From rforno at infowarrior.org Mon Dec 1 08:29:49 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Dec 2014 09:29:49 -0500 Subject: [Infowarrior] - EFF on car maintenance as DMCA issue Message-ID: <3D69A017-25D7-4918-8DD8-5FAE27EBD524@infowarrior.org> (c/o DG) Marcia Hoffmann for EFF on how repair of automobiles that are, in effect, V8 computers, is a DMCA issue https://www.eff.org/files/2014/11/03/eff_dmca_petitioncarmodification_dkt._2014-07.pdf which is beginning to show up, e.g., at http://autos.aol.com/article/will-copyright-law-stop-you-from-working-on-your-car-in-the-near/ I think that this is a total lost cause and self-driving cars are the reason. Insurance pricing will, in due course, make this so. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 1 09:56:26 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Dec 2014 10:56:26 -0500 Subject: [Infowarrior] - =?windows-1252?q?Feds_want_Apple=92s_help_to_defe?= =?windows-1252?q?at_encrypted_phones=2C_new_legal_case_shows?= Message-ID: Feds want Apple?s help to defeat encrypted phones, new legal case shows by Cyrus Farivar - Dec 1 2014, 9:00am EST OAKLAND, CA?Newly discovered court documents from two federal criminal cases in New York and California that remain otherwise sealed suggest that the Department of Justice (DOJ) is pursuing an unusual legal strategy to compel cellphone makers to assist investigations. Apple expands data encryption under iOS 8, making handover to cops moot "Apple cannot bypass your passcode and therefore cannot access this data." In both cases, the seized phones?one of which is an iPhone 5S?are encrypted and cannot be cracked by federal authorities. Prosecutors have now invoked the All Writs Act, an 18th-century federal law that simply allows courts to issue a writ, or order, which compels a person or company to do something. Some legal experts are concerned that these rarely made public examples of the lengths the government is willing to go in defeating encrypted phones raise new questions as to how far the government can compel a private company to aid a criminal investigation. Two federal judges agree that the phone manufacturer in each case?one of which remains sealed, one of which is definitively Apple?should provide aid to the government. Ars is publishing the documents in the California case for the first time in which a federal judge in Oakland specifically notes that "Apple is not required to attempt to decrypt, or otherwise enable law enforcement?s attempts to access any encrypted data." The two orders were both handed down on October 31, 2014, about six weeks after Apple announced that it would be expanding encryption under iOS 8, which aims to render such a data handover to law enforcement useless. Earlier this month, The Wall Street Journal reported that DOJ officials told Apple that it was "marketing to criminals" and that "a child will die" because of Apple?s security design choices. Apple did not immediately respond to Ars? request for comment. < -- more -- > http://arstechnica.com/tech-policy/2014/12/feds-want-apples-help-to-defeat-encrypted-phones-new-legal-case-shows/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 1 12:28:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Dec 2014 13:28:15 -0500 Subject: [Infowarrior] - New US intelligence agency established Message-ID: New intelligence agency established http://www.wtop.com/807/3753574/Spy-vs-Spy-New-agency-debuts Monday - 12/1/2014, 8:55am ET By J.J. Green WASHINGTON-- The National Counterintelligence and Security Center (NCSC) debuts Monday as the U.S. intelligence community seeks to stay ahead of the aggressive evolution of complicated espionage, cyber and security threats. The NCSC will now become the parent organization of the Office of the National Counterintelligence Executive (ONCIX), which was created by the Counterintelligence Enhancement Act of 2002 to carry out counterintelligence and security responsibilities for the Director of National Intelligence. The NCSC's purpose is "to provide a leadership construct for (U.S. government) security personnel, outside of the counterintelligence framework," said NCIX director William Evanina. Evanina, who will be dual-hatted as the director of the NCSC, told WTOP the creation of the center was predicated by the destructive growth and complexity of cyber threats, economic espionage, insider threats, and supply chain threats. The rapid growth in internet-based attacks on U.S. government agencies and businesses aimed at gathering personally identifiable information (PII) on U.S. citizens is a leading reason for the establishment of the NCSC. PII is often collected, by foreign nation-states, for the purpose of attempting to use U.S. citizens as spies whether they are aware of it or not. The agency said in a statement the NCSC will integrate and align counterintelligence and security mission areas, and carry out counterintelligence and security responsibilities under a single organizational model, much like the National Counter-terrorism Center (NCTC) and the National Counter- proliferation Center (NCPC). --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 2 06:15:53 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Dec 2014 07:15:53 -0500 Subject: [Infowarrior] - Kim Dotcom Announces United States Political Party Message-ID: Kim Dotcom Announces United States Political Party ? By Andy ? on December 2, 2014 http://torrentfreak.com/kim-dotcom-announces-united-states-political-party-141202 Kim Dotcom will launch a political party in the United States next year. Run by American citizens, Internet Party US will feature "celebrity founders" from the music, movie and Internet sectors. Dotcom will be its PR man and is already warning that "Hillary" faces her "worst nightmare" in 2016. Just twenty-four hours ago Kim Dotcom was staring disaster in the face, his freedom hanging in the balance on the words of a New Zealand judge. U.S. authorities claimed that Dotcom had breached his bail conditions on several occasions in the hope they could place the businessman back behind bars. With his legal team mostly resigned, Dotcom faced the court with a single lawyer and pulled it off. Allegations against him dismissed, the German left the court a free man, ready to fight another day. Not content with cruising speed, this morning Dotcom stomped his foot on the gas once more, announcing what could be his biggest challenge yet. ?The Internet Party is coming to the United States in 2015,? he announced on Twitter. The political arena is no stranger to Dotcom. The Megaupload founder pumped millions of dollars into the original New Zealand-based Internet Party in the lead up to the 2014 elections there, although that foray into politics ended mostly in disappointment. One of the administrative issues faced by Dotcom in his New Zealand campaign was his nationality. As a German he could not stand himself, so instead the Internet Party forged a partnership with the Mana Party whose leader ultimately ended up losing his seat. In the United States Dotcom will face similar hurdles, but it appears plans are already in place to not only shake up politics, but to do so using players from some of the very industries currently hounding him. ?Stay tuned for our celebrity founders from the music, film and Internet industry,? Dotcom teased this morning. Cracking the United States will be no easy task and will require more funding than the estimated $3m Dotcom pumped into his New Zealand campaign. However, Dotcom possesses considerable skills in grabbing the attention of the media so will be a great asset on the PR front, a role he has confirmed. ?The Internet Party US will be well funded and run by American citizens. I will help with Public Relations ;-),? he wrote. The funding issue could also prove to be an interesting one since only last week Dotcom announced that he?s ?officially broke?. Despite having earned $40 million since his assets were seized back in 2012, Dotcom says his luxury lifestyle and hefty legal bills have swallowed it all up. In a parting shot this morning, Dotcom again protested his innocence and denied U.S. government claims that he?s a fugitive and likely to flee. The icing on the cake was a reference to a certain Clinton and her anticipated presidential run. ?I?m not a pirate. I?m not a fugitive. I?m not a flight risk,? Dotcom declared. ?I?m your Internet Freedom fighter AND Hillary?s worst nightmare in 2016!? In the wake of the Internet Party?s election defeat in New Zealand, Dotcom declared his brand ?poisoned? and briefly retreated out of the spotlight. However, recent headlines have shown there is still a broad appetite for Dotcom?s unique blend of drama, but whether US citizens will want that injected into their politics remains to be seen. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 3 09:34:55 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Dec 2014 10:34:55 -0500 Subject: [Infowarrior] - JetBlue Permanently Bans YouTuber Over A 'Mean Girls' Tweet Message-ID: <2736BC2F-666F-4081-8D00-F77B50B62C9B@infowarrior.org> JetBlue Permanently Bans YouTuber Over A 'Mean Girls' Tweet http://www.businessinsider.com/banned-from-jetblue-over-tweet-2014-12 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 4 06:08:10 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Dec 2014 07:08:10 -0500 Subject: [Infowarrior] - Congress Quietly Decides To Delete Key NSA Reform In CRomnibus Agreement Message-ID: <080C583A-EF38-4B67-B6E6-E79C01B6B658@infowarrior.org> Congress Quietly Decides To Delete Key NSA Reform In CRomnibus Agreement from the congressional-failure dept https://www.techdirt.com/articles/20141203/16192629321/congress-quietly-decides-to-delete-key-nsa-reform-cromnibus-agreement.shtml You may recall, back in June, that there was a key House vote that took NSA supporters by surprise. An amendment to the Defense Appropriations bill pushed by a bi-partisan team of Thomas Massie, Jim Sensenbrenner and Zoe Lofgren passed overwhelmingly, with a plan to slam the door shut on questionable NSA "backdoor searches" (as described in detail earlier). The House voted 293 to 123, making it a pretty clear and overwhelming statement that Congress did not, in fact, support such practices by the NSA. But, of course, the NSA gets the last laugh. As part of the big lameduck CRomnibus effort in Congress, it appears that the House leadership has agreed to drop that amendment, despite the fact it passed overwhelmingly. Apparently, this is angering many who supported that amendment, and in response, according to Cato's Patrick Eddington, Congress is going to bring up the CRomnibus under closed rule to basically block anyone attempting to add it back in as an amendment (which is what some had hoped to do). It's basically yet another giant middle finger to the idea of any meaningful surveillance reform -- even one that the majority of Congress wanted. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 4 06:23:31 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Dec 2014 07:23:31 -0500 Subject: [Infowarrior] - How the NSA Hacks Cellphone Networks Worldwide Message-ID: Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide By Ryan Gallagher < - > According to documents contained in the archive of material provided to The Intercept by whistleblower Edward Snowden, the NSA has spied on hundreds of companies and organizations internationally, including in countries closely allied to the United States, in an effort to find security weaknesses in cellphone technology that it can exploit for surveillance. The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into?a controversial tactic that security experts say could be exposing the general population to criminal hackers. Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks. < = > https://firstlook.org/theintercept/2014/12/04/nsa-auroragold-hack-cellphones/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 4 10:08:52 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Dec 2014 11:08:52 -0500 Subject: [Infowarrior] - Testimony: Apple's security patches 'blew up' Real Music libraries Message-ID: Testimony: Apple's security patches 'blew up' Real Music libraries updated 07:55 am EST, Thu December 4, 2014 http://www.electronista.com/articles/14/12/04/user.content.such.as.mp3s.ripped.from.cds.never.at.risk/ User content, such as MP3s ripped from CDs, never at risk Day two of the Real versus Apple trial over Apple's FairPlay DRM and anti-trust actions potentially taken by the Cupertino manufactured ended somewhat yesterday, after hyperbole from both legal teams. Real's attorney Patrick Coughlin claimed that Apple gave users the "worst possible experience" and would "blow up" music stored in unauthorized stores when iTunes users to restore to factory settings when it detected content from the Real Music store. Apple defended itself, saying that the obtuse warning that iTunes gave when detecting hacked files didn't need to be more specific, and it was only protecting users from an array of attacks plaguing the device. Coughlin claimed that Apple specifically coded iTunes to "not to tell users the problem" regarding the error message due to the Real Music installation. As a result of the restore, the unauthorized store was purged, and any content associated with it was deleted. Music files "ripped" by users were kept intact, as were purchases made from the iTunes Music store, a fact which was seemingly ignored in court. Apple defended itself, saying that the deletion was a side effect of security measures taken by the company. Apple security director Augustin Farrugia claimed on the stand that the company didn't give a more detailed warning prior to deletion, as "we don't need to give users too much information. We don't want to confuse users." Farrugia claimed that other hack efforts laid bare Apple's security efforts, and the deletion of the music files wasn't intended to hurt consumers or Real. Instead, the measures were intended to protect users from a wide array of exploits available beyond just Real's, as "the system was totally hacked." This trial, the plaintiff's last chance, comes after a 2006 shift in iOS device management which disabled a Real Networks music store that it had figured out how to shoehorn on Apple's music player. Real had reverse-engineered Apple's DRM on iPods and used that information to create the Harmony DRM wrapper tool, which allowed music purchased from the Real Music store temporarily to be compatible with Apple's ubiquitous device. A software patch to the iPod broke that functionality. Apple has since shifted its own store to DRM-free music. The day's testimony focused on the nature of the firmware update that destroyed the Real Music store's ability to install music on the hard-drive based iPods. Apple claims that is has every right to improve its devices, as well as protect them from security threats, which is what Jobs was alluding to with his "ethics of a hacker" remark. The flaw that allowed the RealPlayer software to work "posed a danger to the consumer experience and to the quality of the product," according to Apple counsel William Isaacson. Apple executives Eddy Cue and Phil Shiller are expected to testify today or tomorrow. Additionally, more video testimony recorded in 2011 from Steve Jobs is to be shown. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 4 11:21:17 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Dec 2014 12:21:17 -0500 Subject: [Infowarrior] - Assange on Living in a Surveillance Society Message-ID: Who Should Own the Internet? Julian Assange on Living in a Surveillance Society By JULIAN ASSANGE DEC. 4, 2014 http://www.nytimes.com/2014/12/04/opinion/julian-assange-on-living-in-a-surveillance-society.html It is now a journalistic clich? to remark that George Orwell?s ?1984? was ?prophetic.? The novel was so prophetic that its prophecies have become modern-day prosaisms. Reading it now is a tedious experience. Against the omniscient marvels of today?s surveillance state, Big Brother?s fixtures ? the watchful televisions and hidden microphones ? seem quaint, even reassuring. Everything about the world Orwell envisioned has become so obvious that one keeps running up against the novel?s narrative shortcomings. I am more impressed with another of his oracles: the 1945 essay ?You and the Atomic Bomb,? in which Orwell more or less anticipates the geopolitical shape of the world for the next half-century. ?Ages in which the dominant weapon is expensive or difficult to make,? he explains, ?will tend to be ages of despotism, whereas when the dominant weapon is cheap and simple, the common people have a chance ... A complex weapon makes the strong stronger, while a simple weapon ? so long as there is no answer to it ? gives claws to the weak.? Describing the atomic bomb (which had only two months before been used to flatten Hiroshima and Nagasaki) as an ?inherently tyrannical weapon,? he predicts that it will concentrate power in the hands of the ?two or three monstrous super-states? that have the advanced industrial and research bases necessary to produce it. Suppose, he asks, ?that the surviving great nations make a tacit agreement never to use the atomic bomb against one another? Suppose they only use it, or the threat of it, against people who are unable to retaliate?? The likely result, he concludes, will be ?an epoch as horribly stable as the slave empires of antiquity.? Inventing the term, he predicts ?a permanent state of ?cold war,"? a ?peace that is no peace,? in which ?the outlook for subject peoples and oppressed classes is still more hopeless.? There are parallels between Orwell?s time and ours. For one, there has been a lot of talk about the importance of ?protecting privacy? in recent months, but little about why it is important. It is not, as we are asked to believe, that privacy is inherently valuable. It is not. The real reason lies in the calculus of power: the destruction of privacy widens the existing power imbalance between the ruling factions and everyone else, leaving ?the outlook for subject peoples and oppressed classes,? as Orwell wrote, ?still more hopeless.? The second parallel is even more serious, and even less well understood. At present even those leading the charge against the surveillance state continue to treat the issue as if it were a political scandal that can be blamed on the corrupt policies of a few bad men who must be held accountable. It is widely hoped that all our societies need to do to fix our problems is to pass a few laws. The cancer is much deeper than this. We live not only in a surveillance state, but in a surveillance society. Totalitarian surveillance is not only embodied in our governments; it is embedded in our economy, in our mundane uses of technology and in our everyday interactions. The very concept of the Internet ? a single, global, homogenous network that enmeshes the world ? is the essence of a surveillance state. The Internet was built in a surveillance-friendly way because governments and serious players in the commercial Internet wanted it that way. There were alternatives at every step of the way. They were ignored. At their core, companies like Google and Facebook are in the same business as the U.S. government?s National Security Agency. They collect a vast amount of information about people, store it, integrate it and use it to predict individual and group behavior, which they then sell to advertisers and others. This similarity made them natural partners for the NSA, and that?s why they were approached to be part of PRISM, the secret Internet surveillance program. Unlike intelligence agencies, which eavesdrop on international telecommunications lines, the commercial surveillance complex lures billions of human beings with the promise of ?free services.? Their business model is the industrial destruction of privacy. And yet even the more strident critics of NSA surveillance do not appear to be calling for an end to Google and Facebook. Recalling Orwell?s remarks, there is an undeniable ?tyrannical? side to the Internet. But the Internet is too complex to be unequivocally categorized as a ?tyrannical? or a ?democratic? phenomenon. When people first gathered in cities, they were able to coordinate in large groups for the first time, and to exchange ideas quickly, at scale. The consequent technical and technological advances brought about the dawn of human civilization. Something similar has been happening in our epoch. It is possible for more people to communicate and trade with others in more places in a single instant than it ever has been in history. The same developments that make our civilization easier to surveil make it harder to predict. They have made it easier for the larger part of humanity to educate itself, to race to consensus, and to compete with entrenched power groups. This is encouraging, but unless it is nurtured, it may be short-lived. If there is a modern analogue to Orwell?s ?simple? and ?democratic weapon,? which ?gives claws to the weak? it is cryptography, the basis for the mathematics behind Bitcoin and the best secure communications programs. It is cheap to produce: cryptographic software can be written on a home computer. It is even cheaper to spread: software can be copied in a way that physical objects cannot. But it is also insuperable ? the mathematics at the heart of modern cryptography are sound, and can withstand the might of a superpower. The same technologies that allowed the Allies to encrypt their radio communications against Axis intercepts can now be downloaded over a dial-up Internet connection and deployed with a cheap laptop. Whereas in 1945, much of the world faced a half-century of tyranny as a result of the atomic bomb, in 2015, we face the inexorable spread of invasive mass surveillance and the attendant transfer of power to those connected to its superstructures. It is too early to say whether the ?democratizing? or the ?tyrannical? side of the Internet will eventually win out. But acknowledging them ? and perceiving them as the field of struggle ? is the first step toward acting effectively. Humanity cannot now reject the Internet, but clearly we cannot surrender it either. Instead, we have to fight for it. Just as the dawn of atomic weapons inaugurated the Cold War, the manifold logic of the Internet is the key to understanding the approaching war for the intellectual center of our civilization. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 4 19:24:07 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Dec 2014 20:24:07 -0500 Subject: [Infowarrior] - New U.S. Cybersecurity Prosecutor Unit to Focus on Prevention Message-ID: <8F665E65-C88D-4498-AC71-242537E9B316@infowarrior.org> New U.S. Cybersecurity Prosecutor Unit to Focus on Prevention December 4, 2014, 12:54 PM PST By Reuters http://recode.net/2014/12/04/new-u-s-cybersecurity-prosecutor-unit-to-focus-on-prevention/ The U.S. Justice Department is creating a unit within the criminal division to advise on electronic surveillance in cyber investigations and work with the private sector to prevent online crime, an official said on Thursday. The new unit, housed within the Computer Crime and Intellectual Property section, will work with law enforcement, the private sector, and Congress, said Leslie Caldwell, head of the department?s criminal division. ?It is important that we address cyber threats on multiple fronts, with both a robust enforcement strategy as well as a broad prevention strategy,? Caldwell said in prepared remarks before a cybercrime conference. The announcement comes as Sony Pictures Entertainment is investigating a devastating hack that shut down its networks and led to the public release of sensitive personnel information. Caldwell said the new unit would also help counter what she termed growing public distrust of law enforcement surveillance and high-tech investigative techniques. (Reporting by Aruna Viswanatha; Editing by Lisa Von Ahn) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 7 19:46:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Dec 2014 20:46:37 -0500 Subject: [Infowarrior] - Fun with predatory publishers Message-ID: <92CD7FE5-A7AE-44E2-86FD-46A7ED845C1A@infowarrior.org> A paper by Maggie Simpson and Edna Krabappel was accepted by two scientific journals Updated by Joseph Stromberg on December 7, 2014, 9:00 a.m. ET A scientific study by Maggie Simpson, Edna Krabappel, and Kim Jong Fun has been accepted by two journals. Of course, none of these fictional characters actually wrote the paper, titled "Fuzzy, Homogeneous Configurations." Rather, it's a nonsensical text, submitted by engineer Alex Smolyanitsky in an effort to expose a pair of scientific journals ? the Journal of Computational Intelligence and Electronic Systems and the comic sans-loving Aperito Journal of NanoScience Technology. These outlets both belong to a world of predatory journals that spam thousands of scientists, offering to publish their work ? whatever it is ? for a fee, without actually conducting peer review. When Smolyanitsky was contacted by them, he submitted the paper, which has a totally incoherent, science-esque text written by SCIgen, a random text generator. (Example sentence: "we removed a 8-petabyte tape drive from our peer-to-peer cluster to prove provably "fuzzy" symmetries?s influence on the work of Japanese mad scientist Karthik Lakshminarayanan.?) < - > http://www.vox.com/2014/12/7/7339587/simpsons-science-paper --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 7 19:46:49 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Dec 2014 20:46:49 -0500 Subject: [Infowarrior] - =?windows-1252?q?Forget_North_Korea_=96_the_real_?= =?windows-1252?q?rogue_cyber_operator_lies_much_closer_to_home?= Message-ID: <766F6C3B-F377-4C07-8671-D8383C38B208@infowarrior.org> Forget North Korea ? the real rogue cyber operator lies much closer to home A cyber-attack on Sony Pictures distracted attention from a more worrying story about a piece of malware used by GCHQ John Naughton Saturday 6 December 2014 19.05 EST http://www.theguardian.com/technology/2014/dec/07/north-korea-sony-pictures-regin-gchq-nsa-snowden-belgacom Were you to measure significance in column inches, the massive cyber-attack on Sony Pictures would appear to be the story of the week. Company executives had to post notices on office entrances telling staff not to log into the network when they reached their desks. The company?s entire network had to be taken offline as it grappled with a ransom demand that threatened to release confidential documents and not-yet-released films unless money changed hands. The big question was: who was responsible for the attack? Fevered speculation led some people to point the finger at North Korea, on the grounds that one of the forthcoming films, The Interview, poked fun at the country?s leader, Kim Jong-un. This seemed implausible to this columnist: North Korea may be distinctly humourless on the subject of its beloved leader, but seeking a ransom would be uncool even for that nauseating regime. In the event, no money seems to have changed hands: some confidential documents, eg spreadsheets giving salaries of top Sony executives, made their way online and the embargoed movies began to pop up on piracy sites. Exciting stuff, eh? But the really big cyber story of the past two weeks is less glamorous but rather more worrying in the longer term. It concerns Regin, a piece of malware that has only recently come to light, although it?s been around for years. The security firm Symantec describes it as ?a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customisable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organisations, infrastructure operators, businesses, researchers and private individuals.? The company goes on to speculate that developing Regin took ?months, if not years? and concludes that ?capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state?. Ah, but which nation states? Step forward the UK and the US and their fraternal Sigint agencies GCHQ and NSA. A while back, Edward Snowden revealed that the agencies had mounted hacking attacks on Belgacom, a Belgian phone and internet services provider, and on EU computer systems, but he did not say what kind of software was used in the attacks. Now we know: it was Regin, malware that disguises itself as legitimate Microsoft software and steals data from infected systems, which makes it an invaluable tool for intelligence agencies that wish to penetrate foreigners? computer networks. Quite right too, you may say. After all, the reason we have GCHQ is to spy on nasty foreigners. The agency was, don?t forget, originally an offshoot of Bletchley Park, whose mission was to spy on the Germans. So perhaps the news that the Belgians, despite the best efforts of Monty Python, are our friends ? or that the UK is a member of the EU ? had not yet reached Cheltenham? Spying on friends as well as enemies is an ancient principle of statecraft. It used to be done for reasons of ?national security?; now it is done for reasons of ?cybersecurity? and therein lies a new problem. What is cybersecurity, really? What are GCHQ and the NSA trying to secure? Is it the security of the cyberspace ? ie the internet? Or of some part of the network? And if so, which part? Here, some throwaway lines in one of the Snowden documents become particularly interesting. ?The facts contained in this program,? they read, ?constitute a combination of the greatest number of highly sensitive facts related to NSA/CSS?s overall cryptologic mission. Unauthorised disclosure? will cause exceptionally grave damage to US national security. The loss of this information could critically compromise highly sensitive cryptologic US and foreign relationships, multi-year past and future NSA investments, and the ability to exploit foreign adversary cyberspace while protecting US cyberspace.? Note that last clause. ?Cybersecurity? actually means two things: first, national security, and second, that the only corner of cyberspace that we care about is our own. We can exploit every other virtual inch of it for our own (national) purposes. This gives us carte blanche to, for example, undermine everybody?s online security by weakening the encryption used for commercial transactions; purchase ?zero-day exploits? from hackers for use against targeted organisations; and spread malware such as Regin anywhere we goddamn please. Welcome to our networked world. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 8 17:29:59 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Dec 2014 18:29:59 -0500 Subject: [Infowarrior] - Cyber & Surveillance Message-ID: The unstoppable rise of the global surveillance profiteers By Aaron Sankin on December 7th, 2014 Imagine if your government put a price tag on your privacy, acquiring shadowy surveillance technology that exploited your personal vulnerabilities. Earlier this year, journalists at the Ethiopian Satellite Television Service (ESAT) were sent something sketchy. The Amsterdam-based TV channel holds itself up as an alternative to the country?s tightly controlled state-run media and regularly runs programming critical of Ethiopia?s ruling regime. As such, the station?s broadcasts in the country are regularly jammed by government censors, and a recent documentary aired on state-run TV urged Ethiopians not to participate in ESAT?s programming?.. < - > http://kernelmag.dailydot.com/issue-sections/headline-story/11057/cyberwar-surveillance-state-economy/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 8 20:04:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Dec 2014 21:04:18 -0500 Subject: [Infowarrior] - The insane narrative you are supposed to believe about the torture report Message-ID: The insane narrative you are supposed to believe about the torture report By Daniel W. Drezner December 8 at 9:40 AM http://www.washingtonpost.com/posteverything/wp/2014/12/08/the-insane-narrative-you-are-supposed-to-believe-about-the-torture-report/?hpid=z8 Daniel W. Drezner is a professor of international politics at Tufts University and a nonresident senior fellow at the Brookings Institution. On Friday, Bloomberg News View?s Josh Rogin reported that Secretary of State John F. Kerry had quite the conversation with Sen. Dianne Feinstein (D-Calif.): Secretary of State John Kerry personally phoned Dianne Feinstein, chairman of the Senate Select Committee on Intelligence, Friday morning to ask her to delay the imminent release of her committee?s report on CIA torture and rendition during the George W. Bush administration, according to administration and Congressional officials. Kerry was not going rogue ? his call came after an interagency process that decided the release of the report early next week, as Feinstein had been planning, could complicate relationships with foreign countries at a sensitive time and posed an unacceptable risk to U.S. personnel and facilities abroad. Kerry told Feinstein that he still supports releasing the report, just not right now. ?What he raised was the timing of report release, because a lot is going on in the world ? including parts of the world particularly implicated ? and wanting to make sure foreign policy implications were being appropriately factored into timing,? an administration official told me. ?He had a responsibility to do so because this isn?t just an intel issue ? it?s a foreign policy issue.? (Emphasis added.) The State Department pushed back somewhat on that story, but over the weekend a couple of other Sunday morning talk show participants said pretty much the same thing. There was House Intelligence Committee Chairman Mike Rogers (R-Mich.) for one: Rogers is regularly briefed on intelligence assessments. He told CNN?s ?State of the Union? that U.S. intelligence agencies and foreign governments have said privately that the release of the report on CIA interrogations a decade ago will be used by extremists to incite violence that is likely to cost lives. ?I think this is a terrible idea,? Rogers said. ?Our foreign partners are telling us this will cause violence and deaths. . . . Foreign leaders have approached the government and said, ?You do this, this will cause violence and deaths.? Our own intelligence community has assessed that this will cause violence and deaths.? Rogers questioned why the report needed to become public, given that the Justice Department investigated and filed no criminal charges. Then there was former CIA director Michael V. Hayden: As the Senate Intelligence Committee prepares to issue a lengthy report on the CIA?s interrogation practices in the wake of 9/11, former CIA director Michael Hayden suggested that some of the report?s conclusions are not only untrue, but they could be used by America?s enemies to attack U.S. personnel and facilities abroad if released. ?First of all, the CIA workforce will feel as if it has been tried and convicted in absentia since the Senate Democrats and their staff didn?t talk to anyone actively involved in the program. Second, this will be used by our enemies to motivate people to attack Americans and American facilities overseas,? he said. (Emphasis added.) I?m sure that Rogers and Hayden are smart men, and I?m also sure that current intelligence officials have been making the same claims anonymously to reporters. But to suggest that this Senate report will really tip the scales when it comes to the United States? enemies rallying support, you have to believe that the following exchange is happening somewhere in the Middle East: ABDUL: Ahmed, why won?t you come with me to attack the infidels? You are not outraged that the United States has invaded Afghanistan and Iraq and caused so much suffering in two Muslim countries? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged that in the past three years the great Zionist oppressor has waged air campaigns against two Arab countries ? Syria and Libya ? and accomplished little but to extend the suffering of our Muslim brothers and sisters? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged that the great Western imperialist power has launched drone strikes with impunity in two other countries ? Yemen and Pakistan ? killing scores of innocent Muslim families in the process? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged that the infidel superpower has defended Israel as that Zionist pig-state has done nothing but displace, bomb and humiliate our Palestinian brothers and sisters? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged that two successive U.S. presidents, in two flowery speeches, have claimed that the United States wants to bring human rights and democracy to the Middle East, only to tolerate authoritarian crackdowns in Egypt and the Gulf states? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged about all the stories of infidels torturing our Muslim brothers in Abu Ghraib, in Bagram, in Guantanamo Bay? The stories about infidel soldiers desecrating the Koran? AHMED: It?s not enough for me to take up arms. ABDUL: You are not outraged by the just-released Senate report about CIA torture? AHMED: Wait, did you say ?Senate report?? Okay, I will take up arms now. I?m sorry, but this is just nuts. There is no shortage of US foreign policy actions and inactions in the region to inflame enemies. The Senate report is small potatoes compared to that. The report should be released as soon as possible for a very simple, bipartisan reason: [Sen. Lindsey O.] Graham added that the extensive documentation could prevent a future administration from resorting to similar methods. ?At the end of the day, it is important not to repeat these things,? Graham said. ?We have to get this report out,? Feinstein said, even if she had to give in on some of her demands for transparency. ?We will find another way to make known some of the problems.? The interrogations undermined ?societal and constitutional values that we are very proud of,? Feinstein said. ?Anybody who reads this is going to never let this happen again.? (Emphasis added.) Strangely enough, this is also the position of Human Rights Watch: ?Delaying release of the Senate report because of possible negative repercussions for national security is a red herring,? said Sarah Margon, the Washington director of Human Rights Watch. ?Maintaining secrecy around a defunct torture program is the real liability as doing so denies us the right to debate what happened and make sure it is never repeated.? (Emphasis added.) I?m going to go out on a limb and suggest that if Dianne Feinstein, Lindsey Graham, and the director of Human Rights Watch all think the report is necessary to prevent the United States from committing the same egregious mistakes in the future, then that countermands the magical thinking needed to accept the worst-case scenarios regarding its publication. Am I missing anything? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 06:55:02 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 07:55:02 -0500 Subject: [Infowarrior] - Negotiating Away Innovation: Dish Agrees To Kill Autohop To End TV Blackouts Message-ID: Negotiating Away Innovation: Dish Agrees To Kill Autohop To End TV Blackouts https://www.techdirt.com/articles/20141207/06284129344/negotiating-away-innovation-dish-agrees-to-kill-autohop-to-end-tv-blackouts.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 06:57:52 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 07:57:52 -0500 Subject: [Infowarrior] - Why Cellphone Unlocking Could Soon Be Illegal Once Again Message-ID: Why Cellphone Unlocking Could Soon Be Illegal Once Again ? By Kyle Wiens ? 12.09.14 | ? 6:30 am | ? Permalink < - > Two years ago, national fervor ignited around cellphone unlocking after the Librarian of Congress (an unelected official) effectively made cellphone unlocking illegal. Some 114,000 people?and a united front of consumer advocates, digital rights crusaders, and recycling groups?registered their displeasure with the White House. Thus began a long battle to reverse the Librarian of Congress?s decision. < - > So why is this issue on the table again? One reason: The Digital Millenium Copyright Act, better known as the DMCA. The massive missive, passed in 1998, governs the tense and often amorphous intersection of intellectual property and physical property. The law was birthed when digital piracy (of things like DVDs and music) first and truly reared its head. As a reaction, Congress built ?anti-circumvention? edicts into Section 1201 of the DMCA. The provision makes it a violation of copyright law to break any sort of technological protection measure over content?like, say, the encryption on DVDs. But the DMCA doesn?t take intention into account. Breaking the lock is a violation, whether or not the locked content is actually pirated. Back when the DMCA was penned, lawmakers had no idea that content?in the form of software and firmware?would find its way into almost every device we own. From WiFi routers to microwaves, everything with a chip contains some sort of copyrighted content. And lawmakers had no idea that manufacturers would start putting locks on top of that programming to prevent people from accessing and modifying it. But lawmakers did engineer a failsafe into the DMCA, just in case: a triennial review?and it?s just as arcane as it sounds. Every three years, the public can petition the Librarian of Congress to issue exemptions. It takes a huge undertaking of time, effort, and legal maneuvering to push each one of these exemptions through the review process. Eight years ago, the Copyright Office almost removed an exemption that allowed blind people use e-readers. In the last go-round, the Librarian of Congress denied the exemption for cellphones. The new Unlocking Law reversed his decision, but not permanently?just until the next triennial review, which just so happens to be starting right now. And so, after all the effort of passing a law, the legality of unlocking is once again on tenuous ground. Unsurprisingly, that doesn?t sit well with a lot of people. < - > http://www.wired.com/2014/12/dmca-exemptions-cell-phone-unlocking/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 07:10:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 08:10:33 -0500 Subject: [Infowarrior] - Rockefeller relents: FOIA reform bill passes Senate Message-ID: Bill challenging US official secrecy passed after senator's late change of mind House expected to follow suit after Democrat Jay Rockefeller dropped his objection to bipartisan bill designed to force greater US government openness Monday 8 December 2014 18.27 EST http://www.theguardian.com/us-news/2014/dec/08/senator-block-bill-challenging-government-secrecy-rockefeller The Senate has passed new legislation that challenges the ingrained secrecy of the US government and exposes federal agencies to greater public scrutiny, after the Democratic senator Jay Rockefeller dropped his opposition at the last minute. In a day of high drama in the usually more sedate world of freedom of information campaigning, Rockefeller agreed to withdraw the block that he had effectively placed on the new legislation just hours before a final deadline. Open government advocates had warned that if he sustained his objections to the bill beyond Monday night there would be no hope of it passing in this Congress. Shortly after 5pm, the co-sponsor of the Foia Improvement Act of 2014, Senator Patrick Leahy, announced on Twitter that it had passed the Senate. The bill now moves back to the House of Representatives which is expected to speed it through before the end of session on Thursday. The bill, which has been two years in the making, is backed by more than 70 good governance organisations and is seen as a critical step towards a more open and accountable flow of public information. Amy Bennett of OpenTheGovernment.org, a coalition of groups that have led the push for the changes, said that the Senate vote amounted to a ?huge moment for making sure that the US is more open and accountable. It?s really critical for ensuring that we will never see a return to the kind of secrecy we saw under the Bush administration.? Ryan Shapiro, an open government expert at the Massachusetts Institute of Technology (MIT), said he was ?thrilled? that Rockefeller had finally ?decided to do the right thing and let the Foia reform bill pass the Senate. The records of government are the property of the people and we should have access to them.? As the name of the legislation suggests, the bill seeks to improve the way that individuals, journalists and academics can request information under the Freedom of Information Act, which was first introduced in 1966. It would remove several of the most egregious impediments to government accountability that exist under the current law. For a start, the bill would codify and make permanent the presumption of disclosure that Barack Obama introduced in his first term ? that is, the idea that federal agencies must divulge information unless they are specifically exempted from doing so. The bill would enshrine that principle into law so that it could not be overturned by any future president. The bill also tackles an exemption in the current Foia law, known as b(5), that is so broadly cast that it allows federal bodies to wriggle out of disclosing virtually anything. The invocation of b(5) exemptions has mushroomed under the Obama administration, despite the president?s promise to be a champion of open government. The CIA, for instance, is fiercely resisting the disclosure of its official internal history of the Bay of Pigs Invasion in 1961 on the grounds that the report was merely a ?draft? and therefore exempt under b(5). The CIA claims that disclosure of the report ?could confuse the public?, even though it was written decades ago ? an excuse that could no longer be used were the new legislation passed. A third major reform would be to prevent the government from discouraging use of Foia requests by imposing prohibitive fees. Shapiro gave the example of one Foia bid he is currently pursuing in which he has asked the FBI to make public all 30,040 pages of documents that it has amassed from its inquiries into Daniel Ellsberg, the source of the Pentagon Papers leak on the Vietnam war. The FBI has agreed to supply the MIT researcher with its entire file of papers on Ellsberg, but at a price. The bureau says it will burn the documents digitally on to CDs, imposing an arbitrary maximum of 500 pages per CD. At $15 per CD, the FBI has told Shapiro it will charge him a total of $890. The new legislation, which is now expected to pass into law by the end of the year, would prevent government agencies from erecting ?toll gates? in which they dissuade people from exercising their rights by hefty fees. ?This bill doesn?t go anywhere near as far as I?d like, but it would prohibit several of the dirty tricks that federal agencies use to side-step their duties under freedom of information,? Shapiro said. For much of the past six months, the Foia Improvement Act had enjoyed the smooth passage through Congress that is rarely seen in these gridlocked days. It swooped through the House and the Senate judiciary committee with unanimous bipartisan backing. But then Rockefeller unexpectedly put his spoke in the wheel. His eleventh-hour opposition opposition to the bill puzzled many observers, given his previous general support for open government. The senator from West Virginia gave little explanation for his actions other than a statement released in the dead zone of late Friday night. In that statement, Rockefeller said that he was worried that elements of the bill would have the ?unintended consequence of harming our ability to enforce the many important federal laws that protect American consumers from financial fraud and other abuses ? These provisions would make it harder for federal agency attorneys to prepare their cases, and they would potentially give defendants new ways to obstruct and delay investigations into their conduct.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 11:13:04 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 12:13:04 -0500 Subject: [Infowarrior] - 20 key findings about CIA interrogations Message-ID: <93798FDB-6A60-4E2F-A1DB-88A15AAF1A5D@infowarrior.org> 20 key findings about CIA interrogations http://www.washingtonpost.com/wp-srv/special/national/cia-interrogation-report/key-findings/?hpid=z3 Almost 13 years after the CIA established secret prisons to hold and interrogate detainees, the Senate Intelligence Committee released a report on the CIA?s programs listing 20 key findings. Click a statement below for a summary of the findings: 1 ?not an effective means of acquiring intelligence? 2 ?rested on inaccurate claims of their effectiveness? 3 ?brutal and far worse than the CIA represented? 4 ?conditions of confinement for CIA detainees were harsher? 5 ?repeatedly provided inaccurate information? 6 ?actively avoided or impeded congressional oversight? 7 ?impeded effective White House oversight? 8 ?complicated, and in some cases impeded, the national security missions? 9 ?impeded oversight by the CIA?s Office of Inspector General? 10 ?coordinated the release of classified information to the media? 11 ?unprepared as it began operating? 12 ?deeply flawed throughout the program's duration? 13 ?overwhelmingly outsourced operations? 14 ?coercive interrogation techniques that had not been approved? 15 ?did not conduct a comprehensive or accurate accounting of the number of individuals it detained? 16 ?failed to adequately evaluate the effectiveness? 17 ?rarely reprimanded or held personnel accountable? 18 ?ignored numerous internal critiques, criticisms, and objections? 19 ?inherently unsustainable? 20 ?damaged the United States' standing in the world? SOURCE: Committee Study of the Central Intelligence Agency's Detention and Interrogation Program. GRAPHIC: Katie Park and Laris Karklis - The Washington Post. Published Dec. 9, 2014. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 14:32:07 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 15:32:07 -0500 Subject: [Infowarrior] - Judge Posner Says NSA Should Be Able To Get Everything & That Privacy Is Overrated Message-ID: <2DDFA389-4E4C-47CD-A80B-FBC9BF9330E7@infowarrior.org> Judge Posner Says NSA Should Be Able To Get Everything & That Privacy Is Overrated from the and-he's-wrong dept Judge Richard Posner is probably one of the most well-known and quoted appellate judges around. He's an excellent writer as well, and I enjoy many of his books and his rulings, though when he gets things wrong, he seems to get them so very, very wrong. When he's on, he's great. For example, his recent attack on copyright trolling and defending the public domain was great. He's also been good on patents. But... on surveillance he seems all too eager to side with the government. Given that, there was little surprise that at a recent conference on cybercrime, Posner unloaded with some of his more ridiculous beliefs, essentially saying that the NSA should be able to spy on whoever they want because "national security" is more important than privacy (or the 4th Amendment, apparently): ?I think privacy is actually overvalued,? Judge Richard Posner, of the U.S. Court of Appeals for the Seventh Circuit, said during a conference about privacy and cybercrime in Washington, D.C., Thursday. ?Much of what passes for the name of privacy is really just trying to conceal the disreputable parts of your conduct,? Posner added. ?Privacy is mainly about trying to improve your social and business opportunities by concealing the sorts of bad activities that would cause other people not to want to deal with you.? Ah, the old "if you've done nothing wrong, you've got nothing to hide" trope. If that's true, then it does make you wonder what Posner himself is hiding. As Dave Maass pointed out, Judge Posner has redacted the name of his trust on his financial disclosure form?.. < ?more --- > https://www.techdirt.com/articles/20141208/14063329364/judge-posner-says-nsa-should-be-able-to-get-everything-that-privacy-is-overrated.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 9 18:33:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Dec 2014 19:33:14 -0500 Subject: [Infowarrior] - An Inside View On The Purpose And Implications Of The Torture Report Message-ID: <6E6EA66A-1106-4650-8233-238338F43B0A@infowarrior.org> An Inside View On The Purpose And Implications Of The Torture Report from the it's-about-facts dept Jen Hoelzer is the former Communications Director and Deputy Chief of Staff for Senator Ron Wyden. https://www.techdirt.com/articles/20141209/15305629375/inside-view-purpose-implications-torture-report.shtml While some will, no doubt, be embarrassed by the Senate Intelligence Committee?s report on the CIA?s Detention and Interrogation program, as one of the staffers who helped make the case for the Committee?s investigation when it was initiated in 2009, I can tell you that was not its intention. (For the record, all I did was help make the initial case for the investigation and maybe put out a press release or two. I am in no way taking credit for the tremendous work that Chairman Feinstein and her committee?s staff did on this report. By the way, I know those staffers did not trek out to the CIA site in Virginia ? often in their free time ? in search of our thanks and recognition, but I hope you will join me in giving it to them anyway. Because reports like this do not materialize from thin air.) The dedicated SSCI staff ? who spent tens of thousands of hours over the better part of five years researching, writing and editing this report ? did so in order to ensure our nation?s interrogation programs would be grounded in what has, for too long, been missing from our nation?s interrogation debate: facts. The interrogation techniques the CIA developed during the Bush Administration were not devised by behavioral experts with experience turning detainees into "long-term strategic sources of information." Rather, as the Department of Justice?s 2008 Inspector General?s report revealed, the FBI?s interrogation experts ? with that experience ? repeatedly refused to sign off on proposed interrogation plans, calling them "deeply flawed" and "completely ineffective." The CIA?s interrogation program, instead, grew from the post-9/11 mentality that the U.S. would be best kept safe by those willing to go to the greatest extremes to protect it, or as former CIA agent Glenn Carle put it in his 2011 book The Interrogator, "Interrogating terrorists was no place for goddamn candy-asses." FBI officials have described the interrogation-strategy sessions they observed as "circus-like." I?ve personally been told by individuals who participated in high-level discussions of U.S. interrogation policy that ? as disturbing as it sounds ? these conversations were more often than not informed by the participants? recollection of episodes of the TV show 24 than by an understanding of the psychology of interrogation. Meanwhile, defenders of the CIA?s Bush-era interrogation activities continue to cite the murder of nearly 3,000 Americans on September 11, 2001 as justification for their actions. As Senator Feinstein writes in her introduction to the report: "The major lesson of this report is that regardless of the pressures and the need to act, the Intelligence Community's actions must always reflect who we are as a nation, and adhere to our laws and standards. It is precisely at these times of national crisis that our government must be guided by the lessons of our history and subject decisions to internal and external review." The SSCI?s report was written to provide those lessons. While some have and will likely continue to argue that President Obama settled the issue when he, as the president said in his statement today, "unequivocally banned torture when [he] took office," one might have argued that George Washington actually settled the issue 234 years earlier when he ordered that any American soldier who brought "shame, disgrace and ruin to themselves and their country" by causing injury to a British prisoner could be put to death. Our "new country in the New World," Washington declared, "would distinguish itself by its humanity." And yet, two centuries after Washington gave that order, agents of the U.S. government subjected "at least five CIA detainees?to 'rectal rehydration' ? without documented medical necessity." President Obama?s executive order only settles the issue insofar as he remains president. As long as the belief persists that torture is an effective means of interrogation and anyone who doesn?t support ?enhanced interrogation? is a "candy ass" who lacks the necessary stomach to keep Americans safe, there is no assurance that a future president won?t take a different position than our current president. Some have and will undoubtedly continue to argue that we shouldn?t discuss the efficacy of torture as an interrogation technique ? even if it?s to prove that torture doesn?t work ? because it suggests that if torture worked, it would be ok to torture people. I believe these people have a point. The United States is more than a mass of land defined by geographic boundaries, it is a nation of people united by certain, principled beliefs, many of which our forefathers laid out at our nation?s founding. It is not enough to simply protect the people of the United States, one must also protect the principles that define the United States as a people; otherwise, there is no United States to protect. When the CIA and the Bush Administration sanctioned the torture of captured terrorists ? regardless of their reasons ? they made the United States something George Washington said we?d never be: a nation that tortures. One might argue that made us a little less American. Some have and may continue to argue that making the CIA?s actions known puts Americans ? particularly those serving overseas ? in jeopardy. It?s worth noting that these arguments were made by people who know Senator Feinstein in an effort to persuade her not to make the committee report public. I say this is worth noting, because you do not need to know Senator Feinstein very well to know that there is nothing she wants less than to jeopardize the lives of American citizens, particularly those serving in harm?s way, and if there is an argument that would have given her second thoughts about releasing this report, that most likely would have been it. If Americans are at risk, however, they are not at risk because the Senate Intelligence Committee is publicly acknowledging that the CIA tortured people during the Bush Administration. They?re at risk because the CIA tortured people during the Bush Administration. The CIA put Americans at risk when they undermined the international agreements that protect Americans detained by foreign powers and sacrificed the moral authority we?ve long used to advocate for the humane treatment of detainees. They put Americans at risk when they made it harder ? if not impossible ? to prosecute known terrorists and keep them locked up. I'd also argue that defending the CIA?s actions, while refusing to come clean about what was done during the Bush Administration, not only fueled Al Qaeda?s hatred of Americans and put them at risk, it undermines the Obama Administration?s argument that the CIA no longer engages in torture. Some have and may continue to argue that putting out this report will undermine morale at the CIA and derail its necessary work. Again, I'd argue that any hit to the CIA?s morale began when its agents were ordered to torture detainees without clear parameters and a solid legal foundation. Some have and will no doubt continue to argue that an act taken to "prevent a threatened terrorist attack" is not as bad as an act taken "for the purpose of humiliation or abuse." I?d argue that torture is defined not by the torturer but by the person being tortured and that the laws governing torture were put in place because most people who engage in torture think they have a good reason. There are some who have and will no doubt continue to argue ? as they do about all things pertaining to national security ? that this report shouldn?t have been made public. To respond to that I will quote directly from page 8 of the unclassified report: The CIA's Office of Public Affairs and senior CIA officials coordinated to share classified information on the CIA's Detention and Interrogation Program to select members of the media to counter public criticism, shape public opinion, and avoid potential congressional action to restrict the CIA's detention and interrogation authorities and budget. If the SSCI?s report demonstrates one thing, it?s that the CIA?s unfettered ability to keep information about it?s activities secret gives it virtually limitless ability to control everyone?s understanding of its activities: from the White House and Congress to Hollywood and the American people. I have no doubt they?d argue those actions were necessary to protect national security, because in their mind ? it seems ? national security is harmed by anything that could potentially limit their authority to do exactly what they want. Someone should really tell them that's not how we do things in the United States. And finally there will be some who have and will continue to argue that the CIA?s actions were necessary to protect national security. Those people, I?m guessing, need to make those arguments to help them sleep at night. To them, I?d argue the path to redemption lies not in the perpetuation of that belief, but in its eradication. Again, please thank the Senate Intelligence Committee. Jen Hoelzer is the former Communications Director and Deputy Chief of Staff for Senator Ron Wyden. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 10 19:02:55 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Dec 2014 20:02:55 -0500 Subject: [Infowarrior] - Hackers Trick Keurigs Into Making Uncopyrighted Coffee Message-ID: Hackers Trick Keurigs Into Making Uncopyrighted Coffee ? By Marcus Wohlsen ? 12.10.14 | ? 2:15 pm | http://www.wired.com/2014/12/hackers-claim-free-keurigs-copyrighted-coffee/ When we last checked in with Keurig, the coffee machine maker had just turned itself into a big, fat target for copyright reform activists. The problem: Keurigs?s promise to make its 2.0 machines incompatible with any single-serving coffee pods it hadn?t licensed. Critics compared the approach to the DRM restrictions that hobble the sharing of digital music. And as with DRM, it now appears that Keurigs have been hacked. Not that getting the Keurig 2.0 to brew non-compliant coffee pods seems to have required the same kind of technical savvy required to reverse-engineer digital copyright protections. Instead, according to Keurighack.com, it takes one piece of tape and ?not much aim.? (And maybe some scissors.) In a video accompanied by Darth Vader?s theme music, an anonymous hacker snips a small section of the lid from a Keurig ?K-cup? and tapes it over the lid over what the video calls a ?rebel? pod. The strip seems to fool the machine into thinking the cup inside is a member of the Keurig ?empire.? Alternately, the video suggests attaching the strip to the machine itself to permanently fool it. ?Just tape it in there, up in the left: over the open rectangular space.? (We?ve reached out to Keurig Green Mountain to get their take on whether such a hack is possible?and whether it voids the warranty.) If Keurigs are so easy to spoof (a bunch of other people have figured this out), why would its makers bother with coffee DRM at all, especially considering the barrage of negative publicity and more than a dozen lawsuits the protections have prompted? Think of it as the inkjet printer business model applied to coffee: The money isn?t in the printer. It?s in the ink. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 11 06:22:58 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Dec 2014 07:22:58 -0500 Subject: [Infowarrior] - EFF matching donations this week Message-ID: (I just contributed, again. You should, too. --rick) EFF will be matched this week, meaning more support for work like forcing government transparency https://supporters.eff.org/donate/power-up-2014 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 11 19:28:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Dec 2014 20:28:41 -0500 Subject: [Infowarrior] - Congress quietly enacts new digital spying powers Message-ID: <8EB255B4-2BFC-4AEB-A902-C361B76EE44F@infowarrior.org> Congress Quietly Bolsters NSA Spying in Intelligence Bill ?It grants the executive branch virtually unlimited access to the communications of every American,? warned Rep. Justin Amash. By Dustin Volz http://www.nationaljournal.com/tech/congress-quietly-bolsters-nsa-spying-in-intelligence-bill-20141211 December 11, 2014 Congress this week quietly passed a bill that may give unprecedented legal authority to the government's warrantless surveillance powers, despite a last-minute effort by Rep. Justin Amash to kill the bill. Amash staged an aggressive eleventh-hour rally Wednesday night to block passage of the Intelligence Authorization Act, which will fund intelligence agencies for the next fiscal year. The Michigan Republican sounded alarms over recently amended language in the package that he said will for the first time give congressional backing to a controversial Reagan-era decree granting broad surveillance authority to the president. The 47-page intelligence bill was headed toward a voice vote when Amash rose to the House floor to ask for a roll call. Despite his efforts?which included a "Dear Colleague" letter sent to all members of the House urging a no vote?the bill passed 325-100, with 55 Democrats and 45 Republicans opposing. The provision in question is "one of the most egregious sections of law I've encountered during my time as a representative," Amash wrote on his Facebook page. The tea-party libertarian, who teamed up with Rep. John Conyers in an almost-successful bid to defund the National Security Agency in the wake of the Snowden revelations, warned that the provision "grants the executive branch virtually unlimited access to the communications of every American." The measure already passed the Senate by unanimous consent on Tuesday, and it is now on its way to the White House, where President Obama is expected to sign it. The objections from Amash and others arose from language in the bill's Section 309, which includes a phrase to allow for "the acquisition, retention, and dissemination" of U.S. phone and Internet data. That passage will give unprecedented statutory authority to allow for the surveillance of private communications that currently exists only under a decades-old presidential decree, known as Executive Order 12333. "If this hadn't been snuck in, I doubt it would have passed," said Rep. Zoe Lofgren, a California Democrat who voted against the bill. "A lot of members were not even aware that this new provision had been inserted last-minute. Had we been given an additional day, we may have stopped it." Lofgren said she believed the Senate Intelligence Committee was the source of the language. The panel did not respond to requests for comment. Lofgren also said the language was "the exact opposite of what the House passed this summer." She was referring to an amendment she championed that would have required the NSA to obtain a warrant before reading Americans' private messages that were collected through a program intended to target foreigners. "Congress is authorizing something very questionable constitutionally," Lofgren added. A tech-industry lobbyist added: "The language is broad, and depending on how it is implemented, does little to help restore the public's lack of trust in U.S. government surveillance programs." Backers of the section argue it would actually limit to five years the amount of time communications data could be kept at intelligence agencies, certain exceptions permitting. But it is generally acknowledged that such data is already rarely kept beyond five years, which Amash characterized as a trade-off that "provides a novel statutory basis for the executive branch's capture and use of Americans' private communications." "The provisions in the intel authorization appear to be an attempt by Congress to place statutory restrictions on the retention of information collected under Executive Order 12333, which is not subject to court oversight, has not been authorized by Congress, and raises serious privacy concerns," said Neema Guliani, legislative counsel with the American Civil Liberties Union. "However, these restrictions are far from adequate, contain enormous loopholes, and notably completely exclude the information of non-U.S. persons." Executive Order 12333 is not as widely known as the controversial Section 215 of the USA Patriot Act?which allows for the mass collection of domestic phone metadata. Like Section 702 of the Foreign Intelligence Surveillance Act, 12333 is intended to target foreign surveillance, although an unknown amount of U.S. data is "incidentally" tracked, particularly for citizens living overseas or those that communicate with foreigners. But the order, which was issued by President Reagan in 1981 and twice amended by President George W. Bush, earned a burst of attention this summer when former State Department official John Napier Tye wrote extensively about it in the Washington Post. "Executive Order 12333 contains nothing to prevent the NSA from collecting and storing all such communication?content as well as metadata? provided that such collection occurs outside the United States in the course of a lawful foreign intelligence investigation," Tye wrote. "No warrant or court approval is required, and such collection never need be reported to Congress. None of the reforms that Obama announced earlier this year will affect such collection." In September, four House Democrats asked the Obama administration to make public "all current and future legal opinions or interpretations" concerning 12333, a request that thus far has gone unheeded. In their letter, Reps. Conyers, Lofgren, Alan Grayson, and Rush Holt join with a number of privacy groups to express concerns about the order, saying that "secret law is a threat to democracy." Earlier this year, the Privacy and Civil Liberties Oversight Board announced it would begin a review of the legality of 12333. President Obama in January promised to reform the NSA's mass domestic spying, but he said he would wait for Congress to enact broader reforms. A bill intended to rein in several aspects of government surveillance died in the Senate last month, falling two votes short of the 60-vote threshold needed --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 06:46:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 07:46:41 -0500 Subject: [Infowarrior] - MPAA investigating existing legal avenues for anti-piracy measures Message-ID: <06FC2008-C0F4-487D-95C9-0C118846F704@infowarrior.org> MPAA investigating existing legal avenues for anti-piracy measures updated 01:15 am EST, Fri December 12, 2014 http://www.electronista.com/articles/14/12/12/leaked.information.reveals.potential.legal.tactics.and.meetings.with.google.execs/ Leaked information reveals potential legal tactics and meetings with Google execs A disturbing new email leak sent to Sony Pictures CEO Michael Lynton in 2012 has revealed a secret meeting between officials from the Department of Homeland Security and representatives from Google that was focused on methods by which the various groups could hobble or block sites known for hosting pirated materials. Meetings also occurred between the MPAA and an unnamed national law-firm across 2013 to discuss methods to force ISPs to block sites hosting or aggregating pirated content. The Sony email outlines the details of a meeting between Lynton, John Morton of Homeland Security, unnamed representatives from Google, and a small number of other interested anti-piracy parties. On March 19, 2012, a member of Sony Pictures legal affairs team emailed Lynton regarding a meeting being assembled by Morton. The guest list was impressive, if eclectic in some places. Chief among them was Vint Cerf, Google's Chief Internet Evangelist and generally considered to be one of the "founding fathers" of the modern Internet. A sentiment that was made clear in the meeting was that none of the parties wanted a repeat of the Stop Online Piracy Act (SOPA) debacle of 2012, so the meetings were kept small and secret by design. The email lists out the attendees, but says more about Google and Cerf then about Sony's participation. "Google apparently is willing to do more than its public (and not so public) positions," the email said in part. According to the email, Google suggested [Lynton] as the most balanced and reasonable person on the studio side and specifically requested his participation. "No other studio would be involved," Sony assured Lynton. The email goes on to point out that Cerf and fellow attendee Dr. Stephen C. Crocker, the board chair of ICANN, were childhood friends. Meanwhile, TorrentFreak has posted an exhaustive list of potential legal actions the MPAA consulted with a major law firm over, for the purposes of enacting website blocking in the US. Of the four options presented, only one came across as "promising but untested" to the law firm: Rule 19 of the Federal Rules of Civil Procedure, which would involve the MPAA finding a "foreign rogue site" who has failed to abide by an ISP's terms to be guilty of infringement. The MPAA would then have the ISP join them in a lawsuit against the rogue site. This would allow the MPAA to have the ISP block the site without having to accuse the ISP of any wrongdoing, or to take action against the ISP itself. The tactic is considered uncertain, and depends on how the FCC and the Supreme Court view the Communications Act, and how that may impact the ability of an ISP to fight the need for them to enact the blocks the MPAA would demand. In previously legal cases calling for site-blocking, ISPs have generally taken the public position that they are not telecommunications companies, and thus have no obligation to "filter" some sites over others. However, they are offered certain protections under DMCA 512(a) as "conduits," which have the same definition as "telecommunications" does in the Communications Act. It's uncertain how this might change if broadband is classified as a utility next year. There's no doubt that the backlash against SOPA/PIPA has made anti-piracy pro-site-blocking camp more cautious in their actions, and there's no telling if their current actions will spark quite such a furor again, though it can certainly be counted on that opposition will be spirited. The text of the email is as follows: Subject line: Today's call with John Morton, Assistant Secretary of Homeland Security John is calling you today to invite you to join a small group being formed to meet with him and Google (and a few others) to explore working together to find a "compromise" to the Google issues; his theory is that a small group will be more constructive and productive. Google apparently is willing to do more than its public (and not so public) positions; Google suggested you as the most balanced and reasonable person on the studio side and specifically requested your participation. No other studio would be involved. You are his first phone call invitation to this small group. He plans on also inviting the Chairman, President and CEO of Eli Lilly, John C. Lechleiter, who is very involved in fighting counterfeit pharmaceuticals; additionally, he wants to invite Ernie Allen, who is the President and CEO of the National Center for Missing & Exploited Children. I have attached the resumes of each of these two gentlemen. Lastly, he is thinking of including someone from Rosetta Stone; I still have not confirmed who that would be. From what I understand, John does not want the group any larger. On the Google side, I have been told that Vinton C. Cerf, vice president and "Chief Internet Evangelist," as well as Dr. Stephen C. Crocker, board chair of ICANN, would attend. They are childhood friends, and together have been responsible for laying the Internet's foundation. I have also attached their resumes. The meetings would be in Washington most likely since the others are in Indianapolis , Washington and Virginia respectively. Lastly, he has asked that we keep this very confidential. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 06:48:36 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 07:48:36 -0500 Subject: [Infowarrior] - thoughts on the '15 Intel Auth Act Message-ID: Congress quietly expands surveillance (again) By Richard Forno on December 11, 2014 at 6:20 pm https://cyberlaw.stanford.edu/blog/2014/12/congress-quietly-expands-surveillance-again As Congress winds down for the holidays, it delivers yet another lump of coal for the American people. Contained in the 2015 Intelligence Authorization Act is a provision quietly inserted by the US Senate (just prior to voting) that authorizes the ?acquisition, retention, and dissemination? of all communications data from U.S. citizens without a court order and then transferred to law enforcement for criminal investigations. Once leaving the Senate, this proposed Act was passed in the House by a casual (and therefore intentionally unaccountable) 325-100 voice vote with no debate. It now heads to the White House for a likely presidential signature. In an impaassioned 'Dear Colleague' letter this week, Rep. Justin Amash (R-MI) notes that "Section 309 [of the Act] provides the first statutory authority for the acquisition, retention, and dissemination of U.S. persons? private communications obtained without legal process such as a court order or a subpoena. The administration currently may conduct such surveillance under a claim of executive authority, such as E.O. 12333. However, Congress never has approved of using executive authority in that way to capture and use Americans? private telephone records, electronic communications, or cloud data." Despite the presence of some restrictions on executive branch use of Americans' private communications, Amash observes that "In exchange for the data retention requirements that the executive already follows, Section 309 provides a novel statutory basis for the executive branch?s capture and use of Americans? private communications." Moreover, Amash tells us that "The section contemplates that those private communications of Americans, obtained without a court order, may be transferred to domestic law enforcement for criminal investigations." Criminal investigations, such as.....? Reading this, I wonder how long before the entertainment industry convinces law enforcement agencies to take a very broad interpretation of "criminal investigations" when considering how to use these newly-enacted capabilities to conduct "criminal investigations" (into alleged copyright infringement?) Or anything else, for that matter. Mass digital surveillance in the name of intellectual property protection was publicly refuted with SOPA; it also was strongly challenged in CISPA even as a function of cybersecurity --- but could this broadly-worded federal surveillance statute make it a very real possibility anyway? After all, it wouldn't be the first time that online infringement and 'piracy' has been linked to national and/or homeland security concerns. Remember too that Hollywood is not beyond going to zany extremes to protect its business model -- in 2002, it wanted the ability to hack into home computers accused of hosting infringing material, and then more recently there were the Internet-breaking, privacy-invading SOPA and PIPA proposals. Stealthily-enacted invasions of privacy are bad enough in the purported interest of national security; possibly extending such capabilities to support questionable commercial outcomes must not be allowed. Happy Holidays, folks. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 14:00:07 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 15:00:07 -0500 Subject: [Infowarrior] - DOJ Misleads Court About Medical And Financial Records In Appeals Over NSA Surveillance Message-ID: <7C8FE7F6-92CE-4892-BE38-34485F6264A2@infowarrior.org> DOJ Misleads Court About Medical And Financial Records In Appeals Over NSA Surveillance https://www.techdirt.com/articles/20141211/14554029395/doj-misleads-court-about-medical-financial-records-appeals-over-nsa-surveillance.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 14:00:13 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 15:00:13 -0500 Subject: [Infowarrior] - Senate staffer tries to scrub 'torture' reference from Wikipedia's CIA torture article Message-ID: <270BBEDB-2DB9-4622-A899-2543B66E8285@infowarrior.org> Senate staffer tries to scrub 'torture' reference from Wikipedia's CIA torture article Image: Mashable, Bob Al-Greene By Brian Ries An anonymous Wikipedia user from an IP address that is registered to United States Senate has tried, and failed, to remove a phrase with the word "torture" from the website's article on the Senate Intelligence Committee's blockbuster CIA torture report. The unknown individual has attempted on at least two occasions ? first on Dec. 9 and then on Dec. 10 ? to remove a line describing the CIA's enhanced interrogation techniques as "a euphemism for torture." n both instances the anonymous editor explained that he or she was "removing bias" from the article. And each time the revision was overruled. The debate over the classification of "torture" for the CIA's techniques has played out in the halls of Congress, on Sunday talk shows and behind closed doors. Wikipedia appears to be the latest battleground over public opinion as many, now, ponder the legalities of some of the more aggressive techniques used by CIA officers during the decade-long war on terror. The United Nations, joined by a number of human rights groups, have called for the prosecution of U.S. officials who were responsible for the CIA torture program. < -- > http://mashable.com/2014/12/10/senate-wikipedia-torture-report/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 14:12:23 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 15:12:23 -0500 Subject: [Infowarrior] - Verizon offers NSA-friendly secure calling Message-ID: As one of the comments reads, "I'm not sure whether Verizon or Cellcrypt understand the meaning of encryption." ---rick Verizon's New, Encrypted Calling App Plays Nice With the NSA By Joshua Brustein December 11, 2014 Photographer: Mikkel William Nielsen Verizon is the latest big company to enter the post-Snowden market for secure communication, and it's doing so with an encryption standard that comes with a way for law enforcement to access ostensibly secure phone conversations. Verizon Voice Cypher, the product introduced on Thursday with the encryption company Cellcrypt, offers business and government customers end-to-end encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app. The encryption software provides secure communications for people speaking on devices with the app, regardless of their wireless carrier, and it can also connect to an organization's secure phone system. Cellcrypt and Verizon both say that law enforcement agencies will be able to access communications that take place over Voice Cypher, so long as they're able to prove that there's a legitimate law enforcement reason for doing so. Seth Polansky, Cellcrypt's vice president for North America, disputes the idea that building technology to allow wiretapping is a security risk. "It's only creating a weakness for government agencies," he says. "Just because a government access option exists, it doesn't mean other companies can access it." < - > http://www.businessweek.com/articles/2014-12-11/verizons-new-encrypted-calling-app-comes-prehacked-for-the-nsa --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 17:30:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 18:30:18 -0500 Subject: [Infowarrior] - =?windows-1252?q?_Leak_Exposes_Hollywood=92s_Glob?= =?windows-1252?q?al_Anti-Piracy_Strategy?= Message-ID: <172E7E99-1F95-48D9-BD98-72691CFF0F1F@infowarrior.org> Leak Exposes Hollywood?s Global Anti-Piracy Strategy ? By Ernesto ? on December 13, 2014 Leaked documents reveal in detail how Hollywood plans to take on piracy in the years to come. One of the top priorities for the MPAA are cyberlockers and illegal streaming sites, with lawsuits planned in the UK, Germany and Canada. Torrent sites are a medium priority, which the MPAA hopes to fight with criminal prosecutions, domain seizures and site blocking. < - > http://torrentfreak.com/leak-exposes-hollywoods-global-anti-piracy-strategy-141212/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 12 18:09:30 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Dec 2014 19:09:30 -0500 Subject: [Infowarrior] - DOJ Won't Force New York Times Reporter to Reveal Source Message-ID: Attorney General Won't Force New York Times Reporter to Reveal Source By Pete Williams http://www.nbcnews.com/news/us-news/attorney-general-wont-force-new-york-times-reporter-reveal-source-n267481 Attorney General Eric Holder has decided against forcing a reporter for the New York Times to reveal the identity of a confidential source, according to a senior Justice Department official. The reporter, James Risen, has been battling for years to stop prosecutors from forcing him to name his source for a book that revealed a CIA effort to sabotage Iran's nuclear weapons program. The government wanted Risen's testimony in the trial of a former CIA official, Jeffrey Sterling, accused of leaking classified information. But now, according to the Justice Department official, Holder has directed that Risen must not be required to reveal "information about the identity of his source." If the government subpoenas Risen to require any of his testimony, the official said, "it would be to confirm that he had an agreement with a confidential source, and that he did write the book." No final decision has been made about exactly how to proceed, the official said, but added the government "will no longer seek what he's most concerned about revealing." The decision ends months of internal debate about how aggressive prosecutors should be in seeking Risen's testimony. The federal judge overseeing the case, Leonie Brinkema of Alexandria, Virginia, gave the government until next Tuesday to declare how much he would be required to reveal in court. Holder had earlier signaled he might decline to force Risen to reveal a source, telling a group of news media executives earlier this year that "As long as I am attorney general, no reporter who is doing his job is going to jail." Without Holder's decision, Risen would have faced the difficult decision between revealing a source or facing possible jail time for contempt of court. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 15 06:29:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Dec 2014 07:29:33 -0500 Subject: [Infowarrior] - Sony begins threatening news media Message-ID: <2DF41F91-16FB-4F3B-B2EF-D544B4F33CFD@infowarrior.org> Sony Pictures warns news organizations to destroy ?stolen? e-mails, documents After days of silence, Sony Pictures Entertainment acknowledged a voluminous, embarrassing leak of internal e-mails and other materials on Sunday, warning numerous media outlets in a strongly worded letter against publishing or using the ?stolen? corporate data exposed by unidentified hackers. The materials, particularly e-mails, provided an extraordinary glimpse inside one of the world?s best-known corporations. The initial stories based on the materials went viral and absorbed days of coverage last week, illuminating the high-powered dealings, petty squabbling and ego that can define Hollywood. The company threatened legal action against news organizations that failed to heed its request, a strategy some legal scholars say would have a rough time passing muster under the First Amendment, which protects freedom of the press. Though no one has accused any news organization of participating in the theft, the letter appears to be a gambit to stop news outlets from reporting the documents. Sony?s action came just as the hackers reportedly threatened another dump of stolen data. The hackers have demanded the company withdraw an upcoming comedy based on a fictional plot to assassinate North Korean leader Kim Jong Un. < - > Sony?s ability to follow through with legal action is uncertain at best, legal scholars said last night. ?The short answer is that publishing such leaked material, even if it was illegally extracted by hackers, is likely to be legal,? said University of California at Los Angeles law professor Eugene Volokh in an e-mail last night. He cited a 2001 Supreme Court case, Bartnicki v. Vopper, which he said ?held that a publisher had a First Amendment right to publish illegally intercepted phone calls (when it wasn?t involved in the initial illegal interception.)? Volokh stewards the blog, The Volokh Conspiracy, which appears in the Washington Post. Here?s his post on this subject. George Freeman, a former attorney for the New York Times who now runs the Media Law Resource Center, said Sony?s demands struck him as ?a stretch.? He said newspapers and other publications have reported leaked corporate and government documents ?scores of times,? and this instance appears similar to those. ?I can?t think of any instance where the innocent beneficiary of leaks would get restrained from publishing,? Freeman said, referencing the news outlets? decisions to publish the Pentagon Papers. ?If anything, there would be less a problem for media in printing corporate documents like these than printing classified documents, which the government has claimed can violate the Espionage Act.? < - > http://www.washingtonpost.com/news/morning-mix/wp/2014/12/14/sony-pictures-warns-news-organizations-to-destroy-stolen-leaked-e-mails-documents/?tid=hp_mm From rforno at infowarrior.org Tue Dec 16 06:17:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Dec 2014 07:17:14 -0500 Subject: [Infowarrior] - Drone-Hunting Blimp To Launch Over Washington Message-ID: Drone-Hunting Blimp To Launch Over Washington http://www.defenseone.com/technology/2014/12/drone-hunting-blimp-launch-over-washington-dc/101328/ Though as @drunkenpredator notes: quick geography reminder: this JLENS blimp is at Aberdeen Proving Ground, which makes it about as "over DC" as a Delaware goose.. Frankly, I'd say that it's a platform desperately in search of a mission before its funding runs out......it was originally designed to "protect against cruise missles [from terrorists]", remember?" --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 16 06:25:52 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Dec 2014 07:25:52 -0500 Subject: [Infowarrior] - Memories of financial crisis fading as risks rise Message-ID: Yup - they're back to their old games, have renewed government protections and taxpayer 'support' for their losses, so life is returning to idiocy for Wall Street again. Investors and taxpayers beware. (But lawmakers will say they "didn't see it coming" when it hits -- and it will, trust me, and make '08 look tame by comparison, too.) --rick Memories of financial crisis fading as risks rise By PAUL WISEMAN, AP Economics Writer 18 Hours AgoThe Associated Press http://www.cnbc.com/id/102269793 WASHINGTON (AP) ? Six years after the collapse of Lehman Brothers, the lessons of the financial crisis may already be fading from collective memory. Just last week: ? Congress acted to loosen the regulation of the high-risk investments that ignited the 2008 crisis. ? Housing regulators cut minimum down payments on home loans. ? The Institute of International Finance declared it "worrisome" that global indebtedness, as a share of world economic output, has reached record levels. All this comes as subprime auto loans for financially stretched buyers are surging. And the so-called too-big-to-fail banks that needed a taxpayer bailout in 2008 now loom even larger than before the crisis: America's five biggest banks account for 44 percent of bank assets, up from 38 percent in 2007, according to SNL Financial. The trend toward pre-crisis lending practices worries analysts who favored far-reaching reforms to safeguard the system. "We're on a very dangerous trajectory," said Simon Johnson, professor of global economics at the Massachusetts Institute of Technology. Johnson said he fears that last week's congressional vote shows that bank lobbyists still carry the political clout to dilute financial regulations. By all accounts, the system isn't as vulnerable as it was before the crisis. The Treasury Department's Office of Financial Research, set up after the crisis to monitor risks, said this month that "threats to financial stability are moderate." U.S. banks have increased their capital defenses against loan losses by over 27 percent since 2007. Richard Hunt, president of the Consumer Bankers Association lobbying group, rejects any notion that banks are weakening credit standards. "If you're a banker who survived over the last five years," Hunt said, "the last thing you're going to do is return to that period of time. We're nowhere close to returning to the type of loans" issued just before the crisis. Still, watchdogs fear the risks are accumulating. Despite its overall finding that threats are moderate, Treasury's research office warned of "excessive risk-taking during an extended period of low interest rates." The Treasury office also worries that more lending and trading are occurring beyond the reach of regulators in the so-called shadow banking sector of hedge funds and other investment firms, "where threats could be significant, but are more difficult to assess." Recent developments have compounded the worries: ? RISKY BETS Congress voted last week to weaken a rule intended to reduce risks to taxpayers. Under the 2010 Dodd-Frank financial regulation bill, banks had to separate their federally insured banks from their riskiest trading operations ? the ones that deal in derivatives. Derivatives are used by farmers and companies to hedge financial risks. But they also let traders speculate on bonds, currencies and commodities such as oil. Bad bets in the derivatives market sank American International Group, an insurer that needed a $185 billion taxpayer bailout. The Dodd-Frank provision was meant to limit the risk that banks would use federally insured deposits to gamble on derivatives. But last week, at the behest of bank lobbyists, the House slipped into a must-pass spending bill a repeal of the divide between traditional banks and derivatives trading. Banks say the move will preserve their ability to help farmers and businesses hedge against risks. Sen. Elizabeth Warren, D-Mass., fought unsuccessfully to block the move. "Wall Street has been working behind the scenes to open another loophole so they could gamble with taxpayer money," Warren said. "Congress should not put taxpayers on the hook for another bailout." Thomas Hoenig, vice chairman of the Federal Deposit Insurance Corp., called the repeal "illogical." He noted that Dodd-Frank didn't prevent banks from trading derivatives and servicing farmers and businesses in operations not backed by federal deposit insurance. The 2008 crisis, Hoenig said, exposed "the economic consequences of conducting derivatives trading in taxpayer-insured banks." ? LOWER DOWN PAYMENTS Mortgage giants Fannie Mae and Freddie Mac issued guidelines last week allowing Americans to buy homes with down payments as low as 3 percent, down from the current 5 percent minimum. The new guidelines are meant to make houses more affordable for low-income families and first-time buyers. But critics worry about a repeat of what happened in the early and mid-2000s: Families were encouraged, through low down payment requirements and loose credit standards, to buy homes they couldn't afford. Millions wound up in foreclosure. "It is dubious housing policy to encourage moderate-income people to take out mortgages on which they are likely to default," Dean Baker, co-director of the liberal Center for Economic and Policy Research, wrote last week. ? RISING GLOBAL DEBT The Institute of International Finance, an industry research group, warned last week that global debt, excluding debt held by banks, had reached a record 244 percent of worldwide economic output. Companies in emerging markets such as China and India have been issuing bonds in record amounts, many of which must be repaid in U.S. dollars. If interest rates and the U.S. currency rise ? and the dollar has surged over 10 percent against major currencies since the end of June ? those companies may struggle to meet payments or refinance their debt. ? RISKY AUTO LENDING U.S. regulators are warning about slipping credit standards for auto loans. The rating agency Standard & Poor's expects lenders to make $21 billion in subprime auto loans this year, up from $20 billion this year and $18 billion in 2013. Darrin Benhart of the Office of the Comptroller of the Currency, a bank regulator, blamed intensifying "competitive pressure" for deteriorating credit standards. S&P analysts concluded this year that "caution is warranted." It fears "even looser credit standards" and riskier subprime car loans being packaged into bonds and sold to investors. Repeating what they did before encountering trouble in 2008, automakers and finance companies are offering six- and seven-year loans to ease buyers into cars they otherwise couldn't afford. "We tend to forget financial history," said Frank Partnoy, a finance professor at the University of San Diego. AP Business Writer Marcy Gordon contributed to this report. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 16 19:05:08 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Dec 2014 20:05:08 -0500 Subject: [Infowarrior] - Farewell, Dr. Dobb's Message-ID: <8D7134D7-A8B9-43A8-A995-1F0464D4FA79@infowarrior.org> Farewell, Dr. Dobb's By Andrew Binstock, December 16, 2014 http://www.drdobbs.com/architecture-and-design/farewell-dr-dobbs/240169421 After 38 years of glory, the long run of Dr. Dobb's has come to an end. This year, our website will deliver almost 10.3 million page views, which is an unprecedented number for Dr. Dobb's. It's up from 9 million last year and 8 million three years ago. That kind of growth is somewhat unusual for a site that has not changed its look or its mission, nor indulged in tawdry tricks like click-bait headlines or slideshows promising 9 quick tips for choosing a coding style. The numbers confirm that there is a deep thirst in the programmer community for long-form technical content featuring algorithms and code, as well as strong demand for explanations of new developer technologies and reliable reviews of books and tools. If I were so inclined, this might be the right time for me to move on, and so leave, as they say in sports, "at the top of my game." And indeed I will be leaving Dr. Dobb's at the end of the year. But it would be more accurate to say that it is Dr. Dobb's that is leaving: Our parent company, United Business Media (UBM), has decided to sunset Dr. Dobb's. "Sunset" sounds like a marketing euphemism to avoid saying "closing down," but in this context, it has a specific meaning that "closing" does not convey. That is, that there will be no new content after year end; however, all current content will be accessible and links to existing Dr. Dobb's articles will continue to work correctly. It is the equivalent of a product coming to end of life. It still runs, but no new features will be added. Over the years, my editorials have frequently analyzed market forces operating on different segments of the developer universe, so it would be wrong for me not to do the same for an event as personal and close to home as this. Why? Why would a well-known site, dearly loved by its readers and coming off a year of record page views, be sunset by its owner? In one word, revenue. Four years ago, when I came to Dr. Dobb's, we had healthy profits and revenue, almost all of it from advertising. Despite our excellent growth on the editorial side, our revenue declined such that today it's barely 30% of what it was when I started. While some of this drop is undoubtedly due to turnover in our sales staff, even if the staff had been stable and executed perfectly, revenue would be much the same and future prospects would surely point to upcoming losses. This is because in the last 18 months, there has been a marked shift in how vendors value website advertising. They've come to realize that website ads tend to be less effective than they once were. Given that I've never bought a single item by clicking on an ad on a website, this conclusion seems correct in the small. So vendors have redeployed their advertising dollars into more fruitful options. This is not a Dr. Dobb's-only phenomenon. Our direct competitors, BZ Media (parent of SD Times) and c4Media (InfoQ), are experiencing the same pressures. They have responded by putting on small conferences, which generate much of their revenue. Dr. Dobb's could do the same, but for the fact that our parent company is geared to large tradeshows, rather that many small events. (It owns Black Hat and Interop, among many other events.) Unfortunately, the software market today is so highly segmented that aside from vendor-sponsored events (JavaOne, Google IO, etc.), most successful programmer conferences are small, often very small. UBM argues (correctly, I believe): Why should we tie up resources starting a series of niche events that are unlikely to grow much, when we could put all that time, effort, and management attention into the bigger tradeshows and move the revenue up more quickly? The logic is unassailable. So rather than continue with Dr. Dobb's until it actually loses money, they've decided to sunset the site ? a sudden end to remarkably robust and wondrous journey that began 38 years ago. Personally No amount of analysis and explanation can mask the deep, personal sadness I feel at writing about this decision. Like many of you, I grew up reading Dr. Dobb's. For me, as I suspect it was for many of you, Dr. Dobb's Journal was the lifeline to a thorough understanding of programming. I recall that when the magazine appeared in my mailbox, all other activity for the day came to a sudden stop and the remaining hours were spent blissfully poring over article after article, soaking in the information. I learned C from Allen Holub's C Chest column, operating systems from the 18-part series on 386BSD, video programming from Michael Abrash's Black Book, and data compression from Mark Nelson. And so on ? each month brought new, enabling insights and explanations of often arcane topics. Having this deep, passionate connection, I felt lifted in ways not often encountered in one's career when I was approached about succeeding Jonathan Erickson, the editor who steered the magazine through its glory days in print. The honor of this position has fueled me every day, renewed by conversations in person with developers whose eyes would light up when I'd mention I worked on Dr. Dobb's. Putting aside my feelings, I should note that recent events fulfill the original vision of Dr. Dobb's. The founders, Bob Albrecht and Dennis Allison, first put together a newsletter in 1976 with the specific aim of making programming information more accessible. It was an experiment in sharing. Dr. Dobb's subsequent popularity meant that it became a worldwide means of sharing curated, high-quality programming info. The advent of the Web, which offered a vast array of new information sources, meant that Dr. Dobb's was no longer the central access point ? a complicated transition for the team, but one wholly in keeping with the original mission. With the advent of Hacker News and Proggit and other aggregators, developers themselves began curating content from numerous sources, and in a certain way, our mission is now complete. This should not suggest that there is no role anymore for Dr. Dobb's. As our page views show, the need for an independent site with in-depth articles, code, algorithms, and reliable product reviews is still very much present. And I will dearly miss that content. I wish I could point you to another site that does similar work, but alas, I know of none. To the previous editors, especially Jon Erickson and Mike Swaine, to the many contributors, columnists, and bloggers (especially Al Stevens, Al Williams, Allen Holub, Andrew Koenig, Eric Bruno, Gast?n Hillar, Herb Sutter, Mark Nelson, Pablo Santos, Scott Ambler, and Walter Bright), and to all of you, our dear readers, who sent us comments in the true spirit of sharing rather than admonishment, who helped us up if we slipped, and who gloried in our triumphs, allow me to quote Octavio Paz: Let me say "two words that all men have uttered since the dawn of humanity: thank you." Paz goes on to say, "The word gratitude has equivalents in every language and in each tongue the range of meanings is abundant." Perhaps, none more abundant than in the sense I mean it today, as I thank you for so many blessings and contributions to Dr. Dobb's. ? Andrew Binstock Editor in Chief alb at drdobbs.com Twitter: platypusguy Google+ P.S. Our managing editor, Deirdre Blake (dblakenew at gmail.com), who has toiled for two decades at Dr. Dobb's, will be looking for similar work after a short break. I will be returning to my former work of writing white papers and doing market analysis for technology vendors. If you want to stay in touch, please follow me on Twitter at @platypusguy or feel free to email me at my personal address, which is my first name at pacificdataworks.com. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 17 17:39:58 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Dec 2014 18:39:58 -0500 Subject: [Infowarrior] - U.S. Links North Korea to Sony Hacking Message-ID: <657859FA-6731-4934-A469-8AB03C02D41B@infowarrior.org> U.S. Links North Korea to Sony Hacking By DAVID E. SANGER and NICOLE PERLROTHDEC. 17, 2014 http://www.nytimes.com/2014/12/18/world/asia/us-links-north-korea-to-sony-hacking.html WASHINGTON ? American intelligence officials have concluded that the North Korean government was ?centrally involved? in the recent attacks on Sony Pictures?s computers, a determination reached just as Sony on Wednesday canceled its release of the comedy, which is based on a plot to assassinate Kim Jong-un, the North Korean leader. Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was still debating whether to publicly accuse North Korea of what amounts to a cyberterrorism campaign. Sony?s decision to cancel release of ?The Interview? amounted to a capitulation to the threats sent out by hackers this week that they would launch attacks, perhaps on theaters themselves, if the movie was released. Officials said it was not clear how the White House would decide to respond to NorthKorea. Some within the Obama administration argue that the government of Mr. Kim must be directly confronted, but that raises the question of what consequences the administration would threaten ? or how much of its evidence it could make public without revealing details of how the United States was able to penetrate North Korean computer networks to trace the source of the hacking. Others argue that a direct confrontation with the North over the threats to Sony and moviegoers might result in escalation, and give North Korea the kind of confrontation it often covets. Japan, for which Sony is an iconic corporate name, has argued that a public accusation could interfere with delicate diplomatic negotiations underway for the return of Japanese nationals kidnapped years ago. The sudden urgency inside the administration over the Sony issue came after a new threat was delivered this week to desktop computers at Sony?s offices that if ?The Interview? was released on Dec. 25, ?the world will be full of fear.? It continued: ?Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time.? Sony dropped its plan to release the film after the four largest theater chains in the United States ? Regal Entertainment, AMC Theaters, Cinemark and Carmike Cinemas ? and several smaller chains said they would not show the film. The cancellations virtually killed ?The Interview? as a theatrical enterprise, at least in the near term, one of the first known instances of a threat from another nation pre-empting the release of a movie. While intelligence officials have concluded that the cyberattack on Sony was both state sponsored and far more destructive than any seen before on American soil, there are still differences of opinion over whether North Korea was aided by Sony insiders with an intimate knowledge of the company?s computer systems. ?This is of a different nature than past attacks,? one senior official said. A cyberattack that began by wiping out data on corporate computers ? something that had previously been seen in attacks in South Korea and Saudi Arabia, but not the United States ? has turned ?into a threat to the safety of Americans? if the movie was shown. However, the official and the Department of Homeland Security, said in a statement, ?There is no specific, credible threat information that would suggest that any attack was imminent.? It is not clear how the United States came to its determination that the North Korean regime played a central role in the Sony attacks. North Korea has been a notoriously hard target for computer penetration. But four years ago the National Security Agency launched a major effort to penetrate the country?s computer operations, including its elite cyberteam, and to establish ?implants? in the country?s networks that, like a radar system, would monitor the development of malware transmitted from the country. But it is hardly a foolproof system. Much of North Korea?s hacking is done from China. And while the attack on Sony used some commonly available cybertools, one intelligence official said, ?This was of a sophistication that a year ago we would have said was beyond the North?s capabilities.? It is rare for the United States to publicly accuse countries suspected of involvement in cyberintrusions or attacks. The administration never publicly said who attacked White House and State Department computers over the past two months, or JPMorgan Chase?s systems last summer. Russia is suspected in the first two cases, but there is conflicting evidence on JPMorgan. But in this case, there is a long forensic trail. The attackers used readily available commercial tools to wipe data off Sony?s machines. They also borrowed tools and techniques that had been used in at least two previous attacks, one in Saudi Arabia two years ago ? widely attributable to Iran ? and another last year in South Korea, aimed at banks and media companies. The attacks at Sony were routed from command and control centers across the world, including a convention center in Singapore and a computer at Thammasat University in Thailand. But one of those command and control servers, a computer in Bolivia, had been used before, in a limited set of cyberattacks on South Korean targets two years ago. That suggests, but does not prove that that the same group or individuals may have been behind both attacks. The Sony malware also shared remarkable similarities with the malware used in the destructive attacks on South Korean banks and broadcasters last year. Those attacks, which also destroyed data belonging to their victims, are believed to be the work of a cybercriminal gang known as Dark Seoul. Some experts say they cannot rule out the possibility that the Sony attack was the work of a Dark Seoul copycat. The Sony attack also borrowed a wiping tool from an attack two years ago at Saudi Aramco, where hackers wiped out data off 30,000 Aramco computers, replacing it with an image of a burning American flag. Security experts were never able to track down the hackers behind the attacks at Saudi Aramco, though United States officials have long said they believe the attacks emanated from Iran, using tools that are now on the black market. In each attack, experts were never able to confirm the initial entry point. At Sony, forensics investigators are looking into the possibility that the attackers may have had some inside help. Embedded in the malicious code were the names of Sony servers and administrative credentials that allowed the malware to spread across Sony?s network. ?It?s clear that they already had access to Sony?s network before the attack,? said Jaime Blasco, a security researcher at AlienVault. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 18 06:42:38 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Dec 2014 07:42:38 -0500 Subject: [Infowarrior] - TN town never heard of the First Amendment, apparently Message-ID: <1E1702F1-D9D7-40A8-AEFA-213DC527D881@infowarrior.org> Tennessee Town Passes Policy Banning Negative Comments About The Town's Government from the the-Supreme-Court-has-roundly-rejected-prior-restraint dept The commissioners of a small Tennessee town have just voted to ban negative comments about it from social media. This stupid move was prompted by "criticism and lies" being posted online, which supposedly "hampered" the town's government from performing its duties. South Pittsburg City is a town of 3,000. This fact will limit the damage done by its city commissioners' new policy (which passed with 4-1 vote), but only because the town itself is tiny. The ban, however, is super-broad. (via Ben Swann and BRACE YOURSELF for always-awesome AUTOPLAY) < - > https://www.techdirt.com/articles/20141217/12153229470/tennessee-town-passes-policy-banning-negative-comments-about-towns-government.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 18 17:50:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Dec 2014 18:50:14 -0500 Subject: [Infowarrior] - The MPAA's Secret Plan To Reinterpret The DMCA Into A Vast Censorship Machine That Breaks The Core Workings Of The Internet Message-ID: <86CDEF3C-8B4D-497B-A136-98D27434A09F@infowarrior.org> The MPAA's Secret Plan To Reinterpret The DMCA Into A Vast Censorship Machine That Breaks The Core Workings Of The Internet https://www.techdirt.com/articles/20141217/17533629473/mpaas-secret-plan-to-reinterpret-dmca-into-vast-censorship-machine-that-breaks-core-workings-internet.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 18 20:42:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Dec 2014 21:42:37 -0500 Subject: [Infowarrior] - Google accuses Hollywood of 'trying to censor the Internet' Message-ID: <97F37772-4BF9-4B70-B1F4-C0B67A458028@infowarrior.org> Google accuses Hollywood of 'trying to censor the Internet' Using information from alleged documents leaked by the Sony hackers, Google said the Motion Picture Association of America and Mississippi's attorney general conspired to limit free speech on the Internet. ? by Seth Rosenblatt and Ian Sherr ? December 18, 2014 4:54 PM PST http://www.cnet.com/news/google-accuses-hollywood-of-trying-to-censor-the-internet/ Google attacked Hollywood and a state attorney general for attempting to achieve the goals of years-old Internet censorship law. The search giant said the Motion Picture Association of America, Hollywood's primary lobbying arm, secretly conspired with the attorney general of Mississippi to force changes to the trade of information on the Internet without enacting new laws. "The MPAA pointed its guns at Google," the company's General Counsel Kent Walker said in a blog post Thursday. He cited emails reported to have come from Sony's top executives by The Verge, detailing an effort to block websites alleged to publish copyrighted material. Walker also said that a letter sent by Mississippi Attorney General Jim Hood accusing Google of numerous misdeeds was drafted by the MPAA's longtime law firm. Hood said he had worked with the MPAA but disagreed with Google's assertions. He said he's worked with Internet companies on a wide range of issues, including international counterfeit rings, drug trafficking and child pornography. "We're just saying that if a website has 90 percent illegal material, they shouldn't put them in search results," he said. "We've been working on these issues for years, and Google full well knows that." Representatives for Google, Sony, the MPAA and its members didn't immediately respond to requests for comment. The move marks a turning point in the ongoing battle over Internet censorship, which led to protests across the Web in 2012. Two bills before the US Congress in particular, the Stop Online Piracy Act (SOPA), and the Protect Intellectual Property Act (PIPA), attempted to target "rogue" websites illegally displaying copyrighted content. But critics said the bills could adversely affect legitimate sites as well. SOPA and PIPA legislation had been thought to have been abandoned by their proponents, but Google's claims indicates it may have been revived. Google's comments also add to the fallout over the hacking of Sony. For the past two weeks, hackers who broke into the company's computer systems and claimed to have stolen troves of employee information, including executive's emails. Many of those documents have since been released online. Sony has only confirmed the veracity of a few documents that have surfaced. Others companies, however, are starting to come forward. Snapchat released a statement saying it was "devastated" over the stolen information on Wednesday. Now, Google has criticized Sony, the MPAA and others for their alleged actions, which were revealed in the documents. Sony hasn't responded to Google's accusations. It also didn't respond to the December 12 report from The Verge about its alleged activities with the MPAA. Update, 5:47 p.m. PT: Adds comment from Jim Hood. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 19 14:49:54 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Dec 2014 15:49:54 -0500 Subject: [Infowarrior] - JIEDDO caught doing domestic intel collection Message-ID: <783D6680-1684-4C03-B4FB-0A6EF285C6F4@infowarrior.org> Pentagon anti-bomb force 'improperly retained' information on Americans ? JIEDDO taskforce acted inappropriately ? read the declassified report ? Defense department has criticized its ?aggregation? of data on US firms, people ? Group ?improperly? held data from Five Eyes: UK, Australia, New Zealand, and Canada A Pentagon department focused on improvised explosive devices has been collecting intelligence on Americans. Friday 19 December 2014 14.26 EST The Pentagon?s taskforce charged with stopping insurgent bombs has for years inappropriately acted as an intelligence agency, according to a declassified internal report obtained by the Guardian. The Joint Improvised Explosive Device Defeat Organization (JIEDDO) collected information on American companies and their executives, people inside the United States, US military personnel and Afghan farmers. Despite internal Pentagon criticism, it continues to carry out intelligence functions. JIEDDO used aliases and impersonated US college students to gather information. It pursued US firms doing business with a Pakistani company with no real ties to terrorism. It collected and ?improperly retained? US telephone numbers, as well as those from among the US? ?Five Eyes? intelligence partners: the UK, Australia, New Zealand and Canada. On at least one occasion, JIEDDO mishandled information it accessed from a National Security Agency database. JIEDDO disputes that it actually ?collected? intelligence, preferring to say it ?aggregated? already-existing intelligence and public data. Some of JIEDDO?s intelligence work, particularly the collection of data on US companies, occurred ?at the behest of [JIEDDO] leadership?. All of it violated a raft of Defense Department and executive-branch regulations, up to and including Executive Order 12333, a foundational intelligence guideline. Those violations led to the first-ever establishment of an inspector general within JIEDDO, William Rigby. JIEDDO?s previously unknown intelligence activities are detailed in an 80-page investigation conducted by the Pentagon inspector general, issued secretly in April and acquired by the Guardian and other news organizations through the Freedom of Information Act. It is the latest example of a post-9/11 proliferation of intelligence operations by unapproved US government organizations. JIEDDO continues collecting and retaining intelligence, including intelligence on Americans. One analyst told the inspector general that when the organization acquires Americans? data, its officials ?tuck it to the side?. As of April 2014, the inspector general wrote: ?We remain concerned about JIEDDO conducting activities that fall out of the scope of its original charter.? That mission creep first led JIEDDO to view expansively its minimal intelligence authorities related to foreign IED threats. Then, confusion amongst the workforce about what intelligence activities were permissible ?allowed contract analysts and government supervisors to collect information about US persons that fell outside of [a JIEDDO component?s] foreign intelligence function.? As far back as February 2007 ? barely a year into JIEDDO?s existence ? the director of the Defense Intelligence Agency warned that JIEDDO should be properly reclassified as an intelligence enterprise to remove dangerous ambiguity about the organization?s true activities. < - > http://www.theguardian.com/us-news/2014/dec/19/pentagon-bomb-force-intelligence-americans From rforno at infowarrior.org Fri Dec 19 15:15:07 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Dec 2014 16:15:07 -0500 Subject: [Infowarrior] - Roll your own Pirate Bay Message-ID: http://gizmodo.com/there-are-gonna-be-9280928-pirate-bays-because-anyone-c-1673260311 In the wake of a police raid in Sweden that shut down the Pirate Bay as we know it, a number of opportunistic torrent sites have created clones. We've said before, Pirate Bay clones are potentially problematic. Nevertheless, Isohunt just launched a tool that makes it confusingly easy to set up your very own open source clone. I tried it;It works. < - > The popular torrent search engine created a database with the "top content" from the Pirate Bay, Kickass Torrents, and its own site along with a tool that made it relatively straight forward to build your own, personal Pirate Bay "with minimal knowledge of how internet and websites work and some server basic equipment." Isohunt is calling the whole project the Open Bay, and all of the code is indeed out there in the open on Github. All things told, it's only 30-megabytes worth of data. < - > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Dec 20 08:13:55 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Dec 2014 09:13:55 -0500 Subject: [Infowarrior] - Google lawsuit forces MPAA-backed attorney general to retreat Message-ID: <0697B404-3C33-4861-B7E2-C77911557D0D@infowarrior.org> Google lawsuit forces MPAA-backed attorney general to retreat by Sean Buckley | @seaniccus | 52 mins ago http://www.engadget.com/2014/12/20/google-lawsuit-jim-hood-mpaa/?ncid=rss_truncated Remember that post Google put up this week that accused the MPAA of trying to resurrect the spirit of SOPA with the help of state prosecutors (that included evidence based on some of Sony Pictures' leaked emails)? It just turned into a lawsuit -- and it's already having an affect. The search giant has updated the page to explain that it's asking federal courts to dismiss a subpoena Attorney General Jim Hood sent to Google back in October. That 72-page document asserted that he believed that Google has violated the Mississippi Consumer Protection Act, and had failed to take actions to prevent crimes committed by using its services. Now that Google is suing, Hood made a statement via the New York Times, calling for a "time out" and saying he will call the company to "negotiate a peaceful resolution of the issues affecting consumers." In its lawsuit, Google argues that Hood's subpoena is an affront to the company's constitutional rights (citing protections from both the First and Fourth Amendment) and, even if it wasn't, that issues of copyright fall exclusively under federal law. It goes on to say that the accusations made are damaging and false, and they contradict Section 230 of the Communications Decency Act, which protects web-services from taking the blame for the illegal acts of their users. Google is now asking federal courts to issue a temporary restraining order on the Attorney General and a preliminary injunction to protect it from potential injury. It's not an ideal situation, Google explained in its announcement post, but the company believes it's become necessary. "We regret having to take this matter to court," the company wrote. "We are doing so only after years of efforts to explain both the merits of our position and the extensive steps we've taken on our platforms.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 22 07:19:16 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Dec 2014 08:19:16 -0500 Subject: [Infowarrior] - Reacting to the Sony Hack Message-ID: (I couldn't have said it better myself. ---rick) Reacting to the Sony Hack https://www.schneier.com/blog/archives/2014/12/reacting_to_the.html First we thought North Korea was behind the Sony cyberattacks. Then we thought it was a couple of hacker guys with an axe to grind. Now we think North Korea is behind it again, but the connection is still tenuous. There have been accusations of cyberterrorism, and even cyberwar. I've heard calls for us to strike back, with actual missiles and bombs. We're collectively pegging the hype meter, and the best thing we can do is calm down and take a deep breath. First, this is not an act of terrorism. There has been no senseless violence. No innocents are coming home in body bags. Yes, a company is seriously embarrassed?and financially hurt?by all of its information leaking to the public. But posting unreleased movies online is not terrorism. It's not even close. Nor is this an act of war. Stealing and publishing a company's proprietary information is not an act of war. We wouldn't be talking about going to war if someone snuck in and photocopied everything, and it makes equally little sense to talk about it when someone does it over the internet. The threshold of war is much, much higher, and we're not going to respond to this militarily. Over the years, North Korea has performed far more aggressive acts against US and South Korean soldiers. We didn't go to war then, and we're not going to war now. Finally, we don't know these attacks were sanctioned by the North Korean government. The US government has made statements linking the attacks to North Korea, but hasn't officially blamed the government, nor have officials provided any evidence of the linkage. We've known about North Korea's cyberattack capabilities long before this attack, but it might not be the government at all. This wouldn't be the first time a nationalistic cyberattack was launched without government sanction. We have lots of examples of these sorts of attacks being conducted by regular hackers with nationalistic pride. Kids playing politics, I call them. This may be that, and it could also be a random hacker who just has it out for Sony. Remember, the hackers didn't start talking about The Interview until the press did. Maybe the NSA has some secret information pinning this attack on the North Korean government, but unless the agency comes forward with the evidence, we should remain skeptical. We don't know who did this, and we may never find out. I personally think it is a disgruntled ex-employee, but I don't have any more evidence than anyone else does. What we have is a very extreme case of hacking. By "extreme" I mean the quantity of the information stolen from Sony's networks, not the quality of the attack. The attackers seem to have been good, but no more than that. Sony made its situation worse by having substandard security. Sony's reaction has all the markings of a company without any sort of coherent plan. Near as I can tell, every Sony executive is in full panic mode. They're certainly facing dozens of lawsuits: from shareholders, from companies who invested in those movies, from employees who had their medical and financial data exposed, from everyone who was affected. They're probably facing government fines, for leaking financial and medical information, and possibly for colluding with other studios to attack Google. If previous major hacks are any guide, there will be multiple senior executives fired over this; everyone at Sony is probably scared for their jobs. In this sort of situation, the interests of the corporation are not the same as the interests of the people running the corporation. This might go a long way to explain some of the reactions we've seen. Pulling The Interview was exactly the wrong thing to do, as there was no credible threat and it just emboldens the hackers. But it's the kind of response you get when you don't have a plan. Politically motivated hacking isn't new, and the Sony hack is not unprecedented. In 2011 the hacker group Anonymous did something similar to the internet-security company HBGary Federal, exposing corporate secrets and internal emails. This sort of thing has been possible for decades, although it's gotten increasingly damaging as more corporate information goes online. It will happen again; there's no doubt about that. But it hasn't happened very often, and that's not likely to change. Most hackers are garden-variety criminals, less interested in internal emails and corporate secrets and more interested in personal information and credit card numbers that they can monetize. Their attacks are opportunistic, and very different from the targeted attack Sony fell victim to. When a hacker releases personal data on an individual, it's called doxing. We don't have a name for it when it happens to a company, but it's what happened to Sony. Companies need to wake up to the possibility that a whistleblower, a civic-minded hacker, or just someone who is out to embarrass them will hack their networks and publish their proprietary data. They need to recognize that their chatty private emails and their internal memos might be front-page news. In a world where everything happens online, including what we think of as ephemeral conversation, everything is potentially subject to public scrutiny. Companies need to make sure their computer and network security is up to snuff, and their incident response and crisis management plans can handle this sort of thing. But they should also remember how rare this sort of attack is, and not panic. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 22 10:32:19 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Dec 2014 11:32:19 -0500 Subject: [Infowarrior] - Post-9/11 War Costs Reach $1.6 Trillion Message-ID: <5DBF3C51-4556-4108-A908-8A8245883B48@infowarrior.org> Post-9/11 War Costs Reach $1.6 Trillion Posted on Dec.22, 2014 in budget, CRS by Steven Aftergood http://fas.org/blogs/secrecy/2014/12/war-costs-crs/ The U.S. has spent $1.6 trillion on post-9/11 military operations, including the wars in Iraq and Afghanistan and other counterterrorism activities, according to a new report from the Congressional Research Service. ?Based on funding enacted from the 9/11 attacks through FY2014, CRS estimates a total of $1.6 trillion has been provided to the Department of Defense, the State Department and the Department of Veterans Administration for war operations, diplomatic operations and foreign aid, and medical care for Iraq and Afghan war veterans over the past 13 years of war,? the report said. See ?The Cost of Iraq, Afghanistan, and Other Global War on Terror Operations Since 9/11,? December 8, 2014. The CRS report provides detailed tabulations of funding by agency, operation and fiscal year, along with appropriation source and functional breakdown. An appendix provides a monthly listing of U.S. troop levels in Afghanistan and Iraq, among other hard-to-find data assembled by CRS. Ideally, the record compiled in the 100-page CRS report would serve as the basis for a comprehensive assessment of U.S. military spending since 9/11: To what extent was the expenditure of $1.6 trillion in this way justified? How much of it actually achieved its intended purpose? How much could have been better spent in other ways? There is little sign of a systematic inquiry along these lines, but the CRS report identifies various ?questions that Congress may wish to raise about future war costs,? as well as legislative options that could be considered. The findings of the CRS report were reported on December 19 by Bloomberg News. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 22 17:20:09 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Dec 2014 18:20:09 -0500 Subject: [Infowarrior] - Tor anonymity network compromised following potential raid by law enforcement agencies Message-ID: <805D69A0-9084-45F9-B2C2-63F8AF2B204E@infowarrior.org> (c/o KM) Tor anonymity network compromised following potential raid by law enforcement agencies By Anthony Cuthbertson December 22, 2014 14:01 GMT Tor network exit nodes appear to be down following a possible raid by law enforcement agencies(TOR Project) The Tor network has been hit by attempts to incapacitate its servers in what appears to be raids from law enforcement agencies aiming to disrupt the online anonymity tool. Thomas White, an operator of a large exit node cluster for the Tor network, reported "unusual activity" on his Tor servers. After losing control of his servers he suggested that "they may be under the control of law enforcement". The unusual activity comes shortly after a warning from the Tor Project lead developer Roger Dingledine, known online as "arma", that he believed there would be attempts to disable the Tor network. "The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialised servers in the network called directory authorities (directory authorities help Tor clients learn the list of relays that make up the Tor network," Dingledine wrote in a blogpost. "We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.? < - > http://www.ibtimes.co.uk/tor-anonymity-network-compromised-following-potential-raid-by-law-enforcement-agencies-1480620 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 22 17:20:09 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Dec 2014 18:20:09 -0500 Subject: [Infowarrior] - Tor anonymity network compromised following potential raid by law enforcement agencies Message-ID: <805D69A0-9084-45F9-B2C2-63F8AF2B204E@infowarrior.org> (c/o KM) Tor anonymity network compromised following potential raid by law enforcement agencies By Anthony Cuthbertson December 22, 2014 14:01 GMT Tor network exit nodes appear to be down following a possible raid by law enforcement agencies(TOR Project) The Tor network has been hit by attempts to incapacitate its servers in what appears to be raids from law enforcement agencies aiming to disrupt the online anonymity tool. Thomas White, an operator of a large exit node cluster for the Tor network, reported "unusual activity" on his Tor servers. After losing control of his servers he suggested that "they may be under the control of law enforcement". The unusual activity comes shortly after a warning from the Tor Project lead developer Roger Dingledine, known online as "arma", that he believed there would be attempts to disable the Tor network. "The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialised servers in the network called directory authorities (directory authorities help Tor clients learn the list of relays that make up the Tor network," Dingledine wrote in a blogpost. "We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.? < - > http://www.ibtimes.co.uk/tor-anonymity-network-compromised-following-potential-raid-by-law-enforcement-agencies-1480620 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 06:27:03 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 07:27:03 -0500 Subject: [Infowarrior] - Sony Threatens to Sue Twitter Unless It Removes Tweets Containing Hacked Emails Message-ID: Yeah, good luck with that. --rick Sony Threatens to Sue Twitter Unless It Removes Tweets Containing Hacked Emails http://motherboard.vice.com/read/sony-threatens-to-sue-twitter-unless-it-removes-tweets-containing-hacked-emails --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 06:36:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 07:36:18 -0500 Subject: [Infowarrior] - =?windows-1252?q?=91Blackhat=2C=92_Michael_Mann?= =?windows-1252?q?=92s_Cyberthriller?= Message-ID: (x-posted) (I wonder who TA's the film? Perhaps someone competent for a change? --rick) Hacking Reality: When Art Imitates Technology ?Blackhat,? Michael Mann?s Cyberthriller By BROOKS BARNES and MICHAEL CIEPLYDEC. 22, 2014 UNIVERSAL CITY, Calif. ? At a critical moment in Michael Mann?s cyberthriller, ?Blackhat,? a na?ve security guard slips a young woman?s thumb drive into his corporate computer. The camera lingers on the drive?s all-uppercase brand name: SONY. A few covert keystrokes later, the system is penetrated ? one hacker, a good guy, is within reach of an illicit fortune stolen by another. If this is not exactly cinematic art imitating life, the release of ?Blackhat? by Universal Pictures next month will at least show spooky synchronicity with the very real hacking attack on Universal?s crosstown competitor, Sony Pictures. Set to open on Jan. 16, Mr. Mann?s movie is one of the most authentic film treatments of malicious hacking in memory ? and it has been given added cultural urgency by inadvertently crossing paths with the Sony assault. Hollywood has always had a hard time turning computer code and venomous software into captivating cinema. But Mr. Mann, who wrung three Oscar nominations from ?The Insider,? his 1999 story of a tobacco company whistle-blower, has spent years on ?Blackhat,? partly in an effort to bridge the gap between film and what he saw as an underappreciated mass threat posed by hackers. < -- > http://www.nytimes.com/2014/12/23/movies/blackhat-michael-manns-cyberthriller.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 07:35:58 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 08:35:58 -0500 Subject: [Infowarrior] - Mac EFI found vulnerable to bootkit attack via rogue Thunderbolt devices Message-ID: <0A40D66F-9CF2-408F-BF50-B4A72B5C0746@infowarrior.org> Apple's Mac EFI found vulnerable to bootkit attack via rogue Thunderbolt devices By Sam Oliver Monday, December 22, 2014, 11:17 am PT (02:17 pm ET) http://appleinsider.com/articles/14/12/22/apples-mac-efi-found-vulnerable-to-bootkit-attack-via-rogue-thunderbolt-devices At next week's Chaos Communication Congress in Germany, a researcher will demonstrate a method in which a malicious actor could use a specially-crafted Thunderbolt device to inject a bootkit ? which could survive nearly any attempt to remove it ? into the EFI boot ROM of any Mac with a Thunderbolt port. The attack, discovered by researcher Trammell Hudson, takes advantage of a years-old flaw in the Thunderbolt Option ROM that was first disclosed in 2012 but is yet to be patched. In addition to writing custom code to the boot ROM, Hudson will also show a method by which the bootkit could replicate itself to any attached Thunderbolt device, giving it the ability to spread across even air-gapped networks. Because the code lives in a separate ROM on the logic board, such an attack could not be mitigated by reinstalling OS X or even swapping out the hard drive. In the abstract for his presentation, Hudson also notes that he could replace Apple's own cryptographic key with a new one, preventing legitimate firmware updates from being accepted. "There are neither hardware nor software cryptographic checks at boot time of firmware validity, so once the malicious code has been flashed to the ROM, it controls the system from the very first instruction," he wrote. "It could use SMM and other techniques to hide from attempts to detect it." Vulnerabilities at such a low level are particularly troubling, as they are difficult to detect and can do significant damage. One previous demonstration of EFI hacking laid out a manner in which full-disk encryption systems such as Apple's FileVault could be bypassed with a bootkit, for instance. Though Hudson's attack does require physical access, its ability to spread through other Thunderbolt devices makes it nonetheless quite dangerous. Users have a propensity to plug small, shared devices ? such as display adapters ? into their computers with little thought. Hudson will take the stage to present his findings on Dec. 29 at 6:30 p.m. local time in Hamburg, Germany. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 10:37:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 11:37:37 -0500 Subject: [Infowarrior] - UK Cinema Calls Police on Kids With iPhones Over Piracy Concerns Message-ID: <997BD0E0-5159-4B07-8588-17D48D0CC5E8@infowarrior.org> UK Cinema Calls Police on Kids With iPhones Over Piracy Concerns ? By Ernesto ? on December 23, 2014 A group of 12-year-old girls had the police called on them after they decided to bring their iPhones and iPads to a showing of The Hunger Games at a local cinema. The police officers who rushed to the scene were unable to find any recorded footage, but by then the children were too distressed to watch the rest of the film. The movie industry sees the illegal recording of movies as one of the biggest piracy threats and for years has gone to extremes to stop it. It started well over a decade ago when visitors began sneaking handheld camcorders into theaters. These big clunkers were easy to spot, but as time passed the recording devices became smaller and easier to hide. While recording a movie for strictly personal use is not illegal in UK cinemas (despite industry efforts to have the law changed), theaters continue to outlaw the use of recording devices. Most recently, Google Glass was banned, and phones and tablets need to be switched off as well. In a code of conduct the movie industry and cinemas have agreed that employees will take immediate action when they spot someone with a recording device, but some cinema staff take these obligations way too far. At a Cineworld cinema in Brighton Marina, UK, employees dialed the national 999 emergency number after they spotted a group of 12-year-old girls with iPhones and iPads at a showing of The Hunger Games. The girls, accused of recording parts of the movie, were hauled outside where two police cars rushed towards the scene with flashing lights. Although recording movies is not a crime in the UK (as long as there?s no intent to distribute), the officers still carefully inspected the devices for ?bootleg? material. After their search turned up nothing the girls were allowed back in. However, the teens decided to wait outside, reportedly in tears, until their parents came to pick them up. Louise Lawrence, the mother of one of the girls, is outraged by the treatment. Not just the false piracy accusation, but also the fact that they were left out in the cold afterwards. ?Our girls were falsely accused, had the police called on them and then just left in tears. It?s outrageous. If they have done this to our children they will do it again,? she says. < - > http://torrentfreak.com/uk-cinema-calls-police-on-kids-with-iphones-over-piracy-concerns-141223/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 11:03:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 12:03:33 -0500 Subject: [Infowarrior] - Sony releasing 'Interview' on 12/25 Message-ID: Of course -- now that it's ginned up a firestorm of controversy and free publicity. --rick Update at 10:48 a.m.: From Tim League, founder of the Alamo Drafthouse: ?Sony has authorized screenings of THE INTERVIEW on Christmas Day. We are making shows available within the hour.? He just tweeted that, along with ?#Victory.? Sources confirm his tweet: Sony is going to make it available to theaters at a reduced rental rate, as well as make it available on a streaming service (not yet named) and video on demand by Christmas...... < - > http://popcultureblog.dallasnews.com/2014/12/sources-sony-to-ask-theaters-if-they-want-to-open-the-interview-christmas-day-after-all.html/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 11:13:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 12:13:33 -0500 Subject: [Infowarrior] - RIP Robert Beyster, 90 Message-ID: <569DBF21-C4B6-4C8E-9FD1-373E26FDCF09@infowarrior.org> (Disclosure: I worked for a SAIC subsidiary in the late '90s and had/have the utmost respect for Beyster's philosophies and energy - especially when it comes to employee-owners. He will be missed. --rick) SAIC founder Robert Beyster dies at 90 By Jill R. Aitoro December 22, 2014 10:12 pm http://wtop.com/news/2014/12/saic-founder-robert-beyster-dies-90/ Robert Beyster, founder of Science Applications International Corp. and a legend of the contracting industry and Washington business community, died Monday morning at age 90. He died of natural causes, according to an obituary posted by his daughter, Mary Ann. She issued the following statement on his blog: Dad passed away peacefully early this morning. The family was with him. He was wearing his favorite sailing clothes, including an America?s Cup jacket and his University of Michigan cap. We all knew this day would come, but it?s never easy to say goodbye. Although this is a very sad time for our family, let?s celebrate the life of this remarkable man. He touched so many lives and gave to others selflessly. We all want to make a mark on the world, and my father?Dr. J. Robert Beyster?really did. The obituary detailed his dedication to employee corporate ownership ? a business model that he founded SAIC on in 1969. His philosophy, according to the obituary, was that ?those who contribute to the company should own it, and ownership should be commensurate with a person?s contribution and performance.? It was the largest employee-owned research and engineering firm in the U.S., then went public in 2006. SAIC was split into two separate companies in fiscal 2013. ?We are incredibly saddened by the loss of Dr. Beyster,? said Roger Krone, CEO of Leidos Holdings Inc., one of the companies that emerged from the SAIC split. ?He was an accomplished physicist who founded SAIC ? etching his scientific background into a company that would be driven by innovation and entrepreneurship. Over the past forty years his legacy has inspired the thousands of employees who followed his footsteps and influenced an industry that touches on all facets of American life. Our hearts and thoughts are with his family.? The company posted a tribute to him on its website. A spokeswoman for SAIC, the information technology services company that spun off from Leidos with the split but took the company?s original name, noted that the company is proud to continue to operate under the name, saying the company is ?grateful for his vision and for laying the foundation of SAIC?s values.? I was lucky enough to interview Beyster in 2013 about the significance of leadership as an executive and a board chairman. His dedication to the company was evident. He also spoke about his decision to step aside ? something he did reluctantly in 2004. ?I had some fundamental differences with certain senior members of the board who found my continued presence to be problematic because of my thirst for preserving the principles of employee ownership,? he told me. ?So, reluctantly, I resigned. In hindsight, I underestimated the importance of the board in stewarding the core employee ownership values of the company once I was gone.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 11:56:02 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 12:56:02 -0500 Subject: [Infowarrior] - Marriott wants to jam personal hotspots Message-ID: Google, Wireless Industry Not Down With Marriott?s Wi-Fi Blocking Plan December 22, 2014, 12:31 PM PST ? By Amy Schatz Microsoft and Google don?t agree on much, but they?ve presented a united front against the hotel industry, which is trying to convince government regulators to give them the option of blocking guests from using personal Wi-Fi hotspots. The tech companies recently joined the wireless industry?s lobbying group and a handful of other parties in opposing the hotel industry?s petition, which seeks the Federal Communications Commission?s permission to block personal Wi-Fi networks on their properties. This summer, the American Hospitality & Lodging Association and Marriott International asked the FCC to declare that a hotel operator can use equipment to manage its network even if it ?may result in ?interference with or cause interference? to a [wireless device] being used by a guest on the operator?s property.? ?Wi-Fi network operators should be able to manage their networks in order to provide a secure and reliable Wi-Fi service to guests on their premises,? they argued. At the time, Marriott was under investigation for a March 2013 consumer complaint for allegedly blocking guests from using their smartphones as personal Wi-Fi hotspots in the convention space at Opryland. The Marriott-owned Gaylord Opryland Hotel and Convention Center tech staff was using a monitoring system that de-authenticated guests? personal Wi-Fi hot spots. Meanwhile, the hotel was charging exhibitors and attendees anywhere from $250 to $1,000 for Wi-Fi service, the FCC said. In October, Marriott settled an FCC complaint about the practice for $600,000 but argued that it hadn?t broken the law and was using technology to protect guests from ?rogue wireless hotspots that can cause degraded service, insidious cyber attacks and identity theft.? < - > http://recode.net/2014/12/22/google-wireless-industry-not-down-with-marriotts-wi-fi-blocking-plan/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 14:44:00 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 15:44:00 -0500 Subject: [Infowarrior] - How the U.S. Military Turned Santa Claus Into a Cold War Icon Message-ID: <2E1D0491-CCA5-4F26-8A65-B46E0945460F@infowarrior.org> How the U.S. Military Turned Santa Claus Into a Cold War Icon http://paleofuture.gizmodo.com/how-the-u-s-military-turned-santa-claus-into-a-cold-wa-1664149776 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 23 14:49:30 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Dec 2014 15:49:30 -0500 Subject: [Infowarrior] - Happy Holidays from infowarrior-l Message-ID: <9E0F30DF-19FF-4E8F-B468-A1DB8302224C@infowarrior.org> My traditional holiday posting appears below...... (A festive one of Sir Nigel Hawthorne's classic run-on monologues from one of my favorite BBC shows of the 1980s --- "Yes (Prime) Minister.") Video @ http://www.youtube.com/watch?v=vShJa6GobFQ (and well worth watching, for full effect) Bernard: "Before you go home for the holidays, Minister, Sir Humphrey has something to say to you." Sir Humphrey: "Minister, Just one thing. I wonder if I might crave your momentary indulgence in order to discharge a, by-no-means disagreeable obligation, which is over the years become more-or-less, an established practice within government circles, as we approach the terminal period of the year, calendar of-course not financial. In fact not to put a too fine a point on it, week 51, and submit to you, with all appropriate deference for your consideration at a convenient juncture, a sincere and sanguine expectation and indeed confidence. Indeed one might go so far to say, hope, that the aforementioned period may be, at the end of the day, when all relevant factors have been taken into consideration, susceptible of being deemed to be such as, to merit the final verdict of having been, by-no-means unsatisfactory in it?s overall outcome and in the final analysis to give grounds for being judged, on mature reflection to have been conducive to generating a degree of gratification, which will be seen in retrospect to have been significantly higher than the general average." [ crosstalk ] Jim Hacker: "Humphrey, are you saying Happy Christmas?" Sir Humphrey (shocked): "Yes Minister!" Happy Holidays to the subscribers of infowarrior-l! -rick --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 24 07:27:43 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Dec 2014 08:27:43 -0500 Subject: [Infowarrior] - MPAA Secretly Settled With Hotfile for $4 Million, Not $80 Million Message-ID: (But yet, the politicos and MSM believe whatever H'wood says as absolute truth....it's no the first time, either. Fools. --rick) MPAA Secretly Settled With Hotfile for $4 Million, Not $80 Million ? By Ernesto ? on December 24, 2014 http://torrentfreak.com/mpaa-secretly-settled-hotfile-4-million-80-million-141224/ Last December the MPAA announced one of its biggest victories to date. The Hollywood group won its case against file-hosting site Hotfile, who agreed to a $80 million settlement. However, this figure mostly served to impress and scare the pubic, as we can now reveal that Hotfile agreed to pay 'only' $4 million. It?s been nearly a year since Hotfile was defeated by the MPAA, resulting in a hefty $80 million dollar settlement. While the public agreement left room for the file-hosting service to continue its operations by implementing a filtering mechanism, the company quickly shut down after the settlement was announced. As it now turns out, this was the plan all long. And not just that, the $80 million figure that was touted by the MPAA doesn?t come close to the real settlement Hotfile agreed to pay. Buried in one of the Sony leaks is an email conversation which confirms that the real settlement payment from Hotfile was just $4 million, just a fraction of the amount widely publicized in the press. ?The studios and Hotfile have reached agreement on settlement, a week before trial was to start. Hotfile has agreed to pay us $4 million, and has entered into a stipulation to have an $80 million judgment entered and the website shut down,? the email from Sony?s SVP Legal reads. Considering the time and effort that went into the case, it would be no surprise if the movie studios actually lost money on the lawsuit. The good news for the MPAA is that the money was paid in full. There were some doubts if Hotfile would indeed pay up, but during the first weeks of December last year the $4 million was sent in three separate payments. The huge difference between the public settlement figure and the amount that was negotiated also puts previous cases in a different light. It doesn?t take a genius to realize that the $110 million settlement with isoHunt and the $110 deal with TorrentSpy were just paper tigers too. Whether or not the Hotfile case resulted in a net loss is probably not that important to the MPAA though. Hollywood mostly hopes that the staggering numbers will serve as a deterrent, preventing others from operating similar sites. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Dec 25 07:55:38 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Dec 2014 08:55:38 -0500 Subject: [Infowarrior] - NSA Reports Improper Surveillance of Americans Message-ID: <4C13FA8B-4A39-4280-BE02-5D145B4CD71C@infowarrior.org> (Kudos to Bloomberg for monitoring the ?holiday dump? period for controversial news items. ?rick) U.S. Spy Agency Reports Improper Surveillance of Americans By David Lerman Dec 24, 2014 5:07 PM ET The National Security Agency today released reports on intelligence collection that may have violated the law or U.S. policy over more than a decade, including unauthorized surveillance of Americans? overseas communications. The NSA, responding to a Freedom of Information Act lawsuit from the American Civil Liberties Union, released a series of required quarterly and annual reports to the President?s Intelligence Oversight Board that cover the period from the fourth quarter of 2001 to the second quarter of 2013. The heavily-redacted reports include examples of data on Americans being e-mailed to unauthorized recipients, stored in unsecured computers and retained after it was supposed to be destroyed, according to the documents. They were posted on the NSA?s website at around 1:30 p.m. on Christmas Eve??. < - > http://www.bloomberg.com/news/2014-12-24/spy-agency-to-release-reports-documenting-surveillance-errors.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Dec 26 07:02:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Dec 2014 08:02:33 -0500 Subject: [Infowarrior] - How Laws Restricting Tech Actually Expose Us to Greater Harm Message-ID: How Laws Restricting Tech Actually Expose Us to Greater Harm ? By Cory Doctorow ? 12.24.14 | ? 6:30 am | http://www.wired.com/2014/12/government-computer-security We live in a world made of computers. Your car is a computer that drives down the freeway at 60 mph with you strapped inside. If you live or work in a modern building, computers regulate its temperature and respiration. And we're not just putting our bodies inside computers?we're also putting computers inside our bodies. I recently exchanged words in an airport lounge with a late arrival who wanted to use the sole electrical plug, which I had beat him to, fair and square. ?I need to charge my laptop,? I said. ?I need to charge my leg,? he said, rolling up his pants to show me his robotic prosthesis. I surrendered the plug. You and I and everyone who grew up with earbuds? There's a day in our future when we'll have hearing aids, and chances are they won't be retro-hipster beige transistorized analog devices: They'll be computers in our heads. And that's why the current regulatory paradigm for computers, inherited from the 16-year-old stupidity that is the Digital Millennium Copyright Act, needs to change. As things stand, the law requires that computing devices be designed to sometimes disobey their owners, so that their owners won't do something undesirable. To make this work, we also have to criminalize anything that might help owners change their computers to let the machines do that supposedly undesirable thing. This approach to controlling digital devices was annoying back in, say, 1995, when we got the DVD player that prevented us from skipping ads or playing an out-of-region disc. But it will be intolerable and deadly dangerous when our 3-D printers, self-driving cars, smart houses, and even parts of our bodies are designed with the same restrictions. Because those restrictions would change the fundamental nature of computers. Speaking in my capacity as a dystopian science fiction writer: This scares the hell out of me. IF WE ARE ALLOWED TO HAVE TOTAL CONTROL OVER OUR OWN COMPUTERS, WE MAY ENTER A SCI-FI WORLD OF UNPARALLELED LEISURE AND EXCITEMENT. The general-purpose computer is one of the crowning achievements of industrial society. Prior to its invention, electronic calculating engines were each hardwired to do just one thing, like calculate ballistics tables. John von Neumann's ?von Neumann architecture? and Alan Turing's ?Turing-complete computer? provided the theoretical basis for building a calculating engine that could run any program that could be expressed in symbolic language. That breakthrough still ripples through society, revolutionizing every corner of our world. When everything is made of computers, an improvement in computers makes everything better. But there's a terrible corollary to that virtuous cycle: Any law or regulation that undermines computers' utility or security also ripples through all the systems that have been colonized by the general-purpose computer. And therein lies the potential for untold trouble and mischief. Because while we've spent the past 70 years perfecting the art of building computers that can run every single program, we have no idea how to build a computer that can run every program except the one that infringes copyright or prints out guns or lets a software-based radio be used to confound air-traffic control signals or cranks up the air-conditioning even when the power company sends a peak-load message to it. The closest approximation we have for ?a computer that runs all the programs except the one you don't like? is ?a computer that is infected with spyware out of the box.? By spyware I mean operating-system features that monitor the computer owner's commands and cancel them if they're on a blacklist. Think, for example, of image scanners that can detect if you're trying to scan currency and refuse to further process the image. As much as we want to prevent counterfeiting, imposing codes and commands that you can't overrule is a recipe for disaster. Why? Because for such a system to work, remote parties must have more privileges on it than the owner. And such a security model must hide its operation from the computer's normal processes. When you ask your computer to do something reasonable, you expect it to say, ?Yes, master? (or possibly ?Are you sure??), not ?I CAN'T LET YOU DO THAT, DAVE.? If the ?I CAN'T LET YOU DO THAT, DAVE? message is being generated by a program on your desktop labeled HAL9000.exe, you will certainly drag that program into the trash. If your computer's list of running programs shows HAL9000.exe lurking in the background like an immigration agent prowling an arrivals hall, looking for sneaky cell phone users to shout at, you will terminate that process with a satisfied click. If your com- puter decides it can?t let you do some- thing, you?ll certainly want to drag that HAL9000 .exe file to the trash. Matt Dorfman So the only way to sustain HAL9000.exe and its brethren?the programs that today keep you from installing non-App Store apps on your iPhone and tomorrow will try to stop you from printing gun.stl on your 3-D printer?is to design the computer to hide them from you. And that creates vulnerabilities that make your computer susceptible to malicious hacking. Consider what happened in 2005, when Sony BMG started selling CDs laden with the notorious Sony rootkit, software designed to covertly prevent people from copying music files. Once you put one of Sony BMG's discs into your computer's CD drive, it would change your OS so that files beginning with $sys$ were invisible to the system. The CD then installed spyware that watched for attempts to rip any music CD and silently blocked them. Of course, virus writers quickly understood that millions of PCs were now blind to any file that began with $sys$ and changed the names of their viruses accordingly, putting legions of computers at risk. Code always has flaws, and those flaws are easy for bad guys to find. But if your computer has deliberately been designed with a blind spot, the bad guys will use it to evade detection by you and your antivirus software. That's why a 3-D printer with anti-gun-printing code isn't a 3-D printer that won't print guns?the bad guys will quickly find a way around that. It's a 3-D printer that is vulnerable to hacking by malware creeps who can use your printer's ?security? against you: from bricking your printer to screwing up your prints to introducing subtle structural flaws to simply hijacking the operating system and using it to stage attacks on your whole network. This business of designing computers to deliberately weasel and lie isn't the worst thing about the war on the general-purpose computer and the effort to bodge together a ?Turing-almost-complete? architecture that can run every program except for one that distresses a government, police force, corporation, or spy agency. No, the worst part is that, like the lady who had to swallow the bird to catch the spider that she'd swallowed to catch the fly, any technical system that stops you from being the master of your computer must be accompanied by laws that criminalize information about its weaknesses. In the age of Google, it simply won't do to have ?uninstall HAL9000.exe? return a list of videos explaining how to jailbreak your gadgets, just as videos that explain how to jailbreak your iPhone today could technically be illegal; making and posting them could potentially put their producers (and the sites that host them) at risk of prosecution. This amounts to a criminal sanction for telling people about vulnerabilities in their own computers. And because today your computer lives in your pocket and has a camera and a microphone and knows all the places you go; and because tomorrow that speeding car/computer probably won't even sport a handbrake, let alone a steering wheel?the need to know about any mode that could be exploited by malicious hackers will only get more urgent. There can be no ?lawful interception? capacity for a self-driving car, allowing police to order it to pull over, that wouldn't also let a carjacker compromise your car and drive it to a convenient place to rob, rape, and/or kill you. If those million-eyed, fast-moving, deep-seated computers are designed to obey their owners; if the policy regulating those computers encourages disclosure of flaws, even if they can be exploited by spies, criminals, and cops; if we're allowed to know how they're configured and permitted to reconfigure them without being overridden by a distant party?then we may enter a science fictional world of unparalleled leisure and excitement. But if the world's governments continue to insist that wiretapping capacity must be built into every computer; if the state of California continues to insist that cell phones have kill switches allowing remote instructions to be executed on your phone that you can't countermand or even know about; if the entertainment industry continues to insist that the general-purpose computer must be neutered so you can't use it to watch TV the wrong way; if the World Wide Web Consortium continues to infect the core standards of the web itself to allow remote control over your computer against your wishes?then we are in deep, deep trouble. The Internet isn't just the world's most perfect video-on-demand service. It's not simply a better way to get pornography. It's not merely a tool for planning terrorist attacks. Those are only use cases for the net; what the net is, is the nervous system of the 21st century. It's time we started acting like it. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Dec 27 12:41:08 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Dec 2014 13:41:08 -0500 Subject: [Infowarrior] - Sony About to Get Sued For Pirating Music in The Interview Message-ID: <1A041915-09CA-40C5-8BE3-03B7F391CCA9@infowarrior.org> Sony About to Get Sued For Pirating Music in The Interview ? By Andy ? on December 27, 2014 http://torrentfreak.com/sony-about-to-get-sued-for-pirating-music-in-the-interview-141227/ As the controversy surrounding the The Interview continues, a singer is claiming that after failing to reach terms with Sony, the company put her music in the movie anyway. After receiving not a penny from the movie giant, Yoon Mi Rae is now set to sue. Meanwhile, 1.5 million pirates have downloaded the comedy. The way things are panning out, the Sony movie The Interview is on course to become one of the most controversial movies of all time. The comedy, which depicts the violent death of North Korean leader Kim Jong Un, made headlines worldwide when the so-called Guardians of Peace hacking group threatened Sony if it was released. Facing what amounted to a ?terrorist? threat, theaters all around the U.S. backed away from showing The Interview in the week leading up to Christmas. After pulling the movie completely, Sony had a change of heart and on Christmas Eve released the music online via YouTube, Google Play and Xbox Live. Predictably the movie was quickly gobbled up by pirates, with the latest figures suggesting that in just two days the movie has been downloaded 1.5 million times. But while Sony deals with rampant piracy issues at one end, it?s now facing copyright infringement allegations of its own. According to new claims, Sony used copyrighted music in The Interview without permission and without compensating an artist. Yoon Mi-rae (real name Natasha Shanta Reid) is a US-born hip hop and R&B singer who currently releases music on the Feel Ghood Music label. In January 2013 as part of MFBTY (My Fans Better Than Yours), the 33-year-old hit the number 1 spot in the Korean Music Charts and in September reached the same heights on Billboard?s Kpop Hot 100 list with her song ?Touch Love?. But while these recognitions were achieved by fans buying her music, she?s now in the spotlight for not getting paid for her work. It appears that Yoon Mi-rae was in negotiations with Sony to have her track ?Pay Day? appear in The Interview. Even though no agreement was reached, Sony used the music anyway. ?There were initial discussions for using ?Pay Day? in the movie, but at some point, the discussions ceased and we assumed that it would not follow through,? Feel Ghood Music says. ?However, after the movie was released, we learned that the track had been used without permission, legal procedure, or contracts.? Sony, who are already facing a world of pain following the hacking and near destruction of their IT systems in recent weeks, will now face a copyright infringement lawsuit over the unauthorized use of the ironically named ?Pay Day?. ?We will be taking legal action against Sony Pictures as well as DFSB, the agency that had been carrying out the discussion regarding the use of the track,? the label says. It seems unlikely that this lawsuit will result in a messy legal battle. The huge publicity the movie has enjoyed in the past few weeks will virtually guarantee decent sales for Sony, even without lucrative box office revenues. Yoon Mi-rae should not only be able to secure a piece of that but also raise her profile in a way that would not have been possible had Sony paid her in the first instance. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 28 09:25:19 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Dec 2014 10:25:19 -0500 Subject: [Infowarrior] - isoHunt Founder: Piracy is A Convenience and Access Problem Message-ID: isoHunt Founder: Piracy is A Convenience and Access Problem. ? By Ernesto ? on December 28, 2014 http://torrentfreak.com/isohunt-founder-piracy-convenience-access-problem-141228/ For isoHunt Founder Gary Fung, 2014 was the first full year without him taking a central place in the BitTorrent landscape. But even though his site was crushed by the MPAA, Hollywood is still facing the same piracy problems. Today Fung shares his views on piracy and the future of media distribution. November last year isoHunt?s founder shut down the site after he signed a $110 million settlement agreement with Hollywood. After being one of the lead figures in the BitTorrent community for over a decade, Fung is now about to close his first year as an outsider. Has this new perspective changed his outlook on piracy? What lessons has he learned, and what should the major entertainment industry companies do to address the piracy challenge? Today Fung shares some of his thoughts from the past year. On Piracy and The Future of Media Distribution By Gary Fung I?ve often said before, in court and elsewhere, that isoHunt?s shutdown means nothing against what and how much people share. isoHunt was a tool and its stats a reflection of what people wanted to share. I was right, nothing of substance has changed in file-sharing on BitTorrent. Neither has the recent downtime of The Pirate Bay it seems. For now, piracy is being maintained by the inability of media giants to serve their customers well. I like movies. I?ve always gone to theaters to see good movies, with friends. isoHunt?s shutdown hasn?t changed that. Recently, there was a movie I wanted to see: The Imitation Games. After weeks of it being premiered in the US, I still couldn?t see it here in BC, Canada. Only a few days ago did it start showing in just one local theater. ?Piracy? is not a money problem, it?s a convenience and access problem. Money is merely a part of the access problem. What are studios supposed to expect people to do when they want to see a movie but they can?t pay because it?s not playing locally? So how can the entertainment industry stop piracy? Innovation. Not being involved in file-sharing gives me the freedom to say that streaming services are the future of movies and TV. Technically, streaming and superior recommendations are the things that can effectively compete with piracy, which is not as convenient, not as legal and not as high quality. Continue to hamstring collective streaming services with licensing limitations and territorial barriers and expect piracy to endure. The War on Internet cannot be won with lawyers. I wanted isoHunt to evolve into a service of frictionless content discovery. I realize now that without cooperation with the content owners, this isn?t possible. Technologically, I envision studios and other media companies creating open APIs and platforms so new innovative streaming services can be developed on top. That would solve the studio?s fear of single players like Netflix dominating media distribution and eventually dictating terms in the industry. New streaming services could find a hybrid approach by using BitTorrent P2P streaming to lower cost and Bitcoin for pay per view micro-transactions. Imagine when everyone can watch and listen to anything, anytime, anywhere, with mere cents, automatically and continuously deducted from your Bitcoin wallet. No, you won?t own your media, but that was never the case to begin with. Our entertainment will be completely in the cloud, searchable and discoverable with recommendations. Not yours, physically or otherwise, but available and priced low enough that you don?t think much about the charge. I believe that the frictionless micro-transactions that enable this will be ideal for bridging the digital divide between creators and consumers. Taylor Swift doesn?t want to be on Spotify? She can create her own platform using a streaming API, a clearinghouse for rights, and bitcoin purchase details made available by her label. The same would be true for any TV show and movie producer. And here?s my tip to industry associations like the MPAA and RIAA for continued relevance in this Internet age, possibly for everyone?s benefits. Become standards bodies for programmatic APIs over media rights, metadata and micro-transaction details. Record labels and movie/tv studios can use these standards to make their own works available for streaming and to accept payments from third parties. With open APIs, new streaming services can freely innovate. With increased competition and choice, consumers can get better pricing and collectively access everything, just as the Internet eventually makes everything available. And with competing streaming services, the labels and studios don?t have to fear streaming giants such as Netflix, YouTube and Spotify consolidating too much power over distribution. Streaming services will become the new channels, available on any connected TV, sound system and mobile device. Micro-transactions that are frictionless in access is the hardest part from a technical point of view, but has the potential to end download stores, subscription streaming and piracy of today. Free and cheaper tiers of access through the APIs are possible when supplemented with advertising naturally and new forms of product placements and endorsements, already pioneered by Youtube channels now (although ethics in continued melding of content and advertising will have to be questioned). The piracy and ownership debates I believe will be largely academic when access to content in reality will be that easy. Media companies that hound their future customers and technology partners with lawsuits will be laughed at, like we can now laugh at horse carriages suing automobiles for going too fast That would be a sight to see. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 28 09:55:23 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Dec 2014 10:55:23 -0500 Subject: [Infowarrior] - isoHunt Founder: Piracy is A Convenience and Access Problem Message-ID: <92686DEA-6D31-4892-8385-8D1652D440D6@infowarrior.org> isoHunt Founder: Piracy is A Convenience and Access Problem. ? By Ernesto ? on December 28, 2014 http://torrentfreak.com/isohunt-founder-piracy-convenience-access-problem-141228/ For isoHunt Founder Gary Fung, 2014 was the first full year without him taking a central place in the BitTorrent landscape. But even though his site was crushed by the MPAA, Hollywood is still facing the same piracy problems. Today Fung shares his views on piracy and the future of media distribution. November last year isoHunt?s founder shut down the site after he signed a $110 million settlement agreement with Hollywood. After being one of the lead figures in the BitTorrent community for over a decade, Fung is now about to close his first year as an outsider. Has this new perspective changed his outlook on piracy? What lessons has he learned, and what should the major entertainment industry companies do to address the piracy challenge? Today Fung shares some of his thoughts from the past year. On Piracy and The Future of Media Distribution By Gary Fung I?ve often said before, in court and elsewhere, that isoHunt?s shutdown means nothing against what and how much people share. isoHunt was a tool and its stats a reflection of what people wanted to share. I was right, nothing of substance has changed in file-sharing on BitTorrent. Neither has the recent downtime of The Pirate Bay it seems. For now, piracy is being maintained by the inability of media giants to serve their customers well. I like movies. I?ve always gone to theaters to see good movies, with friends. isoHunt?s shutdown hasn?t changed that. Recently, there was a movie I wanted to see: The Imitation Games. After weeks of it being premiered in the US, I still couldn?t see it here in BC, Canada. Only a few days ago did it start showing in just one local theater. ?Piracy? is not a money problem, it?s a convenience and access problem. Money is merely a part of the access problem. What are studios supposed to expect people to do when they want to see a movie but they can?t pay because it?s not playing locally? So how can the entertainment industry stop piracy? Innovation. Not being involved in file-sharing gives me the freedom to say that streaming services are the future of movies and TV. Technically, streaming and superior recommendations are the things that can effectively compete with piracy, which is not as convenient, not as legal and not as high quality. Continue to hamstring collective streaming services with licensing limitations and territorial barriers and expect piracy to endure. The War on Internet cannot be won with lawyers. I wanted isoHunt to evolve into a service of frictionless content discovery. I realize now that without cooperation with the content owners, this isn?t possible. Technologically, I envision studios and other media companies creating open APIs and platforms so new innovative streaming services can be developed on top. That would solve the studio?s fear of single players like Netflix dominating media distribution and eventually dictating terms in the industry. New streaming services could find a hybrid approach by using BitTorrent P2P streaming to lower cost and Bitcoin for pay per view micro-transactions. Imagine when everyone can watch and listen to anything, anytime, anywhere, with mere cents, automatically and continuously deducted from your Bitcoin wallet. No, you won?t own your media, but that was never the case to begin with. Our entertainment will be completely in the cloud, searchable and discoverable with recommendations. Not yours, physically or otherwise, but available and priced low enough that you don?t think much about the charge. I believe that the frictionless micro-transactions that enable this will be ideal for bridging the digital divide between creators and consumers. Taylor Swift doesn?t want to be on Spotify? She can create her own platform using a streaming API, a clearinghouse for rights, and bitcoin purchase details made available by her label. The same would be true for any TV show and movie producer. And here?s my tip to industry associations like the MPAA and RIAA for continued relevance in this Internet age, possibly for everyone?s benefits. Become standards bodies for programmatic APIs over media rights, metadata and micro-transaction details. Record labels and movie/tv studios can use these standards to make their own works available for streaming and to accept payments from third parties. With open APIs, new streaming services can freely innovate. With increased competition and choice, consumers can get better pricing and collectively access everything, just as the Internet eventually makes everything available. And with competing streaming services, the labels and studios don?t have to fear streaming giants such as Netflix, YouTube and Spotify consolidating too much power over distribution. Streaming services will become the new channels, available on any connected TV, sound system and mobile device. Micro-transactions that are frictionless in access is the hardest part from a technical point of view, but has the potential to end download stores, subscription streaming and piracy of today. Free and cheaper tiers of access through the APIs are possible when supplemented with advertising naturally and new forms of product placements and endorsements, already pioneered by Youtube channels now (although ethics in continued melding of content and advertising will have to be questioned). The piracy and ownership debates I believe will be largely academic when access to content in reality will be that easy. Media companies that hound their future customers and technology partners with lawsuits will be laughed at, like we can now laugh at horse carriages suing automobiles for going too fast That would be a sight to see. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 28 12:21:35 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Dec 2014 13:21:35 -0500 Subject: [Infowarrior] - For Cops, Ignorance of the Law Is an Excuse Message-ID: <0123EDC7-940A-4FB6-8591-B82A2467AC6C@infowarrior.org> For Cops, Ignorance of the Law Is an Excuse Noah Feldman For Bloomberg News Thursday, December 18, 2014 (Published in print: Thursday, December 18, 2014) http://www.vnews.com/opinion/14838876-95/for-cops-ignorance-of-the-law-is-an-excuse Well, you heard it here first: Ignorance of the law is an excuse, so long as you?re the police. Or so the U.S. Supreme Court has said in a 8-1 decision that symbolically strengthened the hand of the police to make stops even on the basis of nonexistent laws. The court split hairs, explaining Monday that police ignorance is excusable only when the crime for which the defendant was convicted is different from the nonexistent crime for which he was stopped and searched. If that sounds iffy, it is. Here?s why?... < - > Looked at another way, I am held responsible for the collateral consequences of my ignorance ? so the police should be held responsible for the collateral consequences of theirs. Imagine that I?m jaywalking in Los Angeles, reasonably unaware as a Bostonian that there exists such a thing as a law against jaywalking. But in the situation where the police reasonably think I have violated some nonexistent law, they?re not held responsible for the consequences, which include the search ? I am. The burden of the police?s ignorance falls on me, not the state. Or least that?s what the Supreme Court has ruled. ?True symmetry?? I think not. Justice Sonia Sotomayor was the sole dissenter ? and the only justice who seemed to think the case had anything to do with recent events in Ferguson, Mo., or on New York?s Staten Island. In her view, the holding had the effect of ?further eroding the Fourth Amendment?s protection of civil liberties in a context where that protection has already been worn down.? And she asked rhetorically ?how a citizen seeking to be law-abiding and to structure his or her behavior to avoid these invasive, frightening, and humiliating encounters could do so.? Sotomayor also pointed out that there was no reason to think the criminal justice system would somehow crumble if police mistakes of law were disallowed. The Supreme Court shouldn?t be making traffic stops easier, especially now. And it shouldn?t be using faulty logic anytime. Truly, I didn?t know there were such laws until I was an adult. I thought the only punishment you got for jaywalking was to be hit by a car. Noah Feldman, a Bloomberg View columnist, is a professor of constitutional and international law at Harvard. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 28 12:28:19 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Dec 2014 13:28:19 -0500 Subject: [Infowarrior] - Cybersecurity Hindsight And A Look Ahead At 2015 Message-ID: <5EBC9CEF-343C-4B04-9357-4523257EAA66@infowarrior.org> Cybersecurity Hindsight And A Look Ahead At 2015 http://techcrunch.com/2014/12/28/cyber-security-hindsight-2020-and-a-look-ahead-at-2015/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Dec 28 14:34:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Dec 2014 15:34:37 -0500 Subject: [Infowarrior] - DerSpiegel: Inside the NSA's War on Internet Security Message-ID: <494D8666-37C0-470F-B1A5-42C31DE2D1C0@infowarrior.org> 12/28/2014 08:01 PM Prying Eyes Inside the NSA's War on Internet Security By SPIEGEL Staff US and British intelligence agencies undertake every effort imaginable to crack all types of encrypted Internet communication. The cloud, it seems, is full of holes. The good news: New Snowden documents show that some forms of encryption still cause problems for the NSA. When Christmas approaches, the spies of the Five Eyes intelligence services can look forward to a break from the arduous daily work of spying. In addition to their usual job -- attempting to crack encryption all around the world -- they play a game called the "Kryptos Kristmas Kwiz," which involves solving challenging numerical and alphabetical puzzles. The proud winners of the competition are awarded "Kryptos" mugs. Encryption -- the use of mathematics to protect communications from spying -- is used for electronic transactions of all types, by governments, firms and private users alike. But a look into the archive of whistleblower Edward Snowden shows that not all encryption technologies live up to what they promise. < ? > http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361-druck.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Dec 29 19:00:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Dec 2014 20:00:41 -0500 Subject: [Infowarrior] - Open Source Privacy Tools NSA Can't Crack: OTR, PGP, RedPhone, Tor And Tails Message-ID: <3C3B2B6E-17E7-4559-BC05-D1DEBCF79A5F@infowarrior.org> (Who knows if this is still the case, obviously. --rick) Open Source Privacy Tools NSA Can't Crack: OTR, PGP, RedPhone, Tor And Tails By Lucian ArmasuDecember 29, 2014 4:00 PM - Source: Der Spiegel | B 1 comment http://www.tomshardware.com/news/nsa-resistant-open-source-tools,28273.html#xtor=RSS-181 In a recent talk at the Chaos Communication Congress, Jacob Appelbaum, who is a core member of the Tor Project and is now working with Der Spiegel and Laura Poitras to analyze the Snowden documents, unveiled some documents showing which tools NSA couldn't crack. OTR OTR (Off The Record) is a crypto protocol best known for its ability to encrypt every message with a new key (a feature called Perfect Forward Secrecy) and to have plausible deniability (in that it can't be proven you were the one sending the message). The protocol is used in multiple clients, including in Pidgin, Jitsi or Adium for desktop, or in mobile clients such as CryptoCat or ChatSecure. TextSecure used to use it as well, until it changed to the more modern Axolotl protocol (recently adopted by Whatsapp as well), which has the advantage of asynchronous conversations (you can leave someone messages even if they are offline). With OTR-based clients, the users need to be online to receive the messages. The Snowden documents didn't say anything about TextSecure's Axolotl because they date from 2012 or before, when Axolotl didn't exist. PGP The PGP (Pretty Good Privacy) protocol invented by Phil Zimmerman (who is now working at Silent Circle) is more than two decades old, but it seems to have stood the test of time. The Snowden documents unveiled by Appelbaum and Laura Poitras showed how the NSA can't decrypt PGP, either. PGP does have at least two major weaknesses, though; one is technical, and the other is related to the user experience. PGP messages can't be "forward secure," so if a key is stolen, then all previous messages can be decrypted. As for the UX issue, it's well known by now that Glenn Greenwald almost missed the reporting on the Snowden documents by not being able to set up PGP properly. Right now it's too hard to use for most people. Fortunately, there are multiple individuals and companies working on making it easier. One of these companies is Google, which is working on the "End-to-End" extension for email. However, we're probably at least a year away from a public release, and we also don't know yet if it will remain as secure as using the original PGP or if it will introduce new vulnerabilities along with a new easier-to-use design. So far it looks promising, though. RedPhone In the documents seen by Jacob Appelbaum, RedPhone is labeled as "Catastrophic" in terms of how easy it is to break. RedPhone, along with its Signal variation for iOS, is an encrypted voice app that uses the ZRTP protocol, invented by Phil Zimmerman, Jon Callas (both at Silent Circle), and other security researchers. It's also what Silent Circle's "Silent Phone" uses as well. Tor Tor is a network of over 5,000 relays that redirect user traffic, enabling online anonymity. Tor and the Tor browser seem to have posed many problems for NSA, in general making it very difficult to track people. However, we know from recent busts such as the ones involving Silk Road, that if specifically targeted by the NSA, Tor users can be identified. Sometimes that happens because the targets don't update to the latest version of the Tor browser with all the latest patches, while other times they simply make mistakes they aren't supposed to make, such as logging in with accounts that can be linked to their real names and addresses. Overall, Tor still remains the most privacy-friendly and censorship-resistant tool out there for the vast majority of people. Tails Tails is a Linux distribution that has been customized to work only through Tor to make it harder for those trying to snoop on a certain person to identify who they are. It should go without saying that a machine running Tails shouldn't be your main machine, because if you log in to Facebook or Gmail from it, then that whole anonymity provided by the system becomes pointless. For extra security, Tails can be used from a DVD, ensuring no malware that's meant to expose you can be written to it. Then, every time you use Tails it will be like using a clean install of it. What seems to tie all of these projects together is that none of them are written and maintained by large corporations with billions of dollars in profits. It's not Apple, Google, Microsoft or Facebook's security that's stopping NSA, but some free open source tools written by individuals who are putting the brakes on NSA's mass surveillance programs. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Dec 30 07:07:03 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Dec 2014 08:07:03 -0500 Subject: [Infowarrior] - Green: On the new Snowden documents Message-ID: <877B1FF8-1230-47EF-BF1D-645C2318B2A1@infowarrior.org> (good tech analysis from a JHU crypto professor. --rick) On the new Snowden documents http://blog.cryptographyengineering.com/2014/12/on-new-snowden-documents.html If you don't follow NSA news obsessively, you might have missed yesterday?s massive Snowden document dump from Der Spiegel. The documents provide a great deal of insight into how the NSA breaks our cryptographic systems. I was very lightly involved in looking at some of this material, so I'm glad to see that it's been published (i.e., I can now stop looking over my shoulder). Unfortunately with so much material, it can be a bit hard to separate the signal from the noise. In this post I?m going to try to do that a little bit -- point out the bits that I think are interesting, the parts that are old news, and the things we should keep an eye on. < -- > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 07:13:46 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 08:13:46 -0500 Subject: [Infowarrior] - If FISC (ever) says no, FBI says 'yes' anyway Message-ID: When The FISA Court Rejects A Surveillance Request, The FBI Just Issues A National Security Letter Instead from the oversight! dept We've talked quite a bit about National Security Letters (NSLs) and how the FBI/DOJ regularly abused them to get just about any information the government wanted with no oversight. As a form of an administrative subpoena -- with a built in gag-order -- NSLs are a great tool for the government to abuse the 4th Amendment. Recipients can't talk about them, and no court has to review/approve them. Yet they certainly look scary to most recipients who don't dare fight an NSL. That's part of the reason why at least one court found them unconstitutional. At the same time, we've also been talking plenty about Section 215 of the PATRIOT Act, which allows the DOJ/FBI (often working for the NSA) to go to the FISA Court and get rubberstamped court orders demanding certain "business records." As Ed Snowden revealed, these records requests can be as broad as basically "all details on all calls." But, since the FISA Court reviewed it, people insist it's legal. And, of course, the FISA Court has the reputation as a rubberstamp for a reason -- it almost never turns down a request. However, in the rare instances where it does, apparently, the DOJ doesn't really care, knowing that it can just issue an NSL instead and get the same information. At least that appears to be what the DOJ quietly admitted to doing in a now declassified Inspector General's report from 2008. EFF lawyer Nate Cardozo was going through and spotted this troubling bit: < -- > https://www.techdirt.com/articles/20141224/14510929524/when-fisa-court-rejects-surveillance-request-fbi-just-issues-national-security-letter-instead.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 07:16:06 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 08:16:06 -0500 Subject: [Infowarrior] - OT: The Mona Wookiee? Chewbacca reimagined as fine art Message-ID: Happy 2015, folks.... The Mona Wookiee? Chewbacca reimagined as fine art http://www.cnet.com/news/the-mona-wookiee-chewbacca-re-imagined-as-fine-art/#ftag=CAD590a51e --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 07:18:01 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 08:18:01 -0500 Subject: [Infowarrior] - NSA IOB Dump finally complete Message-ID: <2338CB5E-C541-4020-A2F3-AD53413FDA58@infowarrior.org> http://tm.durusau.net/?p=59127 The ?Christmas Eve? NSA file dump that you will see reported at: NSA Waited Until Christmas Eve To Release Details Of Its Illegal Surveillance On Americans, What you need to know about the NSA document dump, and, U.S. Spy Agency Reports Improper Surveillance of Americans, repeated by various other sources, which never mentioned the dump being incomplete, is now complete. I reported in Merry Christmas From the NSA! Missing Files about 15 missing files, which by my report of: NSA IOB Report Dump ? Still Missing Files had become 3 missing files and when I checked today, the NSA file dump is complete, all being silent corrections to the file dump. < - > Data analysis resources should be focused on the 3rd quarter report for 2010 and 3rd quarter and 4th quarter reports for 2009, especially as compared to other materials (Snowden?) for those time frames. My heuristic being that people don?t delay without a reason. It isn?t necessary to know the reason, just to observe the delay. Could be entirely due to incompetence but if you count: ? Christmas Eve as happenstance ? Second incomplete dump as coincidence ? File renaming issue is three, enemy action. I have local copies of the files as they exist as of 17:13 on 30 December 2014 and I will be tarring those up for upload to my site later this evening. Please replicate them elsewhere as you see fit. http://tm.durusau.net/?p=59127 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 08:50:00 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 09:50:00 -0500 Subject: [Infowarrior] - US Army cyber warriors may be excused combat training Message-ID: <0559707B-C8B9-4465-98F6-EBC7EB132959@infowarrior.org> Google generation US Army cyber warriors may be excused combat training The US army could waive combat training for hackers in order to boost its cyberwarfare capabilities, says general By Ben Farmer, Defence Correspondent, and Con Coughlin 8:00AM GMT 31 Dec 2014 http://www.telegraph.co.uk/news/worldnews/northamerica/usa/11289977/Google-generation-US-Army-cyber-warriors-may-be-excused-combat-training.html New US Army cyber warriors could be spared the rigours of combat training to help the Pentagon attract badly needed recruits from the ponytail wearing Google generation, a top American general has suggested. Lt Gen Robert Brown said the US Army had to recruit people who were not typical candidates for a military career if it was to attract the right skills to wage cyber war. The American military is trying to build up expertise in cyber warfare amid increasing concern about attacks or espionage by states including Russia, Iran, China or North Korea. Britain has said it will build its own ?500 million cyber reserve to safeguard key national networks and also launch strikes in cyber space if needed. Lt Gen Brown, commander of the US Army Combined Arms Centre at Fort Leavenworth, said: "We need to give serious consideration to how the US Army could combine the technical expertise of the "Google" generation with its more traditional military skills. ?In order to gain an intellectual advantage over adversaries in cyberspace, we will need to tap into a talent pool that may not fit the stereotypical soldier profile. Our goal is to recruit the best talent possible. Lt Gen Brown told a briefing of the New America Foundation: ?For cyber, this must include individuals who anticipate and adapt to the rapid pace of innovation in the cyber world and thrive in its inherent ambiguity. Many who have these skills are not natural candidates for a military career. ?They grew up on Google and wear ponytails. We need to look at ways to bring them into the Army without necessarily going through the same training procedures as our combat troops." The Ministry of Defence has said it would consider recruiting convicted hackers to join Britain?s cyber reserve, as long as they pass security vetting. Lt Col Michael White, head of the new unit, said last year that he would "look at individuals in the round" when assessing potential recruits. He said recruitment would be focused on "capability development" rather than "personality traits". Britain?s cyber reserve would work alongside existing experts in the MoD, and agencies such as the GCHQ electronic eavesdropping agency. Analysts have warned that the common military career of rotating through many jobs could also harm attempts to build up deep specialist expertise in the area. Thomas Rid, a reader in War Studies at King's College in London, said: ?To build up the skill set needed to be considered a good operator in this space, you need a lot of exposure to the technical side. It?s difficult to rotate into very different positions as you would usually do in a military career.? Intelligence agencies had been more successful than militaries at attracting people with the necessary skills. He said: ?They have a different career structure. They show up at work with hoodies and Metallica T-shirts. It?s a different culture.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 08:53:04 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 09:53:04 -0500 Subject: [Infowarrior] - More Comcastic gouging antics Message-ID: <33CAF229-87B9-40B6-910B-7F1108CFA285@infowarrior.org> Comcast just upped its cable modem rental fee from $8 to $10 per month http://arstechnica.com/business/2014/12/comcast-just-upped-its-cable-modem-rental-fee-from-8-to-10-per-month/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Dec 31 12:23:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Dec 2014 13:23:14 -0500 Subject: [Infowarrior] - CDC: This year's flu vaccine is not working Message-ID: <3D46E233-B573-49B0-BA16-300E5DED999D@infowarrior.org> This year's flu vaccine is not working http://boingboing.net/2014/12/31/this-years-flu-vaccine-is-no.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.