not-INCONVENIENCES dept Various US government agencies have spent a lot of time and energy hoping to ensnare as much cell phone data as possible without having to deal with the "barriers" erected by the Fourth Amendment. The feds, along with Los Angeles law enforcement agencies, have bypassed the protections of the Fourth Amendment by deploying roving cell phone trackers that mimic mobile phone towers. The FISA Amendments Act has been used as a "blank check" for wholesale spying on Americans and has been abused often enough that the Director of National Intelligence was forced to admit these Fourth Amendment violations publicly. The good news is that a few of these overreaches are receiving judicial pushback. Orin Kerr at the Volokh Conspiracy has a very brief writeup of a recent shutdown of another cellphone-related fishing expedition led by an assistant US Attorney. An attempt was made to acquire records for ALL cell phones utilizing four different towers in the area of a specific crime at the time of the event. As Kerr notes, this ruling refers to the Fifth Circuit court decision that found cell phone data to be protected under the Fourth Amendment, thus requiring a warrant to access it. Magistrate Judge Smith points out that part of the issue is that the principals involved (the assistant US Attorney and a special agent) seemed to lack essential knowledge of the underlying technology, and that this lack of knowledge prevented them from recognizing the overreach of their request: < - > http://www.techdirt.com/blog/wireless/articles/20121024/18225920815/judge-protects-cellphone-data-4th-amendment-grounds-cites-governments-technological-ignorance.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 26 08:02:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2012 09:02:46 -0400 Subject: [Infowarrior] - Boarding Pass follies Message-ID: <5BF95BA1-C3CD-498F-8E70-B947CE091B66@infowarrior.org> Security Flaws in the TSA Pre-Check System and the Boarding Pass Check System. http://puckinflight.wordpress.com/2012/10/19/security-flaws-in-the-tsa-pre-check-system-and-the-boarding-pass-check-system/ I?m publishing this because I am seriously concerned with boarding pass security in the United States. The way TSA Pre-Check works is the organizations that participate transmit travel information for passengers who opt-in to the program to the TSA. Then the TSA in a way that randomizes security determines if the passenger is or is not eligible for Pre-Check and sends that information back to the Airline. The Airline then encodes that information in a barcode that is on the boarding pass it issues. The problem is, the passenger and flight information encoded in barcode is not encrypted in any way. Using a web site I decoded my boarding pass for my upcoming trip. M1PUCK/COLWMR YXXXXXX PHXEWRUA XXX 294RXXXFXX 11F>30B WWXXX BUA 0E016 3 So, here you see my flight information for my United flight from PHX to EWR. It is my understanding that this is similar to digital boarding passes issued by all U.S. Airlines; so the same information is on a Delta, US Airways, American and all other boarding passes. I am just using United as an example. I have X?d out any information that you could use to change my reservation. But it?s all there, PNR, seat assignment, flight number, name, ect. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check. On this trip as you can see I am eligible for Pre-Check. Also this information is not encrypted in any way. What terrorists or really anyone can do is use a website to decode the barcode and get the flight information, put it into a text file, change the 1 to a 3, then use another website to re-encode it into a barcode. Finally, using a commercial photo-editing program or any program that can edit graphics replace the barcode in their boarding pass with the new one they created. Even more scary is that people can do this to change names. So if they have a fake ID they can use this method to make a valid boarding pass that matches their fake ID. The really scary part is this will get past both the TSA document checker, because the scanners the TSA use are just barcode decoders, they don?t check against the real time information. So the TSA document checker will not pick up on the alterations. This means, as long as they sub in 3 they can always use the Pre-Check line. Pre-Check balances the need to expedite security, and keep it thorough. The TSA does by stating that Pre-Check is random even if one is enrolled in the program. However, editing or really even just viewing the data invalidates the ?randomness? of the program, allowing people to chose go through the Pre-Check line any time they want. So, there are two problems here. First, is the that data on the barcode is not encrypted. This allows people to alter information on the front of the boarding pass. Second, is the more serious issue of the Pre-Check information not only out there but where it is also possible to edit the Pre-Check status and place it back on the boarding pass. However, there is a solution. Thankfully, there is a really simple solution encode the information before putting it on the boarding pass. If that happens the traveler would either have to have a huge number of boarding passes to reverse engineer the encryption algorithm or algorithm itself. Also, TSA could connect their scanners to the airline database and check the boarding pass against what the Airline has. Either one of these solutions would solve the problem, and they are not that hard to implement. For the record, while I did validate the process I did not create a proof of concept. Actually creating a fake boarding pass even for this blog is a legally grey area and morally black one. To then actually present that board pass at the TSA checkpoint has to be come kind of crime I would think. Happy Flying! Colpuck. P.S. I have reached out to United Airlines and the TSA to see if they would like to comment on this post. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 26 08:17:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2012 09:17:08 -0400 Subject: [Infowarrior] - Legal Implications of Fully Autonomous Targeting Message-ID: No One at the Controls: Legal Implications of Fully Autonomous Targeting By Jeffrey S. Thurnher Lethal autonomous robots (LARs) may provide the best counter to the asymmetric threats of the future. From China?s considerable capacity for jamming and general cyber attack to swarms of Iranian patrol boats, dangers are proliferating, and LARs can operate faster than humans and achieve lethal outcomes even where there are no communications links. LARs are apt to prove attractive to a number of players, so the United States should act at once to secure a commanding capability in fully autonomous targeting. Legal concerns do not appear to be a game-ender, so operational commanders in particular should lead in harnessing this emerging technology. With appropriate control measures, these unmanned systems will be safe, effective, and legal weapons as well as force multipliers. They have already proven their value during the Global War on Terror, and all branches of the U.S. military are poised to rely on ever-more sophisticated LARs. < - > http://www.ndu.edu/press/fully-autonomous-targeting.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 26 12:51:03 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2012 13:51:03 -0400 Subject: [Infowarrior] - Aging Satellite Fleet May Mean Gaps in Storm Forecasts Message-ID: <5EE8103F-BDDD-4D89-B90B-7B9B9FD8F0D4@infowarrior.org> October 26, 2012 Aging Satellite Fleet May Mean Gaps in Storm Forecasts By JOHN H. CUSHMAN Jr. http://www.nytimes.com/2012/10/27/us/dying-satellites-could-lead-to-shaky-weather-forecasts.html WASHINGTON ? The United States is facing a year or more without crucial satellites that provide invaluable data for predicting storm tracks, a result of years of mismanagement and underfunding, according to several recent official reviews. The looming gap in satellite coverage, which some experts now view as almost certain to occur within the next few years, could result in shaky forecasts about storms like Hurricane Sandy, which is now expected to hit the northeast seaboard early next week. The endangered satellites fly pole-to-pole orbits and cross the Equator in the afternoon, scanning the whole planet one strip at a time. Along with orbiters on other timetables, they are among the most effective tools used to pin down the paths of major storms around five days ahead. All this week, forecasters have been relying on just such satellite observations for almost all of the data needed to narrow down what were at first widely divergent computer models of what Hurricane Sandy would do next: explode against the coast, or veer away into the open ocean? Experiments show that without this kind of satellite data, forecasters would have underestimated by half the massive snowfall that hit Washington in the 2010 blizzard nicknamed ?Snowmageddon.? ?We cannot afford to lose any enhancement that allows us to accurately forecast any weather event coming our way,? said Craig J. Craft, commissioner of emergency management for Nassau County, Long Island, where the great hurricane of 1938 hit without warning and killed hundreds. On Thursday, Mr. Craft was seeking more precise forecasts for the looming storm and gearing up for possible hospital and nursing home evacuations, as were ordered beforeHurricane Irene last year. ?Without accurate forecasts it is hard to know when to pull that trigger.? Experts have grown increasingly alarmed in the past two years because the existing polar satellites are nearing or beyond their life expectancies, and the launching of the next replacement, known as JPSS-1, has slipped until early 2017, probably too late to avoid a gap of at least a year. Prodded by lawmakers and auditors, the satellite?s managers are just beginning to think through their alternatives when the gap arrives, but these are unlikely to avoid it. The mismanagement of the $13 billion program, which goes back a decade, was recently described as a ?national embarrassment? by a top official of the Commerce Department. This summer, three independent reviews ? by the Commerce inspector general, the Government Accountability Office, and a blue-ribbon team of outside experts ? each questioned the government?s cost estimates for the program, criticized the program?s managers for not pinning down the designs and called for urgent remedies. The project is run by Commerce?s National Oceanic and Atmospheric Agency, along with NASA. The outside review team, led by A. Thomas Young, an aerospace industry leader, called the management of the program ?dysfunctional.? In response, top Commerce and NOAA officials on Sept. 18 ordered what they called an urgent restructuring ? just the latest overhaul of a program that has been troubled for many years. They streamlined the management, said they would fill key vacancies quickly, demanded immediate reports on how the agency might try to cope with the gap. They have moved quickly to nail down the specific designs of the JPSS1?s components, many of them already partly built. And they promised to quickly complete a new independent cost estimate to verify the program?s budget. ?There is no more critical strategic issue for our weather satellite programs than the risk of gaps in satellite coverage,? wrote Jane Lubchenco, the under secretary of Commerce responsible for NOAA, in her memorandum ordering the changes. Ms. Lubchenco wrote that the administration had been trying all along to fix ?this dysfunctional program that had become a national embarrassment due to chronic management problems.? ?It is a long, sad history,? said Dennis Hartmann, the chairman of a broad review of earth-observing satellite programs released in May by the National Research Council. The report projected a dismal decline in what has been among the crown jewels of modern earth and atmospheric science. The JPSS (for Joint Polar Satellite System) also includes important sensors for studying the global climate, and these too are at risk. But its main satellites, about the size of small school buses, are most notable because they put instruments to sense atmospheric moisture, temperature and the like into what is known as the ?polar p.m.? orbit, a passage from lower altitude that provides sharp and frequent images of weather patterns spanning the globe. (Other satellites stare continuously at one part of the globe from farther off, for short-term forecasting.) Polar satellites provide 84 percent of the data used in the main American computer model tracking the course of Hurricane Sandy, which at first was expected to amble harmlessly away, but now appears poised to strike the mid-Atlantic states. For years, as the accuracy of this kind of forecasting has steadily improved, NOAA?s p.m. polar satellites have been a crucial player, like the center on a basketball team. But all the while, despite many warnings, the gap has grown ever more likely. The department told Congress this summer that it could not come up with any way to launch JPSS-1, the next polar satellite any sooner. Kathryn Sullivan, assistant secretary of Commerce, said it ?will endeavor to maintain the launch date as much as practicable.? The accountability office, which views the impending gap as ?almost certain,? has been urging NOAA to come up with alternatives, like leaning on other commercial, military or government satellites for helpful data. But it observed that it would take a long time and more money to bring any such jury-rigged system on line. For now, the agency is running on a stopgap financing bill that gives it authority to shift money from other projects to the polar satellites. In approving the money, Congress demanded a written plan by next week showing how NOAA intended to stay on schedule and within a strict limit ? about $900 million a year. The agency has said its top priority is to verify its latest cost estimates, produced in the past few months. ?NOAA does not have a policy to effect consistent and reliable cost estimates,? the inspector general said. The outside review team said it could not tell ?if the current $12.9 billion is high, low, or exactly correct.? The program?s problems began a decade ago with an effort to merge military and civilian weather satellites into a single project. After its cost doubled and its schedule slipped five years, that project was sundered by the Obama administration. As its existing satellites aged and the delays mounted, NOAA finally put a new model named Suomi (after a weather-satellite pioneer) into orbit a year ago. It was initially seen as a test bed to reduce risks in the two main replacement satellites. Brought quickly into operational service, it now helps bridge the gap until the next launchings, one in 2017, and the other in 2022 ? two and four years late, respectively. But there are lingering concerns that technical glitches have shortened Suomi?s useful lifetime, perhaps to just three years. Predicting a satellite?s lifetime is like guessing when a light bulb go out. The most likely timing of a gap in coverage is between 2016 and 2018, according to the best official estimates. That would ?threaten life and property,? the independent review team warned. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Oct 26 18:10:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2012 19:10:05 -0400 Subject: [Infowarrior] - US government wants Megaupload offline forever Message-ID: US government wants Megaupload offline forever By Dave Neal Fri Oct 26 2012, 09:18 http://www.theinquirer.net/inquirer/news/2220124/us-government-wants-megaupload-offline-forever THE UNITED STATES government has made a request to its courts that Megaupload never be allowed to return to the internet. Papers filed by the US Department of Justice (DoJ), and seen by Torrentfreak show that the government is concerned that Megaupload will return and its users will get access to their files. It says that if this is true then Kim Dotcom could be in trouble. "Defense Counsel's claim that the corporate defendant can and should be allowed to operate undermines the sworn statements of Dotcom that he has no plans or ability to continue to operate or fund the businesses in the Indictment during pendency of the extradition process," wrote the DoJ. "If defendant Dotcom intentionally misled the court in New Zealand about his intentions and capabilities in order to obtain his release from pre-extradition confinement, it seems Defense Counsel's representation might endanger Dotcom's bail situation or even subject him to additional charges." Ira Rothken, a lawyer working for Dotcom said that the DoJ was being unfair here, particularly to Megaupload's users. "The DOJ is anti-consumer by preventing users from accessing their files in the Megaupload cloud in the @KimDotcom case," he tweeted. Megaupload filed a motion to dismiss earlier this month and a motion to unseal documents relating to the search warrants used in the case this week. Dotcom claims to have no plans to relaunch Megaupload, but has regularly updated followers on the progress of Mega, a new website that he is working on. He chided the DoJ on Twitter after it made its move. "DOJ misleading the court, as usual. Giving Megaupload users their files back = Rehabilitation. New Mega = New Business. Doh!," he said. "A child of five would understand that Megaupload was perfectly legal. Could someone please send a child of five to the DOJ ;-)." ? The Inquirer (http://s.tt/1r3RG) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 28 08:58:15 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Oct 2012 09:58:15 -0400 Subject: [Infowarrior] - Felix Baumgartner: Mars is a waste of your tax dollars Message-ID: <3F2D447B-5548-4A43-9898-30E22834B283@infowarrior.org> Red Bull Spacejumper Felix Baumgartner: Mars is a waste of your tax dollars http://news.cnet.com/8301-17852_3-57541674-71/felix-baumgartner-mars-is-a-waste-of-your-tax-dollars/ ... but @SarcasticRover has a great response to him, and likely saying what the NASA folks would love to say but can't, for obvous reasons. http://sarcasticrover.wordpress.com/2012/10/27/final-thoughts-on-felix/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Oct 28 20:40:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Oct 2012 21:40:39 -0400 Subject: [Infowarrior] - Google Crisis Response Message-ID: <500BC9FB-D5B5-4F2D-865C-81023A1D70F5@infowarrior.org> What is Google Crisis Response? Google Crisis Response seeks to make critical information more accessible around natural disasters and humanitarian crises. Google's contributions can include: updated satellite imagery of the disaster area, charitable donations to organizations on-the-ground, outreach through Google web properties, and engineering tools, such as Google Person Finder and Landing Pages, designed to organize and coordinate critical response resources and information. (http://www.google.org/crisisresponse/) Hurricane Sandy Response: http://www.google.org/crisisresponse/faq.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 07:36:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 08:36:35 -0400 Subject: [Infowarrior] - U.S. Stock Trading Canceled as New York Girds for Storm Message-ID: (As ZeroHedge rightly says, the decision was made "after a day of consultation and realization that if the algos were left alone to play then things could go a little pear-shaped." ---rick) U.S. Stock Trading Canceled as New York Girds for Storm By Nina Mehta and Nikolaj Gammeltoft - Oct 29, 2012 http://www.bloomberg.com/news/print/2012-10-28/nymex-to-close-floor-for-sandy-as-nyse-nasdaq-see-normal-open.html The U.S. securities industry canceled equity trading on all markets today, moving to protect workers as Hurricane Sandy barreled toward New York City with 70-mile-per-hour winds and the threat of an 11-foot sea surge. The shutdown, announced by the Securities and Exchange Commission, may extend through tomorrow and followed an earlier decision by the New York Stock Exchange to close floor trading. Risks posed by the storm, expected to come ashore late today in southern New Jersey and potentially affect 60 million people, were deemed too great to require workers to travel. ?It was a judgment decision based on the safety of a lot of market participants, especially as the storm seems to be getting more severe,? said Larry Leibowitz, chief operating officer of NYSE Euronext (NYX), in a phone interview. ?Given all the emphasis on stability and investor confidence, operating the market that way didn?t seem to serve the public interest. Why do this? To prove we can? That didn?t seem to make a lot of sense.? Trading in U.S. equity-index futures will continue until 9:15 a.m. New York time today, CME Group Inc. (CME) said in a statement. The Securities Industry and Financial Markets Association recommended trading in dollar-denominated fixed- income securities end at noon. Futures on the Standard & Poor?s 500 Index (SPX) dropped 0.6 percent at 6:49 a.m. in New York. NYSE, Nasdaq Exchanges from the NYSE and Nasdaq Stock Market to those run by Direct Edge Holdings LLC in Jersey City, New Jersey, and Bats Global Markets Inc. in Lenexa, Kansas, will suspend operations. U.S. equity trading is spread across 13 exchanges and dozens of private venues run by brokerages. NYSE Euronext and Nasdaq OMX Group Inc. (NDAQ) said the suspension would last through tomorrow, ?pending confirmation,? according to e-mailed statements. The SEC will stay in communication with the markets as the situation warrants, said John Nester, a spokesman for the SEC in Washington. Options trading will also be closed, according to Gail Osten, a spokeswoman for CBOE Holdings Inc. (CBOE), which operates the largest equity derivatives market, and Joseph Christinat, a spokesman at Nasdaq OMX. ?It?s an inconvenience, but clearly the safety of the employees and participants in the market is a primary concern,? James Angel, a professor at Georgetown University?s McDonough School of Business in Washington, said in a phone interview. ?Even if the exchanges can operate totally remotely, people connecting to the exchanges may be battling floods. We ran into the same issue after 9/11 even though Nasdaq and other trading venues could operate. ? Blizzard, Gloria The last time the NYSE cut trading hours for weather was Jan. 8, 1996, when a blizzard dropped more than 20 inches on New York City. It last closed for a full day for weather when Hurricane Gloria hit on Sept. 27, 1985. Markets have not closed for four days in a row since the start of 2007 when, following a weekend and the New Year?s Day holiday on a Monday, they shut on Jan. 2 to observe a day of mourning for President Gerald Ford?s death the previous week. ?Everybody wants to get the markets open,? the NYSE?s Leibowitz said. ?We all know how important this is and we take the decision seriously. People expect the markets will be resilient and able to operate. The tenet is that the markets should be open if at all possible.? Stacked Sandbags Workers stacked sandbags in Lower Manhattan while banks and brokerages tested contingency plans, encouraged employees to work from home and prepared to operate with skeleton crews. Governor Andrew Cuomo?s order that subway, bus and commuter rail services be closed starting at 7 p.m. Oct. 28 left many of the city?s almost 170,000 securities industry employees wondering how they would make it to work. The hurricane is predicted to make landfall late today in southern New Jersey, then turn inland, according to an advisory from the National Hurricane Center in Miami. Winds may cause a tidal surge as high as a record 11 feet (3 meters), according to New York City Mayor Michael Bloomberg. In Lower Manhattan, cranes laid concrete barricades at Goldman Sachs Group Inc. (GS)?s headquarters at 200 West Street. Sandbags were piled along garages and doors at Four World Financial Center, the offices of Bank of America Corp., and lined the sidewalk facing the river outside the Depository Trust & Clearing Corp. and Nymex. ?Big Storm? ?Hopefully we?ll be back to work within 24 or 48 hours,? Ben Schwartz, the Chicago-based chief market strategist at Lightspeed Financial LLC, said in a phone interview. The broker- dealer provides execution services for both retail and institutional clients. ?The storm was anticipated and you had to expect issues with the opening of the market with such a big storm coming, so I don?t see longer-term impact.? Sandy?s punch may be felt from Virginia to Massachusetts, said Rick Knabb, the National Hurricane Center?s director. The system packed maximum sustained winds of 85 miles (140 kilometers) per hour, up from 75 mph earlier, the National Weather Service said at 5 a.m. New York time. The storm?s eye was about 285 miles east of Cape Hatteras, North Carolina, and about 385 miles south-southeast of New York, moving north at 15 mph. It is not expected to weaken before landfall, the center said. Flood watches and warnings cover most of the Northeast and mid-Atlantic coast. Water Threat The threat of water coming onto shore prompted Mayor Bloomberg to call for the evacuation of low-lying neighborhoods including Battery Park City and areas near the East River in southern Manhattan. The mayor is founder and majority owner of Bloomberg News parent Bloomberg LP. The evacuation order resulted in the closure of the Nymex floor, CME Group, its owner, said in an e-mailed statement. U.S. federal government offices in the Washington area will be open only for emergency personnel beginning today, and state governments curtailed operations, too. The Commerce Department said reports today on personal incomes and spending would be released online in any case. Sandy, which killed as many as 65 people in the Caribbean on its path north, may be capable of inflicting as much as $18 billion in damage when it barrels into New Jersey tomorrow and knocks out power to millions for a week or more, according to forecasters and risk experts. Financial firms made plans to close some offices, conduct business from other cities, reserve hotel rooms and let employees work from home. Firms React American Express Co., the credit-card lender whose headquarters is in lower Manhattan, will shut all its offices in the tri-state region Monday, according to an e-mail from Sarah Meron, a spokeswoman. The firm hasn?t disclosed plans for the following day, she said. Goldman Sachs, the investment bank based in lower Manhattan, expects to be open for business with help from overseas offices and people working remotely. Plans include using ?teams in London and other locations around the world for additional support, having designated people work from our Greenwich and Princeton sites and, for most of you, working from home,? Goldman Sachs Chief Administrative Officer Jeffrey Schroeder said in a staff memo obtained by Bloomberg News. Some individuals deemed critical to operations will be told to come to work if they can get to their offices and return safely, according to the memo. Citigroup Inc., the third-biggest U.S. bank by assets, has offices in the potential flood zone that will be shut, according to an internal memo obtained by Bloomberg. Employees won?t have access to buildings at 111 Wall St. and 388/390 Greenwich St., according to the memo. To contact the reporters on this story: Nina Mehta in New York at nmehta24 at bloomberg.net; Nikolaj Gammeltoft in New York at ngammeltoft at bloomberg.net To contact the editor responsible for this story: Lynn Thomasson at lthomasson at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 07:56:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 08:56:36 -0400 Subject: [Infowarrior] - SCOTUS Dives Into Resale Trade Message-ID: <0C9E705F-F2DE-4615-8D8F-84AAF07D50C1@infowarrior.org> http://online.wsj.com/article/SB10001424052970204789304578084730729110360.html ? LAW JOURNAL ? Updated October 28, 2012, 6:39 p.m. ET High Court Dives Into Resale Trade By BRENT KENDALL And WILAWAN WATCHARASAKWET Cut-rate foreign goods are a staple on eBay and at big-box stores, but a case coming up at the Supreme Court could make it trickier to sell some of them. The case started with a Thai man who resold foreign-edition textbooks to U.S. students for less than the U.S. versions cost. Publisher John Wiley & Sons Inc. accused former University of Southern California Ph.D. student Supap Kirtsaeng of copyright infringement and won a $600,000 judgment. Mr. Kirtsaeng's appeal to the Supreme Court has drawn broad interest from companies such as Costco Wholesale Corp. that anticipate a major ruling on international commerce. U.S. law has long held that in principle, once a company sells a copyrighted product, the purchaser has the right to resell it later. Lower courts said that rule doesn't apply if the goods are produced abroad. The Supreme Court has scheduled arguments Monday on the dispute, and if it upholds the lower courts, the decision could shake up the market for used books, music and other products sold secondhand. It could also constrain big-box retailers and online shopping sites that obtain foreign-made goods through unofficial distribution channels. If Mr. Kirtsaeng wins, by contrast, the case could cause serious headaches for the movie, music, publishing and software industries, which don't want to undermine their U.S. sales with unauthorized imports of similar products they offered on different terms overseas. "This case could open a very big loophole in the way products are sold in the U.S.," says Marshall Leaffer, an Indiana University law professor. The Supreme Court will have to resolve a clash between two provisions of U.S. copyright law. One codifies the idea that a product maker only has control over the first sale of the product?the "first-sale doctrine." The other bars the import of copyrighted works without the copyright owner's permission. Publishers say that by adopting the second provision in 1976, Congress intended to carve out an exception to the first-sale doctrine. Mr. Kirtsaeng's side says if Congress wanted an exception it would have said so. In the absence of clear language, it says, the first-sale doctrine should also apply to foreign goods. The outcome, expected by June 2013, is likely to be a close call. The justices split 4-4 on the same legal question two years ago in a case between watchmaker Omega SA and Costco. The tie was possible because Justice Elena Kagan sat out, having worked on the matter while serving as U.S. solicitor general. This time, she's participating. Mr. Kirtsaeng's supporters, including leading retailers, bookstores, eBay Inc. and Google Inc., say Congress couldn't have meant to provide greater copyright protection to foreign goods than U.S. products. They say a win for Wiley could lead to higher prices and uncertain legal liability for anyone who sells imported goods because most products include materials protected by copyright, even if it is just a logo or instructions. For Mr. Kirtsaeng, textbooks offered an obvious opportunity for arbitrage. Publishers sell English-language textbooks at lower rates in developing counties. The former student, now 33 years old, asked friends and family in Thailand to ship him copies printed in Asia. He then sold them to American college students looking to pay less than the U.S. sticker price. Mr. Kirtsaeng resold textbooks by multiple academic publishers. Wiley was the only one that sued him, charging him with infringing its copyrights on several works, including textbooks on physics, organic chemistry and engineering. The Asian versions of those books were marked with warnings that they were intended for sale only in certain foreign regions. A New York jury found Mr. Kirtsaeng liable for willful copyright infringement and awarded Wiley $600,000 in damages. The trial judge ruled he wasn't allowed to argue that his actions were protected by the first-sale defense. When Mr. Kirtsaeng said he didn't have the money to pay, the judge, at Wiley's request, ordered him to hand over his golf clubs and his computer equipment, after he had completed his doctorate. (One of his lawyers says the clubs were later stolen, while the computer died.) Now a math professor at Silpakorn University in Bangkok, Mr. Kirtsaeng says he still doesn't understand why he was sued. "I want to fight back to prove that I didn't do anything wrong," he says. His Supreme Court lawyer, Joshua Rosenkranz, says the case demonstrates how companies can make mischief if they're allowed to maintain rights over their products even after enjoying profits from a first sale. "They are prepared to milk every penny out of people they believe are infringing," he says. During court proceedings, Wiley rejected the notion that Mr. Kirtsaeng was a struggling college student. The company said his textbook sales generated more than $900,000 in revenue, and it accused him of moving money out of his U.S. accounts to avoid having to pay for his infringement. Mr. Kirtsaeng says his actual profits were only a "small part" of what Wiley claimed, and he says he returned to Thailand without any money because of his legal fees. The company declined to comment beyond its written briefs. Wiley's supporters, including trade groups representing entertainment, publishing and software industries, say U.S. content producers will suffer if they can't block unauthorized imports. "If this kind of practice can go on, it could have a profound effect on American-centered industries," says Tom Allen, president of the Association of American Publishers. The Obama administration also is supporting Wiley in the case. Write to Brent Kendall at brent.kendall at dowjones.com and Wilawan Watcharasakwet at wilawan.watcharasakwet at wsj.com A version of this article appeared October 28, 2012, on page B1 in the U.S. edition of The Wall Street Journal, with the headline: High Court Dives Into Resale Trade. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 08:33:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 09:33:54 -0400 Subject: [Infowarrior] - Sony lets slip its PlayStation 3 Master Key - oops! Message-ID: <5647C0A9-77BD-490F-9AC7-6A68E4CC8688@infowarrior.org> Sony lets slip its PlayStation 3 Master Key - oops! http://hexus.net/gaming/news/ps3/47177-sony-lets-slip-playstation-3-master-key-oops/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 08:43:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 09:43:20 -0400 Subject: [Infowarrior] - USG 20-petaflop supercomputer guns for world's fastest Message-ID: <9224A50C-43DB-47C0-BFCF-49DFD08CF5CA@infowarrior.org> U.S. gov. 20-petaflop supercomputer guns for world's fastest Summary: The U.S. government's newest supercomputer is gunning for the title of the world's fastest, which is expected to hit the 20-petaflop mark when it's 'booted up' later today. By Zack Whittaker for Between the Lines | October 29, 2012 -- 13:14 GMT (06:14 PDT) http://www.zdnet.com/u-s-gov-20-petaflop-supercomputer-guns-for-worlds-fastest-7000006519/ The U.S. Department for Energy's Oak Ridge National Laboratory is preparing to flip the switch on what could well be the world's most powerful supercomputer. Set to go live later today -- due to its land-locked location in Tennessee, the scheduled switch-on will likely be largely unaffected by Hurricane Sandy, currently battering ten bells out of the eastern seaboard -- the high-performance supercomputer is set to dwarf the speeds by the existing supercomputer, Sequoia, currently the world's fastest. Sequoia currently holds the world record as the world's fastest supercomputer, according to the Top500 supercomputer list, reaching a massive 16.32 petaflops. However, the upgraded model is expected to reach a massive 20 petaflops -- or 20 quadrillion calculations per second. Titan, developed by supercomputer specialist Cray Inc., is a significant upgrade from Jaguar, which uses the same number of nodes and cabinets as its predecessor but delivers around 10 percent the performance. Titan replaces Jaguar's 224,256 processors with just shy of 300,000 faster AMD-made 16-core processors, along with 18,688 Nvida-built graphical processing units (GPUs), giving the supercomputer a third more processors than the older model. Titan will also have more than 700 terabytes of memory to keep it ticking over. With more than 200 server cabinets, the 16-core CPUs will be not only faster but also more efficient, leading to faster results for complex mathematical equations. The power consumption is almost beyond belief. Jaguar required 7 megawatts of energy -- the equivalent of about 7,000 average homes -- costing the U.S. government lab $7 million in power costs alone last year. However, Titan's processors are around five times more energy efficient than Jaguar's. The 9 megawatts of power will add $10 million to the cost of running the supercomputer, but the costs would be considerably higher had the Oak Ridge Laboratory simply expanded the supercomputer. It's hoped that by 2016, the U.S. Department of Energy will upgrade Titan again, which could by then reach 200 petaflops -- or 10 times the speeds of Titan. The next release of the Top500 list is expected to be released in the coming weeks. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 11:07:49 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 12:07:49 -0400 Subject: [Infowarrior] - SEC Weighs Bringing Back Fractions in Stock Prices Message-ID: This also would likely kill the HFT algo community who makes its money by trading immense volumes in sub-penny decimal pricing....which I think would be a very, very good thing, but suspect it will be fought tooth-and-nail by the trading industry. ---rick Updated October 27, 2012, 6:15 p.m. ET SEC Weighs Bringing Back Fractions in Stock Prices By ANDREW ACKERMAN And TELIS DEMOS http://online.wsj.com/article/SB10001424052970204005004578080780495541260.html For some stock prices, the new math might look a lot like the old math: Regulators are thinking about bringing back the fraction. The move would at least partly undo an 11-year-old rule that replaced fractions of a dollar in stock prices, like 1/8 and 1/16, with pennies. The idea of that change was to trim investors' trading costs: One-cent increments can lead to narrower gaps between the prices at which brokers buy and sell shares?potentially reducing their opportunity to shave off profits. Those championing the fraction's return say it would spur securities firms to buy and sell more shares of some companies by making it more profitable for them to do so. Opponents say fractions would increase trading costs for investors with little or no benefit to companies. Discussions are still in the early stages and it is unclear what the Securities and Exchange Commission will ultimately decide. Furthermore, any change would affect only some smaller companies. "People are increasingly raising this idea with us directly," SEC Chairman Mary Schapiro said in an interview. "We will look at it, but there are obviously trade-offs." The idea will be discussed by the SEC's staff at a public meeting in coming weeks. That could lead to a pilot test to help the agency learn more about the idea, according to people familiar with the process. It isn't clear if the pilot program would apply to companies that fall below a certain market value or trading volume, or whether certain companies would be allowed to choose fractional pricing instead of pennies. 11 Years The length of time that the rule eliminating fractions for stock prices has been in place. Arthur Levitt, who oversaw the move to decimal pricing as head of the SEC from 1993 to 2001, said the switch to decimalization "transferred billions of dollars from the pockets of brokers into the pockets of investors." But he doesn't object to a pilot testing alternative stock-price increments. An SEC study this summer said the effect of decimalization on the cost of large transactions is "mixed." The move to decimalization was the culmination of an intense debate about the power of market-makers for stocks, such as the specialist traders who worked on the floor of the New York Stock Exchange. Regulators accused several firms of abusing their position to profit by improperly raising the cost of trading. The push to revert to wider "tick sizes," as traders call them, comes amid an argument over whether or not decimalization has made markets less welcoming for small companies looking to attract investors to their initial public offerings of stock. Some executives, banks and advisers say that banks do less to drum up investor interest in these shares because of lower profits. As evidence, people in this camp point to the decline in the number of U.S.-listed company IPOs raising less than $50 million. In the late 1990s there were typically more than 100 such IPOs a year, compared with fewer than 10 so far this year, according to Dealogic. If you move away from penny pricing, "investment banks will be able to make enough money trading?to write research and re-create the spark in the engine," said Jeffrey Solomon, chief executive of Cowen & Co., an investment bank focused on smaller companies that is part of Cowen Group Inc. Others disagree. "If your goal is to lure investors back into the market, raising their transaction costs doesn't seem like a particularly good way to do it," said Barbara Roper, director of investor protection at the Consumer Federation of America, a nonprofit consumer advocate. SEC officials are considering either proposing a rule themselves?or asking the exchanges where stocks are listed, such as those operated by NYSE Euronext, Nasdaq OMX Group Inc. and BATS Global Markets Inc., to propose a rule?for a pilot program to test fractional stock prices, said people familiar with the agency. Some SEC staffers believe the use of different tick sizes in some overseas markets shows that a one-size-fits-all approach isn't the only way to go, these people said. The pressure to change how stocks are priced is coming in part from Republican lawmakers, small-company executives, venture-capital firms and banks dealing with small companies, many of whom also backed passage this year of the federal Jumpstart Our Business Startups Act, or JOBS Act. The White House and legislators said that law would spur job creation by making it easier for small companies to raise capital. The JOBS Act required that the SEC study decimalization. The agency in July reported that there was wide academic agreement that "spreads," the prices at which investors want to buy and sell stocks, have narrowed since decimalization. But its report said research was inconclusive about the relationship between decimalization and bank-trading profits. Some on Wall Street share the view that there is no clear link between decimal pricing and bank trading profits. "We wouldn't look to tick size as a material solution to the bigger problems in the IPO market. That probably has more to do with macro effects than micro effects: a sour economy?and geopolitical uncertainty," said Jamie Selway, head of liquidity management at ITG Inc., an independent Wall Street brokerage firm that sells computerized trading algorithms and operates a "dark pool," where stocks can be traded at sub-penny prices. The SEC's review urged further study of tick sizes. But JOBS Act advocates have pressed for action on the matter. "We don't need more study," said Christine Jacobs, chief executive of small-cap company Theragenics Corp. and the co-chairman of the SEC's Advisory Committee on Small and Emerging Companies, which includes venture capitalists, securities lawyers, investment bankers and executives in technology companies. She said her group is preparing its own proposal to submit to the commission. "We need to find a way to apply the JOBS Act to companies that are already public." Corrections & Amplifications Jeffrey Solomon is chief executive of Cowen & Co. An earlier version of this article incorrectly said he was chief executive of the investment bank's parent, Cowen Group Inc. Write to Andrew Ackerman at andrew.ackerman at dowjones.com and Telis Demos at telis.demos at wsj.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 13:04:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 14:04:40 -0400 Subject: [Infowarrior] - U.S. Markets to Be Closed on Tuesday Message-ID: <57DAF6BA-0943-4E61-927D-0A7CBB205D06@infowarrior.org> Investment Banking October 29, 2012, 1:37 pmComment U.S. Markets to Be Closed on Tuesday By MICHAEL J. DE LA MERCED Michael Appleton for The New York Times http://dealbook.nytimes.com/2012/10/29/u-s-markets-to-be-closed-on-tuesday/ Stock markets in the United States will be closed again on Tuesday for a second day without trading as Hurricane Sandy roared closer to the New York area. The New York Stock Exchange and BATS Global Markets said in separate statements that they have agreed to close, after consulting with other exchanges and clients. The N.Y.S.E. added that it planned to operate on Wednesday, pending developments in weather conditions. The decision came as little surprise, with market operators already hinting that they would stay closed as the storm?s impact intensified. And the Securities Industry and Financial Market Association, an industry trade group, recommended that United States bond markets stay closed on Tuesday as well. A continued stoppage in trading is expected to have some costs for exchanges like the N.Y.S.E. and the Nasdaq stock market. Richard Repetto, an analyst at Sandler O?Neill & Partners, estimated that stock and option exchanges would lose about $1 million in transaction fees for every day that they are closed. That loss of revenue would likely have little impact on those companies? earnings, he added, though Mr. Repetto added that he did not factor in lost revenue from exchanges? other businesses. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 14:37:21 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 15:37:21 -0400 Subject: [Infowarrior] - Killing the Computer to Save It Message-ID: October 29, 2012 Killing the Computer to Save It By JOHN MARKOFF http://www.nytimes.com/2012/10/30/science/rethinking-the-computer-at-80.html?hpw&_r=0&pagewanted=print MENLO PARK, Calif. ? Many people cite Albert Einstein?s aphorism ?Everything should be made as simple as possible, but no simpler.? Only a handful, however, have had the opportunity to discuss the concept with the physicist over breakfast. One of those is Peter G. Neumann, now an 80-year-old computer scientist at SRI International, a pioneering engineering research laboratory here. As an applied-mathematics student at Harvard, Dr. Neumann had a two-hour breakfast with Einstein on Nov. 8, 1952. What the young math student took away was a deeply held philosophy of design that has remained with him for six decades and has been his governing principle of computing and computer security. For many of those years, Dr. Neumann (pronounced NOY-man) has remained a voice in the wilderness, tirelessly pointing out that the computer industry has a penchant for repeating the mistakes of the past. He has long been one of the nation?s leading specialists in computer security, and early on he predicted that the security flaws that have accompanied the pell-mell explosion of the computer and Internet industries would have disastrous consequences. ?His biggest contribution is to stress the ?systems? nature of the security and reliability problems,? said Steven M. Bellovin, chief technology officer of the Federal Trade Commission. ?That is, trouble occurs not because of one failure, but because of the way many different pieces interact.? Dr. Bellovin said that it was Dr. Neumann who originally gave him the insight that ?complex systems break in complex ways? ? that the increasing complexity of modern hardware and software has made it virtually impossible to identify the flaws and vulnerabilities in computer systems and ensure that they are secure and trustworthy. The consequence has come to pass in the form of an epidemic of computer malware and rising concerns about cyberwarfare as a threat to global security, voiced alarmingly this month by the defense secretary, Leon E. Panetta, who warned of a possible ?cyber-Pearl Harbor? attack on the United States. It is remarkable, then, that years after most of his contemporaries have retired, Dr. Neumann is still at it and has seized the opportunity to start over and redesign computers and software from a ?clean slate.? He is leading a team of researchers in an effort to completely rethink how to make computers and networks secure, in a five-year project financed by the Pentagon?s Defense Advanced Research Projects Agency, or Darpa, with Robert N. Watson, a computer security researcher at Cambridge University?s Computer Laboratory. ?I?ve been tilting at the same windmills for basically 40 years,? said Dr. Neumann recently during a lunchtime interview at a Chinese restaurant near his art-filled home in Palo Alto, Calif. ?And I get the impression that most of the folks who are responsible don?t want to hear about complexity. They are interested in quick and dirty solutions.? An Early Voice for Security Dr. Neumann, who left Bell Labs and moved to California as a single father with three young children in 1970, has occupied the same office at SRI for four decades. Until the building was recently modified to make it earthquake-resistant, the office had attained notoriety for the towering stacks of computer science literature that filled every cranny. Legend has it that colleagues who visited the office after the 1989 earthquake were stunned to discover that while other offices were in disarray from the 7.1-magnitude quake, nothing in Dr. Neumann?s office appeared to have been disturbed. A trim and agile man, with piercing eyes and a salt-and-pepper beard, Dr. Neumann has practiced tai chi for decades. But his passion, besides computer security, is music. He plays a variety of instruments, including bassoon, French horn, trombone and piano, and is active in a variety of musical groups. At computer security conferences it has become a tradition for Dr. Neumann to lead his colleagues in song, playing tunes from Gilbert and Sullivan and Tom Lehrer. Until recently, security was a backwater in the world of computing. Today it is a multibillion-dollar industry, though one of dubious competence, and safeguarding the nation?s computerized critical infrastructure has taken on added urgency. President Obama cited it in the third debate of the presidential campaign, focusing on foreign policy, as something ?we need to be thinking about? as part of the nation?s military strategy. Dr. Neumann reasons that the only workable and complete solution to the computer security crisis is to study the past half century?s research, cherry-pick the best ideas and then build something new from the bottom up. Richard A. Clarke, the nation?s former counterterrorism czar and an author of ?Cyber War: The Next Threat to National Security and What to Do About It? (Ecco/HarperCollins, 2010), agrees that Dr. Neumann?s Clean Slate effort, as it is called, is essential. ?Fundamentally all of the stuff we?re doing to secure networks today is putting bandages on and putting our fingers in the dike, and the dike springs a leak somewhere else,? Mr. Clarke said. ?We have not fundamentally redesigned our networks for 45 years,? he said. ?Sure, it would cost an enormous amount to rearchitect, but let?s start it and see if it works better and let the marketplace decide.? Dr. Neumann is one of the most qualified people to lead such an effort to rethink security. He has been there for the entire trajectory of modern computing ? even before its earliest days. He took his first computing job in the summer of 1953, when he was hired to work as a programmer employing an I.B.M. card-punched calculator. Today the SRI-Cambridge collaboration is one of several dozen research projects financed by Darpa?s Information Innovation Office as part of a ?cyber resilience? effort started in 2010. Run by Dr. Howard Shrobe, an M.I.T. computer scientist who is now a Darpa program manager, the effort began with a premise: If the computer industry got a do-over, what should it do differently? The program includes two separate but related efforts: Crash, for Clean-Slate Design of Resilient Adaptive Secure Hosts; and MRC, for Mission-Oriented Resilient Clouds. The idea is to reconsider computing entirely, from the silicon wafers on which circuits are etched to the application programs run by users, as well as services that are placing more private and personal data in remote data centers. Clean Slate is financing research to explore how to design computer systems that are less vulnerable to computer intruders and recover more readily once security is breached. Dr. Shrobe argues that because the industry is now in a fundamental transition from desktop to mobile systems, it is a good time to completely rethink computing. But among the biggest challenges is the monoculture of the computer ?ecosystem? of desktop, servers and networks, he said. ?Nature abhors monocultures, and that?s exactly what we have in the computer world today,? said Dr. Shrobe. ?Eighty percent are running the same operating system.? Lessons From Biology To combat uniformity in software, designers are now pursuing a variety of approaches that make computer system resources moving targets. Already some computer operating systems scramble internal addresses much the way a magician might perform the trick of hiding a pea in a shell. The Clean Slate project is taking that idea further, essentially creating software that constantly shape-shifts to elude would-be attackers. That the Internet enables almost any computer in the world to connect directly to any other makes it possible for an attacker who identifies a single vulnerability to almost instantly compromise a vast number of systems. But borrowing from another science, Dr. Neumann notes that biological systems have multiple immune systems ? not only are there initial barriers, but a second system consisting of sentinels like T cells has the ability to detect and eliminate intruders and then remember them to provide protection in the future. In contrast, today?s computer and network systems were largely designed with security as an afterthought, if at all. One design approach that Dr. Neumann?s research team is pursuing is known as a tagged architecture. In effect, each piece of data in the experimental system must carry ?credentials? ? an encryption code that ensures that it is one that the system trusts. If the data or program?s papers are not in order, the computer won?t process them. A related approach is called a capability architecture, which requires every software object in the system to carry special information that describes its access rights on the computer, which is checked by a special part of the processor. For Dr. Neumann, one of the most frustrating parts of the process is seeing problems that were solved technically as long ago as four decades still plague the computer world. A classic example is ?buffer overflow? vulnerability, a design flaw that permits an attacker to send a file with a long string of characters that will overrun an area of a computer?s memory, causing the program to fail and make it possible for the intruder to execute a malicious program. Almost 25 years ago, Robert Tappan Morris, then a graduate student at Cornell University, used the technique to make his worm program spread throughout an Internet that was then composed of about only 50,000 computers. Dr. Neumann had attended Harvard with Robert Morris, Robert Tappan Morris?s father, and then worked with him at Bell Laboratories in the 1960s and 1970s, where the elder Mr. Morris was one of the inventors of the Unix operating system. Dr. Neumann, a close family friend, was prepared to testify at the trial of the young programmer, who carried out his hacking stunt with no real malicious intent. He was convicted and fined, and is now a professor at M.I.T. At the time that the Morris Worm had run amok on the Internet, the buffer overflow flaw had already been known about and controlled in the Multics operating system research project, which Dr. Neumann helped lead from 1965 to 1969. An early Pentagon-financed design effort, Multics was the first systematic attempt to grapple with how to secure computer resources that are shared by many users. Yet many of the Multics innovations were ignored at the time because I.B.M. mainframes were quickly coming to dominate the industry. Hope and Worry The experience left Dr. Neumann ? who had coined the term ?Unics? to describe a programming effort by Ken Thompson that would lead to the modern Unix operating system ? simultaneously pessimistic and optimistic about the industry?s future. ?I?m fundamentally an optimist with regard to what we can do with research,? he said. ?I?m fundamentally a pessimist with respect to what corporations who are fundamentally beholden to their stockholders do, because they?re always working on short-term appearance.? That dichotomy can be seen in the Association of Computing Machinery Risks Forum newsgroup, a collection of e-mails reporting computer failures and foibles that Dr. Neumann has edited since 1985. With hundreds of thousands, and possibly millions, of followers, it is one of the most widely read mailing lists on the Internet ? an evolving compendium of computer failures, flaws and privacy issues that he has maintained and annotated with wry comments and the occasional pun. In 1995 the list became the basis for his book ?Computer-Related Risks? (Addison-Wesley/ACM Press). While the Risks list is a reflection of Dr. Neumann?s personality, it also displays his longtime interest in electronic privacy. He is deeply involved in the technology issues surrounding electronic voting ? he likes to quote Stalin on the risks:, ?It?s not who votes that counts, it?s who counts the votes? ? and has testified, served on panels and written widely on the subject. Dr. Neumann grew up in New York City, in Greenwich Village, but his family moved to Rye, N.Y., where he attended high school. J. B. Neumann, Dr. Neumann?s father, was a noted art dealer, first in Germany and then in New York, where he opened the New Art Circle gallery after moving to the United States in 1923. Dr. Neumann recalls his father?s tale of eating in a restaurant in Munich, where he had a gallery, and finding that he was seated next to Hitler and some of his Nazi associates. He left the country for the United States soon afterward. His mother, Elsa Schmid Neumann, was an artist. His two-hour breakfast with Einstein took place because she had been commissioned to create a colorful mosaic of Einstein and had become friendly with him. The mosaic is now displayed in a reference reading room in the main library at Boston University. Dr. Neumann?s college conversation was the start of a lifelong romance with both the beauty and the perils of complexity, something that Einstein hinted at during their breakfast. ?What do you think of Johannes Brahms?? Dr. Neumann asked the physicist. ?I have never understood Brahms,? Einstein replied. ?I believe Brahms was burning the midnight oil trying to be complicated.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Oct 29 15:40:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2012 16:40:10 -0400 Subject: [Infowarrior] - FBI Says They're Now Working 24/7 To Investigate Hackers and Network Attacks Message-ID: <7B86747B-9292-4CC0-8F31-FD269FFEDB01@infowarrior.org> As of today, the FBI is working 24/7 to investigate hackers and network attacks 26th October 2012 by Emil Protalinski http://thenextweb.com/us/2012/10/26/as-of-today-the-fbi-is-working-247-to-investigate-hackers-and-network-attacks/ The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7. You?re not the only one who was under the impression that the FBI was already doing this. Yet only today, the agency announced that it has been working on this new initiative for the past year. Its goal is to ?uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers? digital signatures from mountains of malicious code.? The FBI is forming relationships with the technical leads at financial, business, transportation, and other critical infrastructures, plus it has hired specialists to work at its Cyber Division?s Cyber Watch command. Starting today, investigators in the field can send their findings to the centre, which will be operating 24/7, looking for patterns or similarities in reported cases. The division?s main focus is now cyber intrusions, working closely with the Bureau?s Counterterrorism and Counterintelligence divisions. More importantly, the FBI-led ?National Cyber Investigative Joint Task Force? (NCIJTF), as it?s being called, will share information with partner intelligence and law enforcement agencies, including the Departments of Defense, Homeland Security, and the National Security Agency. Special Agent Richard McFeely, executive assistant director of the Bureau?s Criminal, Cyber, Response, and Services Branch, explains the NCIJTF is interested in ?the attribution piece? of a cyber attack. Once they have that data, they can determine an appropriate response: "The attribution piece is: who is conducting the attack or the exploitation and what is their motive. In order to get to that, we?ve got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions. We are obviously concerned with terrorists using the Internet to conduct these types of attacks. As the lead domestic intelligence agency within the United States, it?s our job to make sure that businesses? and the nation?s secrets don?t fall into the hands of adversaries." Ah, so it was the terrorist angle that did it. I guess that?s what it takes for the FBI to work 24/7 to and take hackers seriously. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 30 15:30:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2012 16:30:42 -0400 Subject: [Infowarrior] - Disney buys Lucasfilm Message-ID: <0b4c402a-90de-45d2-9fec-4430a2ed7928@email.android.com> As if #sandy wasn't enough we hear that Disney buying Lucasfilm for 4 billion. Saddened, I am. They're doing a new movie too .. knowing Disney it probably will be The Little Ewok or Mickey Moves to the Death Star..though the latter might be viewed as autobiographical after today's news. -- Sent from or dictated to my mobile. Please excuse any odd brevity, spelling, or grammar errors. From rforno at infowarrior.org Tue Oct 30 20:08:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2012 21:08:31 -0400 Subject: [Infowarrior] - Massive Flooding Damages Several NYC Data Centers Message-ID: (Just getting fully back online now. --rick) Massive Flooding Damages Several NYC Data Centers By: Rich Miller October 30th, 2012 http://www.datacenterknowledge.com/archives/2012/10/30/major-flooding-nyc-data-centers/ Flooding from Hurricane Sandy has hobbled two data center buildings in Lower Manhattan, taking out diesel fuel pumps used to refuel generators.A third building at 121 Varick is also reported to be without power. There were also reports of outages for some tenants at a major data hub at 111 8th Avenue, and many other New York area facilities were running on generator power amid widespread utility outages. Both Internap and Peer 1 are struggling to continue operations at 75 Broad Street after basement-level flooding disabled critical diesel fuel pumps, leaving the providers no way to refuel generators on mezzanine floors. Customers of Datagram were knocked offline Monday evening as water flooded the basement of its building at 33 Whitehall, knocking out high-traffic sites including Gawker, Gizmodo, Buzzfeed and Mediate. Both 75 Broad and 33 Whitehall were located in the ?Zone A? flood zone, which was inundated by a storm surge of more than 13 feet as Sandy?s landfall in New Jersey coincided with high tide in lower Manhattan. Meanwhile, Atlantic Metro reports that several of its data centers are offline, including its facility at 121 Varick, which has ?significant flooding? in its generator room. There were also multiple reports of downtime for some tenants at 111 8th Avenue, a major communications hub which is owned by Google. Some reports attributed the outages to network problems, while others said that an electrical panel had failed while parts of the building were switching to generator power. Meanwhile, several data centers in northern New Jersey were reported to be running on generator power, as PSE&G and other utilities suffered widespread outages. Datagram Datagram hosts a number of high-profile blogs, including the Gawker network, which remains offline Tuesday morning. ?Gawker sites down after power cut off at Datagram, our data center down on Whitehall St,? tweeted Gawker publisher Nick Denton. ?Backup power didn?t kick in fast enough.? In fact, the problems at 33 Whitehall went beyond the speed of its power response. Other tenants reported that the basement had been flooded, knocking out diesel fuel pumps that support generators. Buzzfeed said it was able to work with content delivery provider Akamai to restore a static version of its web site. It posted a short story about the problems experienced by Datagram, including a text sent to Buzzfeed from a Datagram official. ?Basement flooded, fuel pump off line ? we got people working on it now. 5 feet of water now,? the official wrote. It wasn?t clear when Datagram would be able to restore service. 75 Broad Diesel pumps were also the focus of problems at 75 Broad, where basement levels experienced major flooding that forced Internap and Peer 1 to shut down their operations at the facility. ?Around 9 PM the storm surge, combined with high tide, caused flooding to many portions of lower Manhattan, including in and around our data center at 75 Broad,? Internap said in a blog post. ?At the peak there was three feet of flood water in the lobby at the site, causing both basement floors to be inaccessible. As a result of the flooding, both our redundant fuel pumps and our generator fuel tank were compromised and shut down. The system continued to run until all fuel within the secondary feeder tanks were exhausted and our facility lost power.? The Internap facility lost power at about 11:45 a.m. this morning. ?We are working as quickly as possible to implement a workaround for the fuel system that will allow us to bring the generator farm back into operation,? Internap said. ?It is unclear how long it will take ConEd to restore utility power to the site, but we are preparing for the possibility of remaining on generator power for many days.? UPDATE: ?We have coordinated fuel deliveries and pumps, as well as engineers to fabricate pipe to bring the fuel directly to the generators on the mezzanine level,? Internap reported this afternoon. ?There is currently no ETA available for the completion of these activities, but we are working through all options to bring the UPS infrastructure back online as soon as possible. We will continue to work toward resolution and provide status updates with any new information.? After attempting to arrange temporary diesel fuel storage and pumps, Peer 1 Hosting said early Monday that it will ?implement a controlled shutdown of NY Data Center at 10:45 ET.? But as of 12:30 p.m., the site was still online, and the company said it was awaiting a diesel delivery. ?A fuel delivery is en route to the facility but due to the various street closures and general road conditions caused by Hurricane Sandy, (and) the expected ETA of the fuel truck is approximately 1 hour, Peer 1 said on its support forum. ?If the fuel delivery is not able to be made before 2:00PM EST, PEER 1 will need to initiate a suspension of all services at our affected facility beginning approximately at 2:15PM EST.? Peer 1 has not provided any updates since the 2:15 deadline. Atlantic Metro / 121 Varick On Tuesday morning Atlantic Metro reported that it was experiencing ?widespread network and facility power outages due to Sandy and its flooding.? The company was experiencing significant problems at multiple data centers: LGA1 (325 Hudson Street) ? ?We are working with local building crew to clear the area of the fuel pumps needed for Diesel generator power. Replacement fuel pump estimated to be received (by 9:30 p.m. Tuesday). Work will commence to restore service at that time.? Atlantic Metro says repairs at LGA1 will address a connectivity problem at LGA6. LGA4 (121 Varick Street) ? ? There is significant flooding in the generator room of this IDC. We are working with FDNY to safely investigate the area. (The) site is suffering from a damaged ATS. Crews will be called in first thing tomorrow morning to begin repair efforts.? 111 8th Avenue There were multiple reports on Twitter of outages for some tenants at 111 8th Avenue, one of Manhattan?s largest buildings and a key hub for Internet traffic. Companies affected included Equinix, Voxel/Internap and XO Communications. ?NY9 experienced a failed generator that impacted service to several customers,? Equinix said on it blog, referring to its facility at 111 8th Avenue. ?We made repairs and service was returned this morning. The site remains on generator power.? 111 Eighth Avenue is among the world?s most wired buildings. It was originally built as the Port Authority Commerce Building in 1932, and was redeveloped for telecom use by Taconic in the late 90s. 25 Broadway (Telehouse) Telehouse reported that its facility at 25 Broadway in lower Manhattan has remained online throughout Sandy and its aftermath, as have its data center in Chelsea and at the Staten Island Teleport. The colocation provider said it switched to generator power proactively ahead of Con Edison?s utility power shutdown. ?Since that time, these facilities have remained operational without any critical system (power, cooling) outages,? Telehouse reported. ? These facilities will remain fully staffed and off-grid (independent power generation mode), with periodic refueling until utility power is restored and stable. ?During this period, both Manhattan sites (25 Broadway, Chelsea) were operationally unaffected by local flooding,? the company added. ?Building engineers and equipment, at both Manhattan facilities, are engaged in mitigating this threat. The Teleport facility, on Staten Island, had no flood threat during this time.? 32 Avenue of the Americas (CoreSite) CoreSite reported that its data centers all remained online throughout Sandy, although its data center at 32 Avenue of the Americas in New York switched over to generator power Monday evening. ?That transition occurred smoothly according to established procedures,? CoreSite said in a statment. ?CoreSite is checking regularly with Con Edison as to when normal power is expected to be restored, but remains confident in its ability to continue running on its emergency generators as long as necessary given that fuel deliveries have been secured and remain on schedule.? ?Our thoughts go out to the people and communities affected by the devastation of this storm,? said CoreSite President and CEO Tom Ray. ?Amidst this much bigger picture, we are striving to ensure our customers have timely and accurate information as to the current state of site operations and understand how to reach us.? Telx Colocation and interconnection specialist Telx is the largest service provider at 60 Hudson Street, one of the the leading carrier hotels in Manhattan. Telx says 60 Hudson lost power Monday at 7:15 p.m. but is operating on generator power, and has enough fuel to operate through Wednesday. Telx also has facilities at 111 8th Avenue and says it is operating fine on generator power. We will continue to update as we get more news. You can email us at news at datacenterknowledge.com with news and tips. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 30 20:14:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2012 21:14:50 -0400 Subject: [Infowarrior] - Heckuva Job Brownie Criticizing Obama for Preparing Too Quickly Message-ID: Never let an opportunity to score cheap (if not idiotic) political points go un-used by a hypocrite. -rick Heckuva Job Brownie Criticizing Obama for Preparing Too Quickly http://www.cynical-c.com/2012/10/30/heckuva-job-brownie-criticizing-obama-for-preparing-too-quickly/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Oct 30 21:37:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2012 22:37:54 -0400 Subject: [Infowarrior] - EFI firmware protection locks down newer Macs Message-ID: <7BF88924-EF04-45BD-BA6F-9E2D75D194DA@infowarrior.org> EFI firmware protection locks down newer Macs Apple's firmware password security is greatly enhanced in recent Mac models, making it a rather robust security feature. http://reviews.cnet.com/8301-13727_7-57542601-263/efi-firmware-protection-locks-down-newer-macs by Topher Kessler October 30, 2012 5:28 PM PDT With Apple's firmware password feature on Mac systems you can lock down the options to select an alternative startup disk, boot to Safe or Single User modes, reset the PRAM, and otherwise start the system in ways that can bypass the security features of OS X. However, as a security measure the firmware password has been met with some criticism because it could easily be bypassed by someone who has physical access to the system. In earlier Intel-based Macs the firmware password was stored in the PRAM of the system, and was simply read by the system's EFI firmware before other PRAM variables in order to maintain the lock on the system; however, this setup had drawbacks that allowed the firmware to be reset or even revealed. The firmware password on any Mac can be set using the Firmware Password utility that is available on the OS X installation volume. (Credit: Screenshot by Topher Kessler/CNET) Altering the system's hardware configuration, such as by removing or adding RAM modules, would clear the security password and permit booting to alternative modes. Not only did this basic way of bypassing the password exist, but the password was also not stored very securely. While administrative rights are required to uncover it, with these rights one can use included utilities in OS X to reveal the password in the PRAM, which is masked only by a simple obfuscation routine. These fallbacks made the Mac's firmware password almost laughable as a security measure, but this has changed with newer Mac systems. Starting in 2011, users began finding they could no longer reset their firmware passwords simply by modifying the hardware configuration. The systems would maintain the lock and prevent the use of alternate boot modes, leaving no choice for those who had set the password and then forgotten it but to bring their systems in to Apple for servicing. In these newer systems, instead of using the PRAM to store the EFI firmware password, Apple has resorted to using a separate programmable controller from Atmel (PDF) that contains lockable flash memory used to store the password. This tiny chip is tucked away on the motherboard and includes include a security feature that stores the password in ways that require special programming with identifier numbers for both your motherboard and the Atmel chip to access and erase, which must done using special routines during the boot process. As it's not dependent on other system components to maintain this lock, this new chip therefore cannot be unlocked simply by a hardware change. The password is also not available in the PRAM, so it cannot be revealed to users, regardless of their administrative status. To reset the firmware password on newer Macs, you must now follow these steps: ? Boot with Option key held to display the boot menu's firmware password prompt. ? Press Control-Option-Command-Shift-S to reveal a 33-digit hash (mixed letters and numbers) that contains an identifier for your specific motherboard and the Atmel chip used for your system. In this hash, the first 17 digits are an identifier for the system's motherboard, and the last 16 digits are a hash for the password. ? Submit the hash to Apple, where someone will put it through a special utility to create a keyfile that is specific for your machine. ? Place the file on a special USB boot drive and hold Option to load the boot menu and select this drive. ? The system will read the file and properly reset the firmware password stored in the Atmel chip. This process may seem easy enough, except that the utility for creating the keyfile is kept at Apple so you have to go through an authorized service center, which will contact technicians at Apple for this service. Secondly, the Apple technicians will not give you the keyfile for unlocking your system, so you must get your system serviced to perform this step. Even if you were able to get the keyfile, it cannot be used on any other Mac system. The Atmel chip's serial number and motherboard identifier are factory-programmed, resulting in a pairing that is unique for your system. This is why the hash numbers for your system must be programmed into the keyfile, making it machine-specific. Even so, there is one way to bypass the Atmel chip, which is to manually remove it and solder a new, unlocked chip to your motherboard; however, without precise reflow soldering tools and techniques, this would likely result in an unmitigated disaster that not only would void your warranty, but would very likely break your machine. Coupled with Apple's FileVault full-disk encryption to protect data should the hard drive be removed, the firmware password in Apple's latest systems provides a very effective hardware security lock. Setting it up involves the same steps as for all of Apple's hardware, but these advances make it so that to change or remove it you need to either use the same firmware password utility and remember the previous password, or have it serviced. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 07:13:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 08:13:12 -0400 Subject: [Infowarrior] - =?windows-1252?q?=93Six_Strikes=94_Evidence_Re-re?= =?windows-1252?q?viewed_to_Fix_RIAA_Lobbying_Controversy?= Message-ID: ?Six Strikes? Evidence Re-reviewed to Fix RIAA Lobbying Controversy ? Ernesto ? October 31, 2012 http://torrentfreak.com/six-strikes-evidence-re-reviewed-to-fix-riaa-lobbying-controversy-121031/ The evidence review for the controversial ?six strikes? anti-piracy warning scheme will be reexamined, it has now been confirmed. Last week the news broke that the?impartial and independent? technology expert that was initially hired had previously lobbied on behalf of the RIAA. With a second review by an independent company the Center for Copyright Information hopes to restore the public?s faith in the BitTorrent monitoring scheme. Starting next month the file-sharing habits of millions of BitTorrent users in the United States will be monitored as part of an agreement between the MPAA, RIAA, and five major ISPs. The parties launched the Center for Copyright Information (CCI) last year which will be responsible for the implementation of the plan. To guarantee the accuracy of the evidence behind the copyright infringement accusations the parties agreed to hire an impartial and independent technology expert. However, their commitment to this promise was questioned last week when the expert turned out to be Stroz Friedberg, a former RIAA lobbying group. The CCI is clearly well aware of the sensitivities generated by this particularly unfortunate pick. ?Recent reports that a former employee of Stroz Friedberg lobbied several years ago on behalf of RIAA on matters unrelated to CCI have raised questions about the impartiality of Stroz Friedberg,? CCI?s Executive Director Jill Lesser now states. The CCI is convinced that despite this history Stroz Friedberg is capable of delivering an independent review. However, to reassure the public that it was carried out properly, CCI will hire a new expert to go over the evidence review. ?We are sensitive to any appearance that Stroz lacks independence, and so CCI has decided to have another expert review Stroz?s initial evaluation of the content community?s processes. We will be selecting the additional expert promptly and will make that information available,? Lesser says. Realizing that openness is in the best interest of all parties involved, CCI has also decided to make Stroz Friedberg?s initial review public. ?In addition, we believe that the report Stroz Friedberg has provided to us speaks for itself. Therefore, we will be releasing that report this week to enable interested parties to review it for themselves,? Lesser states. The CCI is to be applauded for gradually improving its transparency. Thus far the group has been very reluctant to share information, fueling many conspiracy theories. A lack of transparency is also at the origin of the current controversy as TorrentFreak learned that other than the RIAA, none of the CCI partners were aware of the link between Stroz Friedberg and the RIAA. It?s not unthinkable that CCI would have picked another company to start with if the RIAA had disclosed this relationship. However, with their decision to hire a new expert along with a promise to make the original review public, CCI will hope to quieten most critics. It will be interesting to see how Stroz Friedberg evaluated MarkMonitor?s BitTorrent snooping system. CCI previously concluded that MarkMonitor deserved a green light, but the review is still bound to provide a unique insight into the accuracy of the company?s IP-harvesting techniques. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 07:45:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 08:45:12 -0400 Subject: [Infowarrior] - Only Global Banks Will Benefit From A Cyber-Attack On The U.S. Message-ID: <893B280F-65BF-46DB-8E08-433032C8C0F1@infowarrior.org> Guest Post: Only Global Banks Will Benefit From A Cyber-Attack On The U.S. Submitted from Brandon Smith of Alt-Market Only Global Banks Will Benefit From A Cyber-Attack On The U.S. http://www.zerohedge.com/news/2012-10-31/guest-post-only-global-banks-will-benefit-cyber-attack-us When it comes to national crises and man-made disasters, America as a society has a tendency towards selective blindness. If we were to truly think critically instead of reactively with hyperemotional conclusions, we might ask ourselves a few important questions. In the wake of 9/11, we did not investigate the actual crime for ourselves. Instead, the investigation was done for us, and within hours of the attacks a convenient group of villains was presented to us on a silver platter complete with trimmings as well as a few target countries we did not particularly like ready to bomb into oblivion. After 9/11, we did not think; we set out to slay monsters. Whether they were real or imagined made little difference? If we had any sense back then, the populace would have asked themselves WHO truly benefited from the event? Who really gained, and who really lost? Did a bunch of cave dwelling Muslim fanatics ?gain? from 9/11? What did they gain? Where was the incentive? In any guerilla resistance or insurgency, the primary objective is to win the support of a particular populace. To win hearts and minds. Post 9/11, the world was ready to embrace the U.S. in a way that had not been seen in decades. The ?terrorist? plan to undermine the collective American character had apparently backfired. The supposed goal of Al-Qaeda to rally the world behind its cause against U.S. imperialism had turned to poison. The attacks then opened the political doorway for even more U.S. military dominion in the Middle East, and policies of preemption continue more than a decade later as politician after politician rides the tired pony of ?national security? to complete exhaustion, playing the terrorism card as an excuse for every violent action and every disruption of civil liberties, while the establishment rams through every piece of unconstitutional legislation they have had on the backburner for years. Again, the question remains: who really benefited from the event? Now, some might claim that terrorists are generally disposed to insanity or religious zealotry, and don?t necessarily need to think in terms of cost/benefit when planning to kill people. This assertion, however, is a mere feat of mental gymnastics designed to allow us to tapdance around the more complex issues. Many of us would like to assume that the story of a sinister super-secret Al-Qaeda clan of death exists, and in order to do so we also have to believe that they are smart enough to embed themselves into every fabric of Western culture as our government constantly forewarns. But, if they truly are that ingenious, wouldn?t we also have to consider the possibility that the terrorists are smart enough to take actions which serve THEIR interests, instead of only serving the interests of the people they are supposed to despise, like the U.S. and European power elite? Al-Qaeda?s (or whoever they are) presence in Syria and the admitted (or loosely admitted) support they now receive from the U.S. in the form of monetary aid and weapons shipments is a perfect example of this dynamic. Why would we reinforce a terrorist organization which our government has accused of killing thousands on 9/11? Why would they help us destabilize Syria? Why is it that everything Al-Qaeda does ultimately enriches the men they call their enemies? Regardless of whether or not you believe such subversive events are the product of terrorist activities, it is impossible to deny that the establishment (globalists and their respective business entities) always seem to come out far ahead in the aftermath of every calamity. We lose, the Muslim nations lose, and the global banks win, every time. This is not debatable. It is simply today?s reality? Knowing this dynamic exists, I have to apply a bit of skepticism when I read press releases from the Department of Defense and the White House asserting that a 2nd World country like Iran is possibly at the forefront of cyber warfare against the U.S.: http://www.cnn.com/2012/10/15/world/iran-cyber/index.html I have to double my skepticism when Fox News reports that Iran is planning cyber-strikes from Mexico (playing into the DHS talking point of joint Mexican/Al-Qaeda operations. Why the hell would Iran need to cyber attack from Mexico? Why not the South Pole, or the Hamptons??). Not to mention, their expert guest on the matter is none other than Democratic Senator Joseph Lieberman, one of the primary soulless political figures behind such freedom roasting bills as the Enemy Belligerents Act (whose language was ultimately melded into the indefinite detention provisions of NDAA 2012), and the Cybersecurity Act of 2012, which is essentially CISPA on steroids: http://video.foxnews.com/v/1329797936001/report-iran-plotting-cyber-attacks-against-us-from-mexico/ Neither the DoD, nor the White House, nor Lieberman, nor the mainstream media have ever offered any tangible evidence that Iran has anything to do with the alleged cyber attacks on major U.S. banks, the private Federal Reserve, or any American infrastructure of any kind. Yes, in case you haven?t noticed, it sounds like Iraq all over again; lots of ?experts? telling us what to think, and no evidence to back their claims. So, without the benefit of any evidence from our fearless leaders in Washington D.C., we are left only with logic. What would Iran?s goal be in executing a cyber attack against the U.S financial system, and what would they gain? Even if the Middle Eastern nation has the capability to carry out such a techno-barrage, wouldn?t Iran be the first country that the U.S. would blame for the event regardless of evidence? Why would Iran hand over the perfect pretext for a hard physical strike by Western powers? Again, are we supposed to believe that the Iranian government is brilliant enough to pull off a coded 9/11, but too ignorant to realize they will be immediately targeted afterwards? Now, there have been some cyber attacks in recent years which DO have strong suspects with ample evidence to support their guilt. Namely, the Stuxnet virus attacks which were directed specifically at Iran and its nuclear energy program, all perpetrated by the U.S. and Israel. I have seen cold hard facts showing that the U.S. and Israeli governments have a penchant for computer terrorism, and I have seen no facts that sully Iran. Iran gains little or nothing from cyber warfare, but there is one group of interests that gain much... I submit that in the event of a cyber attack on the U.S., the spoils of such a victory will fall into the laps of the very global bankers that are being portrayed as victims, and I also submit that said attacks will open a door to government controls that certain elites have been clamoring for over decades. Here?s what they would get, and what you would lose? 1) A Cyber Attack Would Divert Economic Blame Away From Banks And Government The Federal Reserve created the powder keg atmosphere within our financial system that we experience today using artificially low interest rates which allowed fiat money to be fed into sure-loss housing loans and toxic debt derivatives. The credit crisis and housing collapse NEVER could have occurred without the direct aid of central bankers. International lenders like JP Morgan and Goldman Sachs knowingly issued these toxic derivatives into the system while betting against them on the open market in an outright act of fiscal sabotage on numerous countries from Greece to the United States. Ratings agencies ignored the blatant dangers inherent in the derivatives market and gave toxic securities coveted AAA status. The SEC, which is supposed to stand guard against this brand of corruption, instead looked the other way, rarely if ever investigating whistleblower complaints against the ?Too Big Too Fails?. When the American economy collapses (and it will) under the intense weight of this criminality on every level of the market process, the public will come after the banks and those politicians who helped them - unless a scapegoat is offered as a distraction. A ?cyber attack? on our banking system would give perfect cover for the banksters, allowing them to blame the collapse (which was going to happen anyway) on Iranian ?terrorists?. With their new victim status, international banks can then step in as the wounded but valiant ?saviors? of the global financial system, centralizing even more power into fewer hands, issuing their new world reserve currency (the SDR) in the wake of a disintegrating dollar, focusing regulatory control within the IMF, all while the foolish populace chases after Muslim boogeymen. 2) A Cyber Attack Gives Pretext For War The argument for preemption against Iran over a nuclear weapons program that has never been proven to exist is simply ineffective and childish. Globalists are beginning to realize that they have overplayed the ?expert? card, and dropping a guy in a suit in front of a camera to tell Americans who to bomb is not quite working out like it did a decade ago. Why not? Because ten years ago Americans were still reeling from 9/11. Globalist think tanks like the Washington Institute For Near East Policy now openly call for new attacks to be fabricated (false flag attacks) in order to frighten the American people into supporting a new war against Iran: The interesting thing about the concept of a cyber false flag is that it leaves no physical fingerprints for average citizens to investigate. Skeptics who suspect that our own government is the engineer of the attack might never be able to see the virus, coding, or transcripts of the event. It is much easier to hide a collapsing network infrastructure than it is to hide a real building collapsing at near freefall speed (Building 7) without the aid of a crashing airliner. With no physical or visible evidence whatsoever, a cyber false flag can be blamed on anyone, and the public will have to take the government at their word. 3) A Cyber Attack Gives The Government Rationale For Internet Controls Our government, regardless of which party occupies the presidency, has been chewing through concrete in an attempt to gain regulatory power over the internet and its content. SOPA, CISPA, the Cybersecurity Act 2012, and on and on. They do not hide the fact that they want to clamp down on the web, especially the web?s massive independent media presence, which the DHS often refers to as ?extremist propaganda and recruitment?. A cyber attack gives web totalitarians the perfect excuse to fence in our creative commons and silence activist media. I can hear it now: ?The open and unsecured nature of the internet has given terrorists and terrorist states free reign to attack vital U.S. infrastructure, and it must be restricted for the greater good of the country?? 4) A Cyber Attack Can Go Global A cyber attack does not have to be limited to a single country and its networks. It could be used to strike multiple countries and fuel a global firestorm of systems failures. Globalists need a macro-crisis, a world-wide catastrophe, in order to present their ?global solution? to the desperate masses. This solution will invariably include more dominance for them, and less freedom for us. A global crisis can also be used to manipulate various cultures to forget concerns of sovereignty and think in terms of one-world action. Surely, a worldwide breakdown can only be solved if we ?all work together and all think alike?, right...? Without a doubt, a cyber attack serves the interests of elitist entities and banking monstrosities like nothing else in existence. Set off a nuke, start WWIII, turn the U.S. dollar into stagflationary dust; a cyber attack tops them all, because a cyber attack can lead to them all while maintaining deniability for the establishment. The fact that whispers of cyber threats have turned into bullhorn blasted propaganda should concern us all. Are we being conditioned for a cyber event in the near future? That remains to be seen. However, none of us should be surprised if one does occur, especially in light of the many gains involved for globalists, and all of us should be ready to dismantle and expose any lies surrounding the event before the American public is whipped into a 9/11 style frenzy yet again. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 10:01:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 11:01:25 -0400 Subject: [Infowarrior] - Faulkner Estate Keeps Suing: Sues Washington Post Over Ad That Quoted One Sentence Message-ID: <33E3258F-30C2-45AC-97BE-A21077B36BCC@infowarrior.org> Faulkner Estate Keeps Suing: Sues Washington Post Over Ad That Quoted One Sentence http://www.techdirt.com/articles/20121029/03170620867/faulkner-estate-keeps-suing-sues-washington-post-over-ad-that-quoted-one-sentence.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 10:03:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 11:03:14 -0400 Subject: [Infowarrior] - Quarter of Eastern cell towers BLOWN down BY SANDY - FCC Message-ID: <753D301A-8C1A-4E3F-AA26-7C379C9F8DFB@infowarrior.org> Quarter of Eastern cell towers BLOWN down BY SANDY - FCC By Brid-Aine Parnell ? Get more from this author Posted in Mobile, 31st October 2012 14:53 GMT http://www.theregister.co.uk/2012/10/31/mobile_service_hit_by_hurricane_sandy/ Around a quarter of mobile phone towers in the ten East-coast states hit by Hurricane Sandy have been damaged or destroyed, the Federal Communications Commission has said. The FCC is anticipating continued communication problems as other towers are running on backup power. "This was and still is a devastating storm with a serious impact on our nation's communications infrastructure," chairman Julius Genachowski said during a conference call with press, reported by the Wall Street Journal and others. "The storm is not over. And our assumption is that communications outages could get worse before they get better, particularly for mobile networks, because of the flooding and loss of power." Both flooding and snowfall in the affected region could affect more towers and make it difficult to repair the towers already in trouble. Genachowski also said that a very small number of emergency call centres had lost power but calls were being rerouted. He urged the public to only call 911 in life-threatening emergencies and to limit nonessential calls, using texts or social media to communicate instead, so that mobile networks could stay open for priority calls. "We've seen broadband and social media continue to play an important role in communication for people during this storm," he said. "Social media is a critical platform for sharing information with loved ones. And it's been vital in keeping those other communications networks open for first responders." Broadband and cable TV customers have also been hit by outages, with around a quarter of customers without the services. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 15:30:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 16:30:18 -0400 Subject: [Infowarrior] - AT&T and T-Mobile Open Networks to Customers of Both Carriers in New York and New Jersey Message-ID: <8635EFE2-16AD-4193-819B-98B75B012A93@infowarrior.org> (Comcast also doing similar with its WiFi points, too. --rick) AT&T and T-Mobile Open Networks to Customers of Both Carriers in New York and New Jersey http://www.engadget.com/2012/10/31/att-and-t-mobile-temporarily-share-their-networks-in-nyc-nj/ DALLAS & BELLEVUE, Wash.--(BUSINESS WIRE)--In the wake of destruction caused by Hurricane Sandy, AT&T and T-Mobile are taking extraordinary measures to make sure our customers can stay in touch. AT&T and T-Mobile have entered into an agreement to enable roaming on their networks to customers of both companies in the heavily impacted areas and where capacity is available and for subscribers with a compatible device. AT&T and T-Mobile customers will be able to place calls just as they normally would, but their calls will be carried by whichever network is most operational in their area. This will be seamless for AT&T and T-Mobile customers with no change to their current rate plans or service agreements even if the phone indicates the device is attached to the other carrier's network. T-Mobile and AT&T both utilize network technology based on GSM and UMTS standards, which allows for this sharing of voice and data traffic. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Oct 31 16:52:19 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2012 17:52:19 -0400 Subject: [Infowarrior] - Browserwrap TOS judged invalid Message-ID: Almost Every Website On The Planet Could Be In Legal Jeopardy, Thanks To Zappos Owen Thomas | Oct. 30, 2012, 7:55 PM | 50,770 | 22 http://www.businessinsider.com/zappos-terms-of-service-ruled-invalid-2012-10 Zappos just lost a big court battle. In January, hackers got ahold of 24 million Zappos customers' email addresses and other personal information. Some of those customers have been suing Zappos, an online shoes and clothing retailer that's owned by Amazon.com. Zappos wants the matter to go into arbitration, citing its terms of service. The problem: A federal court just ruled that agreement completely invalid. So Zappos will have to go to court?or more likely settle to avoid those legal costs. Here's how Zappos screwed up, according to Eric Goldman, a law professor and director of Santa Clara University's High Tech Law Institute: It put a link to its terms of service on its website, but didn't force customers to click through to it. There's a ton of legal precedents around what constitutes a contract. If you leave a piece of paper with a bunch of legalese out in your office, and someone wanders through, but doesn't even look at it, let alone sign it, you can't say they agreed to what's on the paper. There's no "meeting of the minds," to use the legal concept. These kinds of arrangement are called "browsewrap" agreements, and they're extremely common?Dell, Southwest, and a lot of other companies have had them on their websites, and their uncertain legal status has landed them in court a lot. What Zappos should have done: Force customers to click a button that says sure, yeah, whatever, they've read the terms and agree to them. Courts have found these "clickwrap" terms valid?even though in reality no one actually reads the stuff they're agreeing to. A second way Zappos messed up: Its terms say that it can change the agreement at any time, unilaterally. That's inherently unfair, and courts have invalidated contracts on those grounds, too. What this means: A lot of billable hours for lawyers and interactive designers, as everyone reworks their websites and mobile apps to force users to lie about having read page after page of legal jargon to get about their business. Will Zappos have to pay up? The customers whose email addresses were exposed will have to demonstrate that they were actually harmed by the leak. But arbitration is usually a way to resolve disputes that's less expensive and friendlier to businesses, which is why terms of service usually require it. Read more: http://www.businessinsider.com/zappos-terms-of-service-ruled-invalid-2012-10#ixzz2AuqqrhRP --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.