From rforno at infowarrior.org Fri May 1 06:19:28 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 1 May 2015 07:19:28 -0400 Subject: [Infowarrior] - =?utf-8?q?America=E2=80=99s_Police_Will_Fight_the?= =?utf-8?q?_Next_Riot_With_These_Stink_Bombs?= Message-ID: <75B80182-AFE6-4107-B669-2B3FAE54B042@infowarrior.org> America?s Police Will Fight the Next Riot With These Stink Bombs April 29, 2015 By Patrick Tucker http://www.defenseone.com/technology/2015/04/americas-police-will-fight-next-riot-these-stink-bombs/111430/ It?s called Skunk, a type of ?malodorant,? or in plainer language, a foul-smelling liquid. Technically nontoxic but incredibly disgusting, it has been described as a cross between ?dead animal and human excrement.? Untreated, the smell lingers for weeks. The Israeli Defense Forces developed Skunk in 2008 as a crowd-control weapon for use against Palestinians. Now Mistral, a company out of Bethesda, Maryland, is providing it to police departments in the United States, including the Ferguson PD. Skunk is composed of a combination of baking soda and amino acids, Mistral program manager Stephen Rust said at the National Defense Industrial Association?s Armament Systems Forum on April 20. ?You can drink it, but you wouldn?t want to,? said Rust, a retired U.S. Army project manager. The Israelis first used it in 2008 to disperse Palestinians protesting in the West Bank. A BBC video shows its first use in action, sprayed by a hose, a system that has come to be known as the ?crap cannon.? Mistral reps say Skunk, once deployed, can be ?neutralized? with a special soap ? and only with that soap. In another BBC video, an IDF spokesman describes how any attempt to wash it via regular means only exacerbates its effects. Six weeks after IDF forces used it against Palestinians at a security barrier, it still lingered in the air. Mistral says the United States military has expressed an interest in Skunk, if not yet placed an order. ?We?ve demoed it at Fort Bragg. Why? Because they asked about it,? said Rust. (Related: Stop Arming the Police Like a Military) But the military has been experimenting and researching malodorants in various forms for years. A 2008 presentation from defense contractor General Dynamics describes a stink grenade that the company developed with the Army called the XM1063, which can be fired from a 155mm artillery gun. The development of malodorants remains an ongoing research project, according to documents related to Office of Naval Research?s fiscal year 2015 budget. Many malodorants currently in research have a toxic acetone base, according to Rust. Skunk, conversely, does not. In some ways, Skunk is less physically dangerous than tear gas or rubber bullets. It doesn?t sting, but rather triggers a flight response in the amygdala. That could make it usable in combat settings where other crowd-control agents like tear gas are forbidden by the Chemical Weapons Convention, or CWC. ?If a particular malodorant is disseminated with a concentration that does not activate the trigeminal nerve, it may not require designation as an RCA [riot control agent] under the CWC,? Kelly Hughes, a spokesman for DOD Joint Non-Lethal Weapons Program, told New Scientist in 2012. But what seems like a viable alternative to bullets in a war zone becomes more disturbing in the hands of domestic police forces, particularly those who have soured relations with the communities they serve. ?We?ve provided some Skunk for the law enforcement agencies in Ferguson. They did not use it yet but they do have it,? said Rust. The Ferguson police department has become synonymous with police abuse, as detailed by the Justice Department report in the wake of last August?s shooting of Michael Brown. Representatives from the city of Ferguson did not respond to repeated calls for comment. Today, Mistral sells Skunk in a variety of form factors. These include MK-20 canister rounds, which hold 20 ounces of the stuff and deploy out to 24 feet; MK-46 canisters with 60 ounces and a range of 40 feet; a ?skid sprayer? that can shoot 50 gallons of Skunk, at 7 gallons a minute, out to 60 feet; and 40mm grenades that can be fired from modified shotguns. The grenade format is of particular interest to police departments, because it allows for targeted deployment. ?I?m going to be able to drill [a specific target in a crowd] with a ? round while I put him in the dirt. I can mark him with Skunk and he will be easy to locate when the crowd disperses,? Rust said. What version might show up at the next protest in Ferguson? In all likelihood, the one with the longest range. ?When we talked to the law enforcement guys out in Ferguson, and at customs and border protection, distance was an issue. They wanted to be able to provide that stink and really keep law enforcement out of rock-throwing range,? said Rust. For police forces, there is obvious appeal for means for controlling a situation from a safe distance without causing permanent physical injury. ?Large-scale riots are dispersed in minutes and not hours,? Rust said. To those who have been hit with Skunk, the experience is akin to being doused with ?shit.? in the words of one Palestinian protester, ?it makes you feel inhuman.? There?s something particularly nightmarish about the use of a weapon like Skunk in the context of an American city like Ferguson. The spraying of feces agents on a crowd of U.S. citizens represents a tangible and absolute reinforcement of social division. There is no more complete way to dehumanize someone than to make that human repulsive to herself. The poisoning of a place also serves as a ghastly method of desecration, destroying any will to reside, congregate, protest, or even document a location until the owner of the weapon elects to clean it away. It is not only a means of crowd control but also, potentially, a system for maintaining new apartheids. If it smells like an act of war, it is. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 1 06:20:55 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 1 May 2015 07:20:55 -0400 Subject: [Infowarrior] - 'Patriot' Act Faces Revisions Backed by Both Parties Message-ID: <508B51E9-AFD4-4CF9-98C3-3AFB369DDDF6@infowarrior.org> Patriot Act Faces Revisions Backed by Both Parties By JONATHAN WEISMAN and JENNIFER STEINHAUER APRIL 30, 2015 http://www.nytimes.com/2015/05/01/us/politics/patriot-act-faces-revisions-backed-by-both-parties.html?_r=0 WASHINGTON ? After more than a decade of wrenching national debate over the intrusiveness of government intelligence agencies, a bipartisan wave of support has gathered to sharply limit the federal government?s sweeps of phone and Internet records. On Thursday, a bill that would overhaul the Patriot Act and curtail the so-called metadata surveillance exposed by Edward J. Snowden was overwhelmingly passed by the House Judiciary Committee and was heading to almost certain passage in that chamber this month. An identical bill in the Senate ? introduced with the support of five Republicans ? is gaining support over the objection of Senator Mitch McConnell, Republican of Kentucky, who is facing the prospect of his first policy defeat since ascending this year to majority leader. The push for reform is the strongest demonstration yet of a decade-long shift from a singular focus on national security at the expense of civil liberties to a new balance in the post-Snowden era. Under the bipartisan bills in the House and Senate, the Patriot Act would be changed to prohibit bulk collection, and sweeps that had operated under the guise of so-called National Security Letters issued by the F.B.I. would end. The data would instead be stored by the phone companies themselves, and could be accessed by intelligence agencies only after approval of the secret Foreign Intelligence Surveillance Act court. The legislation would also create a panel of experts to advise the FISA court on privacy, civil liberties, and technology matters, while requiring the declassification of all significant FISA court opinions. The debate has resulted in a highly unusual alliance of House Speaker John A. Boehner, the White House, the Tea Party and a bipartisan majority in the House. They are in opposition to Mr. McConnell, his Intelligence Committee chairman, and a small group of defense hawks. In addition, two Republican presidential candidates in the Senate, Ted Cruz of Texas and Rand Paul of Kentucky, have made it clear they will not accept a straight extension of the current Patriot Act. Unlike last year, when a similar bill passed the House overwhelmingly but failed in the Senate, this year?s USA Freedom Act was drafted in delicate negotiations among the House Judiciary Committee, House Intelligence Committee, House Republican leaders and supporters in the Senate. The Senate, now in Republican control, includes four freshmen who supported the bill in the House last year. The act, which expires June 1, is up for its first reauthorization since the revelations about bulk data collection. That impending deadline, coupled with an increase of support among members of both parties, pressure from technology companies and a push from the White House have combined to make changes to the provisions more likely. The overhaul bill passed the Judiciary Committee 25 to 2, uniting the likes of politicians who rarely agree, like Representatives Trey Gowdy, Republican of South Carolina, and Jerrold Nadler, Democrat of New York. An identical measure, by Senators Patrick Leahy, Democrat of Vermont, and Mike Lee, Republican of Utah, was unveiled Tuesday, a week after Mr. McConnell proposed a blanket five-year extension of the Patriot Act passed after the Sept. 11, 2001, attacks. ?I don?t think he?s listening to America,? Representative Jason Chaffetz, Republican of Utah and a senior member of the House Judiciary Committee, said of Mr. McConnell. ?The seminal question is how much liberty are we going to give up for security? People are on the brink. They?re scared out of their wits.? But Mr. McConnell holds powerful levers as the Senate leader that could halt the momentum or eventually alter the legislation. For the moment, Mr. McConnell and Senator Richard Burr, Republican of North Carolina and Intelligence Committee chairman, seem to be increasingly isolated. The Snowden disclosures, along with data breaches at Sony Pictures, Target and the insurance giant Anthem, have unsettled voters and empowered those in Congress arguing for greater civil liberties protection ? who a few years ago ?could have met in a couple of phone booths,? said Senator Ron Wyden, Democrat of Oregon. That has proponents of the metadata collection straining to gain support. ?I think people are reacting to a program they don?t know,? Mr. Burr said. Asked about turning back the momentum against him, he conceded, ?I?ve got a big task.? Mr. Snowden?s disclosures prompted a public backlash that ultimately convinced President Obama to back an end to that part of the program. But since the president declared an end to ?bulk metadata program as it currently exists? in January 2014, little has changed, Intelligence Committee members said. Lawmakers on the Intelligence Committee pushed for changes in the legislation to allow intelligence agents to continue to track suspected foreign terrorists when they enter the United States, even though at that point they are supposed to get a warrant. Agencies could continue their surveillance for 72 hours while they obtain legal authority. The Intelligence Committee also insisted on a new procedure to use the Patriot Act to sweep up data in an emergency, but that information would have to be destroyed if the FISA court subsequently denies the request. Mostly, though, the committee insisted the bill steer clear of the amendments of the Foreign Intelligence Surveillance Act, added in 2008, which legalized warrantless surveillance so long as the target is a noncitizen abroad. The current legislative effort in Congress would not stop surveillance of noncitizens overseas. Continue reading the main story Recent Comments Cjmesq0 1 hour ago The PA, like most sweeping and massive fed programs, should never have been passed in the first place. Now it must disassembled and the FBI... David Gregory 1 hour ago Question:Why is it nowhere mentioned that Senator Sanders- now a candidate for the Democratic nomination for President- voted against the... Richard Scott 1 hour ago This article mentions Snowden several times as an impetus behind the call for change. So, does that mean Snowden is now a hero? ? See All Comments ? Write a comment ?I believe that the work of the Intelligence Committee and the Judiciary Committee has produced a very good package,? Mr. Boehner said just before the Judiciary Committee vote. The government would still be able to conduct some bulk data collection. The N.S.A. has used a section of the law that created the FISA court for vast sweeps of phone and email data. Judiciary Committee members from both parties sought to end that data-collection avenue as well, but leaders of the committee beat that effort back, saying the Republican leadership would torpedo the bill if it passed. ?If the perfect defeats the good, then bad prevails,? said Representative James Sensenbrenner, Republican of Wisconsin, an author of the Patriot Act who is now leading efforts to change it. Mr. McConnell?s allies are trying to build support. Senator Tom Cotton, Republican of Arkansas who voted for a similar bill last year as a House member, met with freshman senators on Thursday to try to sway them to the leader?s side. Along with Mr. Cotton, four other Republican Senate freshmen supported last year?s failed House bill. Besides Mr. Lee, the Senate USA Freedom Act has four other Republican co-sponsors, including Mr. Cruz. Another White House hopeful, Mr. Paul, does not think the bill goes far enough. Senator Roy Blunt, Republican of Missouri, said, ?After 9/11 I have been a supporter of the Patriot Act.? But he added, ?At the end of the day you have to look at what you can craft with the current majority.? A strong bipartisan House vote, expected as early as mid-May, ?will send a strong message to the Senate that in the House, both sides of the aisle want reforms,? said Representative Adam Schiff of California, the ranking Democrat on the Intelligence Committee. Facing a tight deadline, Mr. McConnell is also likely to bring his alternative bill to the Senate floor soon. It is unclear whether he would have the votes for his measure, although it is possible that with a slew of amendments, the Senate could produce a bill on the floor that could be melded with the House version. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 1 06:53:05 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 1 May 2015 07:53:05 -0400 Subject: [Infowarrior] - MPAA: piracy sites must shut within 24 hours Message-ID: <52484C4B-B55D-4E59-87AC-6F0851785783@infowarrior.org> Hollywood: piracy sites must shut within 24 hours The Motion Picture Association of America has warned torrent sites to permanently disable copyright infringing material Friday 1 May 2015 03.55 EDT Last modified on Friday 1 May 2015 04.30 EDT http://www.theguardian.com/film/2015/may/01/hollywood-torrent-piracy-sites-must-shut-within-24-hours Hollywood?s chief lobbying body has reportedly ordered piracy sites across the globe to shut down immediately or face legal action. The Motion Picture Association of America, the body which represents the six major studios, has written to top torrent sites warning them to remove infringing material within 24 hours or face unspecified consequences. Piracy news site TorrentFreak reports that top European torrent providers have all been hit with a uniform notice from the organisation?s vice-president of global content protection, internet operations, Jan van Voorn. They are warned that EU law makes it illegal to link to pirated films and television shows. ?This Notice requires you to immediately (within 24 hours) take effective measures to end and prevent further copyright infringement,? reads the notice. ?All opportunities provided by the Website to download, stream or otherwise obtain access to the Entertainment Content should be disabled permanently.? Hollywood has won a number of battles against piracy operators, both torrent and streaming based, over the years. The world?s best known torrent site, Pirate Bay, is inaccessible in many territories - though some users still use a variety of proxy sites to access it. The streaming site Megaupload was shut down in 2012, though its New Zealand-based owner Kim Dotcom is still dodging US courts and a number of other services have sprung up to replace it. The MPAA has also won battles against sites such as isoHunt and Hotfile. It is not known if the MPAA?s latest legal threat is the prelude to more direct action or simply another shot across the bows of pirates, but the issue remains a huge one for studios. The most pirated film of 2014, Martin Scorsese?s The Wolf of Wall Street, was downloaded 30.04m times during the year, according to piracy tracking firm Excipio. Frozen and Gravity were just behind with 29.92m and 29.36m downloads respectively. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 1 06:55:22 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 1 May 2015 07:55:22 -0400 Subject: [Infowarrior] - FAA: Boeing 787 bug could cause 'loss of control' Message-ID: <80704C0B-2DDB-4A66-B0CA-C52E775E59D5@infowarrior.org> (What's next, a Pentium bug? --rick) US aviation authority: Boeing 787 bug could cause 'loss of control' More trouble for Dreamliner as Federal Aviation Administration warns glitch in control unit causes generators to shut down if left powered on for 248 days Friday 1 May 2015 06.35 EDT Last modified on Friday 1 May 2015 06.39 EDT http://www.theguardian.com/business/2015/may/01/us-aviation-authority-boeing-787-dreamliner-bug-could-cause-loss-of-control The US air safety authority has issued a warning and maintenance order over a software bug that causes a complete electric shutdown of Boeing?s 787 and potentially ?loss of control? of the aircraft. In the latest of a long line of problems plaguing Boeing?s 787 Dreamliner, which saw the company?s fleet grounded over battery issues and concerns raised over possible hacking vulnerabilities, the new software bug was found in plane?s generator-control units. The plane?s electrical generators fall into a failsafe mode if kept continuously powered on for 248 days. The 787 has four such main generator-control units that, if powered on at the same time, could fail simultaneously and cause a complete electrical shutdown. ?We are issuing this AD [airworthiness directive] to prevent loss of all AC electrical power, which could result in loss of control of the aeroplane,? said the Federal Aviation Administration directive. ?If the four main generator control units (associated with the engine-mounted generators) were powered up at the same time, after 248 days of continuous power, all four GCUs will go into failsafe mode at the same time, resulting in a loss of all AC electrical power regardless of flight phase.? Should the electrical shutdown happen at a critical phase in flight such as take-off or landing, or while manoeuvring in the air, the loss of control could be catastrophic. The FAA considered the situation critical and issued the new rule without allowing time for comment. Boeing is working on a software upgrade for the control units that should rectify the bug. ?The airworthiness directive action addresses a condition that only occurred in the lab. Simulated testing determined that this condition is possible in cases where an aeroplane?s power is left on for more than eight continuous months. No airplane in the fleet experienced that condition,? a Boeing spokesman told the Guardian. According to Boeing?s records, all of the 787s currently in service have been turned off and turned on again as part of maintenance. The FAA?s directive mandates action recommended by Boeing on 19 April. ?If there is a definitive record of a powercycle within the last 120 days, no operator action is immediately required. Operators will perform periodic power cycling at scheduled intervals until incorporating a software update. Boeing will issue in the fourth quarter of 2015,? said the Boeing spokesman. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 1 15:14:00 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 1 May 2015 16:14:00 -0400 Subject: [Infowarrior] - More Excuses on the 'Patriot' Act Message-ID: <956CAC16-94C4-4668-87F8-BEAC2A12C737@infowarrior.org> More Excuses on the Patriot Act By THE EDITORIAL BOARDMAY 1, 2015 http://www.nytimes.com/2015/05/02/opinion/more-excuses-on-the-patriot-act.html Software designers have a term ? ?minimal viable product? ? to describe early versions of things like iPhone apps that they can rush to market. The idea is to get something out and refine it as you go along. That?s the argument being made for a measure in Congress that would modify the Patriot Act to make it somewhat harder for the government to conduct mass surveillance of Americans without regard to whether they committed wrongdoing. Sure, there are compromises, Americans are told, but we should not let the perfect be the enemy of the good. The bill is a ?critical first step toward reining in? surveillance by the National Security Agency and is a basis for more reform, said Human Rights Watch. Except the Constitution is not Candy Crush. The same idea ? let?s do what we can and improve it later ? was used to shove the original Patriot Act through Congress. It was used to justify the inadequate changes later made to the act, many of which made it more intrusive on Americans? rights. In 2008, we got a ?reform? of the Foreign Intelligence Surveillance Act, or FISA, that provided retroactive cover for the illegal surveillance of innocent Americans conducted under President George W. Bush behind the false flag of counterterrorism. The new bill, the USA Freedom Act, was passed by the House Judiciary Committee on Thursday in a 25-to-2 vote and sent to the floor for what seems like near-certain approval. It does contain useful changes to Section 215 of the Patriot Act, which was cynically misinterpreted by the Bush administration to cover the collection of millions of telephone records in the United States and elsewhere. Section 215 will expire on June 1 if Congress does not act, but that is unlikely. The new bill would narrow the kinds of records, including so-called metadata from phone calls, that the intelligence agencies can collect without bothering to obtain a warrant even from the obliging FISA court, which virtually always grants them. It adds transparency measures related to government surveillance programs, and provides for more oversight of those programs. But many of those provisions are weaker than in earlier versions of the bill, and weaker than they need to be. The House committee rejected amendments designed to provide greater safeguards for civil liberties ? including one from a Republican that would have required the government to get a warrant before searching collected communications for information about Americans. The bill does not end the bulk collection of surveillance data under Section 215. Rather, it limits those operations, which, in addition to eroding the Bill of Rights, have been shown to be worthless in protecting America. The American Civil Liberties Union believes the bill doesn?t sufficiently tighten the definition of the terms used to justify data collection, or properly limit the retention of information about people who are not suspected of wrongdoing, or require meaningful disclosure of so-called ?backdoor? searches of databases by the Federal Bureau of Investigation. It does not appoint an advocate to argue before the FISA court on behalf of civil liberties, instead simply appointing a panel of experts to advise the court, where only the government is allowed to present a case, in secret. The A.C.L.U. is not opposing the new bill formally, but Jameel Jaffer, the organization?s deputy legal director, said it would be better to simply let Section 215 expire. What is far more likely is that this bill will be weakened further in the Senate by the majority leader, Mitch McConnell, and other opponents of reform. When that happens, Americans will be told that this is the best we?re going to get and that Congress will get around to ?real reform? later. That will not happen before the 2016 election and most likely won?t happen after. Get used to the protections of your civil liberties being minimally viable. -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 2 09:13:49 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 2 May 2015 10:13:49 -0400 Subject: [Infowarrior] - Internet power grab: The duplicity of ICANN Message-ID: How ICANN pressures 'net engineers to give it behind-the-scenes control of the web We must have IANA! We must have IANA! 1 May 2015 at 17:01, Kieren McCarthy http://www.theregister.co.uk/2015/05/01/icann_iana_latest/ Behind-the-scenes efforts by ICANN's lawyers to force the internet community to grant it perpetual control of critical internet functions have been exposed. Citing a cultural default of openness and transparency, negotiation teams from both the regional internet registries (RIRs) and the Internet Engineering Task Force (IETF) have made details of their discussions over the IANA contract public. The IETF is probably best known to Reg readers as the people maintaining and developing the library of crucial RFC standards that are the blueprints of the internet and computer networking. In revealing the conversations, the negotiation teams have put a spotlight on apparent duplicity between ICANN's public statements and its private behavior, and show just how far the organization is willing to go to secure control of the contract currently held by the US government ? but which it intends to take over by the end of the year. Earlier this month at a meeting in San Francisco, representatives from the negotiation team dealing with the "numbers" part of the IANA contract ? the job of allocating IP addresses ? stunned audience members when they revealed ICANN was refusing to accept the consensus document that the internet community had developed over the course of a year unless it specifically stated that ICANN would run the IANA functions forever. IANA: What's at stake? The US government contracts non-profit ICANN to run the so-called IANA functions ? a body that runs the highest level of the world's DNS, allocates IP addresses, and ensures developers can agree on the same numbers and protocols when writing software that communicates over the 'net. It's what keeps the internet as we know it glued together. That crucial contract is coming to an end, and because the US wants to step away from ruling the internet like an unelected king, the future of the IANA functions is being explored by a panel of experts called the Community Working Group (CWG). ICANN, of course, would love to run IANA all by itself, simply put. A series of slides [PDF, pgs 17-27] outlined the negotiation, including one that read: "ICANN has verbally represented that they will reject any proposed agreement in which ICANN is not deemed the sole source prime contractor for IANA functions in perpetuity." Incredibly, ICANN appears adamant that the US Department of Commerce and Congress will give California-based ICANN that role forever ? despite both institutions having made statements that would strongly suggest otherwise. The same slide reads: "ICANN asserts that neither NTIA [the Department of Commerce's National Telecommunications and Information Administration] nor US Congress will approve any transition plan which leaves open the possibility of a future non-US IANA Functions Operator." This stance directly contradicts a statement given by ICANN's chairman Steve Crocker just a few weeks earlier in which he said in public that there was "nothing fundamental in them [the numbers and protocols proposals] that we have a problem with, full stop.? The presentation then explicitly recognizes the benefit to the RIRs of having adopted a principle of transparency over how the IANA functions are negotiated. A slide reads: "Our transparency principle continues to benefit our community, in that we all now understand ICANN?s starting position in the negotiation. Without a transparency principle, only a handful of people would be aware of the state of the conversation, and they might not be aware of the precedents in this area. As in open-source software development, more eyes on a problem yield a better solution." Next up: protocols A very similar story has emerged from the IETF and its separate negotiation over the protocols aspects of the IANA contract. On Thursday, the chairmen of the IETF, the IETF Administrative Oversight Committee (IAOC) and Internet Architecture Board (IAB) ? Jari Arkko, Tobias Gondrom and Andrew Sullivan, respectively ? published a carefully worded update that revealed that ICANN was also refusing to accept wording changes to the annual "Supplemental Agreement" between the two organizations. The same issues seem to be at the heart of it: recognition that ICANN may not in future be the IANA functions operator. "After some iterations, we arrived at text that we think captures the IETF consensus," the chairmen noted, "but ICANN has informed us that they are unable to agree to that text right now." The chairmen have said they will not release the actual text that ICANN is refusing without agreement from all parties, but they did give a clear explanation over the issues it covers: In that document the community sought to have some facts acknowledged as part of any IANA transition plan: ? The protocol parameters registries are in the public domain. It is the preference of the IETF community that all relevant parties acknowledge that fact as part of the transition. ? It is possible in the future that the operation of the protocol parameters registries may be transitioned from ICANN to subsequent operator(s). The update reveals that ICANN again argues that the US government would not accept such an agreement. It reads: "ICANN told us that, in their opinion, agreeing to that text now would possibly put them in breach of their existing agreement with the NTIA.? What's going on behind the curtain? These latest revelations are just the latest in a string of efforts by ICANN to ensure the organization gains full control of the IANA contract, with minimal impact on its current procedures. Initially, ICANN tried to control the process by announcing two separate processes ? one looking into the IANA transition, and a second at its own accountability improvements ? while insisting the two were not related. That effort was beaten down after an unprecedented letter by the leaders of every one of ICANN's supporting organizations and advisory committees that said the two processes must be connected. Next, ICANN was accused of stacking the deck by purposefully excluding groups skeptical of ICANN?s efforts, and by trying to give ICANN's chairman the right to personally select the members of the group that would decide the final proposal. That was also beaten back. ICANN's staff then produced a "scoping document" that would limit discussion both on topics and in the way in which they could be discussed. Another furore forced another backtrack. Then, at the NetMundial conference in Sao Paulo, ICANN used its co-organizer status to force a last-minute change to the final document that would have seen it recommend a clear split between the operational and policy aspects of the IANA function - effectively keeping IANA as a separate entity within ICANN. A few months later, ICANN's lawyers produced a document in which they claimed many of the initial plans for the IANA contract and changes to ICANN itself were illegal under California law. When the internet community decided as a result that it was important to have independent legal advice on its plans, ICANN's legal team inserted itself onto the relevant sub-team. That sub-team was then closed off to internet community members, and ICANN's lawyers helped decide both the scope and approach as well as the legal team that was chosen to provide advice. Its first significant piece of advice to the broader group was to drop a plan to have the IANA contract held by an external party and only consider either giving IANA to ICANN or setting it up as an ICANN subsidiary. ICANN's senior counsel remains the group's secretariat. Despite all these efforts, however, the fundamental recommendations from all three parts of the IANA contract remain the same: ? It must be possible to separate the IANA contract from ICANN at some possible future date ? There must be stronger accountability measures on ICANN if the US government role is to disappear Having failed to stop these recommendations through process, then in public, ICANN is now attempting to undermine the internet community's wishes in private. Its strategy appears to be to get the numbers and protocols groups to agree to put ICANN in permanent charge of their IANA functions. In that effort, it claims to speak for the US government, which is hamstrung thanks a Congressional budget rider. The second part of the strategy is then to insist that all the IANA functions ? including the most complex names aspect ? must be held together in a single function. If it achieves both those goals, ICANN may effectively bypass mechanisms that the names group is developing that would allow a review group to decide to split the IANA functions away from ICANN at some future point if it fails to live up to expectations and agreements. Reinforcing perceptions Unfortunately for ICANN, each step it takes to undermine the process and put itself in charge simply reinforces the belief that it cannot be trusted to run such a critical function without strict safeguards. And the best safeguard is to make it possible to remove IANA from the organization altogether. What is baffling from the internet engineers' point of view is why ICANN does not put the same amount of energy and effort into funding and improving the IANA functions as it does into trying to lock them down. Each of the three IANA groups ? names, numbers and protocols ? have repeatedly noted that they are happy with how ICANN carries out those functions. If ICANN really wants to retain IANA, all it has to do is keep its customers happy. Refusing to accept those groups' carefully developed proposals and trying to strong-arm them in private while claiming to agree in public is not going to help in that. ? -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 3 13:23:32 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 3 May 2015 14:23:32 -0400 Subject: [Infowarrior] - MPAA Funds Pro-Copyright Scholars to Influence Politics Message-ID: <0639C671-309A-4290-AEF7-E26F94654601@infowarrior.org> MPAA Funds Pro-Copyright Scholars to Influence Politics ? By Ernesto ? on May 3, 2015 http://torrentfreak.com/mpaa-funds-pro-copyright-scholars-to-influence-politics-150425/ This week the MPAA opened applications for a new round of research grants, hoping the result will be "pro-copyright" academic papers. In an email leaked in the Sony hack the movie industry group further says it's looking for pro-copyright scholars who they can cultivate for further public advocacy. Last year the MPAA started a new grants program inviting academics to pitch their research proposals. Researchers are being offered a $20,000 grant for projects that address various piracy related topics, including the impact of copyright law and the effectiveness of notice and takedown regimes. Last month marked the silent start of a new round of grant applications for the fall of 2015. There?s no public announcement but MPAA boss Chris Dodd previously said there?s a need for better and unbiased copyright related research to find out how recent developments are affecting the film industry. ?We need more and better research regarding the evolving role of copyright in society. The academic community can provide unbiased observations, data analysis, historical context and important revelations about how these changes are impacting the film industry?,? Dodd noted. While Dodd?s comments about unbiased research are admirable, there also appears to be a hidden agenda which until now hasn?t seen the light of day. In an email leaked in the Sony hack MPAA General Counsel Steven Fabrizio explains to the member studios that they?re soliciting pro-copyright papers. The April 2014 email further reveals that the MPAA hopes to identify pro-copyright scholars who can be used to influence future copyright policies. ?As you know, as one component of our Academic Outreach program, the MPAA is launching a global research grant program both to solicit pro-copyright academic research papers and to identify pro-copyright scholars who we can cultivate for further public advocacy,? Fabrizio writes. Needless to say, soliciting pro-copyright papers and spotting pro-copyright scholars for public advocacy doesn?t sound very unbiased. Perhaps for this reason the MPAA has decided not to publicize the initiative too much. There was no press release on the official site regarding the grants and it?s also unknown which scholars received last year?s grants. While $20,000 is relatively modest, the MPAA is also funding scholars outside of the grant program with much more. Last November we revealed that the MPAA had donated over a million dollars to Carnegie Mellon University in support of its piracy research program. Thus far the Carnegie Mellon team has published a few papers. Among other things the researchers found that the Megaupload shutdown worked, that piracy mostly hurts revenues, and that censoring search engine results can diminish piracy. As expected, these results are now used by the MPAA as a lobbying tool to sway politicians and influence public policy. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 3 20:26:28 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 3 May 2015 21:26:28 -0400 Subject: [Infowarrior] - Inside the Military-Police Center That Spies on Baltimore's Rioters Message-ID: Inside the Military-Police Center That Spies on Baltimore's Rioters Adam Weinstein On Ambassador Road, just off I-695 around the corner from the FBI, nearly 100 employees sit in a high-tech suite and wait for terrorists to attack Baltimore. They?ve waited 11 years. But they still have plenty of work to do, like using the intel community?s toys to target this week?s street protests. They are the keepers of the Maryland Coordination and Analysis Center, a government ?fusion center? set up to share information and coordinate counterterrorist activities between 29 law enforcement agencies?federal, state, and local, including Baltimore city and county cops?in the aftermath of the Sept. 11 attacks. Seeded by a state anti-terror advisory council whose meetings are closed to the public, nourished by Republican and Democratic governors alike, MCAC has expanded its access to spying tools over the past decade and a half. It can pinpoint cellphone users. It can monitor movements of state motorists through their license plates, as it has done with an estimated 85 million drivers. It turns out that Maryland hasn?t been under sustained assault from international terrorists, despite the wild fears of the homeland security boosters who seek to justify the center?s budget. So rather than accept the possibility that MCAC and other fusion centers were guarding against an overhyped threat, the federal government has expanded the mission to include threats that have always existed: When your job is to find bad guys, it makes it easier to define everyone as a bad guy. The MCAC has adopted what the Department of Homeland Security calls an ?all-crimes approach??one focused not just on monitoring gangs and other criminal threats, but all manners of civil unrest, from Occupy protesters to the Baltimore residents who have clashed with police on the city streets this week. And it is run by a cop who has been accused of racism in the past. ?Twelve emergency support functions have been activated? in Maryland to address the violence in Baltimore, authorities told WBAL earlier this week, including ?the Maryland Coordination and Analysis Center, which provides situational awareness and intelligence.? In fact, as protests over Freddie Gray?s death in police custody spread to other major cities across the country, MCAC and other fusion centers set up by DHS will be crucial to how local law enforcement agencies confront civil dissent. < - > http://phasezero.gawker.com/inside-the-military-police-center-that-spies-on-baltimo-1700670585 -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 4 06:17:57 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 4 May 2015 07:17:57 -0400 Subject: [Infowarrior] - Is the news behaving more like advertising? Message-ID: Is the news behaving more like advertising? By Damaris Colhoun May 1, 2015 1274 words http://www.cjr.org/analysis/news_behaving_more_like_advertising.php When The Wall Street Journal set out to redesign its digital products, it changed more than the look of its website. The paper is forming teams of engineers, designers, and reporters, adapting their content to mobile and social platforms, making their news experiences more personal, and bringing analytics into the editorial department. In other words, it?s changing the essence of the newsroom. Similar changes are happening at newspapers around the country. As users continue to discover stories through search and social instead of through homepages, news organizations are stepping up their efforts to track where those users are going and how they?re behaving. They?re moving to meet them where they are, and to deliver them content across a range of devices, especially mobile. On one hand, this means that news organizations like the Wall Street Journal are getting smarter, more attuned to the digital ecosystem, and more focused on their users, which may be good for business. On the other hand, the push to personalize the news involves a degree of targeting and profiling based on how users behave. It?s creating an environment in which readers are discovering the news, but the news is also finding them. Just as ads are increasingly mimicking editorial content, the news is coming under increasing pressure to borrow some of the logic and tools of advertisers. This is especially true for mobile, ?which is one of the most personalized forms of content delivery right now,? Allen Kloslowski, vice president of the ad network SpotExchange, said in a video for the American Press Institute. ?Cookies don?t work in mobile environments, so moving into utilization of first party data is critical in order to segment those audiences and deliver them to buyers.? On the heels of this logic, journalist Jeff Sonderman has argued that ?the only way for publishers to compete effectively in mobile is if they possess and exchange the same kind of detailed targeting data about their individual audience members.? He put the matter bluntly: ?Any publisher with no data to target ads is at the bottom of the food chain.? These days, that?s exactly where a lot of publishers are sitting?especially publishers of small local newspapers. Even the savviest digital news natives are way behind Google, Facebook, and Amazon, which have been amassing data on users for years through demographic targeting. And the fact that modeling the news, predicting what a reader will click on or linger on next, is much more complex than modeling what book a user is likely to buy, doesn?t help. Yet newsrooms may be (slowly) catching up. Using tools like Chartbeat, Visual Revenue, and Google Analytics, editors and reporters are increasingly attuned to the logic of circulation. With more metrics at their fingertips, they?re getting better at profiling who their readers are and how they can be reached. ?Where did they come from? Do they stick around on our site? Do they look at other articles? How long do they spend looking at our stuff? When they come back, do they come back directly to us or do they come back through Drudge again? It?s that sort of mapping the flow of the users behavior,? said Caitlin Petre, a sociologist who spent months at The New York Times and Gawker, studying how they used analytics in the context of their newsrooms. ?Are newsrooms going to behave more like advertisers, in terms of targeting particular types of content for particular types of readers? I think we will see more of that.? This could be a boon to editorial. By knowing where eyeballs are going, journalists can tailor their content, measure the impact of their stories, and unpack complicated subjects like ISIS or Obamacare with greater nuance and agility. ?You could say, ?Here?s where people?s eyeballs are, how do we make them look somewhere else for a minute??? said Mike Ananny, an assistant professor of communication at the USC Annenberg School for Communication, who has been interviewing designers and journalists working in what he calls the ?liminal press??the space where technology and journalism overlap. ?If you want to use the press to make change in the world, you?ve got to signal to the power makers, ?Look, here?s all the people that are looking at [our] story about corruption.?? It could also be good for business. If news organizations can deliver content to readers based on what they tend to consume, they may be able to make content so good that readers are willing to pay for it, as they do for Netflix. At a time when journalism is being unbundled and distributed piece by piece, premium content could be a tool to build brand loyalty. That would be a boon to organizations like The New York Times, for whom subscriptions still account for a substantial portion of revenue. ?The advertising model is broken, so those organizations will have to build content that is based around the user, rather than the advertiser,? said Rasmus Kleis Nielsen, director of research at the Reuters Institute for the Study of Journalism and editor-in-chief of The International Journal of Press/Politics. The downside of personalization is more than just reporters chasing clicks?it?s demographically targeted news. Nielsen worries that if news were to be targeted based on income, gender, or race, it could create a new set of biases in journalism. To Ananny, the extent to which newsrooms could go in the name of ?audience engagement? and ?brand loyalty? could have an insidious effect on public trust. ?If you and I went to nytimes.com or latimes.com and saw different things?not because they think we should see different things but because they?re going to get money based on showing us different things?that?s a moment when news organizations need to be super careful,? Ananny said. ?That?s when personalization is going to be viewed more through this insidious lens of trying to maximize me as a reader, as oppose to a citizen or member of the public.? Facebook, of course, has gone much further down this road than any news organization. ?I don?t know of a news organization that?s doing that kind of very specific targeting in a way that?s anywhere near the level of sophistication of Facebook,? sociologist Petre says. ?They?re the one driving [the trend to make] news more like ads, presenting particular types of stuff to particular types of people.? Ananny agrees, saying, ?You?ve got this really tight coupling between the advertising logic and the algorithm thats going to show you something or not show you something? based on your personal information. ?That?s not necessarily a bad thing, except that we have zero understanding of how this Facebook algorithm works.? That has major implications for news organizations that are moving to partner with Facebook. On one hand, it?s a chance to market their content more broadly?but they?ll be relying on Facebook to determine who gets to see it. For Ananny, this raises uncomfortable questions. ?Will news organizations get access to all of the rich metadata associated with Facebook content? Does it matter if a New York Times story about oil industry regulation sits alongside an add for Exxon-Mobile? Would a news story about a pro-life rally be allowed to appear alongside a pro-choice story?? Ananny wondered. ?News organizations have historically thought carefully about design, in terms of newspaper and websites. Do you show people different stories not because of personalization metrics but because of revenue-generating metrics? Is that part of your logic?? As the news continues to adapt to mobile and social platforms?and to get more personalized?these are the kinds of questions that news organizations should be asking. Damaris Colhoun is a freelance journalist based in Brooklyn, NY -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 4 17:15:20 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 4 May 2015 18:15:20 -0400 Subject: [Infowarrior] - 9th Circuit judges rip into Prenda law copyright trolling scheme Message-ID: <06B54EBD-72D5-4222-BB0F-11EEA3565085@infowarrior.org> 9th Circuit judges rip into Prenda law copyright trolling scheme Judge: "This wasn't exactly a clean operation." by Joe Mullin - May 4, 2015 5:49pm EDT http://arstechnica.com/tech-policy/2015/05/04/9th-circuit-judges-rip-into-prenda-law-copyright-trolling-scheme/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 06:30:49 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 07:30:49 -0400 Subject: [Infowarrior] - Media finally realizes TPP secrecy is not helping things Message-ID: <11D9838B-CC36-4600-9DBC-BF8B1D8E23D9@infowarrior.org> (Civil liberties, consumer groups, and others have said so for YEARS, but it's only now that the vote is imminent that the Beltway echomachine media takes notice. Typical. --rick) Extreme secrecy eroding support for Obama's trade pact By Edward-Isaac Dovere 5/4/15 5:40 AM EDT Updated 5/4/15 9:52 PM EDT Classified briefings and bill-readings in basement rooms are making members queasy. If you want to hear the details of the Trans-Pacific Partnership trade deal the Obama administration is hoping to pass, you?ve got to be a member of Congress, and you?ve got to go to classified briefings and leave your staff and cellphone at the door. If you?re a member who wants to read the text, you?ve got to go to a room in the basement of the Capitol Visitor Center and be handed it one section at a time, watched over as you read, and forced to hand over any notes you make before leaving. And no matter what, you can?t discuss the details of what you?ve read. ?It?s like being in kindergarten,? said Rep. Rosa DeLauro (D-Conn.), who?s become the leader of the opposition to President Barack Obama?s trade agenda. ?You give back the toys at the end.? For those out to sink Obama?s free trade push, highlighting the lack of public information is becoming central to their opposition strategy: The White House isn?t even telling Congress what it?s asking for, they say, or what it?s already promised foreign governments. < - > ?My chief of staff who has a top secret security clearance can learn more about ISIS or Yemen than about this trade agreement,? < - > Read more: http://www.politico.com/story/2015/05/secrecy-eroding-support-for-trade-pact-critics-say-117581.html#ixzz3ZGL91foZ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 07:13:15 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 08:13:15 -0400 Subject: [Infowarrior] - Canada's 'Patriot' Act nears passage Message-ID: <857BD08D-8DCC-4769-8D04-2B78B46802BF@infowarrior.org> Canada poised to pass anti-terror legislation despite widespread outrage John Barber in Toronto Tuesday 5 May 2015 06.30 EDT Widespread protest and souring public opinion has failed to prevent Canada?s ruling Conservative Party from pushing forward with sweeping anti-terror legislation which a battery of legal scholars, civil liberties groups, opposition politicians and pundits of every persuasion say will replace the country?s healthy democracy with a creeping police state. Prime Minister Stephen Harper is looking forward to an easy victory on Tuesday when the House of Commons votes in its final debate on the bill, known as C-51. But lingering public anger over the legislation suggests that his success in dividing his parliamentary opposition may well work against him when Canadians go to the polls for a national election this fall. No legislation in memory has united such a diverse array of prominent opponents as the proposed legislation, which the conservative Globe and Mail newspaper denounced as a a plan to create a ?secret police force?. < - > http://www.theguardian.com/world/2015/may/05/canada-anti-terror-law-despite-widespread-protest -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 11:30:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 12:30:01 -0400 Subject: [Infowarrior] - How the NSA Converts Spoken Words Into Searchable Text Message-ID: How the NSA Converts Spoken Words Into Searchable Text By Dan Froomkin @froomkin Today at 10:08 AM Most people realize that emails and other digital communications they once considered private can now become part of their permanent record. But even as they increasingly use apps that understand what they say, most people don?t realize that the words they speak are not so private anymore, either. Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they called ?Google for Voice? nearly a decade ago. Though perfect transcription of natural conversation apparently remains the Intelligence Community?s ?holy grail,? the Snowden documents describe extensive use of keyword searching as well as computer programs designed to analyze and ?extract? the content of voice conversations, and even use sophisticated algorithms to flag conversations of interest. The documents include vivid examples of the use of speech recognition in war zones like Iraq and Afghanistan, as well as in Latin America. But they leave unclear exactly how widely the spy agency uses this ability, particularly in programs that pick up considerable amounts of conversations that include people who live in or are citizens of the United States. Spying on international telephone calls has always been a staple of NSA surveillance, but the requirement that an actual person do the listening meant it was effectively limited to a tiny percentage of the total traffic. By leveraging advances in automated speech recognition, the NSA has entered the era of bulk listening. And this has happened with no apparent public oversight, hearings or legislative action. Congress hasn?t shown signs of even knowing that it?s going on. The USA Freedom Act ? the surveillance reform bill that Congress is currently debating ? doesn?t address the topic at all. The bill would end an NSA program that does not collect voice content: the government?s bulk collection of domestic calling data, showing who called who and for how long. Even if becomes law, the bill would leave in place a multitude of mechanisms exposed by Snowden that scoop up vast amounts of innocent people?s text and voice communications in the U.S. and across the globe. Civil liberty experts contacted by The Intercept said the NSA?s speech-to-text capabilities are a disturbing example of the privacy invasions that are becoming possible as our analog world transitions to a digital one. ?I think people don?t understand that the economics of surveillance have totally changed,? Jennifer Granick, civil liberties director at the Stanford Center for Internet and Society, told The Intercept. ?Once you have this capability, then the question is: How will it be deployed? Can you temporarily cache all American phone calls, transcribe all the phone calls, and do text searching of the content of the calls?? she said. ?It may not be what they are doing right now, but they?ll be able to do it.? And, she asked: ?How would we ever know if they change the policy?? Indeed, NSA officials have been secretive about their ability to convert speech to text, and how widely they use it, leaving open any number of possibilities. That secrecy is the key, Granick said. ?We don?t have any idea how many innocent people are being affected, or how many of those innocent people are also Americans.? I Can Search Against It NSA whistleblower Thomas Drake, who was trained as a voice processing crypto-linguist and worked at the agency until 2008, told The Intercept that he saw a huge push after the September 11, 2001 terror attacks to turn the massive amounts of voice communications being collected into something more useful. Human listening was clearly not going to be the solution. ?There weren?t enough ears,? he said. The transcripts that emerged from the new systems weren?t perfect, he said. ?But even if it?s not 100 percent, I can still get a lot more information. It?s far more accessible. I can search against it.? Converting speech to text makes it easier for the NSA to see what it has collected and stored, according to Drake. ?The breakthrough was being able to do it on a vast scale,? he said. < - > https://firstlook.org/theintercept/2015/05/05/nsa-speech-recognition-snowden-searchable-text/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 11:35:40 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 12:35:40 -0400 Subject: [Infowarrior] - Lawmakers in France Move to Vastly Expand Surveillance Message-ID: Lawmakers in France Move to Vastly Expand Surveillance By ALISSA J. RUBIN MAY 5, 2015 http://www.nytimes.com/2015/05/06/world/europe/french-legislators-approve-sweeping-intelligence-bill.html PARIS ? The lower house of the French Parliament overwhelmingly approved a sweeping intelligence bill that, if it passes in the upper house, would give the government broad surveillance powers with little judicial oversight. The measure would give French intelligence services the right to gather potentially unlimited electronic data from Internet communications, and to tap cellphones and capture text messages. It would force Internet providers to comply with government requests to sift through subscribers? communications. ?The last intelligence law was done in 1991, when there were neither cellphones nor Internet,? said Manuel Valls, the prime minister, who took the unusual step of personally presenting the bill to the National Assembly instead of leaving it to the interior minister. The bill will now go to the Senate for debate and a vote. Even as the French push to vastly broaden data collection, the United States Congress is moving in the opposite direction and seeking to reduce the National Security Agency?s access to Internet data. Mr. Valls promised, however, that the French law would be ?targeted,? and insisted its main focus was to protect French citizens from terrorism. ?The means of surveillance for anticipating, detecting and prevention of attacks will be strictly limited,? he promised. Opponents, including lawyers, Internet companies and human rights groups, say that the law?s text contradicts the prime minister?s assurances. ?It is a state lie,? said Pierre-Olivier Sur, the head of the Paris bar association. ?This project was presented to us as a way to protect France against terrorism, and if that were the case, I would back it,? he said. ?But it is being done to put in place a sort of Patriot Act concerning the activities of each and everyone,? he said, referring to the American legislation that among other things authorized extensive electronic surveillance as a way to intercept terrorist activity. Mr. Sur said he and others worried that the measure could be used to monitor any behavior the government viewed as potentially disruptive. In the current text of the proposed law it states that the intelligence services can propose surveillance to protect ?national independence, the integrity of French territory and national defense? and to ?prevent terrorism.? It also can be used to ?prevent attacks on the republican form of institutions,? and to fight organized crime. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 11:37:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 12:37:24 -0400 Subject: [Infowarrior] - USBKill turns thumb drives into computer kill switches Message-ID: <492557BD-A681-4132-8FF1-E2295328FB25@infowarrior.org> USBKill turns thumb drives into computer kill switches Posted on 05 May 2015. http://www.net-security.org/secworld.php?id=18347 A coder that goes by the online handle "Hephaestos" has shared with the world a Python script that, when put on an USB thumb drive, turns the device in an effective kill switch for the computer in which it's plugged in. USBkill, as the programmer dubbed it, "waits for a change on your USB ports, then immediately kills your computer." The device would be useful "in case the police comes busting in, or steals your laptop from you when you are at a public library (as with Ross [Ulbricht])," Hephaestos explained. Using a cord to attach the USB key to one's wrist will assure that the USB is removed instantly with a quick tug upon the arrest of the user or the seizure of the computer. Of course, if the user doesn't use full disk encryption in the first place, the device becomes useless. Hephaestos says that USBkill is still in the early stages, but that it works, and works well. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 11:40:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 12:40:56 -0400 Subject: [Infowarrior] - 11USCoA: Warrantless cellphone tracking not illegal search Message-ID: <44892237-B8D2-4EF9-9CE5-FF900F88369C@infowarrior.org> May 5, 11:28 AM EDT Court: warrantless cellphone tracking not illegal search http://hosted.ap.org/dynamic/stories/U/US_CELLPHONE_TRACKING By CURT ANDERSON AP Legal Affairs Writer MIAMI (AP) -- Investigators do not need a search warrant to obtain cellphone tower location records in criminal prosecutions, a federal appeals court ruled Tuesday in a closely-watched case involving the rules for changing technology. The 11th U.S. Circuit Court of Appeals, overturning a three-judge panel of the same court, concluded that authorities properly got 67 days' worth of records from MetroPCS for Miami robbery suspect Quartavious Davis using a court order with a lower burden of proof. In its 9-2 decision, the 11th Circuit decided Davis had no expectation of privacy regarding records establishing his location near certain cellphone towers. The records were key evidence used to convict Davis of a string of armed robberies, leading to a 162-year prison sentence. In fact, Circuit Judge Frank M. Hull wrote for the majority, it's clear that cellphone users in today's society understand how companies collect data about calls and that cell towers are a key part of that. "We find no reason to conclude that cellphone users lack facts about the functions of cell towers or about telephone providers' recording cell tower usage," Hull wrote. "This cell tower method of call connecting does not require a different constitutional result just because the telephone company has decided to automate wirelessly." Two judges dissented, contending the Fourth Amendment requires probable cause and a search warrant for such records and some judges in the majority agreed in separate opinions that the U.S. Supreme Court should make the ultimate decision. Davis attorney David O. Markus said the dissent could provide a "roadmap" for a likely appeal to the high court. "Unfortunately, the majority is stuck in the early `80s when cell-phones were the size of bricks and cost $3,000. The cases from that long-ago era aren't helpful in today's world," Markus said. Markus called the decision "breathtaking," contending it could mean government investigators could have access without a search warrant to all kinds of personal data stored by a third party such as Facebook posts, purchases on Amazon and even pictures in "cloud" storage. The 11th Circuit, however, said existing law regarding information possessed by third parties clearly governs the Davis cellphone tracking data. Those who want the law changed should look to Congress and the state legislatures, not the judicial system, the judges said. The case has drawn wide interest from civil liberties groups and others, with briefs in support of the search warrant requirement filed by the American Civil Liberties Union, the Reporters Committee for Freedom of the Press, the National Association of Criminal Defense Lawyers and many others. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 13:44:06 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 14:44:06 -0400 Subject: [Infowarrior] - Why the USA Freedom Act Is Both Desperately Important and Laughably Pathetic Message-ID: <5314D251-C357-4F50-A443-A41379ED96C8@infowarrior.org> Why the USA Freedom Act Is Both Desperately Important and Laughably Pathetic By Dan Froomkin @froomkin https://firstlook.org/theintercept/2015/05/05/usa-freedom-act-desperately-important-laughably-pathetic/ Media coverage of the USA Freedom Act surveillance reform bill has been strikingly schizophrenic ? and nowhere more clearly than in two consecutive recent front-page articles in the New York Times. That?s because how you analyze the bill depends on which of two questions about Congress you think is more important in the wake of NSA whistleblower Edward Snowden?s revelations about a metastasizing U.S. surveillance apparatus. Those questions are: ?Will Congress do anything at all?? And: ?Will Congress do enough?? Some in Congress ? led by Senate Majority Leader Mitch McConnell ? want the answer to the first question to be: No. In the face of the June 1 sunset of some key provisions of the Patriot Act that the NSA has cited as legal justification for its bulk metadata collection, McConnell simply wants the whole thing renewed. So to people for whom that would be intolerable ? a calamitous moral failing, an abnegation of legislative oversight, a green light for the NSA to do whatever it wants, forevermore ? the fact that this ?reform? legislation is being seriously considered is a very big deal. That was the point of view reflected on the front page of Friday?s newspaper of record, published online with the headline: Patriot Act Faces Revisions Backed by Both Parties. Jonathan Weisman and Jennifer Steinhauer announced ?a bipartisan wave of support? to sharply limit the federal government?s sweeps of phone and Internet records.? They described an ?overhaul? of the Patriot Act, and reached a triumphant conclusion: The push for reform is the strongest demonstration yet of a decade-long shift from a singular focus on national security at the expense of civil liberties to a new balance in the post-Snowden era. Would that it were so. Because in the context of the incredibly broad and largely unfettered invasions of privacy here and around the globe exposed by the Snowden revelations, passing the bill would be almost inconsequential ? at best a first very little baby step. That was the point of view reflected on the front page of Saturday?s newspaper of record, published online with the headline: Why the N.S.A. Isn?t Howling Over Restrictions. My immediate thought: The key reform in the USA Freedom Act, Times reporters Peter Baker and David E. Sanger now pointed out, was an idea ?suggested to President Obama in 2013 by Gen. Keith B. Alexander, then the N.S.A. director, who saw the change as a way for the president to respond to criticism without losing programs the N.S.A. deemed more vital.? The story quoted ?one recently departed senior intelligence official? as saying: ?This is hardly major change.? Yes, the bill would end the bulk collection of metadata from domestic phone companies ? the single most shocking revelation from the Snowden archives, and arguably the most unprecedented for the NSA, by virtue of its overt focus on monitoring domestic communication. But: The legislation would still leave an expansive surveillance apparatus capable of tracking vast quantities of data. Some of the most sweeping programs disclosed by Mr. Snowden, particularly those focused on international communications, would remain unaffected. The N.S.A. could continue efforts to break private encryption systems, and information about Americans could still be swept up if originating overseas. Tapping data lines that go in and out of the U.S., grabbing personal information without a warrant from major content providers like Facebook and Yahoo ? no worries. Sweeping up all non-U.S. content possible ? sometimes an entire country?s phone calls at a time. Breaking encryption. Installing malware. Hacking Sim cards. Tracking cellphones. No problem. Spying on porn habits. Sharing raw intelligence on Americans with Israel. It happens. Installing shunts on the fiber optic cables that are the backbone of the Internet. Breaking into cell networks. Tapping private links between data centers. S?alright. Allowing secret laws developed on the fly by a rubber-stamp secret court that the Intelligence Community still doesn?t level with. Spy chiefs who want to ?collect it all.? Cost of doing business. Extraordinary new abilities ? like automated transcription of phone calls ? that Congress never anticipated, may not even know about, and certainly never establish rules for. Love it or leave it, baby. The USA Freedom Act is like a surgeon talking about taking a small tumor off of a much larger one. Would you recommend against such surgery, if that was the only one the surgeon was even willing to contemplate? That?s the bind some pivotal privacy groups find themselves in. Access, the Center for Democracy and Technology, Human Rights Watch and the Electronic Frontier Foundation are among those who say yes, it?s better than nothing. Demand Progress and the ACLU say it?s worse. Glenn Greenwald noted a year ago, when a similar bill was in play, that there was ?a real question about whether the defeat of this bill is good, bad, or irrelevant.? Ultimately, he concluded: ?the last place one should look to impose limits on the powers of the U.S. government is . . . the U.S. government. Governments don?t walk around trying to figure out how to limit their own power, and that?s particularly true of empires.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 15:13:28 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 16:13:28 -0400 Subject: [Infowarrior] - No More Patch Tuesday Message-ID: <7AB62429-E55E-41B0-A7E7-6D28EC5050AD@infowarrior.org> Windows 10 bombshell: Microsoft to KILL OFF Patch Tuesday New policy verges on apt-get update && apt-get dist-upgrade 4 May 2015 at 21:55, Iain Thomson http://www.theregister.co.uk/2015/05/04/microsoft_windows_10_updates/ Windows supremo Terry Myerson reckons the revised security patch rollout ? effectively ditching the monthly Patch Tuesday ? will shame Google. "Google takes no responsibility to update customer devices, and refuses to take responsibility to update their devices, leaving end users and businesses increasingly exposed every day they use an Android device," Myerson said during his Ignite keynote in Chicago today. He was referring to the sometimes tardy rollout of operating system updates for Android gadgets. "Google ships a big pile of [pause for effect] code, with no commitment to update your device," he added to chuckles from the audience. Myerson promised that with the new version of Windows, Microsoft will release security updates to PCs, tablets and phones 24/7, as well as pushing other software "innovations," effectively putting an end to the need for a Patch Tuesday once a month. Windows 10 enterprise customers will stay on the monthly update cycle, which will be reworked as Windows Update for Business: this will allow IT managers to pick and choose updates to deploy, and set when they will be automatically installed. Meyerson said home users will get patches first, which will allow businesses to hold off and see what breaks before installing ? bug patches have bugs from time to time, after all. He also said that the patching system had been updated to allow much tighter control over branch offices and remote users, who may not have decent bandwidth. Patches can be distributed peer-to-peer, and the timing of the installations can be set to ensure update downloads do not interfere with day-to-day operations. The goal, he said, was to make users of all stripes more secure by constantly feeding updates down the pipe, across all devices once Windows 10 is launched. Update for Business will be a free service for enterprise and pro Windows customers On the data protection side, Brad Anderson, veep of enterprise client and mobility, showed off a new feature in preview builds today: Microsoft's Advanced Threat Analytics (ATA). This tries to sense the presence of malware in a network, and locks down apps to prevent sensitive data being copied within a device. Cut'n'paste is cut At the heart of ATA is software developed by Israeli startup Aorato, which hit the headlines in July when it claimed to have discovered a major flaw in Active Directory. Microsoft bought the biz, and used its knowhow to toughen up the defenses in Windows 10. ATA constantly scrutinizes your office network, and uses basic machine learning techniques to identify suspicious behavior by devices and users, and raise the alarm if necessary. IT administrators can use ATA to also lock down Windows 10 systems to only allow data to be cut and pasted between corporate applications, while personal apps such as Twitter can be blocked from getting the same data from the clipboard. If desired, information can be copied from corporate to personal apps, but with the action recorded in an audit log. Using Azure, administrators can choose to embed metadata in files so that managers can see who read what document, when, and where from. If a particular user is trying to access files they shouldn't, an alert system will let the IT manager know. This level of monitoring will cover devices and applications, too. A user's account can be called up to show how many devices they use to get onto the network, and sound an alarm if someone's trying to access data from one location, and then again from the other side of the world a few minutes later. As a premium service, Microsoft will also offer data from Redmond's security team who monitor black-hat forums, and will alert IT managers if any of their users' identities have been put up for sale. Other features are going to be added before the launch of Redmond's new operating system, as well as security-related tweaks to Intune and the System Center Configuration Manager, Anderson promised, and will be rolled out to developers over the coming weeks. ? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 5 19:58:56 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 5 May 2015 20:58:56 -0400 Subject: [Infowarrior] - IOActive researcher being DMCA'd for findings Message-ID: (x-posted) Lawyers threaten researcher over key-cloning bug in high-security lock "CyberLock" securing police and airports has critical vulnerabilities, report warns. by Dan Goodin - May 5, 2015 6:05pm EDT Critical vulnerabilities in a market-leading line of digital locks securing hospitals, airports, and water treatment facilities makes it possible for rogue employees or outside attackers to clone digital keys, researchers reported late last week. Thursday's advisory from security firm IOActive is notable not only for the serious security issues it reported in the CyberLock line of access control systems, which are certified to meet a wide range of US governmental requirements and certifications. The report is also the topic of a legal threat from CyberLock attorneys who invoked draconian provisions of the Digital Millennium Copyright Act if IOActive disclosed the vulnerabilities. A redacted version of a letter CyberLock outside attorneys sent IOActive researcher Mike Davis has reignited a long-standing tension between whether it should be legally permissible for researchers to publicly disclose unfixed vulnerabilities in the products they test. "Of course, as you know, the public reporting of security vulnerabilities can have significant consequences," Jeff Rabkin, a partner at the Jones Day law firm wrote in a letter dated April 29, one day before IOActive published the advisory. "[Redacted company name] also takes the protection and enforcement of its intellectual property rights seriously and, prior to any public reporting, wants to ensure that there has been no violation of those rights, including [redacted company name]'s license agreements or other intellectual property laws such as the anticircumvention provision of the Digital Millennium Copyright Act. Presumably, IOActive is aligned with ensuring responsible disclosure and compliance with the laws." The Digital Millennium Copyright Act of 1998 makes it a felony to circumvent technology intended to prevent access to copyrighted material. It also provides substantial civil penalties copyright holders may recover. Word of the letter touched off wails of protest on social media sites from security researches and privacy advocates. They characterized it as an abuse of the legal system that threatens the public's right to know about vulnerabilities in products they use to secure their property and secrets. Officials from CyberLock didn't respond to e-mails seeking comment for this post. ?Unclonable? no more IOActive's five-page advisory warns that some of the bugs undermine fundamental assurances about the security of the product, which looks and acts like a traditional lock, but is locked and unlocked with a programmable digital key known as a CyberKey. That allows a CyberLock to impose tight-knit restrictions on each key holder that among other things controls the times of day someone can access a particular area or locked storage container and the duration of time the key is valid. It also allows each access or access attempt to be logged to create a detailed audit trail. CyberLock marketing materials also stress assurances that a CyberKey can't be duplicated or changed. According to the IOActive advisory ?.. < - > http://arstechnica.com/security/2015/05/05/lawyers-threaten-researcher-over-key-cloning-bug-in-high-security-lock/ -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 6 08:14:21 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 6 May 2015 09:14:21 -0400 Subject: [Infowarrior] - Europe Will Abolish Geo-Blocking and Other Copyright Restrictions Message-ID: Europe Will Abolish Geo-Blocking and Other Copyright Restrictions ? By Ernesto ? on May 6, 2015 http://torrentfreak.com/europe-will-abolish-geo-blocking-and-other-copyright-restrictions-150506/ The European Commission adopted a new Digital Single Market Strategy today, which aims to improve consumer access to digital services and goods. Among other things, Europe vows to end geo-blocking and lift other unwarranted copyright restrictions. Due to complicated licensing agreements Netflix is only available in a few dozen countries, all of which have a different content library. The same is true for many other media services such as BBC iPlayer, Amazon Instant Video, and even YouTube. These geo-blocking practices have been a thorn in the side of the European Commission, who now plan to abolish these restrictions altogether. Today the EU?s governing body adopted the new Digital Single Market Strategy. One of the main pillars of the new strategy is to provide consumers and businesses with better access to digital goods and services. Among other things the Commission plans ?to end unjustified geo-blocking,? which it describes as ?a discriminatory practice used for commercial reasons.? ?I want to see every consumer getting the best deals and every business accessing the widest market ? wherever they are in Europe,? Commission President Jean-Claude Juncker says. Another key element on the new strategy is a modern and more European copyright law. The Commission notes that the legislative proposals to achieve this will follow before the end of the year. Under the revamped copyright law it should be easier for consumers to access and enjoy content online. This means that consumers will have the right to access content they purchased at home in other European countries. According to the Commission various industries need to adapt to the new realities of the digital age, indirectly hinting at the restrictive and conservative movie industry. ?Europe has strengths to build on, but also homework to do, in particular to make sure its industries adapt, and its citizens make full use of the potential of new digital services and goods, Commissioner for the Digital Economy and Society G?nther Oettinger says. ?We have to prepare for a modern society and will table proposals balancing the interests of consumers and industry,? he adds. The new Digital Single Market Strategy doesn?t come as a surprise. Previously, several insiders called for the lifting of many unnecessary copyright restrictions. With the plans now being official it will be interesting to see what concrete proposals will follow and how the copyright industries respond. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 6 13:05:35 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 6 May 2015 14:05:35 -0400 Subject: [Infowarrior] - Why crypto backdoors are unreasonable Message-ID: <0D012654-A4C9-4543-8498-0B963FC2B186@infowarrior.org> Some notes on why crypto backdoors are unreasonable By Robert Graham Today, a congressional committee held hearings about 'crypto backdoors' that would allow the FBI to decrypt text messages, phone calls, and data on phones. The thing to note about this topic is that it's not anywhere close to reasonable public policy. The technical and international problems are unsolvable with anything close to the proposed policy. Even if the policy were reasonable, it's unreasonable that law enforcement should be lobbying for it. < - > http://blog.erratasec.com/2015/04/some-notes-on-why-crypto-backdoors-are.html#.VUpXvmbpvbx -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 6 17:26:42 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 6 May 2015 18:26:42 -0400 Subject: [Infowarrior] - Welcome to the New Age of Counterinsurgency Policing Message-ID: Welcome to the New Age of Counterinsurgency Policing http://gizmodo.com/welcome-to-the-new-age-of-counterinsurgency-policing-1702621152 -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 6 18:37:41 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 6 May 2015 19:37:41 -0400 Subject: [Infowarrior] - ICWatch: 27K intelligence community resumes Message-ID: <5838D22C-5FD9-4A23-8ABA-A1710D47377F@infowarrior.org> https://transparencytoolkit.org/icwatch/ Today Transparency Toolkit is releasing ICWATCH, a collection of 27,094 resumes of people working in the intelligence community. These resumes include many details about the names and functions of secret surveillance programs, including previously unknown secret codewords. We are releasing these resumes in searchable form with the hopes that people can use them to better understand mass surveillance programs and research trends in the intelligence community. The ICWATCH data was collected from LinkedIn public profiles using search terms like known codewords, intelligence agencies and departments, intelligence contractors, and industry terms. We then built search software, called LookingGlass, to make it easy to browse this dataset. Both LookingGlass and the ICWATCH data are available on Github. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 7 08:58:14 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 7 May 2015 09:58:14 -0400 Subject: [Infowarrior] - 2CoA: NSA phone program illegal Message-ID: <8C9D4803-2DA8-456E-94D8-4768F86638CB@infowarrior.org> NSA phone records program illegal, court rules Federal appeals court says NSA program that collected millions of Americans? phone calls was not authorized by Congress Dan Roberts in Washington and Spencer Ackerman Thursday 7 May 2015 09.44 EDT Last modified on Thursday 7 May 2015 09.56 EDT http://www.theguardian.com/us-news/2015/may/07/nsa-phone-records-program-illegal-court The US court of appeals has ruled that the bulk collection of telephone metadata is unlawful, in a landmark decision that clears that way for a full legal challenge against the National Security Agency. A panel of three federal judges for the second circuit overturned an earlier ruling that the controversial surveillance practice first revealed to the US public by NSA whistleblower Edward Snowden in 2013 could not be subject to judicial review. But the judges also waded into the charged and ongoing debate over the reauthorization of a key Patriot Act provision currently before US legislators. That provision, which the appeals court ruled the NSA program surpassed, will expire on June 1 amidst gridlock in Washington on what to do about it. The judges opted not to end the domestic bulk collection while Congress decides its fate, calling judicial inaction ?a lesser intrusion? on privacy than at the time the case was initially argued. ?In light of the asserted national security interests at stake, we deem it prudent to pause to allow an opportunity for debate in Congress that may (or may not) profoundly alter the legal landscape,? the judges ruled. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 7 09:04:14 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 7 May 2015 10:04:14 -0400 Subject: [Infowarrior] - Germany 'restricts spy cooperation with NSA' Message-ID: <7F916487-32B0-4F45-ABC7-D187D071CB3E@infowarrior.org> Germany 'restricts spy cooperation with NSA' By AFP | AFP ? 2 hours 46 minutes ago https://en-maktoob.news.yahoo.com/germany-restricts-spy-cooperation-nsa-111629490.html Germany's secret service has severely restricted cooperation with its US partner the NSA in response to a scandal over their alleged joint spying on European officials and companies, media reported Thursday. The foreign intelligence agency BND this week stopped sharing Internet surveillance data with the US National Security Agency (NSA), passing on only fax and phone intercepts, the reports said. Berlin now demands that the NSA provide a justification for each online surveillance request, reported the Sueddeutsche Zeitung daily, public broadcasters NDR and WDR, and national news agency DPA. The NSA had been unable to meet the new request at short notice, the reports said. However, such a rule had long been in place for fax and phone surveillance conducted by the BND for the NSA. "This is definitely a dramatic step," said Greens party lawmaker Konstantin von Notz, who serves on a parliamentary panel investigating the NSA's surveillance activities. "I think they've pulled the emergency brake because, even in 2015, they still can't control the search terms for Internet traffic," he said, charging that the government was unable "to protect German and European interests". Some 120 BND staff and several NSA technicians have long worked together at the BND's listening post in Bad Aibling in the southern state of Bavaria, a former US military surveillance facility. German media have reported that their targets have included not just suspected extremists and criminals but also, among others, the French presidency, the European Commission and the Airbus Group. The "BND affair" has rattled the government of Chancellor Angela Merkel and caused a rift in her "grand coalition" government with the centre-left Social Democrats. The government has so far declined to release a list of the NSA's requested search terms for IP and email addresses and mobile phone numbers, citing its ongoing consultations with Washington. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 7 11:35:55 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 7 May 2015 12:35:55 -0400 Subject: [Infowarrior] - More on 2USCoA decision on bulk records collection Message-ID: <08DDD04A-222F-494F-8A73-9844C4326B57@infowarrior.org> (Mike does a great job parsing this decision. --rick) Huge Win: Appeals Court Says NSA's Bulk Phone Records Collection Not Actually Authorized By PATRIOT Act https://www.techdirt.com/articles/20150507/07372730922/huge-win-appeals-court-says-nsas-bulk-phone-records-collection-not-actually-authorized-patriot-act.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 7 17:08:04 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 7 May 2015 18:08:04 -0400 Subject: [Infowarrior] - =?windows-1252?q?Of_Snowden_and_the_NSA=2C_only_o?= =?windows-1252?q?ne_has_acted_unlawfully_=96_and_it=92s_not_Snowden?= Message-ID: <7FB0B193-E90B-41B1-B87E-4838FD5E1AAB@infowarrior.org> Of Snowden and the NSA, only one has acted unlawfully ? and it?s not Snowden James Ball @jamesrbuk Thursday 7 May 2015 16.18 EDT http://www.theguardian.com/world/2015/may/07/edward-snowden-whistleblower-nsa-bulk-surveillance-illegal On 6 June 2013, the Guardian published a secret US court order against the phone company Verizon, ordering it on an ?ongoing, daily basis? to hand over the call records of its millions of US customers to the NSA ? just one of numerous orders enabling the government?s highly secret domestic mass surveillance program. Just days later the world learned the identity of the whistleblower who made the order public: Edward Snowden. Now, almost two years later, a US court has vindicated Snowden?s decision, ruling that the bulk surveillance program went beyond what the law underpinning it allowed: the US government used section 215 of the Patriot Act to justify the program. A US court of appeals has ruled the law does not allow for a program so broad. In short, one of the NSA?s most famous and controversial surveillance programs has no legal basis. Of Snowden and the NSA, only one has so far been found to have acted unlawfully ? and it?s not Snowden. That surely must change the nature of the debate on civil liberties being had in America, and it should do so in a number of ways. The first is the surprisingly thorny question of what to do with Snowden himself. The whistleblower is in his second year of exile, living in asylum in Russia, as he would surely face criminal prosecution should he return. The nature of the punishment ? and pre-trial mistreatment ? meted out to Chelsea Manning shows his fears are well founded. But now the courts have ruled that Snowden?s flagship revelation, the very first and foremost of the programs he disclosed, has no legal basis, who now might challenge his status as a whistleblower? Certainly not Judge Sack, who in his concurring opinion alongside today?s rulings acknowledged Snowden?s revelations led to this litigation, and likened his disclosures to Daniel Ellsberg?s famous ?Pentagon Papers? leak. If the US government seeks to jail someone who has shown its own security services acting unlawfully, its international reputation will deservedly take a beating. If the US wants moral authority to talk to other governments about whistleblowers and civil liberty, it needs to be brave: it needs to offer Snowden amnesty. The other actions for the US executive and for Congress are broader. The court of appeals judges very deliberately chose not to consider the constitutionality of NSA bulk surveillance programs, as such questions are currently before Congress with the ongoing debate on how to reform the Patriot Act. Congress should allow this ruling to reinvigorate that debate, and in a sense the ruling forces it to do so. If Congress want a law that allows phone surveillance on the scale of the NSA?s existing programs, it will have to explicitly create that: gone is the option of trying to push through something near the status quo with a fringe of reform. For domestic bulk surveillance to continue and be legal, Congress must explicitly vote for it ? and then, in time, the judicial branch will consider the constitutional case in earnest. If Congress sincerely wishes to curb it, it now has substantial backing from the judicial branch to push forward and do that. Reformers finally have the jolt in the arm they needed to prevent the positive impact of Snowden?s revelations dribbling away. The president could also use this ruling as an opportunity to consider his stance. The line endlessly aired by the administration and its officials is that all surveillance is legal. That line is no longer valid. Rather than just seeking a new script ? or as is almost certain, merely appealing against the decision ? this could be a great opportunity for some introspection. These surveillance programs are wildly expensive and have very few proven results. Why not look at which ones the US really needs, and whether old-fashioned targeted surveillance might not keep us all as safe (or safer), and freer too? The final debate is one that is unlikely to happen, but should: the US needs to start considering the privacy and freedom of foreigners as well as its own citizens. The US public is rightly concerned about its government spying on them. But citizens of countries around the world, many of them US allies, are also rightly concerned about the US government spying on them. Considering Americans and foreigners alike in these conversations would be a great moral stance ? but pragmatically, it should also help Americans. If the US doesn?t care about the privacy of other countries, it shouldn?t expect foreign governments to care about US citizens. There?s something in this for everyone. These are the debates we could be having, and should be having. The judiciary has spoken. The legislature is deliberating. The public is debating. And all of it is enabled thanks to information provided by Edward Snowden. He should be free to join the conversation, in person. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 8 07:10:58 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 8 May 2015 08:10:58 -0400 Subject: [Infowarrior] - Google Said Ready to Give Android Users More Privacy Controls Message-ID: <429531CC-4201-4BE8-BEA8-934DD260037D@infowarrior.org> Google Said Ready to Give Android Users More Privacy Controls by Brian WomackLulu Yilun Chen 3:21 PM EDT May 7, 2015 http://www.bloomberg.com/news/articles/2015-05-07/google-said-ready-to-give-android-users-more-privacy-controls Google Inc. is planning to give its mobile users more control over what information applications can access, people familiar with the matter said. Google?s Android operating system is set to give users more detailed choices over what apps can access, according to the people, who asked not to be identified because the matter remains private. That could include photos, contacts or location. An announcement of the change, which would put Android closer in line with Apple Inc.?s iOS, is expected for Google?s developer?s conference in San Francisco this month, one of the people said. The Mountain View, California-based company last year simplified how people are informed about what an app is accessing. Users decide whether the app can be downloaded. The new settings would give users the option to pick and choose what an app can access. Google is adding features to its mobile services as it seeks to attract users who increasingly are going online via their wireless gadgets. Android had 81 percent of the global smartphone market in 2014 while Apple?s iOS had 15 percent, according Gartner Inc. Pressure is growing on Android in some parts of the world. In Europe?s five largest countries, its share fell to 69 percent in the first quarter from 72 percent a year earlier, according to Kantar Worldpanel ComTech. The share for iOS rose to 20.3 percent from 18.6 percent, Kantar reported. Gina Scigliano, a spokeswoman for Google, declined to comment. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 8 09:29:52 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 8 May 2015 10:29:52 -0400 Subject: [Infowarrior] - Republicans put plans to reauthorise Patriot Act on hold after court ruling Message-ID: <47D9EB5E-4D31-41FB-825A-100CDBECA279@infowarrior.org> Republicans put plans to reauthorise Patriot Act on hold after court ruling Dan Roberts and Sabrina Siddiqui in Washington Thursday 7 May 2015 18.18 EDT Last modified on Thursday 7 May 2015 18.21 EDT http://www.theguardian.com/us-news/2015/may/07/republicans-nsa-reauthorise-patriot-act-on-hold-court-ruling Senate Republicans have conceded they may have to temporarily suspend plans for a long-term reauthorisation of the Patriot Act after a court ruling against its use by the National Security Agency dramatically turned around the prospects for surveillance reform in Washington. Three US appeal court judges threw the existing plan ? to extend the NSA?s power to collect bulk metadata from American phone records for five years ? into chaos on Thursday when they ruled that it was unlawful even under the old legislation. Now, with the relevant section of the Patriot Act due to expire at the end of the month, Republican leaders in Congress are scrambling to find a shorter-term fix to keep the programme alive as it looks likely that the court ruling will prevent them from securing the necessary votes for a full extension in the remaining six days of this legislative session. ?I hope we can [pass a clean reauthorisation] for at least a short period of time just so we can have this debate,? Senator John Cornyn, the majority whip, told reporters. ?It?s an important debate and an important law, it?s protected Americans and saved lives, and so we don?t need to make this decision in haste.? One option would be a one-month extension to get Congress past the 1 June deadline in exchange for Republicans allowing an alternative vote on the USA Freedom Act ? a reform bill designed to replace NSA collection of telephone metadata with a scheme involving data retention by telephone companies instead. But newly emboldened Democrats angrily denied rumours that they had agreed to such a deal on Thursday. ? Adam Jentleson (@AJentleson) May 7, 2015 . at jonathanweisman @SenateMajLdr This is not true. One hundred percent false. Many of those in favour of reform believe their best chance of forcing the Republican leader Mitch McConnell into allowing a vote on the Freedom Act is the prospect of him failing to pass anything and forcing the NSA to totally shutdown the controversial programme first revealed by Edward Snowden. Such a scenario would be preferable to many privacy campaigners, such as the American Civil Liberties Union, which originally lodged Thursday?s court challenge. But even a full reauthorisation of the Patriot Act would now require supreme court approval to be effective, argue campaigners. ?If the government wanted to continue to collect information on the same scale, the government would have to ask the supreme court to review the second circuit?s decision,? Jameel Jaffer, ACLU deputy legal director and lead counsel in the case, told the Guardian. ?Otherwise they have an appeal court ruling the forecloses the kind of collection they want to keep.? Supporters of the NSA?s tactics were more sceptical of the ruling and insisted it did not change in any significant way the calculus of the surveillance debate on Capitol Hill. A spokesman for McConnell?s office insisted he continued to back the Patriot Act renewal and pointed to support for its use by judges in the Foreign Intelligence Surveillance Act (Fisa) courts that were designed to deal with such questions. ?All the other courts, the Fisa courts, have ruled the other way,? he said. ?I think it?s very unfortunate,? the Arizona senator John McCain, a Republican, also told the Guardian. ?I?m very concerned and it?s my understanding other courts have ruled otherwise.? McCain said he wasn?t sure if it was ?ever feasible? to reauthorise a clean extension of the Patriot Act in its current form, but stressed the need to resolve the matter ?as quickly as possible?. The North Carolina senator Richard Burr, the Republican who chairs the Senate intelligence committee, strongly disputed the ruling. Burr said the ruling, in essence, stated that ?every member of Congress, the White House, their legal team, the Justice Department [and] the lawyers at the NSA? did not write a programme that clearly gave them the statutory authority to carry out their surveillance methods. ?I would tell you as a member of Congress, I find that incredible. And that?s under two administrations ? where their Justice Department and the NSA legal team got this wrong ? I don?t think so,? Burr told reporters on Capitol Hill. He added his belief that lawmakers still had the authority to reauthorise the NSA programmes without any changes to the bulk data collection. Lindsey Graham, the Republican senator from South Carolina and an ardent supporter of the NSA, invoked the attacks on September 11 to emphasise the importance of the surveillance programmes. ?I?ve got one goal: if you need to reform the programme, great, I just don?t want to gut it,? Graham told the Guardian. ?I would continue until someone told me to stop. I believe if the programme were in operation before 9/11, we probably would have prevented 9/11.? Graham added that he found it hard to believe lawmakers would diminish the programme, given the current national security climate, ?based on a court ruling that?s not binding?. Cornyn said the ruling struck him as ?an outlier? but was more acknowledging of how it might affect the debate. ?Obviously this is going to be part of the discussions as we go through the reauthorisation of the Patriot Act, and the authorisation of this bulk data collection method,? Cornyn said, adding that there would probably not be enough time before the Patriot Act expires to reauthorise it in any permanent way. The Connecticut senator Richard Blumenthal, a Democrat who has led the charge for Fisa reforms, said a simple extension of the present law ?in effect means reauthorising for five years a statute that right now is deeply flawed?. ?It fails to protect essential rights and clearly could be improved by having an adversarial system for example, changing the makeup of the [Fisa] court, reforming the system as needs to be done,? Blumenthal told the Guardian, adding that there is bipartisan support for NSA reform. ?There is a lot of receptivity to these kinds of changes that in no way involve imperilling our national security but simply better protect our constitutional rights.? -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 8 09:30:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 8 May 2015 10:30:01 -0400 Subject: [Infowarrior] - =?utf-8?q?Only_Two_Republicans_Admit_They_Actuall?= =?utf-8?q?y_Read_Secret_Obama_Trade_Deal=E2=80=94Both_Unsupportive?= Message-ID: Only Two Republicans Admit They Actually Read Secret Obama Trade Deal?Both Unsupportive http://www.breitbart.com/big-government/2015/05/07/only-two-republicans-admit-they-actually-read-secret-obama-trade-deal-both-unsupportive/ -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 9 13:46:41 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 9 May 2015 14:46:41 -0400 Subject: [Infowarrior] - Security firm accused of extorting clients Message-ID: Whistleblower accuses cybersecurity company of extorting clients By Jose Pagliery @Jose_Pagliery http://money.cnn.com/2015/05/07/technology/tiversa-labmd-ftc/index.html A cybersecurity company faked hacks and extorted clients to buy its services, according to an ex-employee. In a federal court this week, Richard Wallace, a former investigator at cybersecurity company Tiversa, said the company routinely engaged in fraud -- and mafia-style shakedowns. To scare potential clients, Tiversa would typically make up fake data breaches, Wallace said. Then it pressured firms to pay up. "Hire us or face the music," Wallace said on Tuesday at a federal courtroom in Washington, D.C.. CNNMoney obtained a transcript of the hearing. The results were disastrous for at least one company that stood up to Tiversa and refused to pay. In 2010, Tiversa scammed LabMD, a cancer testing center in Atlanta, Wallace testified. Wallace said he tapped into LabMD's computers and pulled the medical records. The cybersecurity firm then alerted LabMD it had been hacked. Tiversa offered it emergency "incident response" cybersecurity services. After the lab refused the offer, Tiversa threatened to tip off federal regulators about the "data breach." When LabMD still refused, Tiversa let the Federal Trade Commission know about the "hack." The FTC went after the lab, giving the company a choice: sign a consent decree (basically a plea deal which means years of audits and a nasty public statement) or fight in court. The CEO of LabMD, Michael Daugherty, chose to fight, because a plea deal would have tarnished his reputation and killed the business anyway, he said. Daugherty lost that battle in 2014, having run out of steam. The lawsuit killed LabMD, which was forced to fire its 40 employees last year. "We were a small company," he said. "It's not like we had millions of dollars to fight this and tons of employees." "The fight with the government was psychological warfare," he told CNNMoney. "There was reputation assassination. There was intimidation. We thought we were extorted. My staff and management team was demoralized. My VP left. My lawyer left." Daugherty launched a website and wrote a book about the ordeal. Cause of Action, a government watchdog group, picked up his case. Wallace's testimony casts doubt on the FTC's case against LabMD. If Wallace is telling the truth, the FTC aggressively prosecuted a company based on bogus evidence. The FTC declined to comment, citing an ongoing lawsuit against LabMD, which still hasn't reached its conclusion. LabMD wasn't the first time Tiversa's false hacks made national news, Wallace said. He claimed that Tiversa also made up information in 2009 pointing to Iran for supposedly stealing blueprints for President Obama's helicopter, Marine One. That scare that led to several news stories published by NBC, Fox, CNET and others. According to Wallace, Tiversa did this by using phony IP addresses -- on the orders of Tiversa's CEO, Bob Boback. The company, which works closely with law enforcement, would look up the Internet addresses that were used by known criminals or identity thieves, then claim that those IP addresses were sharing stolen files online. Wallace said it was a scare tactic that added "spread" to the supposed damage -- and "wow factor." "So, to boil this down, you would make the data breach appear to be much worse than it actually had been?" FTC Administrative Judge Michael Chappell asked. "That's correct," Wallace responded. Tiversa denies Wallace's allegations. On Thursday, Tiversa's CEO told CNNMoney that the recent revelations were "baseless" and came from an ex-employee still angry for being fired. "This is an overblown case of a terminated employee seeking revenge," Boback said. "Tiversa has received multiple awards from law enforcement for our continued efforts to help support them in cyber activities." Tiversa is a small cybersecurity consultancy based in Pittsburgh. Its board members include several highly-decorated experts in the security and privacy fields, including the retired four-star U.S. Army General Wesley K. Clark (formerly NATO's Supreme Allied Commander in Europe) and Larry Ponemon (founder of the Ponemon Institute, a pro-privacy think tank). U.S. Rep. Darrell Issa, chairman of the House Oversight Committee, demanded last year that the FTC look into allegations of "corporate blackmail" by Tiversa. In a letter to the FTC in December, Issa noted that Tiversa assisted the FTC on data leak investigations of "nearly 100 companies." This link potentially taints evidence in those cases too. -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 9 20:21:14 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 9 May 2015 21:21:14 -0400 Subject: [Infowarrior] - Citizens rise up against corrupt media Message-ID: Citizens rise up against corrupt media May 7, 2015 2:00AM ET by Christian Christensen http://america.aljazeera.com/opinions/2015/5/citizens-are-speaking-up-against-corrupt-media.html Standing on the streets of Baltimore to cover what his employer Fox News was calling a ?riot,? Geraldo Rivera found himself at the receiving end of a passionate and articulate lecture from Kwame Rose on skewed, sensationalist and racist media coverage. As Rose attempted to engage Rivera in a conversation, the reporter kept walking away, refusing to even make eye contact. The episode was captured on video, uploaded and went viral. Rose became a sensation. Rivera would later intone that Rose?s actions represented ?exactly that kind of youthful anarchy that led to the destruction and pain in that community.? The Rivera confrontation was one of many between media professionals and citizens and activists in Baltimore. What is becoming clear is that many people are more than aware of the ways in which the news media have the power to frame and reframe events through words, images, suggestion and omission. What is also clear is that these people are no longer willing to put up with it. In an on-air interview with activist DeRay McKesson, CNN?s Wolf Blitzer went to extraordinary lengths to get McKesson to condemn protesters who had damaged property. After listing the number of arrests, vehicle fires and structural fires in Baltimore, Blitzer asked, ?There?s no excuse for that kind of violence, right?? McKesson, unwilling to play Blitzer?s game, responded, ?Yeah, and there?s no excuse for the seven people the Baltimore police department have killed in the past year, right?? Blitzer, unused to having a guest who was willing to challenge CNN?s simplistic worldview, had an incredibly telling response, saying, ?We?re not making comparisons. Obviously, we don?t want to see anyone hurt. I just want to hear you say there should be peaceful protests, not violent protests, in the tradition of Dr. Martin Luther King.? McKesson, noting that by demanding he condemn protester violence but not police violence, Blitzer was taking a position, then offered this coup de grace: ?You are making a comparison. You are suggesting that broken windows are worse than broken spines, right?? What we have seen in Ferguson, Baltimore and other American cities is the intersection of media savvy on the part of citizens and activists and an ability to reach large numbers of people via social media. The challenge to media storylines has also come from local politicians. When Baltimore City Councilman Nick Mosby was stopped on the street by a Fox News reporter and was asked, ?When you?re watching this, tell me what this means for your city,? Mosby responded pointedly, ?What do you mean, what does it mean for my city?? Realizing that no deeper question was forthcoming, Mosby explained that what was being seen in Baltimore was the result of structural inequality and a lack of investment in inner-city youth and that these were circumstances not unique to Baltimore but common in many places in he described as ?socially and economically deprived America.? Unwilling (or unable) to engage with that deeper point, the reporter said that we saw similar events in Ferguson, at which point Mosby cut in and said, ?We also see it in Kentucky, like when Kentucky lost that basketball game. We see crowds that loot and that flip over cars ? but unfortunately, all the 95 percent of all the positive rallying that has been occurring here in Baltimore? The national media is going to focus on this. And that?s the problem.? What we have seen in Ferguson, Baltimore and other American cities is the intersection of media savvy on the part of citizens and activists and an ability to reach large numbers of people via social media platforms and direct on-air confrontation. Imagine if the interaction between Rose and Rivera happened two decades ago. No mainstream news channel would have run the confrontation, and without an outlet to exhibit the material to a significant audience, the spread would have been close to zero. In other words, it never happened. Those days are now over, and that?s a good thing. In these critical interactions between citizens and media professionals, an important issue is made visible: the extent to which the media have avoided discussions on media power and performance. The irony is striking, given that the news media generally define themselves as watchdogs over those in power on behalf of citizens. The problem is that media organizations are also purveyors of massive political and social power. This, I would argue, is one reason ?The Daily Show? became such a hit. While politicians were regular fodder for ridicule, people were itching to see large media corporations taken down a peg over their weak coverage of topics such as the Iraq War, global warming, white-collar crime and racism as well as over their perpetual refusal to even acknowledge their close relationships to corporate and political power. When people such as Rose, McKesson and Mosby question dominant media storylines on race, they not only challenge the facts as presented by CNN or Fox News; they are also peeling away the veneer of journalistic objectivity and questioning the power of all media companies to define events in broad and stereotypical terms, regardless of the consequences those definitions might have for those who remain in Ferguson and Baltimore after the cameras have been turned off and the reporters have left. -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 9 22:46:32 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 9 May 2015 23:46:32 -0400 Subject: [Infowarrior] - (Former) Rep Mike Rogers' New Bully Pulpit Message-ID: <89AE8F3A-8AA6-4855-8C3A-7098D1B2F89F@infowarrior.org> Military Contractors Behind New Pro-War Group Targeting Presidential Candidates By Lee Fang @lhfang https://firstlook.org/theintercept/2015/05/09/military-contractors-form-group-pressure-2016-candidates-adopt-hawkish-positions/ (This post is from our new blog: Unofficial Sources.) Former House Intelligence Committee Chairman Mike Rogers has formed a new pressure group, now active in Iowa and New Hampshire, to serve as the ?premiere national security and foreign policy organization during the 2016 debate? and to ?help elect a president who supports American engagement and a strong foreign policy.? Roger?s group, Americans for Peace, Prosperity, and Security, is hosting candidate events and intends to host a candidate forum later this year. The organization does not disclose its donors. But a look at the business executives helping APPS steer presidential candidates towards more hawkish positions reveals that many are defense contractors who stand to gain financially from continued militarism: ? Advisory Board Member John Coburn is chairman and CEO of VT Systems, a company that delivers communications technology for the Defense Department. ? Advisory Board Member Stephen Hadley is a principal at the consulting firm RiceHadleyGates and serves as a board member to defense contractor Raytheon, a position that pays him $228,007 in annual compensation. ? New Hampshire Board Member Rich Ashooh lists his employment as Director, Strategy at BAE Systems. ? New Hampshire Board Member James Bell is the chief executive of EPE Corporation, a manufacturing company that says it is a ?premier supplier to the defense community.? ? Advisory Board Member John Engler, the president of the Business Roundtable, a lobbying group for major corporations, including defense contractors such as Lockheed Martin, Boeing, United Technologies, Northrop Grumman. ? New Hampshire Board Member Ken Solinksy is founder of Insight Technologies, a night vision and electro-optical systems firm acquired by L-3 Communications. ? New Hampshire Chairman and Advisory Board Member Walt Havenstein is the former chief executive of BAE Systems and SAIC, two of the largest defense contractors in America. Havenstein, who left SAIC in 2012, was paid partially in company stock options. And blogger Joshua Huminski worked in 2013 as a spokesperson for Aegis Defense Services, a contractor that provided security services to U.S. facilities in Afghanistan. Aegis did not respond to a request asking if Huminski is still employed there. As we first reported, Rogers may have a conflict of interest as well. Though he announced that he left Congress to pursue a career in talk radio, we found that the former Michigan congressman later admitted taking on jobs in consulting and in private equity. His office has refused to provide more information about those private sector gigs. Watch a promo video fro APPS below: Rogers told local media that his new group, which plans to be operational in South Carolina soon, will be closely engaged with the candidates, not only through public events, but also through private meetings with the APPS advisory board members. Just before kicking off her presidential campaign, GOP candidate Carly Fiorina appeared at an APPS forum in New Hampshire. In April, APPS-NH chairman Havenstein personally sponsored the First in the Nation kick-off event for the New Hampshire Republican Party. The Issues portion of the APPS website is devoted to news articles featuring a range of threats to American national security. Explaining the goals of his group to a news outlet in Indiana, Rogers lamented the lack of ?surveillance capabilities? and warned of increasing threat of cyber warfare. Rogers and APPS did not respond to a request for comment. ?It?s not unusual for the arms industry to use front groups to press for a more aggressive foreign policy,? says William Hartung, director of the Arms & Security Project at the Center for International Policy. ?It sounds a lot more credible when a group called ?Americans for Peace, Prosperity and Security? calls for a policy shift than if the same argument comes out of the mouth of an arms executive or lobbyist whose livelihood is tied to the spread of tension and conflict,? Hartung said. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 10 18:45:41 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 10 May 2015 19:45:41 -0400 Subject: [Infowarrior] - Your cyberpunk games are dangerous Message-ID: (x-posted) A trip down memory lane for many?. Your cyberpunk games are dangerous http://boingboing.net/2015/05/08/your-cyberpunk-games-are-dange.html -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 06:47:48 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 07:47:48 -0400 Subject: [Infowarrior] - Obama Plan to Stop Foreign Hackers Has Mixed Results Message-ID: An Obama Plan to Stop Foreign Hackers Has Mixed Results By Nicole Perlroth May 10, 2015 5:30 am May 10, 2015 5:30 am http://bits.blogs.nytimes.com/2015/05/10/an-obama-plan-to-stop-foreign-hackers-has-had-mixed-results/ A 2014 conference on hacking in Las Vegas. The private sector spent $665 million on data loss prevention last year, according to the technology research firm Gartner.Credit Steve Marcus/Reuters Two years ago, the Obama administration announced a new strategy to curb online espionage. The five-point strategy came after a 2013 article in The New York Times about how the newspaper had been breached by Chinese hackers. The Times, working with a security company, also concluded that thousands of other American companies had been hacked by a Chinese military unit in Shanghai. The White House said it would increase public awareness of the threat, encourage the private sector to increase its defenses, focus diplomacy on protecting trade secrets overseas, improve trade secret theft legislation and make investigations and prosecutions of corporate and state-sponsored trade secret theft a top priority. Since then, public awareness is up and so is spending. But the hacking continues. The private sector spent $665 million on data loss prevention last year, according to the technology research firm Gartner, with a 15 percent increase expected this year. On the legislative front, Congress strengthened penalties for those convicted under the Economic Espionage Act, raising the maximum fine for individuals convicted to $5 million from $500,000. And in terms of law enforcement, the F.B.I. lists digital crime, including intrusions that result in trade secret theft, as its third priority, just behind terrorism and counterintelligence. The agency reported a 60 percent increase in trade secret investigations from 2009 through 2013. But diplomatic efforts to engage China on the topic have largely failed. China?s response has simply been that it, too, is a victim of online attacks. And online espionage shows little sign of abating. Last year, 18 percent of the 1,598 confirmed breaches analyzed by Verizon were used for online espionage, compared with 22 percent of 1,367 attacks in 2013. Senator Sheldon Whitehouse, Democrat of Rhode Island, told a Senate Judiciary Committee hearing last year that 1 to 3 percent of United States gross domestic product was still lost, every year, through trade secret theft. ?There hasn?t been any change,? said James A. Lewis, a digital security expert at the Center for Strategic and International Studies in Washington. ?There?s a lot more we can do. But we haven?t reached our pain point for taking more drastic steps on cyberespionage, and the Chinese haven?t reached their pain point for stopping it.? The Justice Department is under significant pressure to bring more trade secret cases under the Economic Espionage Act. But it is incredibly difficult to bring cases against sophisticated hackers, who are not only smart enough to cover their tracks but also smart enough to live outside the United States. It is equally difficult to serve court summonses to the Chinese corporations that investigators say they believe are benefiting from stolen trade secrets. In 2013, the Justice Department brought several indictments that charged Chinese nationals with stealing trade secrets for the benefit of corporations in China, but none of the cases involved trade secrets obtained through online attacks. All the indictments involved either employees or former employees accused of passing their employer?s trade secrets to a company in China, or people who paid an employee to do so. The story was similar in 2014. During the first nine months of the year, the Justice Department reported 20 new prosecutions under the Economic Espionage Act ? a 33 percent increase from 2013 ? and several convictions, but only two of the indictments involved trade secrets theft via digital intrusions. One, the landmark indictment filed last year against five members of the People?s Liberation Army for hacking United States companies, was largely symbolic given that the United States has no jurisdiction in China. In another, in August, a federal grand jury in California indicted a Chinese businessman on charges of conspiring to steal military secrets by hacking into Boeing and other United States companies. The defendant, Su Bin, is awaiting extradition in Canada. The Justice Department?s biggest success last year was when prosecutors obtained the first-ever federal jury conviction for economic espionage charges against two Americans and a corporation accused of selling DuPont trade secrets to a state-owned company in China. But that was not a hacking case. The two were charged with stealing trade secrets the old-fashioned way, by poaching former DuPont employees. And in that case too, the Justice Department?s efforts to bring charges against two Chinese citizens who played a central role in the theft, and the Chinese state-owned companies that benefited from them, have stalled. A look at two cases the Justice Department did bring against one Chinese-American and another Chinese citizen living in the United States suggests that the agency has found it difficult to constructively respond to online espionage. Those two cases suggest the pressure to bring such cases may be doing more harm than good. In Ohio, the Justice Department pursued a Chinese-American hydrologist for potential violations of the Economic Espionage Act, court documents show, but failed to find evidence and still tried to prosecute her for lesser charges that could have added up to 25 years in prison. After a review of her case revealed she was hardly a Chinese spy, the government dropped charges just before it was set to go to trial in March. And in Philadelphia, a Chinese citizen who has permanent residency status in the United States has been held in a federal detention center since September 2012, after he was accused of damaging a corporate server computer to cover up trade secret theft. There, too, the government did not find violations of the Economic Espionage Act, but has aggressively pursued lesser charges, including intentionally causing harm to a protected computer system. His trial is scheduled for November. Trying another tack, President Obama signed a new executive order in April that established the first sanctions aimed at curbing foreign cyberespionage. The order authorized financial and travel sanctions against anyone participating in online attacks that posed a threat to the ?national security, foreign policy, or economic health or financial stability of the United States.? Until those sanctions are exercised, experts say the only option for curbing digital espionage may be patient diplomacy. ?They don?t live here, so we can?t arrest them, and we?re not going to go to war over this,? Mr. Lewis said. ?So the key is consistent persuasion and pressure. It may be slow and it may not work. But there is no other alternative.? A version of this article appears in print on 05/11/2015, on page B9 of the NewYork edition with the headline: An Obama Plan to Stop Foreign Hackers Has Mixed Results. -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 07:21:33 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 08:21:33 -0400 Subject: [Infowarrior] - These Clueless Politicians Are The Ones Determining If The NSA Gets To Keep Spying On All Of Us Message-ID: <14D613D2-8DFB-4048-8FA1-124E163DBBA0@infowarrior.org> These Clueless Politicians Are The Ones Determining If The NSA Gets To Keep Spying On All Of Us https://www.techdirt.com/articles/20150508/16371230941/these-clueless-politicians-are-ones-determining-if-nsa-gets-to-keep-spying-all-us.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 13:45:36 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 14:45:36 -0400 Subject: [Infowarrior] - =?utf-8?q?=E2=80=9CControlled_Unclassified_Inform?= =?utf-8?q?ation=E2=80=9D_Is_Coming?= Message-ID: <51C481C5-6EB9-437B-9F27-176259B2F550@infowarrior.org> ?Controlled Unclassified Information? Is Coming Posted on May.11, 2015 in CUI, Secrecy, security culture by Steven Aftergood http://fas.org/blogs/secrecy/2015/05/cui-is-coming/ After years of preparation, the executive branch is poised to adopt a government-wide system for designating and safeguarding unclassified information that is to be withheld from public disclosure. The new system of ?controlled unclassified information? (CUI) will replace the dozens of improvised control markings used by various agencies that have created confusion and impeded information sharing inside and outside of government. A proposed rule on CUI was published for public comment on May 8 in the Federal Register. While CUI is by definition unclassified, it is nevertheless understood to require protection against public disclosure on the basis of statute, regulation, or agency policy. In many or most cases, the categories of information that qualify as CUI are non-controversial, and include sensitive information related to law enforcement, nuclear security, grand jury proceedings, and so on. Until lately, ?more than 100 different markings for such information existed across the executive branch. This ad hoc, agency-specific approach created inefficiency and confusion, led to a patchwork system that failed to adequately safeguard information requiring protection, and unnecessarily restricted information sharing,? the proposed rule said. One of the striking features of the new CUI program is that it limits the prevailing autonomy of individual agencies and obliges them to conform to a consistent government-wide standard. ?CUI categories and subcategories are the exclusive means of designating CUI throughout the executive branch,? the proposed rule states. ?Agencies may not control any unclassified information outside of the CUI Program.? Nor do agencies get to decide on their own what qualifies as CUI. That status must be approved by the CUI Executive Agent (who is the director of the Information Security Oversight Office) based on an existing statutory or regulatory requirement, or on a legitimate agency policy. And it must be published in the online CUI Registry. There are to be no ?secret? CUI categories. Importantly, the CUI Program offers a way of validating agency information control practices pertaining to unclassified information. (A comparable procedure for externally validating agency classification practices does not exist.) But CUI status itself is not intended to become an additional barrier to disclosure. ?The mere fact that information is designated as CUI has no bearing on determinations pursuant to any law requiring the disclosure of information or permitting disclosure as a matter of discretion,? the new proposed rule said. The possibility that CUI information could or should be publicly disclosed on an authorized basis is not precluded. More specifically, a CUI marking in itself does not constitute an exemption to the Freedom of Information Act, the rule said. However, a statutory restriction that justifies designating information as CUI would also likely make it exempt from release under FOIA. One complication arises from the fact that simply removing CUI controls does not equate to or imply public release. ?Decontrolling CUI relieves authorized holders from requirements to handle the information under the CUI Program, but does not constitute authorization for public release,? the rule said. Instead, disclosure is only permitted ?in accordance with existing agency policies on the public release of information.? The upshot is that while there can be ?controlled unclassified information? that is publicly releasable, there can also be non-CUI (or former CUI) information that is not releasable. The latter category might include unclassified deliberative materials, for example, that are not controlled as CUI but are still exempt from disclosure under the Freedom of Information Act. More subtly, noted John P. Fitzpatrick, the director of the Information Security Oversight Office, there is a large mass of material that is neither CUI nor non-CUI? until someone looks at it and makes an assessment. In all such cases (other than voluntary disclosure by an agency), public access would be governed by the provisions and exemptions of the FOIA. The genealogy of the CUI Program dates back at least to a December 16, 2005 memorandum in which President George W. Bush directed that procedures for handling what was called ?sensitive but unclassified? information ?must be standardized across the Federal Government.? At that time, the impetus for standardization (which never came to fruition) was based on the need for improved sharing of homeland security and terrorism-related information. The initiative was broadened and developed in the 2010 Obama executive order 13556, which eventually led to the current proposed rule. Public comments are due by July 7. -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 13:47:12 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 14:47:12 -0400 Subject: [Infowarrior] - GAO: The Future of Internet Governance: Should the U.S. Relinquish Its Authority Over ICANN? Message-ID: <89149C9F-251A-42FA-9136-8EB2BE3EE211@infowarrior.org> GAO: The Future of Internet Governance: Should the U.S. Relinquish Its Authority Over ICANN? http://fas.org/sgp/crs/misc/R44022.pdf -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 15:14:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 16:14:24 -0400 Subject: [Infowarrior] - =?utf-8?q?CIA=E2=80=99s_Jeffrey_Sterling_Sentence?= =?utf-8?q?d_to_42_Months_for_Leaking_to_New_York_Times_Journalist?= Message-ID: <2768198B-2F08-4D19-9678-9B9134BE3CE4@infowarrior.org> CIA?s Jeffrey Sterling Sentenced to 42 Months for Leaking to New York Times Journalist By Peter Maass @maassp Today at 2:53 PM https://firstlook.org/theintercept/2015/05/11/sterling-sentenced-for-cia-leak-to-nyt/ Alexandria, VA ? Jeffrey Sterling, a CIA agent convicted of sharing classified information with a New York Times reporter, was sentenced today to three and a half years in prison, a significantly shorter term than had been expected. Sterling?s lawyers had asked the judge not to abide by sentencing guidelines calling for 19 to 24 years behind bars. They argued Sterling should be treated with the same leniency shown to former Gen. David Petraeus, who was allowed to plead guilty to a misdemeanor and avoid prison after admitting to leaking classified information to his biographer and then-girlfriend, Paula Broadwell. Sterling?s lawyers also pointed to the case of former CIA agent John Kiriakou, who was recently released from jail after a 30-month sentence for disclosing the name of a covert agent to a reporter, and to the 13-month-sentence handed down to Stephen Kim, who pleaded guilty to talking about a classified document with a Fox News reporter. ?[Sterling] should be treated similarly to others convicted for the same crimes and not singled out for a long prison sentence because he elected to exercise his right to trial,? his lawyers stated in a pre-sentencing memorandum, noting that Sterling had taken his case to a jury rather than reaching a pre-trial plea bargain with prosecutors. ?[T]he court cannot turn a blind eye to the positions the government has taken in similar cases.? U.S. District Judge Leonie Brinkema seemed to agree. ?To put you at ease, the guidelines are too high,? Brinkema said as the sentencing hearing got underway, glancing at Sterling and his lawyers, Ed MacMahon and Barry Pollack. She went on to say that Sterling?s case was similar to Kiriakou?s, for which she had also been the presiding judge, because both involved the disclosure of the identity of an intelligence agent. She said Sterling should serve more time because Kiriakou had pleaded guilty whereas Sterling pleaded innocent and was found guilty by a jury. Brinkema added that ?a clear message? had to be sent to people in the intelligence community that a price will be paid for revealing the identities of intelligence agents and assets, though she also said, in what appeared to be a reference to Petraeus not serving any prison time, that the judicial system had to be fair. Speaking to the media after the hearing, Pollack said, ?We think (the jury) got it wrong. That said, the judge today got it right. She looked at all of the good work Jeffrey Sterling had done throughout his life and gave him a fair sentence under the circumstances. Today closes a sad chapter in a long saga.? The sentence was far lower than some people had expected. Jesselyn Radack, director of National Security and Human Rights at the Government Accountability Project, told The Intercept that she had expected ?a lot worse? than 42 months. ?Any jail time is excessive in light of what Gen. Petraeus got, but in light of what the government was seeking, between 19 and 24 years, this is the least worst outcome,? she said. Radack noted, however, that the offense for which Brinkema sent Kiriakou and Sterling to prison was also committed by Petraeus, because the information he shared with Broadwell included the identities of covert agents. But in a series of its own pre-sentencing memos, the latest filed just a day before Brinkema issued her decision at the Alexandria federal courthouse, the prosecution claimed that Sterling?s conviction on nine counts in January was far more serious because he had been ?willfully compromising a then-ongoing, extremely sensitive, closely-held operation designed to infiltrate and disrupt the nuclear weapons program of Iran and other rogue states, putting CIA assets at risk and exposing classified methods to our adversaries.? Sterling, a 47-year-old former case officer in the agency?s Iran Task Force, was a handler of a Russian scientist turned spy who was the focal point of a complicated effort to provide Iran with faulty blueprints for nuclear centrifuges that, if used, would disrupt the nation?s effort to build its own nuclear weapons. According to James Risen, the Times reporter who wrote a book in 2006 disclosing the operation, the Iranians realized the blueprints were faulty and extracted accurate information from them. The prosecution disputes Risen?s reporting, contending that the operation was a success. Prosecutors had tried to force Risen to disclose his source, but he refused. Nonetheless, the government used phone logs and emails between Risen and Sterling to show the jury that they talked in 2003, not long before Risen wrote his first story, which was not published by the Times after the Bush Administration warned of serious harm to national security. Those contacts, coupled with what the government portrayed as an effort by Sterling, who is black, to embarrass the agency after he filed a racial discrimination complaint, were enough to persuade a federal jury to convict him on criminal charges under the Espionage Act. Though lighter than expected, Sterling?s sentence continues a trend of what appears to be highly selective punishment of leakers. Classified information is regularly leaked by government officials who want to make themselves or the government look good. Such ?authorized leaks? are rarely prosecuted. For instance, an array of highly classified information about the killing of Osama bin Laden ? which made the Obama administration look resolute and militarily effective ? was leaked to the press and no one was punished in connection with the leaks. It tends to be only unauthorized leaks, particularly those that highlight wrongdoing or ineptitude, that the Department of Justice takes an interest in. Sterling?s sentence, though more severe than those for Petraeus, Kiriakou and Kim, is not the harshest for leaking under the Obama administration. Chelsea Manning, formerly known as Bradley Manning, is currently serving a 35-year sentence for leaking a cache of diplomatic and military cables to Wikileaks, the website that publishes secret government and corporate documents. -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 11 16:22:53 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 11 May 2015 17:22:53 -0400 Subject: [Infowarrior] - Ed Felten joining WH OSTP Message-ID: <20602B95-C1C8-467A-9A2C-129F3A4F512F@infowarrior.org> The White House just snagged one of the most valuable players in the tech policy world By Andrea Peterson May 11 at 3:43 PM http://www.washingtonpost.com/blogs/the-switch/wp/2015/05/11/the-white-house-just-snagged-one-of-the-most-valuable-players-in-the-tech-policy-world/?postshare=2921431378673360 The White House is adding one of the tech policy world's most valuable players to it's roster: Princeton Professor Ed Felten. The White House announced today that Felten will join the Office of Science and Technology Policy as deputy U.S. chief technology officer. In his decades long career, Felten has carved out a role as one of the world's top thinkers on computer security and privacy -- tackling technically difficult topics and translating them for Washington insiders. "There is no one more valuable to bridging tech and policy than Ed," said Joseph Lorenzo Hall, the chief technologist at the Center for Democracy & Technologist, who worked with Felten as a post-doctoral fellow at Princeton. He's also slipped seamlessly between academia and civil service: Felten has been a professor at Princeton for more than two decades, and currently serves as the founding director of the school's Center for Information Technology Policy. But from 2011 through 2012 he served as the first chief technologist at the Federal Trade Commission -- the government's de facto privacy watchdog. Felten's also weighed in on government surveillance efforts: In the wake of revelations about National Security Agency surveillance programs from former government contractor Edward Snowden, Felten publicly argued that phone record data being vacuumed up by the government could reveal extremely sensitive personal information. In fact, he made that point in a brief supporting the plaintiffs in a lawsuit that resulted in a federal appellate court decision last week that found the phone records program is illegal. "Ed joins a growing number of techies at the White House working to further President Obama?s vision to ensure policy decisions are informed by our best understanding of state-of-the-art technology and innovation, to quickly and efficiently deliver great services for the American people, and to broaden and deepen the American people?s engagement with their government," Alexander Macgillivray, deputy chief technology officer, and Megan Smith, U.S. chief technology officer, said in a blog post today. Both Macgillivray and Smith come from big tech companies -- Macgillivray is a former general counsel at Twitter while Smith was a vice president at Google. That makes Felten's academic background unique among the current class of the nation's top tech civil servants. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 06:44:35 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 07:44:35 -0400 Subject: [Infowarrior] - Verizon to buy AOL for $4.4 billion Message-ID: (New Verizon Bloatware app will pronounce periodically, "You've Got Overages!" --rick) Verizon to buy AOL for $4.4 billion Fred Imbert | @foimbert 8 Mins AgoCNBC.com Telecom giant Verizon announced Tuesday it will be buying AOL for $50 per share, or about $4.4 billion. () AOL's stock was up more than 18 percent after the announcement. Verizon's stock was down about 1 percent. The transaction will be completed this summer and will take the form of a tender offer followed by a merger, after which AOL will become a wholly owned subsidiary of Verizon, the announcement said. "Verizon's acquisition further drives its LTE wireless video and OTT (over-the-top video) strategy," Verizon said in a statement. Tim Armstrong, AOL's chairman and CEO, will remain at his position once the deal is finalized. "Verizon is a leader in mobile and OTT connected platforms, and the combination of Verizon and AOL creates a unique and scaled mobile and OTT media platform for creators, consumers and advertisers," Armstrong said in the announcement. < - > http://www.cnbc.com/id/102670331 From rforno at infowarrior.org Tue May 12 07:37:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 08:37:01 -0400 Subject: [Infowarrior] - FBI violated its own rules while spying on Keystone XL opponents Message-ID: <50E1B405-B0D7-4176-ACCE-74E8A0D1197A@infowarrior.org> Revealed: FBI violated its own rules while spying on Keystone XL opponents @PaulLewis Tuesday 12 May 2015 06.59 EDT Last modified on Tuesday 12 May 2015 08.09 EDT http://www.theguardian.com/us-news/2015/may/12/revealed-fbi-spied-keystone-xl-opponents The FBI breached its own internal rules when it spied on campaigners against the Keystone XL pipeline, failing to get approval before it cultivated informants and opened files on individuals protesting against the construction of the pipeline in Texas, documents reveal. Internal agency documents show for the first time how FBI agents have been closely monitoring anti-Keystone activists, in violation of guidelines designed to prevent the agency from becoming unduly involved in sensitive political issues. The hugely contentious Keystone XL pipeline, which is awaiting approval from the Obama administration, would transport tar sands oil from Canada to the Texas Gulf coast. It has been strongly opposed for years by a coalition of environmental groups, including some involved in nonviolent civil disobedience who have been monitored by federal law enforcement agencies. The documents reveal that one FBI investigation, run from its Houston field office, amounted to ?substantial non-compliance? of Department of Justice rules that govern how the agency should handle sensitive matters. One FBI memo, which set out the rationale for investigating campaigners in the Houston area, touted the economic advantages of the pipeline while labelling its opponents ?environmental extremists?. ?Many of these extremists believe the debates over pollution, protection of wildlife, safety, and property rights have been overshadowed by the promise of jobs and cheaper oil prices,? the FBI document states. ?The Keystone pipeline, as part of the oil and natural gas industry, is vital to the security and economy of the United States.? The documents are among more than 80 pages of previously confidential FBI files obtained by the Guardian and Earth Island Journal after a request under the Freedom of Information Act. Between November 2012 and June 2014, the documents show, the FBI collated inside knowledge about forthcoming protests, documented the identities of individuals photographing oil-related infrastructure, scrutinised police intelligence and cultivated at least one informant. It is unclear whether the source or sources were protesters-turned-informants, private investigators or hackers. One source is referred to in the documents as having had ?good access and a history of reliable reporting?. The FBI investigation targeted Tar Sands Blockade, a direct action group that was at the time campaigning in southern Texas. However, the partially redacted documents reveal the investigation into anti-Keystone activists occurred without prior approval of the top lawyer and senior agent in the Houston field office, a stipulation laid down in rules provided by the attorney general. Confronted by evidence contained in the cache of documents, the agency admitted that ?FBI approval levels required by internal policy were not initially obtained? for the investigation, but said the failure was remedied and later reported internally. The FBI files appear to suggest the Houston branch of the investigation was opened in early 2013, several months after a high-level strategy meeting between the agency and TransCanada, the company building the pipeline. For a period of time ? possibly as long as eight months ? agents acting beyond their authority were monitoring activists aligned with Tar Sands Blockade. Tar Sands Blockade appeared on the FBI?s radar in late 2012, not long after the group began organising in east Houston, the end destination for Keystone?s 1,660-mile pipeline. Environmental activists affiliated with the group were committed to peaceful civil disobedience that can involve minor infractions of law, such as trespass. But they had no history of violent or serious crime. Ron Seifert, a key organiser at Tar Sands Blockade, said dozens of campaigners were arrested in Texas for protest-related activity around that time, but not one of them was accused of violent crime or property destruction. The group focused on Houston?s heavily industrialised neighbourhood of Manchester, where the Valero Energy Corporation has a massive refinery capable of processing heavy crude oil. Between early November 2012 and June 2014, the documents show, the FBI collated inside-knowledge about forthcoming protests, documented the identities of individuals photographing oil-related infrastructure, scrutinised police intelligence and cultivated at least one informant. It is unclear whether the source or sources were protesters-turned-informants, private investigators or hackers. One source is referred to in the documents as having had ?good access, and a history of reliable reporting?. At one point, the FBI?s Houston office said it would share with TransCanada ?any pertinent intelligence regarding any threats? to the company in advance of a forthcoming protest. One of the files refers to Houston police officers who stopped two men and a woman taking photographs near the city?s industrial port, noting they were using a ?large and sophisticated looking? camera. Two of the individuals were described as having larger subject files in the FBI?s Guardian Threat Tracking System. In another incident, the license plate belonging to a Silver Dodge was dutifully entered into the FBI?s database, after a ?source? spotted the driver and another man photographing a building associated with TransCanada. Sensitive matters The FBI rules, laid out in the FBI?s Domestic Investigations and Operations Guide, dictate that special care should be taken over sensitive investigations such as those targeting elected officials, journalists and political organisations. FBI work on ?sensitive investigative matters? requires prior approval of both the chief division counsel (CDC), the top lawyer in the field office, and the special agent in charge (SAC). Both are supposed to consider the severity of the threat and the consequences of ?adverse impact on civil liberties and public confidence? should the investigation be made public. However, neither Houston?s CDC or SAC were consulted in relation to the FBI?s monitoring of Tar Sands Blockade activists, the documents show. Explaining the breach of protocols, the FBI said in a statement that it was committed to ?act properly under the law?. ?While the FBI approval levels required by internal policy were not initially obtained, once discovered, corrective action was taken, non-compliance was remedied, and the oversight was properly reported through the FBI?s internal oversight mechanism,? it said. The FBI did not deny opening an investigation into anti-Keystone campaigners, and said it was compelled to ?take the initiative to secure and protect activities and entities which may be targeted for terrorism or espionage?. But the precise nature of the FBI?s investigation, which continued for almost a year after the Houston Division acknowledged it had violated protocol, remains unclear. The documents appear to suggest the investigation was one branch of a wider set of investigations, possibly including anti-Keystone activists elsewhere in the country. The documents connect the investigation into anti-Keystone activists to other ?domestic terrorism issues? in the agency and show there was some liaison with the local FBI ?assistant weapons of mass destruction coordinator?. Mike German, a former FBI agent, who assisted the Guardian in deciphering the bureau?s documentation, said they indicated the agency had opened a category of investigation that is known in agency parlance as an ?assessment?. Introduced as part of an expansion of FBI powers after 9/11, assessments allow agents to open intrusive investigations into individuals or groups, even if they have no reason to believe they are breaking the law. German, now a fellow at the Brennan Center for Justice in New York, said the documents also raised questions over collusion between law enforcement and TransCanada. ?It is clearly troubling that these documents suggest the FBI interprets its national security mandate as protecting private industry from political criticism,? he said. According to the FBI documents, the FBI concluded there were ?no adverse consequences? emanating from its failure to seek approval for the sensitive investigation, noting the mistake was later ?remedied?. The investigation continued for 11 months after the mistake was spotted. It was closed after the FBI?s Houston division acknowledged its failure to find sufficient evidence of ?extremist activity?. Before closing the case, however, agents noted the existence of a file that was to be used as a repository for future intelligence ?regarding the Keystone XL pipeline?. Since then, at least a dozen anti-tar sands campaigners in Oregon, Washington, and Idaho have been contacted by the FBI. The agency has said they are not under investigation. Adam Federman is a contributing editor of Earth Island Journal -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 13:42:00 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 14:42:00 -0400 Subject: [Infowarrior] - Firefox 38 Arrives With DRM Required To Watch Netflix Message-ID: Firefox 38 Arrives With DRM Required To Watch Netflix http://yro.slashdot.org/story/15/05/12/172238/firefox-38-arrives-with-drm-required-to-watch-netflix -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 13:43:45 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 14:43:45 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google=3A_Hangouts_doesn=92t_use?= =?windows-1252?q?_end-to-end_encryption?= Message-ID: Google admits Hangouts doesn?t use end-to-end encryption, conversations can be wiretapped http://9to5google.com/2015/05/12/google-hangouts-security/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 13:59:58 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 14:59:58 -0400 Subject: [Infowarrior] - =?windows-1252?q?Bamford=3A_Why_NSA_surveillance_?= =?windows-1252?q?is_worse_than_you=92ve_ever_imagined?= Message-ID: <7F0A8473-A42E-4F74-8C2A-C6842D3EA252@infowarrior.org> Why NSA surveillance is worse than you?ve ever imagined By James Bamford May 11, 2015 http://blogs.reuters.com/great-debate/2015/05/11/if-youre-not-outraged-about-the-nsa-surveillance-heres-why-you-should-be/ Last summer, after months of encrypted emails, I spent three days in Moscow hanging out with Edward Snowden for a Wired cover story. Over pepperoni pizza, he told me that what finally drove him to leave his country and become a whistleblower was his conviction that the National Security Agency was conducting illegal surveillance on every American. Thursday, the Second Circuit Court of Appeals in New York agreed with him. In a long-awaited opinion, the three-judge panel ruled that the NSA program that secretly intercepts the telephone metadata of every American ? who calls whom and when ? was illegal. As a plaintiff with Christopher Hitchens and several others in the original ACLU lawsuit against the NSA, dismissed by another appeals court on a technicality, I had a great deal of personal satisfaction. It?s now up to Congress to vote on whether or not to modify the law and continue the program, or let it die once and for all. Lawmakers must vote on this matter by June 1, when they need to reauthorize the Patriot Act. A key factor in that decision is the American public?s attitude toward surveillance. Snowden?s revelations have clearly made a change in that attitude. In a PEW 2006 survey, for example, after the New York Times? James Risen and Eric Lichtblau revealed the agency?s warrantless eavesdropping activities, 51 percent of the public still viewed the NSA?s surveillance programs as acceptable, while 47 percent found them unacceptable. After Snowden?s revelations, those numbers reversed. A PEW survey in March revealed that 52 percent of the public is now concerned about government surveillance, while 46 percent is not. Given the vast amount of revelations about NSA abuses, it is somewhat surprising that just slightly more than a majority of Americans seem concerned about government surveillance. Which leads to the question of why? Is there any kind of revelation that might push the poll numbers heavily against the NSA?s spying programs? Has security fully trumped privacy as far as the American public is concerned? Or is there some program that would spark genuine public outrage? Few people, for example, are aware that a NSA program known as TREASUREMAP is being developed to continuously map every Internet connection ? cellphones, laptops, tablets ? of everyone on the planet, including Americans. ?Map the entire Internet,? says the top secret NSA slide. ?Any device, anywhere, all the time.? It adds that the program will allow ?Computer Attack/Exploit Planning? as well as ?Network Reconnaissance.? One reason for the public?s lukewarm concern is what might be called NSA fatigue. There is now a sort of acceptance of highly intrusive surveillance as the new normal, the result of a bombardment of news stories on the topic. I asked Snowden about this. ?It does become the problem of one death is a tragedy and a million is a statistic,? he replied, ?where today we have the violation of one person?s rights is a tragedy and the violation of a million is a statistic. The NSA is violating the rights of every American citizen every day on a comprehensive and ongoing basis. And that can numb us. That can leave us feeling disempowered, disenfranchised.? In the same way, at the start of a war, the numbers of Americans killed are front-page stories, no matter how small. But two years into the conflict, the numbers, even if far greater, are usually buried deep inside a paper or far down a news site?s home page. In addition, stories about NSA surveillance face the added burden of being technically complex, involving eye-glazing descriptions of sophisticated interception techniques and analytical capabilities. Though they may affect virtually every American, such as the telephone metadata program, because of the enormous secrecy involved, it is difficult to identify specific victims. The way the surveillance story appeared also decreased its potential impact. Those given custody of the documents decided to spread the wealth for a more democratic assessment of the revelations. They distributed them through a wide variety of media ? from start-up Web publications to leading foreign newspapers. One document from the NSA director, for example, indicates that the agency was spying on visits to porn sites by people, making no distinction between foreigners and ?U.S. persons,? U.S. citizens or permanent residents. He then recommended using that information to secretly discredit them, whom he labeled as ?radicalizers.? But because this was revealed by The Huffington Post, an online publication viewed as progressive, and was never reported by mainstream papers such as the New York Times or the Washington Post, the revelation never received the attention it deserved. Another major revelation, a top-secret NSA map showing that the agency had planted malware ? computer viruses ? in more than 50,000 locations around the world, including many friendly countries such as Brazil, was reported in a relatively small Dutch newspaper, NRC Handelsblad, and likely never seen by much of the American public. Thus, despite the volume of revelations, much of the public remains largely unaware of the true extent of the NSA?s vast, highly aggressive and legally questionable surveillance activities. With only a slim majority of Americans expressing concern, the chances of truly reforming the system become greatly decreased. While the metadata program has become widely known because of the numerous court cases and litigation surrounding it, there are other NSA surveillance programs that may have far greater impact on Americans, but have attracted far less public attention. In my interview with Snowden, for example, he said one of his most shocking discoveries was the NSA?s policy of secretly and routinely passing to Israel?s Unit 8200 ? that country?s NSA ? and possibly other countries not just metadata but the actual contents of emails involving Americans. This even included the names of U.S. citizens, some of whom were likely Palestinian-Americans communicating with relatives in Israel and Palestine. An illustration of the dangers posed by such an operation comes from the sudden resignation last year of 43 veterans of Unit 8200, many of whom are still serving in the military reserves. The veterans accused the organization of using intercepted communication against innocent Palestinians for ?political persecution.? This included information gathered from the emails about Palestinians? sexual orientations, infidelities, money problems, family medical conditions and other private matters to coerce people into becoming collaborators or to create divisions in their society. Another issue few Americans are aware of is the NSA?s secret email metadata collection program that took place for a decade or so until it ended several years ago. Every time an American sent or received an email, a record was secretly kept by the NSA, just as the agency continues to do with the telephone metadata program. Though the email program ended, all that private information is still stored at the NSA, with no end in sight. With NSA fatigue setting in, and the American public unaware of many of the agency?s long list of abuses, it is little wonder that only slightly more than half the public is concerned about losing their privacy. For that reason, I agree with Frederick A. O. Schwartz Jr., the former chief counsel of the Church Committee, which conducted a yearlong probe into intelligence abuses in the mid-1970s, that we need a similarly thorough, hard-hitting investigation today. ?Now it is time for a new committee to examine our secret government closely again,? he wrote in a recent Nation magazine article, ?particularly for its actions in the post-9/11 period.? Until the public fully grasps and understands how far over the line the NSA has gone in the past ? legally, morally and ethically ? there should be no renewal or continuation of NSA?s telephone metadata program in the future. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 14:01:08 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 15:01:08 -0400 Subject: [Infowarrior] - BitTorrent Launches Bleep Chat To The Masses, Uses No Cloud Message-ID: BitTorrent Launches Bleep Chat To The Masses, Uses No Cloud By Kevin ParrishMay 12, 2015 11:00 AM - Source: BitTorrent | B 0 comment http://www.tomshardware.com/news/bittorrent-chat-security-bleep-p2p,29079.html BitTorrent officially launched its chat client called Bleep on Tuesday. The service first made an appearance as a public alpha back in September 2014, but it's now available on all major platforms, including Apple's iOS, Google's Android, and Windows and Mac desktops. So what's the big deal with Bleep? Why is it different than Skype, AIM and other chat clients? "We keep messages and the encryption keys for images stored on your local device, not the cloud," said BitTorrent's Farid Fadaie in a blog. "For messages and metadata, there is no server for hackers to target, and because you hold the keys, images can't be leaked to haunt you later. We've solved serverless peer-to-peer messaging, including the ability to get offline friends your messages when they come back online." For the desktop client, users can create an account by supplying an email address or phone number, or they can simply go incognito. If users enter an email address, this address must be confirmed by way of an emailed PIN composed of letters and numbers. After that, users can find and invite friends by connecting an address book or entering another user's key. To add a contact, simply click on the "+" sign and enter a phone number, email address or public key. Your key, which is supplied as a QR code or a very lengthy string of numbers and letters, is located under the "Be added by friends" section in "Settings." Your friend won't become a Bleep contact until he/she provides an approval. The overall Bleep interface is divided into two sections: the contacts area and the chat area. The contacts portion includes the "Settings" menu, a search tool, pending invitations, a list of contacts that are online, and a list that's offline. The right side provides a large conversation window and the text entry box at the bottom. In addition to the basic chat functions, this new version of Bleep includes an added feature called "Whisper." To enter this mode, mobile phone users simply hit "Go to Whisper," and these conversations and images will be deleted off the sender's and recipient's devices 25 seconds after they have been viewed. For desktop users, simply hit the "SHIFT" button (Windows) or "CTRL" button (Mac) while sending a "whispered" message or image. Users can switch back and forth in a conversation when needed. To assuage any fears that the other user is taking screenshots of the conversation during Whisper mode, Fadaie said that the screenshot in question won't show nicknames, so there's no way to see who said what. Tap the "eye" in the display, and the screenshot will show the nicknames but not the messages. The other user can only take screenshots of one or the other. In addition to the chat features, there's a phone icon at the top that allows users to talk to friends for free over the Internet. Fadaie said that these calls connect directly and don't involve the cloud. Users can also rest assured that these calls feature end-to-end encryption; there's no eavesdropping by unsuspecting government agencies or hackers. BitTorrent's Christian Averill explained to Tom's how Bleep actually works, saying that instead of supplying chat servers that store information, Bleep relies on the current BitTorrent ecosystem. When the Bleep client looks up contacts, it uses the DHT, which is "a web of peers" cooperating together. When the sender identifies a receiver, the message is sent directly to the receiver using end-to-end encryption. You can get a deeper explanation here. Bleep's video support is there, but it's lacking. "Bleep core already supports video, but exposing it in the UI depends on what features (and how) users would like to see," he said. "There is definitely the possibility of exposing this feature but the timeline for it is TBD." Bleep arrives in a time when Internet surfers are questioning the privacy of the tools they use to communicate on the Web. BitTorrent seems intent on fixing this issue with peer-to-peer software. Averill said that with cloud solutions, there's always a tradeoff between privacy and cool features. But that's not so with a peer-to-peer solution; you can have something that is fun and easy to use without compromising security. When we asked if the company will eventually start charging for this service, Averill said, "Our current focus is to make the consumer app great, and we will continue doing that." But he added, "Having said that, Bleep is built to scale not only as a consumer app but also as a platform that can be offered to other companies to use (as an SDK, etc.). Other companies can easily integrate messaging functionalities into their own apps using Bleep engine without needing any servers (which is revolutionary in that it not only reduces the cost of operating servers but it also makes the conversation more private which opens the doors for new markets)." "We will likely look into monetization potentials in those markets as we intend to keep the basic features of the consumer app free," Fadaie added. So far the response to Bleep has been strong. Averill said that BitTorrent received a great deal of feedback from users during the alpha stages. Not only did these users help find bugs in the software; they also worked directly with the team. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 14:15:54 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 15:15:54 -0400 Subject: [Infowarrior] - Senate Dems block TPP Message-ID: (Good! Here's hoping this helps kill a deal that *nobody* outside of the WH knows anything about yet the WH claims is a must-have for the country. Fingers crossed TPP does die, and soon...but in DC, you never know. --rick) Senate Democrats vote to block Obama on trade By Mike DeBonis May 12 at 3:09 PM http://www.washingtonpost.com/politics/democrats-threaten-to-stall-trade-legislation-in-the-senate/2015/05/12/08f71d66-f8c0-11e4-9ef4-1bb7ce3b3fb7_story.html President Obama?s fellow Democrats derailed one of his major second-term priorities Tuesday, voting to hold up consideration of ?fast track? trade authority unless related measures are guaranteed to proceed alongside it. The trade legislation failed an afternoon test vote, 52 to 45. Sixty votes were needed to begin formal debate of measures that would pave the way for approval of a complex Pacific trade accord and provide relief to unemployed workers affected by trade deals. Ahead of the vote, many Democrats ? including some of the handful who have supported Obama?s trade push ? said they were not inclined to move forward with debate unless Republican leaders provided assurances that the various pieces would move in tandem. About an hour before the vote, that included Sen. Ron Wyden (D-Ore.), who negotiated the trade package with top Republicans in the House and Senate and who has been a rare ally of Obama?s trade agenda inside the president?s party. ?Until there is a path to get all four bills passed,? Wyden said after a lunchtime meeting with fellow pro-trade Democrats, ?we will ? certainly most of us ? have to vote no.? Majority Leader Mitch McConnell (R-Ky.) said Tuesday that Republicans were willing to attach ?trade adjustment assistance? ? that is, funding authority for worker assistance programs ? to the fast-track bill. But he made no pledge to include a trade enforcement bill ? which would, among other things, take aim at Chinese currency ma?nipu?la?tion and is opposed by the administration ? or a fourth bill concerning trade with Africa. McConnell said those provisions could be attached by amendment to the bills under consideration. ?This is a vote to begin a process,? he said on the Senate floor. ?This is a vote to begin a debate on a broad trade agenda.? Sen. Sherrod Brown (D-Ohio), one of the Senate?s fiercest opponents on trade, said late Monday that the vote to proceed would fail unless Republicans made a more solid commitment to take up the related bills. ?It?s a betrayal of workers and small business in our communities to pass fast track, to put it on the president?s desk without enforcement .?.?. and without helping workers,? Brown said. ?It?s a betrayal of what we should be standing for.? But Sen. Orrin G. Hatch (R-Utah), chairman of the Senate Finance Committee, said Monday that there was ?no compromise that can be reached that is going to link all four bills together.? ?That isn?t going to happen,? he said. ?If that happens, it?s over.? Hatch, who negotiated with Wyden, the committee?s top Democrat, for months over the trade legislation, betrayed some frustration at the Democratic demands. ?We think we can come up with a way of doing this,? he said. ?I?ve been disappointed with some of the approaches that have been taken over the last weekend, but we?ll iron that all out, I hope.? At the White House, press secretary Josh Earnest played down reports about the struggles of the fast-track legislation as merely a ?procedural snafu? ? a phrase he repeated about a dozen times ? that could be worked out in the coming days. Earnest said the trade legislation remains a top priority for Obama and pledged that White House aides would continue to lobby lawmakers. Sen. John Cornyn (R-Tex.), the majority whip, said the expected vote was a ?failure of the president?s ability to convince members of his own party? and urged Obama to do more to convince wavering Senate Democrats. Earnest said, ?I would withhold judgment about the president?s persuasion abilities until we?ve had a chance to advance this legislation through.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 18:11:43 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 19:11:43 -0400 Subject: [Infowarrior] - =?windows-1252?q?Calling_BS_on_=93We_Support_Stro?= =?windows-1252?q?ng_Encryption=94?= Message-ID: Web Policy by Jonathan Mayer, a computer scientist + lawyer at Stanford May 12, 2015 ?We Support Strong Encryption? http://webpolicy.org/2015/05/12/we-support-strong-encryption/ A good Washington talking point delivers zero content. A great Washington talking point sounds substantive? while delivering zero content. In the spirit of honoring greatness, I?d like to call attention to the current White House position on cryptographic backdoors. It received its most public airing from President Obama, in a February 13 interview with RE/CODE. ?I?m a strong believer in strong encryption,? explained the President. ?[T]here?s no scenario in which we don?t want really strong encryption.? President Obama isn?t the only official invoking ?strong encryption.? (And strongly, too.) In just about every recent conversation with an administration policymaker, I?ve been subjected to some version of the line. Here?s the official, pre-canned White House position: The United States Government firmly supports the development and adoption of strong encryption, which is a key tool to secure commerce and trade, safeguard private information, promote free expression and association, and strengthen cybersecurity. To a computer security expert, or to a privacy advocate, ?strong encryption? might sound like a policy victory. It means encryption that minimizes security risks. It means encryption where the user controls access. It means encryption that doesn?t include a vendor or government backdoor. And so, among colleagues, I?ve heard recent praise of the White House position. To a law enforcement or intelligence official, though, ?strong encryption? means something very different. It means encryption that minimizes security risks, but subject to the constraint that the government can still access data. It means encryption where the user controls access, except where the government is involved. It means encryption that does include a government backdoor, but a well-designed backdoor.1 That?s why, in a recent House hearing, the FBI?s representative testified that ?[c]ompanies must continue to provide strong encryption for their customers.? And that?s why, twenty years ago, at the height of the Crypto Wars, the FBI?s director testified ?in favor of strong encryption, robust encryption.? The White House has, to be fair, distanced itself from law enforcement and intelligence agencies on this issue. When the President said, ?I lean probably further on side of strong encryption than some in law enforcement,? his cybersecurity team was sending a deliberate signal. They?re still thinking, and they?re still undecided. The takeaway is straightforward. Next time you hear an official speak about ?strong encryption,? recognize that you?ve heard zero content. And maybe take a moment to bask in the Washington greatness. 1. Several computer security colleagues have suggested that government access and ?strong encryption? are fundamentally incompatible, that well-designed backdoors are technically impossible, and that the White House faces an either-or decision. The strongest articulation I?ve heard is that ?backdoors break the Internet.? While I imagine that posing a binary choice is a useful rhetorical tool, I believe the issue is more nuanced. There are better and worse designs for government access to a communications or storage system, and in a handful of scenarios, the marginal security risk might be cabined. Backdoors are still a really bad idea, for a long list of reasons, but they don?t necessarily ?break the Internet.? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 18:38:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 19:38:01 -0400 Subject: [Infowarrior] - =?windows-1252?q?Many_of_the_NSA=92s_Loudest_Defe?= =?windows-1252?q?nders_Have_Financial_Ties_to_NSA_Contractors?= Message-ID: <47A0872A-24D8-403C-9E34-803D835DDA5D@infowarrior.org> Many of the NSA?s Loudest Defenders Have Financial Ties to NSA Contractors https://firstlook.org/theintercept/2015/05/12/intelligence-industry-cash-flows-media-echo-chamber-defending-nsa-surveillance/ -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 12 21:08:08 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 12 May 2015 22:08:08 -0400 Subject: [Infowarrior] - =?windows-1252?q?The_10_biggest_lies_you=92ve_bee?= =?windows-1252?q?n_told_about_TPP?= Message-ID: <08D9214E-7491-4547-823A-A13A6B40A81E@infowarrior.org> Tuesday, May 12, 2015 11:59 AM EDT The 10 biggest lies you?ve been told about the Trans-Pacific Partnership You can call it "misleading" or "offering half-truths," but when push comes to a shove, these are lies David Dayen http://www.salon.com/2015/05/12/the_10_biggest_lies_youve_been_told_about_the_trans_pacific_partnership/ Today, the Senate makes a critical test vote on the Obama Administration?s trade agenda, kicking off a process that the White House hopes to end with the signing of an agreement between 12 nations called the Trans-Pacific Partnership. In preparation for this vote, President Obama has been deliberately antagonizing his critics, mostly liberal Democrats. Senator Elizabeth Warren is ?a politician, like everybody else,? Obama said Friday to Yahoo News, who has ?got a voice that she wants to get out there,? framing her concerns as insincere self-aggrandizement. Those concerns, Obama added, are ?absolutely wrong.? This is not the first time that Obama and his aides have depicted opposition on trade as deliberate misinformation designed to stir up a left-leaning political base, or generate campaign contributions; my favorite is the claim that Warren is merely trying to energize a non-existent Presidential campaign. It?s beneath the dignity of the Presidency to so aggressively paint opponents as not just wrong on the facts, but hiding the truth on purpose. Warren has responded without using the same indecorous tactics. Unfortunately, I don?t have the same self-control. So by way of response, here are ten moments where the President or his subordinates have lied ? call it ?misled? or ?offered half-truths? or whatever; but I?m in an ornery mood so let?s just say lied ? about his trade agenda: 1. 40 PERCENT: The President and his team have repeatedly described TPP as a deal involving nearly 40 percent of global GDP. This tells only part of the story. First of all, the U.S. by itself represents 22 percent of global GDP; a bill naming a post office would involve that much. Second, we already have free trade agreements with six TPP partners ? Canada, Mexico, Australia, Singapore, Chile and Peru ? and between them and us, that?s 80 percent of the total GDP in this deal. The vast majority of the rest is represented by Japan, where the average applied tariff is a skinny 1.2 percent, per the World Bank. You can see this paragraph in graphic form here. The point is that saying TPP is about ?40 percent of GDP? intimates that it would massively change the ability to export without tariffs. In reality it would have virtually no significance in opening new markets. To the extent that there?s a barrier in global trade today, it comes from currency manipulation by countries wanting to keep their exports cheap. The TPP has no currency provisions. 2. JOB CREATION: Saying, as the White House has, that the deal would support ?an additional 650,000 jobs? is not true. This figure came from a hypothetical calculation of a report by the Peterson Institute for International Economics, which the Institute itself said was an incorrect way to use their data. ?We don?t believe that trade agreements change the labor force in the long run,? said Peter Petri, author of the report, in a fact check of the claim. The deal is actually more about building up barriers than taking them down. Much of TPP is devoted to increasing copyright and patent protections for prescription drugs and Hollywood media content. As economist Dean Baker notes, this is protectionist, and will raise prices for drugs, movies and music here and abroad. 3. EXPORTS ONLY: The Administration constantly discusses trade as solely a question of U.S. exports. A recent Council of Economic Advisors report touts: Exporters pay higher wages, and export industry growth translates into higher average earnings. But the Economic Policy Institute points out that this ignores imports, and therefore the ballooning trade deficit, which weighs down economic growth and wages. Talking about trade without discussing both imports and exports is like relaying the score of a ballgame by saying ?Dodgers 4.? It is literally a half-truth. Recent trade deals have in fact increased the trade deficit, such as the agreement with South Korea. Senator Sherrod Brown notes that the deal has only increased exports by $1 billion since 2011, while increasing imports by $12 billion, costing America 75,000 jobs. 4. MOST PROGRESSIVE: Obama has called TPP ?the most progressive trade deal in history.? First of all, so did Bill Clinton and Al Gore, when talking about NAFTA in 1993. Second, there?s reason to believe TPP doesn?t even clear a low bar for progressive trade deals. The Sierra Club, based on a leaked TPP environmental chapter, said that the deal is weaker than the landmark ?May 10 agreement? for deals with Peru, Panama and Colombia, struck in 2007. Key Democrats who devised labor and environmental standards for those agreements, like Rep. Sander Levin, believe that TPP falls short. Even if the chapters were up to par, consistent lack of enforcement of the rules makes them ineffective. The U.S. Trade Representative has actually claimed the Colombia free trade agreement is positive because only one trade unionist in the country is being murdered every other week. Labor groups can only ask the White House to enforce labor rights violations, and for the past several years, the Administration simply hasn?t. So when Obama says violators of TPP will face ?meaningful consequences,? based on the Administration?s prior enforcement, he?s lying. 5. CHANGING LAWS: On the controversial topic of Investor-State Dispute Settlement (ISDS), where corporations can sue sovereign governments for monetary damages for violating trade agreements that hurt the company?s ?expected future profits,? the White House has engaged in a shell game. They say, ?No trade agreement is going to force us to change our laws.? But the point of a corporation suing the United States or any trade partner is to put enough financial pressure on a government to force them to alter the law themselves. So ISDS doesn?t ?cause? a change in law only in the narrowest sense. Even third-party countries have curtailed regulations in reaction to ISDS rulings, as New Zealand did with their cigarette packaging law, awaiting the outcome of a dispute between the tobacco industry and Australia (a suit that continues despite an initial victory for Australia). 6. NEVER LOST: The White House assumes that the only thing America cares about with ISDS is the upsetting of our own laws. So they?ve stressed that the U.S. has never lost an ISDS case. This is irrelevant. What ISDS does is offer bailout insurance policy to multinational corporations. If they run into discrimination or regulatory squeezing by a foreign government, they can use an extra-judicial process to recoup their investment. Workers screwed over by trade agreements have no ability to sue governments; only corporations get this privilege. The United States attracts businesses through our relative rule of law. When that insurance is granted to countries like Vietnam and Malaysia, it weakens our competitive advantage, and makes it simple for countries to outsource their operations. Their investment is protected, as is their ability to exploit cheap labor. This makes it impossible for America to compete. 7. WEAKENING DODD-FRANK: Obama reacted strongly to Senator Warren?s charge that a future President could overturn financial regulations or other rules through trade deals. ?I?d have to be pretty stupid,? Obama told Yahoo News, to ?sign a provision that would unravel? signature achievements like Dodd-Frank. I suppose he is, then, because modern trade agreements often seek to ?harmonize? regulations, effectively setting a regulatory ceiling. This harmonization could, as Warren says, ?punch holes in Dodd-Frank without directly repealing it,? by forcing regulators to roll back capital or leverage requirements. European negotiators want a trade agreement with the U.S. called the Trans-Atlantic Trade and Investment Partnership (TTIP) to include a chapter ?harmonizing? financial regulations. So far the Obama Administration has rejected this, while admitting the potential for regulatory harm. Treasury Secretary Jack Lew told Congress in December 2013, ?Normally in a trade agreement, the pressure is to lower standards? on regulations, ?and that?s something that we just think is not acceptable.? A future President might find it acceptable, and today?s vote on ?fast-track? authority would give trade deals an expedited process, with no amendments or filibusters by Congress, for six years, outlasting the current Administration. Scott Walker or Jeb Bush may decide it?s perfectly appropriate to undermine regulations in trade deals. 8. STOPPING CHINA: President Obama frequently casts TPP as a way to ?contain? China. ?If we don?t write the rules for trade around the world, guess what, China will,? he said on Friday. This is so facile as to be totally meaningless. China is a major Pacific Rim economy, and will have a presence regardless of our actions. As former Clinton Defense Department official Chas Freeman writes, ?China has been and will remain an inseparable part of China?s success story.? Plus, as I?ve written in Salon, weak ?rule of origin? guidelines could allow China to import goods into TPP member countries without any tariffs, while freed from following any TPP regulations. 9. SECRET DEAL: Obama has angrily dismissed the notion that TPP is a ?secret? deal, saying that everyone will have public access to the TPP text for at least 60 days before a final vote. This is not the point opponents are making. The vote on fast track would severely limit Congressional input into the deal. And right now, members of Congress can only see the text in a secure room, without being able to bring staffers or take notes, or even talk about specifics in public. That makes the deal effectively secret during the fast track vote. ?The president has only committed to letting the public see this deal after Congress votes to authorize fast track,? Warren told Greg Sargent. The President wants to filibuster-proof the bill in secret, then employ pretend transparency on TPP after that. 10. JUST A POLITICIAN: This idea from Obama that everybody opposing fast-track is acting like a mere ?politician,? aside from demonizing the concept of representing constituents, neglects the fact that he?s a politician too. His interest in building a legacy, when practically nothing else has the potential to pass Congress the next two years, is a political interest. His possible interest in rewarding campaign contributors who would benefit from TPP is also political, or his desire to earn the respect of the Very Serious People who always support trade deals. Since Obama has a large platform and will not publicly debate any opponent on trade, he can float above it all, acting like a principled soul only wanting to better the country rather than a transactional ward heeler. This may be the biggest lie, that Obama?s somehow superior to everyone else in this debate. David Dayen is a contributing writer for Salon. Follow him on Twitter at @ddayen. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 13 09:37:58 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 13 May 2015 10:37:58 -0400 Subject: [Infowarrior] - Flight Attendants Lost Their Tantrum Suit Message-ID: <9AFB75BD-6E9E-415B-87FB-0BB16320F5CC@infowarrior.org> Flight Attendants Lost Their Tantrum Suit To Keep Bitching About Our Electronic Devices On Flights from the awwwwww dept https://www.techdirt.com/articles/20150511/05332430950/flight-attendants-lost-their-tantrum-suit-to-keep-bitching-about-our-electronic-devices-flights.shtml Perhaps, like me, you've never really understood the curious ban some airflights and airlines have had on mobile and electronic devices during flights, take-offs, and landings. Perhaps, like our Jefe, Mike Masnick, you've dismissed the requests from flight attendants that those devices be fully powered down out of hand, because you too are a rebel the likes for which this world is wholly unprepared. And maybe you too cheered when the FAA summarily dismissed these silly rules way back in 2013, thinking that the madness of a few moments without our favorite devices had finally come to an end. But then, as you may know, the Association of Flight Attendants sued the FAA in order to retain the ability to lord over your smart-phones, tablets, and computers on flights. Notably, the AFA's filing made essentially zero claims having anything to do with the safety of electronic devices on the flights. Instead, their argument centered on whether the power to decide whether flight attendants could treat passengers like children who hadn't finished their vegetables resided with the FAA, or if the AFA should have some input. Well, the court has ruled and has firmly told the AFA and flight attendants to go dangle. In this case, it really does not matter whether Notice N8900.240 is viewed as a policy statement or an interpretive rule. The main point here is that the Notice is not a legislative rule carrying ?the force and effect of law.? Perez, 135 S. Ct. at 1204. A legislative rule ?modifies or adds to a legal norm based on the agency?s own authority? flowing from a congressional delegation to engage in supplementary lawmaking. Syncor, 127 F.3d at 95. That's court-speak for "nice try, now go away." Of course the FAA can make changes to flight rules as it pleases and, when it comes to the use of devices the ban for which has always been cast in the light of flight-safety, an association for flight attendants ought to have about as much input as a doctor's receptionist should have on medical policy. This tantrum of a suit, which is all it ever was, has been dismissed and we are finally free to play Angry Birds during takeoff. Free at last, free at last. More seriously, it's somewhat nice to see some aspect of security theater being done away with regarding anything to do with airplanes and flights. If we could just take this same tact with the rest of airport security, we'd be making a world of improvements. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 13 20:29:44 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 13 May 2015 21:29:44 -0400 Subject: [Infowarrior] - BBC braces for the fight of its life Message-ID: BBC braces for the fight of its life http://www.politico.eu/article/the-bbc-braces-for-the-fight-of-its-life/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 14 07:35:23 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 14 May 2015 08:35:23 -0400 Subject: [Infowarrior] - U.S. To Run Out Of Internet Addresses By Summer Message-ID: U.S. To Run Out Of Internet Addresses By Summer By Nicole Arce, Tech Times | May 14, 7:33 AM http://www.techtimes.com/articles/52956/20150514/u-s-to-run-out-of-internet-addresses-by-summer.htm The U.S. is about to run out of Internet Protocol (IP) addresses this summer. And while we're not exactly going to see a meltdown of the Internet, businesses will definitely feel the crunch when they discover prices for Internet addresses have gone sky-high. IP addresses are like telephone numbers; they connect one device to another. When a computer to connect to a web page, or when someone posts a video on YouTube, or when a smartphone gets updated to Android Lollipop, the numerical codes that we call IP addresses all serve to link these devices together. In the 1980s, the engineers who created the Internet created the IPv4 specification, which carries 4.3 billion IP addresses. Back then, the engineers figured they had created enough to cover the entire Internet, but it clearly isn't so. Speaking to the Wall Street Journal, American Registry for Internet Numbers (ARIN) president and CEO John Curran says only 3.4 million IP addresses remains. ARIN manages the 1.3 billion IP addresses assigned to North America, or about a third of the entire global supply. By summer, all the remaining 3.4 million addresses are expected to dry up. And this is why big companies who are looking to maintain a massive online presence have begun snapping up spare IP addresses right and left, as the price of addresses will go much higher than the usual $11.25 they are sold for now. Microsoft, for instance, purchased 666,624 addresses for $7.5 million from the bankrupt Nortel Networks. Last year, Salesforce.com purchased 262,144 addresses for an undisclosed amount with the goal of continuously expanding its data centers to deliver its cloud-based enterprise services. Facebook has taken a different approach. Instead of making hoard buys for IPv4 addresses, the social network has instead upgraded to the IPv6 specification, which was approved in 1998. IPv6 offers a much larger number of IP addresses. Specifically, it covers up to 340 undecillion addresses. That is 340 followed by 36 zeroes. Facebook engineer Paul Saab says the rapid growth of the social network's user numbers is aided by its decision to upgrade its network switches and routers to IPv6. "If we had done nothing for our internal services, then we would not have been able to build new data centers," Saab says. Eventually, all companies will have to follow in Facebook's footsteps and upgrade their hardware and software. However, smaller businesses might be deterred by the costs of upgrading early on. Research firm Gartner says migrating to IPv6 can cost 7 percent of the entire IT budget, making it more attractive to pick up IP addresses while they're cheap for the time being. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 14 17:45:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 14 May 2015 18:45:01 -0400 Subject: [Infowarrior] - (repost) TPP's Looming Effects on U.S. Copyright Laws Message-ID: February 25, 2015 | By Maira Sutton The White House Doesn't Want You to Know the TPP's Looming Effects on U.S. Copyright Laws https://www.eff.org/deeplinks/2015/02/white-house-doesnt-want-you-know-tpp-effects-us-copyright-laws -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 16 12:36:58 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 16 May 2015 13:36:58 -0400 Subject: [Infowarrior] - Fwd: referral: book reviews References: <20150516133239.6E7C1228195@palinka.tinho.net> Message-ID: > Begin forwarded message: > > From: dan > > two very useful book reviews in one > > www.lawfareblog.com/2015/05/war-the-rise-of-the-military-internet-complex > > @War: The Rise of the Military-Internet Complex, by Shane Harris > (Houghton Mifflin Harcourt 2014) > > Cyber Operations and the Use of Force in International Law, by Marco > Roscini (Oxford UP 2014) > From rforno at infowarrior.org Sat May 16 12:37:30 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 16 May 2015 13:37:30 -0400 Subject: [Infowarrior] - FBI says police can disclose Stingray use, but not what they can do Message-ID: <61B8E511-CC54-45E1-97FD-C5D2E6E4F6BB@infowarrior.org> FBI says police can disclose Stingray use, but not what they can do by Chris Velazco | @chrisvelazco http://www.engadget.com/2015/05/15/fbi-says-police-can-disclose-stingray-use/?ncid=rss_truncated Look, none of us should be surprised that police departments across the country use things like Stingrays -- sophisticated surveillance devices that suck up cell phone communications -- in their investigations. Still, more than a few of those PDs have insisted in court on trying to keep that specialized gear out of the limelight. Consider cases like this one in Baltimore last year, where a police officer was nearly held in contempt for withholding information about cell phone tracking practices; they often hinge on the fact that law enforcement officials entered into non-disclosure agreements with the FBI to keep usage under wraps. Turns out, that's not exactly the full story. According to a statement released by the FBI earlier this morning (and obtained in full by Ars Technica), there really aren't any legal stipulations meant to keep law enforcement from admitting stingrays have been used. "Defendants," the statement goes on, "have a legal right to challenge the use of electronic surveillance devices, and not disclosing their use could inappropriately and adversely affect a defendant's right to challenge the use of the equipment." Instead, what those NDAs are meant to do is keep people from disclosing the "specific capabilities" of Stingrays (and related surveillance gear with different, less-catchy brand names). Naturally, the Bureau takes this part pretty seriously. A lawsuit filed by the New York Civil Liberties Union against the Erie County Sheriff's Office last year revealed the FBI even reserved the right to ask local PDs to drop cases entirely if the sanctity of the Stingray's capabilities or details on how they were used in investigations fell into peril. Thing is, even that's a moot point now: The press corps has done a fine job of unearthing those capabilities and sharing them with the public at large anyway. While today's release gives us just a little more insight on the curious relationship between the Feds and local law enforcement where surveillance is concerned, don't think the move will usher in a golden age of transparency. After all, Florida-based Harris Corporation -- also known as the people who make and market the Stingray -- is known to broker non-disclosure agreements with law enforcement agencies themselves, barring them from "discussing, publishing, releasing or disclosing" any information related to its surveillance products. From rforno at infowarrior.org Mon May 18 06:22:11 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 18 May 2015 07:22:11 -0400 Subject: [Infowarrior] - Cue the local PD backlash... Message-ID: <2EB06E19-ABBD-4627-A38E-5F54B8A647B1@infowarrior.org> I can see the police unions and chiefs of police going nuts about this "taking away our much-needed tools" to combat crime. Brace for the police union spin machine to ramp up......after all, power once received (no matter how it's used) is difficult to relinquish. --rick Obama bans some military-style equipment provided to police http://www.washingtonpost.com/politics/obama-bans-some-military-style-equipment-provided-to-police/2015/05/18/5e48961c-fd45-11e4-8c77-bf274685e1df_story.html < - > In previewing the president?s trip, the White House said that effective immediately, the federal government will no longer fund or provide armored vehicles that run on a tracked system instead of wheels, weaponized aircraft or vehicles, firearms or ammunition of .50-caliber or higher, grenade launchers, bayonets or camouflage uniforms. The federal government also is exploring ways to recall prohibited equipment already distributed. In addition, a longer list of equipment the federal government provides will come under tighter control, including wheeled armored vehicles like Humvees, manned aircraft, drones, specialized firearms, explosives, battering rams and riot batons, helmets and shields. Starting in October, police will have to get approval from their city council, mayor or some other local governing body to obtain it, provide a persuasive explanation of why it is needed and have more training and data collection on the use of the equipment. The issue of police militarization rose to prominence last year after a white police officer in Ferguson fatally shot unarmed black 18-year-old Michael Brown, sparking protests. Critics questioned why police in full body armor with armored trucks responded to dispel demonstrators, and Obama seemed to sympathize when ordering a review of the programs that provide the equipment. ?There is a big difference between our military and our local law enforcement and we don?t want those lines blurred,? Obama last in August. < - > -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 06:50:53 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 07:50:53 -0400 Subject: [Infowarrior] - Russia to ditch Android and iOS with own NSA-proof Linux-based software Message-ID: <83F6C6A8-50F9-45A0-AA5C-6737B409C200@infowarrior.org> Russia to ditch Android and iOS with own NSA-proof Linux-based software Wants use of non-Russian mobile operating systems dropped to just 50 percent by 2025 By Carly Page Tue May 19 2015, 10:13 http://www.theinquirer.net/inquirer/news/2409112/russia-to-ditch-android-and-ios-with-own-nsa-proof-linux-based-software RUSSIA is planning to create its own smartphone operating system in an effort to reduce its dependence on Western technology. Russian financial newspaper RBC reports that the country's minister of communications, Nikolai Nikiforov, announced plans this week to lessen the country's reliance on Android and iOS with the development of a national operating system based on Sailfish, an open source mobile operating system developed by Finnish phone maker Jolla. Nikiforov told RBC that he wants to see the use of non-Russian mobile operating systems dropped to just 50 percent by 2025. At present, Android accounts for 81 percent of the country's mobile market share, according to Gartner, while iOS accounts for 15 percent. Sailfish currently accounts for 0.5 percent of Russia's mobile market, less than that claimed by BlackBerry and Windows Phone. As well as looking to reduce the country's dependence on Western technology, Russia wants smartphone software that it knows it can trust, and that it knows can't be infiltrated by the likes of the US National Security Agency. This is unsurprising. A year ago, Apple and SAP refused to disclose their source code to the Russian government, which wanted to determine whether the US government had included backdoors in the software, as Edward Snowden had claimed. Nikiforov said at the time: "It is obvious that the companies that disclose the source code of their programs [are] not hiding anything. But those who do not intend to cooperate with Russia on this issue may have undeclared capabilities in their products." According to the report, Russia is looking to persuade other nations, including Brazil, China, India and South Africa, to help out with the project. Nikiforov told RBC that he hopes to create an "international consortium? that will include IT companies from each nation, saying: "IT companies will provide their experts, and their time will be paid for by their respective states, giving them the opportunity to work on this project." Separate reports claim that Chinese phone maker Huawei is also looking to lessen its reliance on Google's Android software with the development of its own so-called Kirin OS. This software, according to Gizmo China, has been in development for three years, and will come optimised for Huawei's Kirin chips. ? -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 08:04:14 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 09:04:14 -0400 Subject: [Infowarrior] - MS says pens, paper, chalkboards unfair to students Message-ID: <1D764110-763D-40CF-900F-54FD598D9AB9@infowarrior.org> In a word: HOGWASH. --rick Teachers using pens and paper in the classroom ?not fair? to students, Microsoft official says by Stephen Hui on May 15th, 2015 at 4:28 PM http://www.straight.com/life/452561/teachers-using-pens-and-paper-classroom-not-fair-students-microsoft-official-says -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 09:13:42 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 10:13:42 -0400 Subject: [Infowarrior] - Letter to POTUS on crypto access Message-ID: <54AF43D5-CB32-4FB2-8307-27477FA8081A@infowarrior.org> (I am a signatory. --rick) Tech giants don?t want Obama to give police access to encrypted phone data By Ellen Nakashima May 19 at 8:34 AM http://www.washingtonpost.com/world/national-security/tech-giants-urge-obama-to-resist-backdoors-into-encrypted-communications/2015/05/18/11781b4a-fd69-11e4-833c-a2de05b6b2a4_story.html -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 14:36:44 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 15:36:44 -0400 Subject: [Infowarrior] - =?utf-8?b?SeKAmXZlIFJlYWQgT2JhbWHigJlzIFNlY3Jl?= =?utf-8?q?t_Trade_Deal=2E_Elizabeth_Warren_Is_Right_to_Be_Concerned=2E?= Message-ID: <9AE63B97-340A-4B75-8171-71F75FFE1CE4@infowarrior.org> I?ve Read Obama?s Secret Trade Deal. Elizabeth Warren Is Right to Be Concerned. By MICHAEL WESSEL May 19, 2015 http://www.politico.com/magazine/story/2015/05/tpp-elizabeth-warren-labor-118068.html#.VVuQX0Ybk7S ?You need to tell me what?s wrong with this trade agreement, not one that was passed 25 years ago,? a frustrated President Barack Obama recently complained about criticisms of the Trans Pacific Partnership (TPP). He?s right. The public criticisms of the TPP have been vague. That?s by design?anyone who has read the text of the agreement could be jailed for disclosing its contents. I?ve actually read the TPP text provided to the government?s own advisors, and I?ve given the president an earful about how this trade deal will damage this nation. But I can?t share my criticisms with you. I can tell you that Elizabeth Warren is right about her criticism of the trade deal. We should be very concerned about what's hidden in this trade deal?and particularly how the Obama administration is keeping information secret even from those of us who are supposed to provide advice. So-called ?cleared advisors? like me are prohibited from sharing publicly the criticisms we?ve lodged about specific proposals and approaches. The government has created a perfect Catch 22: The law prohibits us from talking about the specifics of what we?ve seen, allowing the president to criticize us for not being specific. Instead of simply admitting that he disagrees with me?and with many other cleared advisors?about the merits of the TPP, the president instead pretends that our specific, pointed criticisms don?t exist. What I can tell you is that the administration is being unfair to those who are raising proper questions about the harms the TPP would do. To the administration, everyone who questions their approach is branded as a protectionist?or worse?dishonest. They broadly criticize organized labor, despite the fact that unions have been the primary force in America pushing for strong rules to promote opportunity and jobs. And they dismiss individuals like me who believe that, first and foremost, a trade agreement should promote the interests of domestic producers and their employees. I?ve been deeply involved in trade policy for almost four decades. For 21 years, I worked for former Democratic Leader Richard Gephardt and handled all trade policy issues including ?fast track,? the North American Free Trade Agreement and the World Trade Organization?s Uruguay Round, which is the largest trade agreement in history. I am also a consultant to various domestic producers and the United Steelworkers union, for whom I serve as a cleared advisor on two trade advisory committees. To top it off, I was a publicly acknowledged advisor to the Obama campaign in 2008. Obama may no longer be listening to my advice, but Hillary Clinton and Elizabeth Warren might as well be. Warren, of course, has been perhaps the deal?s most vocal critic, but even the more cautious Clinton has raised the right questions on what a good TPP would look like. Her spokesman, Nick Merrill, said: ?She will be watching closely to see what is being done to crack down on currency manipulation, improve labor rights, protect the environment and health, promote transparency and open new opportunities for our small businesses to export overseas. As she warned in her book Hard Choices, we shouldn?t be giving special rights to corporations at the expense of workers and consumers.? On this count, the current TPP doesn?t measure up. And nothing being considered by Congress right now would ensure that the TPP meets the goal of promoting domestic production and job creation. The text of the TPP, like all trade deals, is a closely guarded secret. That fact makes a genuine public debate impossible and should make robust debate behind closed doors all the more essential. But the ability of TPP critics like me to point out the deal?s many failings is limited by the government?s surprising and unprecedented refusal to make revisions to the language in the TPP fully available to cleared advisors. Bill Clinton didn?t operate like this. During the debate on NAFTA, as a cleared advisor for the Democratic leadership, I had a copy of the entire text in a safe next to my desk and regularly was briefed on the specifics of the negotiations, including counterproposals made by Mexico and Canada. During the TPP negotiations, the United States Trade Representative (USTR) has never shared proposals being advanced by other TPP partners. Today?s consultations are, in many ways, much more restrictive than those under past administrations. All advisors, and any liaisons, are required to have security clearances, which entail extensive paperwork and background investigations, before they are able to review text and participate in briefings. But, despite clearances, and a statutory duty to provide advice, advisors do not have access to all the materials that a reasonable person would need to do the job. The negotiators provide us with ?proposals? but those are merely initial proposals to trading partners. We are not allowed to see counter-proposals from our trading partners. Often, advisors are provided with updates indicating that the final text will balance all appropriate stakeholder interests but we frequently receive few additional details beyond that flimsy assurance. Those details have enormous repercussions. For instance, rules of origin specify how much of a product must originate within the TPP countries for the resulting product to be eligible for duty-free treatment. These are complex rules that decide where a company will manufacture its products and where is will purchase raw materials. Under the North American Free Trade Agreement (NAFTA), 62.5 percent of a car needed to originate within NAFTA countries. In the US-Australia Free Trade Agreement, it was lowered to 50 percent. It further dropped to 35 percent in the US-Korea Free Trade Agreement (KORUS). In essence, under our agreement with Korea, 65 percent of a car from South Korea could be made from Chinese parts and still qualify for duty-free treatment when exported to the U.S. That fact is politically toxic, and for that reason, we should expect the TPP agreement to have higher standards. But will it reach the 62.5 percent NAFTA requirement? Or will it be only a slight improvement over KORUS? Without access to the final text of the agreement, it?s impossible to say. State-owned enterprises may, for the first time, be addressed in the TPP. But, once again, the details are not clear. Will exemptions be provided to countries like Vietnam, Malaysia and Singapore, all of which could be heavily impacted by such a rule? What will be the test to determine what is or is not acceptable behavior? Will injury be required to occur over a substantial period of time, or will individual acts of non-commercial, damaging trade practices be actionable? Again, it?s impossible to say for sure. Advisors are almost flying blind on these questions and others. Only portions of the text have been provided, to be read under the watchful eye of a USTR official. Access, up until recently, was provided on secure web sites. But the government-run website does not contain the most-up-to-date information for cleared advisors. To get that information, we have to travel to certain government facilities and sign in to read the materials. Even then, the administration determines what we can and cannot review and, often, they provide carefully edited summaries rather than the actual underlying text, which is critical to really understanding the consequences of the agreement. < -- > Read more: http://www.politico.com/magazine/story/2015/05/tpp-elizabeth-warren-labor-118068.html#ixzz3acBbPURA -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 14:52:49 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 15:52:49 -0400 Subject: [Infowarrior] - Senate voting on 'USA FREEDOM' after all Message-ID: Senate Plans Vote on House-Passed NSA Spying Curbs by Chris Strohm 3:17 PM EDT May 19, 2015 http://www.bloomberg.com/news/articles/2015-05-19/senate-plans-vote-on-house-passed-bill-curbing-nsa-spying-powers The Senate will vote this week on a bill passed by the House prohibiting the National Security Agency from collecting bulk records, yet renewing U.S. spy programs set to expire in two weeks, Majority Leader Mitch McConnell said. McConnell has faced mounting pressure from Democrats and companies such as Facebook Inc. and Google Inc. to allow a vote on legislation that curbs some of the NSA?s spying powers revealed in 2013 by former U.S. contractor Edward Snowden. It was unclear if the House-backed bill has enough votes to pass the Senate. McConnell and Senator John Thune, a South Dakota Republican, told reporters in Washington Tuesday they were searching for a possible backup plan, which could include trying to pass a temporary one-month extension. Democrats have said they oppose a short-term action. Three provisions of the USA Patriot Act expire on June 1, including the power to access millions of phone call records in order to find suspected terrorists. McConnell and other lawmakers have said it would be dangerous if the authorities lapsed for U.S. intelligence and law enforcement agencies. ?We have a way to solve this right now,? Senator Patrick Leahy of Vermont, the top Democrat on the Senate Judiciary Committee, said in an interview in Washington. ?Do what the House did. They reflected the will of the American people. Republican and Democrats came together on an overwhelming bipartisan vote.? The House bill, called the USA Freedom Act, passed on May 13 by a lopsided 338-88 vote. -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 19 17:53:40 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 19 May 2015 18:53:40 -0400 Subject: [Infowarrior] - PBS Frontline tonight: Secrets, Politics and Torture Message-ID: <92AB56D4-1916-48F8-8747-415D918A17C0@infowarrior.org> WATCH: How the CIA Helped Make ?Zero Dark Thirty? May 15, 2015, 2:45 pm ET by Patrice Taddonio http://www.pbs.org/wgbh/pages/frontline/government-elections-politics/secrets-politics-and-torture/watch-how-the-cia-helped-make-zero-dark-thirty/ When Zero Dark Thirty premiered in 2012, the Hollywood film about the hunt for Osama bin Laden became a blockbuster hit. Behind the scenes, the CIA secretly worked with the filmmakers, and the movie portrayed the agency?s controversial ?enhanced interrogation techniques? ? widely described as torture ? as a key to uncovering information that led to the finding and killing of bin Laden. Secrets, Politics and Torture airs Tuesday, May 19 at 10 p.m. EST on PBS (check local listings) and will stream in full, for free, online at pbs.org/frontline. But in Secrets, Politics and Torture, premiering this Tuesday, May 19 on PBS, FRONTLINE reveals the many challenges to that narrative, and the inside story of how it came to be. The documentary unspools the dueling versions of history laid out by the CIA, which maintains that its now officially-shuttered program was effective in combating terrorism, and the massive Senate torture report released in December 2014, which found that the program was brutal, mismanaged and ? most importantly ? didn?t work. Watch the dramatic opening sequence of Secrets, Politics and Torture: And that?s just the beginning. Drawing on recently declassified documents and interviews with prominent political leaders and CIA insiders, Tuesday?s film goes on to examine how the secret interrogation program began, what it accomplished and the bitter fight in Washington over the public outing of its existence. ?We?ve found that, faced with 9/11 and the fear of a second attack, everybody from the head of the CIA, to the Justice Department, to the president asked ?Can we do it?? ? meaning, can we do it legally ? not, ?Should we do it?? says veteran FRONTLINE filmmaker Michael Kirk. Secrets, Politics and Torture is the latest in Kirk?s acclaimed line of documentaries examining counterterrorism programs and government secrecy in the wake of 9/11: He traveled to the infamous Abu Ghraib prison in Iraq to make The Torture Question in 2005, and he just won a Peabody Award for United States of Secrets, FRONTLINE?s 2014 examination of the National Security Agency?s mass surveillance program. ?As the debate over how far the U.S. should be willing to go in the fight against terrorism continues, we felt it was important to tell the story of this CIA program, comprehensively, in documentary form,? Kirk says. ?What we?ve found raises some very tough questions.? Watch Secrets, Politics and Torture Tuesday, May 19 at 10 p.m. EST on PBS (check local listings) and online at pbs.org/frontline. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 07:56:17 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 08:56:17 -0400 Subject: [Infowarrior] - NSA Planned to Hijack Google App Store to Hack Smartphones Message-ID: <7F00C5AE-B6C6-4C5F-BB78-A7449A86772D@infowarrior.org> NSA Planned to Hijack Google App Store to Hack Smartphones The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals. The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the ?Five Eyes? alliance ? the United States, Canada, the United Kingdom, New Zealand and Australia. The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012. The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting ?at this time.?) As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users? connections to app stores so that they would be able to send malicious ?implants? to targeted devices. The implants could then be used to collect data from the phones without their users noticing. < - > https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 07:57:43 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 08:57:43 -0400 Subject: [Infowarrior] - A Chatty Squirrel: Privacy and Security Issues with UC Browser Message-ID: A Chatty Squirrel: Privacy and Security Issues with UC Browser May 21, 2015 https://citizenlab.org/2015/05/a-chatty-squirrel-privacy-and-security-issues-with-uc-browser/ Tagged: Asia Chats, Canada, China, CSEC, Edward Snowden, UC Browser Categories: Adam Senft, Andrew Hilts, Christopher Parsons, Jakub Dalek, Jason Q. Ng, John Scott-Railton, Katie Kleemola, Masashi Crete-Nishihata, Reports and Briefings, Ron Deibert, Sarah McKune Authors: Jakub Dalek (lead), Katie Kleemola (lead), Adam Senft (lead), Christopher Parsons, Andrew Hilts, Sarah McKune, Jason Q. Ng, Masashi Crete-Nishihata, John Scott-Railton, Ronald Deibert Download PDF version. Read the CBC News story. Read our primer on mobile privacy and security. Read the summary: Privacy and security issues with UC Browser. Read the summary in Chinese: ??????UC??????????? https://citizenlab.org/2015/05/a-chatty-squirrel-privacy-and-security-issues-with-uc-browser/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 09:17:59 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 10:17:59 -0400 Subject: [Infowarrior] - How Fox News Changed American Media and Political Dynamics Message-ID: <2E64305F-3B15-40A7-BEEB-FC443154E3C0@infowarrior.org> How Fox News Changed American Media and Political Dynamics by Bruce Bartlett - May 21st, 2015, 9:00am http://www.ritholtz.com/blog/2015/05/how-fox-news-changed-american-media-and-political-dynamics/ -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 11:00:06 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 12:00:06 -0400 Subject: [Infowarrior] - US proposes tighter export rules for computer security tools Message-ID: <922FBF8F-7C4A-4047-AF64-FDCC26DC815F@infowarrior.org> (x-posted) (link to the proposal is in the article below) US proposes tighter export rules for computer security tools By Jeremy Kirk IDG News Service | May 20, 2015 http://www.itworld.com/article/2925375/security/us-proposes-tighter-export-rules-for-computer-security-tools.html The U.S. Commerce Department has proposed tighter export rules for computer security tools, a potentially controversial revision to an international agreement aimed at controlling weapons technology. On Wednesday, the department published a proposal in the Federal Register and opened a two-month comment period. The changes are proposed to the Wassenaar Arrangement, an international agreement reached in 1995, aimed at limiting the spread of ?dual use? technologies that could be used for harm. Forty-one countries participate in the Wassenaar Arrangement, and lists of controlled items are revised annually. The Commerce Department?s Bureau of Industry and Security (BIS) is proposing requiring a license in order to export certain cybersecurity tools used for penetrating systems and analyzing network communications. If asked by the BIS, those applying for a license ?must include a copy of the sections of source code and other software (e.g., libraries and header files) that implement or invoke the controlled cybersecurity functionality.? Items destined for export to government users in Australia, Canada, New Zealand or the U.K.?the so-called ?Five Eyes? nations which the U.S. belongs to?would be subject to looser restrictions. Those nations? intelligence agencies collaborate closely. The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection. The definition of intrusion software would also encompass ?proprietary research on the vulnerabilities and exploitation of computers and network-capable devices,? the proposal said. Tools that would not be considered intrusion software include hypervisors, debuggers and ones used for reverse engineering software. There has long been concern that software tools in the wrong hands could cause harm. But security professionals who conduct security tests of organizations often employ the same software tools as those used by attackers. Thomas Rid, a professor in the Department of War Studies at King?s College London, wrote on Twitter that the proposed export regulations ?seem too broad; could even damage cybersecurity.? Many private computer security companies sell information on software vulnerabilities for commercial purposes, a practice that has been criticized. Those companies have defended their sales models, arguing that without a financial incentive, the software vulnerabilities may not have been found, which ultimately protects users. Many have policies that forbid selling sensitive information to unvetted parties. The proposal said there is a ?policy of presumptive denial for items that have or support rootkit or zero-day exploit capabilities.? Rootkits are hard-to-detect programs used for electronically spying on a computer, and a zero-day exploit is attack code that can take advantage of a software flaw. Changes to the list of controlled items covered by the Wassenaar Agreement are decided by consensus at its annual plenary meeting in December. -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 11:04:19 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 12:04:19 -0400 Subject: [Infowarrior] - =?utf-8?q?FBI=E2=80=99s_Use_Of_Controversial_Patr?= =?utf-8?q?iot_Act_Section_Is_Expanding?= Message-ID: FBI?s Use Of Controversial Patriot Act Section Is Expanding Lower legal threshold and wider availability of electronic information cited in report on greater use of Section 215 Devlin Barrett May 21, 2015 11:51 a.m. ET http://www.wsj.com/articles/fbis-use-of-controversial-patriot-act-section-is-expanding-1432223491 The Federal Bureau of Investigation used a controversial section of the Patriot Act to gather information more than 50 times in a three-year period, according to a new internal review released as Congress debates whether to let the law expire. The FBI?s use of section 215 of the Patriot Act ?continues to expand,? according to the report released Thursday by the Justice Department?s Inspector General Michael Horowitz. The expansion is in part because the legal threshold for its use has been lowered and because ?society?s use of the Internet have also expanded the quantity and quality of electronic information available to the FBI,?? the report states. Section 215 authorizes the government to collect ?tangible things? such as business records with an order from the Foreign Intelligence Surveillance Court. The types of information sought with such orders range from ?hard copy reproductions of business ledgers and receipts to gigabytes of metadata and other electronic information,?? the report found. The FBI has been ?broadening the scope of materials sought in applications,?? in part because they are not limited to requesting information only about suspects. The FBI uses section 215, the report said, ?in investigations of groups comprised of unknown members and to obtain information in bulk concerning persons who are not the subjects of or associated with any FBI investigation.?? Section 215 is due to expire June 1 and is widely expected to lapse given deep concerns among lawmakers about the scope and breadth of the records-collection it is enabling. That section of the Patriot Act provides the legal foundation for the National Security Agency?s collection of millions of Americans? phone records, which civil liberties groups charge is a violation of Constitutional privacy protections. Lawmakers are debating whether to re-authorize it, scale it back, or let it expire. If it lapses, law enforcement?s ability to collect information could be limited. As lawmakers weigh the issue, senior FBI officials have begun to argue publicly that while the phone program is useful to hunting terrorists, the other work done under the authority of Section 215 is more important and must be preserved to effectively investigate terror and spy suspects. Thursday?s report, which studied the FBI?s use of the law for the years 2007 through 2009, said the FBI often uses Section 215 to obtain Internet records, particularly when the companies holding such data are reluctant to provide the information without a court order. ?The agents we interviewed did not identify any major case developments that resulted from use of the records obtained in response to section 215 orders, but told us that the material produced... was valuable in that it was used to support other investigative requests, develop investigative leads, and corroborate other information,?? the report concluded. The inspector general?s report was delayed, first by the reluctance of the FBI to share information with investigators, and then by a classification review, according to other documents and public testimony. A classified version of the report was shared with lawmakers months ago, officials said. Write to Devlin Barrett at devlin.barrett at wsj.com -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 21 19:20:36 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 21 May 2015 20:20:36 -0400 Subject: [Infowarrior] - Classifying Embarrassment Message-ID: In the Same Week, the U.S. and U.K. Hide Their War Crimes by Invoking ?National Security? By Glenn Greenwald @ggreenwald https://firstlook.org/theintercept/2015/05/21/key-tactic-us-uk-hide-war-crimes-invoking-national-security/ < - > No healthy democracy can possibly function where this warped mindset prevails: we are entitled to hide anything we do that makes us look bad because making us look bad harms ?national security,? and we are the ones who make that decision without challenge. As the ACLU?s Jameel Jaffer said: To allow the government to suppress any image that might provoke someone, somewhere, to violence would be to give the government sweeping power to suppress evidence of its own agents? misconduct. Giving the government that kind of censorial power would have implications far beyond this specific context. But even more threatening than the menace to democracy is the propagandzied public this mentality guarantees. A government that is able to hide its own atrocities on ?national security? grounds will be one whose public endlessly focuses on the crimes of others while remaining blissfully unaware of one?s own nation. That is an excellent description of much of the American and British public, and as good an explanation as any why much of their public discourse consists of little more than proclamations that Our Side is Better despite the decades of brutality, aggression and militarism their own side has perpetrated. -- It's better to burn out than fade away. From rforno at infowarrior.org Fri May 22 07:48:30 2015 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 22 May 2015 08:48:30 -0400 Subject: [Infowarrior] - Firefox Will Show Ads Based On Your Browsing History Message-ID: Firefox Will Show Ads Based On Your Browsing History Posted by: Rhiannon Nee May 22, 2015 http://www.geeksnack.com/2015/05/22/firefox-will-show-ads-based-on-your-browsing-history/ Mozilla has announced Firefox will soon do a Google, meaning it?s going to start showing sponsored ads based on your browsing history. As of next week, Firefox Beta users will start seeing ?Suggested? tiles when they open a new tab. Currently, opening a new tab in Firefox presents a screen with tiles from sites you previously visited. Now some of those tiles are going to be ads based on your browsing history. For example, if you?ve been searching for a new camera, one of the tabs might lead you to the website of a camera store. It?s not the first time Mozilla has brought ads to Firefox. In 2014, they introduced Directory Tiles, which are randomly selected ads that will appear in a newly installed version of Firefox. But these ?Suggested? tiles are different because the program will be looking at your history. It means Mozilla is now treading the line between advocating privacy and bringing in revenue. ?Suggested Tiles is an advertising experience that delivers content recommendations that are relevant for the user in a transparent way while at the same time respecting their privacy, and giving them complete control over the experience.? While the nonprofit promises it won?t be collecting users? data to sell to third parties, many people are still rightly concerned. Mozilla?s advocacy of internet privacy is what drove many of its current users to Firefox over other browsers such as Google?s Chrome. And it?s a little strange to hear a nonprofit talking about enhancing its digital advertising experiences. In Mozilla?s defence, however, we do have plenty of reasons to trust that the nonprofit will keep their promise to not use our data for some nefarious purpose. Mozilla has said it will follow strict rules about how it?s going to implement these ads. For instance, in order for a suggested tile to appear, the user will have to have visited at least five URLs that indicate they have an interest in a particular area. So if you visit just a couple of sites about, say, the latest developments in virtual reality, it won?t be enough to trigger a tile suggesting you visit some technology news site. It?s likely Mozilla didn?t come to the decision to implement these ads lightly. While moving to targeted advertising by collecting users? data feels like a big step in a bad direction, we all understand Mozilla needs to keep the lights on by somehow bringing in money. -- It's better to burn out than fade away. From rforno at infowarrior.org Sat May 23 19:27:23 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 23 May 2015 20:27:23 -0400 Subject: [Infowarrior] - DOJ lays down some privacy rules for feds flying drones Message-ID: <07E2D257-36A6-4D98-BCDE-418AB5D8E620@infowarrior.org> DOJ lays down some privacy rules for feds flying drones by Mariella Moon | @mariella_moon | 14 mins ago http://www.engadget.com/2015/05/23/doj-drone-privacy/?ncid=rss_truncated The Justice Department promises to keep a closer eye on how its agencies are using drones from now on -- after all, they can be useful in nabbing suspects, but they can also be used as a tool to abuse power. In its new five-page policy guidance, the department has listed when its agencies can and can't use drones, with a focus on people's right to privacy. For instance, they can't be deployed to monitor activities protected by the First Amendment, such as peaceful protests. Authorities will also have to secure warrants to use the machines in places where the subject of investigation has "reasonable expectation of privacy." Obviously, the drones can only be used for authorized investigations and never for engaging in discriminatory acts. In order to make sure the whole department follows these policies, the DOJ plans to train all its drone operators, subject its agencies to annual reviews by the deputy attorney general, and require them to keep logs of every drone flight. The department will then publish a flight summary from those logs on its website. At the moment, only the FBI has an operational drone program (reportedly with 17 machines and two pilots) within the DOJ, though the ATF has a suspended one it might relaunch in the future. Now that the department's agencies finally have a concrete idea of what they can use drones for, they can get ones fit for the job instead of wasting so much money (again) on shoddy pieces of equipment. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 24 14:57:27 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 24 May 2015 15:57:27 -0400 Subject: [Infowarrior] - Regarding the Politics of Surveillance Message-ID: <120FA46F-B2DA-4A48-93DF-353BDE53641E@infowarrior.org> Regarding the Politics of Surveillance By Richard Forno on May 24, 2015 at 12:56 pm https://cyberlaw.stanford.edu/blog/2015/05/regarding-politics-surveillance -- It's better to burn out than fade away. From rforno at infowarrior.org Mon May 25 15:27:07 2015 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 25 May 2015 16:27:07 -0400 Subject: [Infowarrior] - Silent Circle relocates to Switzerland Message-ID: <65B836A5-88EA-4D66-BD96-14371AB16FE7@infowarrior.org> Philip Zimmermann: king of encryption reveals his fears for privacy The creator of PGP has moved his mobile-encryption firm Silent Circle to Switzerland to be free of US mass surveillance. Here he explains why? http://www.theguardian.com/technology/2015/may/25/philip-zimmermann-king-encryption-reveals-fears-privacy -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 26 14:20:24 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 26 May 2015 15:20:24 -0400 Subject: [Infowarrior] - The Air Force Can Use an Electromagnetic Pulse to Kill Enemy Computers Message-ID: <2BCB65B0-1201-4EF5-B0B7-DE42565C89A4@infowarrior.org> The Air Force Can Use an Electromagnetic Pulse to Kill Enemy Computers Kate Knibbs http://gizmodo.com/the-air-force-can-use-an-electromagnetic-pulse-to-kill-1706968478 One of the US Air Force?s most high-tech weapons is a tool that can?t hurt people ? but it kills electronic devices. The CHAMP (Counter-Electronics High-Powered Microwave Advanced Missile Project) is a computer-frying device that emits a strong blast of targeted microwave energy that can take down enemy data centers and infrastructure without blowing anyone up. The Air Force recently confirmed that CHAMP is an operational system, although it?s not yet able to be deployed in a remote-controlled missile. Congress recently pressured the Air Force to prepare the tech for battle, though it may blow its 2016 deadline. CHAMP is accurate enough to target individual buildings, which means it can pinpoint specific systems to take down instead of wiping out everything in a general area. Unlike jammers, CHAMP will destroy or permanently damage electronics, which means it?s an incredibly potent weapon for screwing with enemy data centers. Boeing successfully tested a missile carrying CHAMP back in 2012, knocking the power from every electric device in a two-story building. For that test, it used a AGM-86 Conventional Air-Launched Cruise Missile, but the Air Force Research Laboratory recently nominated Lockheed Martin?s Air-to-Surface Standoff Missile (JASSM-ER) to carry the CHAMP weapons. A drone or aircraft could also carry the weapon, depending on the mission. This is far from the first time the military has experimented with electromagnetic pulses as weapons. Nuclear warheads also generate electronics-frying electromagnetic energy, but of course they also destroy a large geographic area and kill untold numbers of civilians. CHAMP is a step forward in electronic warfare because it?s so well-suited to minimizing collateral damage. [Digital Trends via CNN] Contact the author at kate.knibbs at gizmodo.com. Public PGP key PGP fingerprint: FF8F 0D7A AB19 6D71 C967 9576 8C12 9478 EE07 10C -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 26 16:16:00 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 26 May 2015 17:16:00 -0400 Subject: [Infowarrior] - PATRIOT Panic begins to set in on Capitol Hill Message-ID: <96E54B91-5C18-47C2-892A-61D304CF75DE@infowarrior.org> Privacy advocates oppose fresh Senate attempt to renew NSA spying powers Legislation proposed by Senator Dianne Feinstein in bid to avoid surveillance expiration this weekend rolls back key provisions of ambitious NSA reform bill Dan Roberts in Washington Tuesday 26 May 2015 14.26 EDT Last modified on Tuesday 26 May 2015 15.00 EDT http://www.theguardian.com/us-news/2015/may/26/senate-renew-nsa-surveillance-privacy Fresh attempts to prevent controversial National Security Agency surveillance powers expiring this weekend emerged on Tuesday, only to quickly run into opposition from privacy campaigners in Congress. Democratic senator Dianne Feinstein, a hawkish member of the intelligence committee, has proposed the new legislation to try to win over a handful of wavering Republicans who stood in the way of more ambitious reform efforts during a showdown last week. But Feinstein?s bill, first reported by the Empty Wheel blog, rolls back a number of key provisions in the USA Freedom Act, which fell three senators short of the 60 needed to proceed in a 57-42 vote in the early hours of Friday morning, and may complicate rather than aid the painful process of building consensus. The USA Freedom Act seeks to ban the NSA from collecting American telephone data in bulk, a practice first revealed by whistleblower Edward Snowden, and relies on the government seeking specific court orders to obtain information from phone companies on a case-by-case basis instead. Feinstein is one of the NSA?s staunchest Capitol Hill defenders. The top Democrat on the Senate intelligence committee, itself a bastion of NSA support, Feinstein in 2013 offered a proposal to entrench the NSA?s domestic authorities as an alternative to the Freedom Act, which at the time contained stronger privacy protections and transparency guarantees than the version the House passed earlier this month. Feinstein?s current proposed bill ? presented as an update to the original Foreign Intelligence Surveillance Act (Fisa) of 1978 ? proposes an end to NSA bulk collection but contains various mandates for how phone companies would be required to store the data, something privacy advocates argue amounts to a re-creation of the NSA database in private hands. Critics also point to the absence of reforms aimed at making the court approval process more transparent and accountable, and believe it is unlikely to attract support from reformers such as Democratic senator Ron Wyden and Republican Mike Lee. ?Senator Wyden has serious concerns with this bill,? one staff aide told the Guardian. ?At this point the USA Freedom Act is clearly the most viable path for surveillance reform.? Losing support from Democrats and Republicans on the civil liberties end of the spectrum while gaining the backing of only a handful of more moderate Republicans may make Feinstein?s bill just as hard, if not harder, to pass than the USA Freedom Act, which at least already has the overwhelming support of the House of Representatives. Republican majority leader Mitch McConnell has limited room for maneouvre since the existing authorisation for bulk collection ? under separate legislation, the Patriot Act ? expires on 31 May and has also been ruled illegal by a federal appeals court. McConnell originally favoured simply renewing the Patriot Act, but even a short-term extension failed to reach the 60-vote hurdle in the Senate last week, receiving support from just 45 senators. Another Republican bill, proposed by intelligence chairman Richard Burr, was also shot down by reformers in the House who made it clear they saw it as an attempt to bolster, not diminish, NSA surveillance powers. Instead, McConnell is now believed to be focused on what one Democratic staffer called ?face-saving? amendments: small tweaks to the USA Freedom Act, such as a requirement that telephone companies certify they are ready to respond to NSA requests, which would allow the majority leader to show he had changed the House version without losing the support needed to pass it. On Tuesday, Barack Obama once again urged staff on Capitol Hill to work through the Memorial Day recess to ensure a solution is found before McConnell brings the Senate back to vote again this Sunday. ?[Congress] left town without finishing necessary work on Fisa and some of the reforms that are necessary to the Patriot Act,? said the president. ?I strongly urge the Senate to work through this recess and make sure that they identify a way to get this done ... This needs to get done. And I would urge folks to just work through whatever issues can still exist. Make sure we don?t have on midnight Sunday night this task still undone, because it?s necessary to keep the American people safe and secure.? Feinstein?s office did not respond to requests for comment. Additional reporting by Spencer Ackerman in New York -- It's better to burn out than fade away. From rforno at infowarrior.org Tue May 26 17:16:10 2015 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 26 May 2015 18:16:10 -0400 Subject: [Infowarrior] - Mitch McConnell Will Do Just About Anything Not to Vindicate Edward Snowden Message-ID: <496435A4-1E46-4394-810D-441A486FB1D4@infowarrior.org> Mitch McConnell Will Do Just About Anything Not to Vindicate Edward Snowden By Dan Froomkin @froomkin Today at 10:28 AM https://firstlook.org/theintercept/2015/05/26/mitch-mcconnell-will-just-anything-vindicate-edward-snowden/ Senate Republican leaders managed to scrape up enough votes just past midnight Saturday morning to put off decisive action on the NSA?s bulk collection of American phone records until next Sunday, May 31. But the hardliners ? and make no mistake, they are taking an even harder and more absurd line than the NSA itself ? have no endgame. Only two outcomes are possible at this point: First, three provisions of the Patriot Act ? one of which has provided the legal cover for bulk collection ? expire on June 1. (Indeed, the Obama administration has already begun the process of winding it down.) Or second, the Senate passes the USA Freedom Act, which extends those provisions but requires the NSA to request specific records from telecom companies, instead of getting them all. Fifty-seven senators, only three short of the necessary 60, voted Saturday to invoke cloture and limit debate on the reform bill, itself a milquetoast compromise that won overwhelming bipartisan support in the House. Nothing else has the votes, certainly not a blanket renewal of the Patriot Act, now that the world actually knows how it?s being misused, thanks to NSA whistleblower Edward Snowden Sen. Rand Paul, R-Ky., led a very public yet essentially meaningless quasi-filibuster against the Patriot Act last Wednesday. But early Saturday morning, he and two Democrats ? Ron Wyden of Oregon and Martin Heinrich of New Mexico ? followed that up with a series of devastatingly effective objections that blocked Senate Majority Leader Mitch McConnell?s attempt to extend the authorities to June 8, then to June 5, then to June 3, then to June 2. But why are McConnell and his gang ?playing chicken,? as White House press secretary put it on Friday? Why create, as Senator Patrick Leahy, D-Vt., accurately called it, a ?manufactured crisis?? Anybody paying attention knows it?s not a policy debate. The reasons McConnell and others cite for wanting to extend the program as is ? despite the fact that it?s flatly illegal, essentially useless, and spectacularly invasive ? are laughable. In fact, the compromise they?re willing to fight to the death to oppose was actually proposed by the NSA. The issue is they just don?t want Snowden officially vindicated, by an act of Congress. Ever since 9/11, the GOP has found huge political gain in exploiting national security fears. And ever since Obama?s election, they have pursued a singularly successful campaign of obstruction, by making Congress almost entirely dysfunctional. But this time, fear isn?t working, and dysfunction doesn?t get the job done. The Patriot Act provisions in question require an affirmative act of Congress to stay in place. So although McConnell has managed to extend his fight longer than pretty much anyone anticipated (including me), come May 31, he loses, and Snowden wins. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 06:21:43 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 07:21:43 -0400 Subject: [Infowarrior] - Apple ditching discoveryd, returns to mDNSResponder Message-ID: <748D5DB7-D478-492F-9707-809F5B01C1BD@infowarrior.org> Thank gods!!!! --rick Latest OS X beta ditches buggy discoveryd DNS service, replaced with mDNSResponder By AppleInsider Staff Tuesday, May 26, 2015, 03:58 pm PT (06:58 pm ET) In an apparent effort to fix DNS errors seen in recent OS X 10.10 versions, Apple's latest Yosemite beta shows the buggy discoveryd service replaced with mDNSResponder, a process last implemented in OS X 10.9 Mavericks. < - > http://appleinsider.com/articles/15/05/26/latest-os-x-beta-ditches-buggy-discoveryd-dns-service-replaced-with-mdnsresponder -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 06:22:16 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 07:22:16 -0400 Subject: [Infowarrior] - IRS Data Breach Message-ID: <91CBB8A4-9C2C-4AAA-8B6A-3989B379971C@infowarrior.org> (Wil IRS offer anything to victims? Even the typical 'free credit monitoring'? Probably not. This is another sign that we have more self-inflicted 'threats' to our information systems than anything coming from China, Russia, Israel, or terrorists. --rick) Financial Info On 100,000 Taxpayers Now In The Hands Of Criminals, Thanks To The IRS's Weak Authentication Processes from the time-for-everyone-to-start-lying-about-their-first-pet's-name dept The government that wants so badly to be the world's leading cyberwarfare force still seems largely unable to fence in its own backyard. In Yet Another Breach?, the sensitive financial information of thousands of Americans is now in the hands of criminals. < - > https://www.techdirt.com/articles/20150526/15302231120/financial-info-100000-taxpayers-now-hands-criminals-thanks-to-irss-weak-authentication-processes.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 06:26:33 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 07:26:33 -0400 Subject: [Infowarrior] - A Simple Text Can Crash Messages on any iPhone Message-ID: <039ED708-0BE6-40E9-9648-2CC302A30DF1@infowarrior.org> A Simple Text Can Crash Messages on any iPhone It's Sent to http://gizmodo.com/a-simple-text-can-crash-messages-on-any-iphone-its-sent-1707128470 A newly discovered bug seems to cause Messages on iOS to crash when a specific string of text is received?and if it happens while the phone is locked, it also seems to reboot the iPhone too. It?s easy enough to find the offending string of text on Reddit, and plenty of Twitter users are already reporting that it?s being sent around to annoy people on a global scale. Verge reports that the trick seems to work regardless of what device it?s sent from?Windows Phone, Android or iPhone itself. Obviously we don?t condone that kind of behavior, but you know, it?s there to use if you feel so inclined. The damage can, however, be undone. If you have a Mac, you can simply reply to the offending text message in iMessage with any other string of text to stop it from crashing your iPhone. If you don?t have a Mac, you can try sending a text message from a third-party app using its ?share? function, ask Siri to send a reply, or beg the sender to send a follow-up text. If you know who the sender is. Apple will no doubt issue a fix to the issue pretty swiftly. But until they do, that simple line of text could cause some serious headaches. [9to5mac, Verge] -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 09:08:06 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 10:08:06 -0400 Subject: [Infowarrior] - DiFi's Section 215 'reform' makes everything worse Message-ID: <9726FFCC-CAA6-468F-BA30-3ED95B7E204F@infowarrior.org> (Well of course it does....it's DiFi, after all. --rick) Good News! Dianne Feinstein Is Here To Reform The Section 215 Program By Making Everything Worse! https://www.techdirt.com/articles/20150526/18163731123/good-news-dianne-feinstein-is-here-to-reform-section-215-program-making-everything-worse.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 13:06:07 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 14:06:07 -0400 Subject: [Infowarrior] - Disney Warned Fusion Not To Do News Coverage That Might Embarrass It Or Others In Hollywood Message-ID: Disney Warned Fusion Not To Do News Coverage That Might Embarrass It Or Others In Hollywood https://www.techdirt.com/articles/20150525/21230531099/disney-warned-fusion-not-to-do-news-coverage-that-might-embarrass-it-others-hollywood.shtml -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 17:03:41 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 18:03:41 -0400 Subject: [Infowarrior] - TISA: Yet Another Leaked Treaty You've Never Heard Of Message-ID: May 27, 2015 | By Jeremy Malcolm TISA: Yet Another Leaked Treaty You've Never Heard Of Makes Secret Rules for the Internet https://www.eff.org/deeplinks/2015/05/tisa-yet-another-leaked-treaty-youve-never-heard-makes-secret-rules-internet A February 2015 draft of the secret Trade In Services Agreement (TISA) was leaked again last week, revealing a more extensive and more recent text than that of portions from an April 2014 leak that we covered last year. Together with the Trans-Pacific Partnership (TPP) and the Trans-Atlantic Trade and Investment Partnership (TTIP), TISA completes a trifecta of trade agreements that the administration could sign under Fast Track without full congressional oversight. Although it is the least well-known of those agreements, it is the broadest in terms of membership. As far as we know, it presently includes twenty countries plus Europe (but notably excluding the major emerging world economies of the BRICS bloc), who, with disdainful levity, have adopted the mantle ?the Really Good Friends of Services?. Like its sister agreements, TISA will enact global rules that impact the Internet, bypassing the transparency and accountability of national parliaments. The only difference is that its focus is on services, not goods. In our previous analysis, we focused our attention on two points from the leaked text. The first was a provision that would prohibit democratically-elected parliaments from enacting limits on the "free flow of information" to protect the privacy of their citizens?limits that, we argued, should be debated publicly, not behind closed doors. The second was text on net neutrality, that would lock in a particular set of global rules on net neutrality, including an open-ended exception for ?reasonable network management? that could become a loophole for exploitation. Those provisions remain in the new leaked draft. But the latest leak has revealed more. The agreement would also prohibit countries from enacting free and open source software mandates. Although ?software used for critical infrastructure? is already carved out from this prohibition (and so is software that is not ?mass market software?, whatever that means), there are other circumstances in which a country might legitimately require suppliers to disclose their source code. For example, one step that might be considered to improve the dire state of security of consumer routers might be to require that they be supplied with source code, so that their security could be more broadly reviewed, and third parties could contribute patches for critical vulnerabilities. Although that may sound radical, this is already required for many routers because they are based on software covered by the GNU General Public License. TISA would prohibit any such national initiative. As in the TPP, and expanding on the earlier leaked draft, TISA also includes a prohibition on laws that require service providers to host data locally, which some countries have used to protect sensitive personal information, such as health data, from being snooped upon on foreign soil. There are arguments for and against such laws, and it is inappropriate that a secretive international agreement such as TISA should preempt these important debates. The agreement would also require countries to introduce anti-spam laws. Although spam is bad, that doesn't necessarily make anti-spam laws good. In practice such laws have generally been ineffective at best, and ripe for abuse at worst. As such, we believe that it would be a legitimate choice for a country to decide not to tackle this blight through legislation?a choice that TISA would remove from them. These examples only scratch the surface of TISA, yet they are enough to demonstrate a common problem that also affects the TPP and TTIP?that they are locking in a very specific rules for the Internet that the member countries may regret later. Locking in national laws through international law is something to be done sparingly. If it is done at all, then it should be through a transparent process that allows for users to have a voice?a process at least as open as that by which WIPO concluded the Marrakesh Treaty for the Blind. What we have here is the very antithesis of that. The closed-door TISA negotiations are designed to set some very technologically-specific rules in stone?rules that will bind signatory countries for decades to come. Users and other stakeholders are completely excised from this process, and even our democratically elected representatives are being kept in the dark. Activism around TISA is still very diffuse and limited, but there's one campaign that you can help us fight now, and it's the same action that we're taking to battle the TPP?it's opposing the Fast Track bill. The U.S. administration is relying on Fast Track not only to streamline its accession to the TPP, but its future ratification of TISA as well. Even if you're on the fence about the TPP, TISA is a further reason for you to call on your representative to oppose Fast Track today. -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 17:26:48 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 18:26:48 -0400 Subject: [Infowarrior] - First Look Publishes Open Source Code To Advance Privacy, Security, and Journalism Message-ID: <9C56DC92-F07F-4319-B643-4A70A31695E7@infowarrior.org> First Look Publishes Open Source Code To Advance Privacy, Security, and Journalism By Micah Lee @micahflee Today at 4:24 PM https://firstlook.org/theintercept/2015/05/27/first-look-publishes-code-redact-documents-create-warrant-canaries/ The Intercept and its publisher First Look Media strongly believe in the benefits of free and open source software ? in part because we rely on such software every day. To keep our journalists and sources safe, we use secure communication tools like the data-encryption system GnuPG, the Off-the-Record secure messaging protocol, the SecureDrop communications platform, and the secure calling and texting app Signal. To publish on the web, we use the GNU/Linux operating system; the Apache web server; OpenSSL, a web encryption library; WordPress, the open-source blogging engine; and Piwik, which tracks web traffic. The list goes on. We greatly appreciate the hard work of developers who give away their code to benefit the internet and the world. And today we?re excited to contribute back to the open source community by launching First Look Code, the home for our own open source projects related to privacy, security, data, and journalism. To begin with, First Look Code is the new home for document sanitization software PDF Redact Tools, and we?ve launched a brand new anti-gag order project called AutoCanary. PDF Redact Tools When The Intercept first launched, part of my job involved redacting documents from NSA whistleblower Edward Snowden before publishing them. Because we didn?t want to inadvertantly publish sensitive information we?d intended to redact ? as no less cautious an institution than The New York Times once did ? I developed PDF Redact Tools, a simple command-line program for Mac OS X and Linux that helps with redacting, stripping metadata, and sanitizing PDFs in preparation for publishing. Read more about PDF Redact Tools on its new website. AutoCanary A warrant canary is a regularly published statement that a company hasn?t received any legal orders that it?s not allowed to talk about, such as a national security letter. Canaries can help prevent web publishers from misleading visitors and prevent tech companies from misleading users when they share data with the government and are prevented from talking about it. One such situation arose ? without a canary in place ? in 2013, when the U.S. government sent Lavabit, a provider of encrypted email services apparently used by Snowden, a legal request to access Snowden?s email, thwarting some of the very privacy protections Lavabit had promised users. This request included a gag order, so the company was legally prohibited from talking about it. Rather than becoming ?complicit in crimes against the American people,? in his words, Lavabit founder Ladar Levison, chose to shut down the service. Warrant canaries are designed to help companies in this kind of situation. You can see a list of companies that publish warrant canary statements at Canary Watch. As of today, First Look Media is among the companies that publish canaries. We?re happy to announce the first version of AutoCanary, a desktop program for Windows, Mac OS X, and Linux that makes the process of generating machine-readable, digitally-signed warrant canary statements simpler. Read more about AutoCanary on its new website. Email the author: micah.lee at theintercept.com -- It's better to burn out than fade away. From rforno at infowarrior.org Wed May 27 18:25:54 2015 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 27 May 2015 19:25:54 -0400 Subject: [Infowarrior] - Fwd: [IP] John Gilmore on ICANN. References: Message-ID: <6D22DB86-1E16-4CA4-9DE6-FC2D91708596@infowarrior.org> Well-said, John?? -- It's better to burn out than fade away. Begin forwarded message: > From: "Dave Farber" > Subject: [IP] John Gilmore on ICANN. > Date: May 27, 2015 at 7:08:30 PM EDT > To: "ip" > Reply-To: dave at farber.net > > I believe this is not an inaccurate description from a historical standpoint. I also attend to agree with many of the points John takes. > > Dave > > ---------- Forwarded message ---------- > From: "John Gilmore" > Date: May 27, 2015 6:46 PM > Subject: Re: [IP] How global DNS could survive in the frozen lands outside US control > To: > Cc: "ip" > > ICANN has built itself a nice monopoly, with very little outside > influence or control. Now it wants to reduce that to "zero" outside > influence or control. The community and the US Government should > decline to do so. (PS: The community has little or no say over this.) > > Back when ICANN was formed in 1998, EFF proposed that ICANN's > "nonprofit" corporate charter should include some basic protections > for freedom of speech and press, due process, international human > rights, transparency, and such. See: > > https://w2.eff.org/Infrastructure/DNS_control/ICANN_IANA_IAHC/19980923_eff_new_iana.bylaws > https://w2.eff.org/Infrastructure/DNS_control/ICANN_IANA_IAHC/19980924_eff_new_iana_pressrel.html > > "... any foundation for governance of a communications system, such as > the Internet, should stand on the fundamental human right of free > expression. ... What was suppossed to be an excercise in Internet > democracy has become an excercise in Internet oligarchy" - Barry > Steinhardt, EFF President > > and see generally: > > https://w2.eff.org/Infrastructure/DNS_control/ICANN_IANA_IAHC/ > > ICANN's management and lawyers refused to include any such provisions, > on the theory that if they were included, then people could succeed in > suing ICANN if it violated freedom of speech or the press, did things > to domain holders without due process, or was not transparent about > its activities. ICANN management wanted the right to violate those > human rights and public oversight provisions -- and they ultimately > got it. No court can decide whether ICANN's actions violate > international human rights law, because ICANN is not required to > follow international human rights law; it isn't a government and it > never signed those treaties. It isn't required to follow the US Bill > of Rights, because it isn't a government. It isn't required to follow > basic transparency policies like Freedom of Information or Open > Meetings, except to the extent that the US Government currently > requires that under their contract with ICANN. It isn't required to > follow anything but California and US nonprofit law (which it > deliberately violated anyway, see below). Yes, the sole substantive > rules that govern ICANN are the same ones that control the struggling > 2-person environmental group or underfunded health clinic doing a bake > sale in a nearby park. The creation of an unaccountable ICANN was all > handled by ICANN's "unpaid volunteer" lawyer, Joe Sims of the Los > Angeles firm Jones Day, who later, once the gravy train was set up, > started charging ICANN a good chunk for his ongoing advice. As of > 2014, ICANN pays Jones Day almost $4 million annually for legal > services. > > ICANN soon started charging domain registrars a fee of 20c per year > per domain, for doing nothing except protecting itself from outsiders > and paying itself large wages. ICANN sets the amount of this fee > itself, and there is nothing that outsiders, or ICANN's customers, can > do to challenge it or change it. It is currently 18c per transaction, > and raises about $80 million dollars per year, all of which ICANN > finds some way to spend on itself and its lawyers. By 2014 it had > more than 300 employees churning around looking for ways to spend > money on themselves and their contractors. More than 30 of these > "nonprofit" employees make more than $250,000 a year or are "paid > directors", with the CEO wasting $900K/year. It also spent about > $575K of your domain fees lobbying the government on its own behalf > ("a staff registered lobbyist and two government affairs firms"). See > pages 7-9 and 30 and 52-53 of: > > https://www.icann.org/en/system/files/files/fy-2014-form-990-31mar15-en.pdf > > At one point a single outside critic, Karl Auerbach, slipped onto the > ICANN Board of Directors. ICANN is (was?) a California nonprofit, and > the Directors of a nonprofit have responsibility for the acts of the > nonprofit -- and have rights to oversee its acts. They can inspect > the physical premises at any time, and can see and copy any documents > that the business has. Otherwise the theory that the Board is in > control is a hollow mockery, and California law doesn't allow that. > ICANN claimed that its Board members could not actually access basic > information like the financial statements of the organization (how > much money comes in, how much goes out, and for what reasons). Not > only did ICANN management refuse. The rest of the ICANN board, > including Chairman Vint Cerf, refused, and circled the wagons to > protect ICANN from actual transparency. In 2002, EFF helped Karl file > a lawsuit under California law to enforce his rights. ICANN contested > the lawsuit, and Vint filed a declaration with the court in support of > their position. ICANN lost that lawsuit, and Karl got to look at the > financial reports -- but did not get to show the finances of this > "nonprofit" to the public. ICANN immediately revised the procedures > for electing their board, to make sure that no critic would ever get > on the board again. However, they did start being more transparent > about their finances, since these would have to come out in their > publicly available income tax returns anyway. See: > > https://www.eff.org/cases/auerbach-v-icann > https://www.eff.org/press/releases/icann-director-seeks-court-order-review-records > https://www.icann.org/resources/pages/fiscal-2014-09-15-en > > Fast forward another few years, and ICANN decided to sell new > top-level domains. The bidding process was completely rigged to > ICANN's benefit; bidders sent in a non-refundable $185,000 per > proposed domain and were guaranteed exactly nothing in return. Domain > speculators sent in a frenzy of money, as expected, and ICANN raked in > a one-time profit of $350 million. Some of those domains have gone > live since, and as expected, they have mainly benefited ICANN. > Recently in 2015 ICANN auctioned off ".app" for $25 million, which it > says went into a "designated purpose" fund, which ICANN of course has > sole control over. As with the about $80 million in recurring revenue > from domain registrars and registries, they have struggled mightily > but succeeded in finding ways to waste almost all of these hundreds of > millions on themselves and their buddies. As of 2014, they estimate > that all but $100M has been spent, and that is carefully hoarded in a > "Risk Reserve" for "future costs that cannot be estimated" (up to now, > only $1M in "risk reserve" has been actually spent). In 2014 they > spent or wasted $17M with Ernst & Young, $16M with KPMG, $8M with "JAS > Global Advisors", $4M with Interconnect Communications, $2.8M with > Price Waterhouse, and $2.6M with Chambre de Commerce Internationale, > all for the new top-level domains program. See: > > https://www.icann.org/en/system/files/files/financial-report-fye-30jun12-en.pdf > https://www.icann.org/en/system/files/files/adopted-opplan-budget-fy14-22aug13-en.pdf > > ICANN recently decided that the money it receives for each domain name > registered does not obligate it to do anything in particular; or as the > lawyers put it on page 75 of: > > https://www.icann.org/en/system/files/files/fy-2014-form-990-31mar15-en.pdf > > ICANN HAS DETERMINED THAT THE REGISTRY AND REGISTRAR AGREEMENTS DO > NOT INCLUDE ANY OBLIGATIONS FOR ICANN THAT PERTAIN TO EACH SPECIFIC > REGISTRATION OF A DOMAIN NAME. ICANN CONSIDERS THAT ITS CONTRACTUAL > OBLIGATIONS ARE UNRELATED TO A SPECIFIC DOMAIN NAME REGISTRATION, > WHICH THEREFORE DOES NOT CREATE SPECIFIC PERFORMANCE OBLIGATIONS > WHICH WOULD REQUIRE A DEFERRAL OF REVENUE OVER THE DURATION OF THE > REGISTRATION. AS A RESULT, ICANN HAS CHANGED ITS REVENUE RECOGNITION > METHOD SO THAT THE TRANSACTION-BASED FEES ARE RECOGNIZED AS REVENUE > WHEN EACH TRANSACTION OCCURS. > > In other words, they specifically state that you are paying them for > NOTHING when you pay them every year (via your registrar and registry) > to renew your domain name. The reason you have to pay? Because they > control the root and they demand payment, not because they are doing > anything for you. > > One minor drag on ICANN's ability to do exactly what it wants has been > the original US Government contract to run the domain name system. > Whenever ICANN got a little too crazy, the government would gently > suggest that perhaps it would re-bid that contract to somebody a > little less crazy. As far as I can tell from outside, the USG has > used a very light touch in this process. Anyway, the USG has never > been particularly unhappy about creating monopolies for the private > benefit of the monopolies. But nevertheless, the structure galled > other countries, especially those who want to use international > institutions dominated by governments to impose their own kind of > cultural baggage (censorship, wiretapping, etc) on global Internet > users. Or kleptocrats who could see how any international institution > that managed to wangle control of ICANN could start extracting free > money from the Internet; ICANN would just pass the costs down to all > of us, in a way that we already have no way to contest. So "Get the > US out of domains" became a rallying cry for a kind of misguided > leftists in alliance with third world autocrats. That is the current > "debate" in the multi-decade debacle of ICANN. > > To sum it up? If domain users have zero control over ICANN, if > ordinary domain owners have zero control over ICANN, if ISPs have zero > control, if domain registrars have zero control, if governments have > zero control, if even its sinecure board members have zero control, > then who will have any control over what ICANN does with the domain > name system that billions of people rely upon? The answer is pretty > simple: ICANN management and lawyers will have full control, fat > personal salaries, a pot of hundreds of millions that they're sitting > on, recurring revenues that are totally set by their fiat, and the > rest of us will have zip. Any questions? > > John Gilmore > (speaking for myself, not for the Electronic Frontier Foundation) -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Thu May 28 07:16:17 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 28 May 2015 08:16:17 -0400 Subject: [Infowarrior] - NYT fear-mongering on the 'PATRIOT' Act Message-ID: <689C624D-D394-4178-90AE-2FF24E0CAB36@infowarrior.org> (the last sentence under the asterisks is the money-quote from this article, I think. --rick) Anonymous Fear-Mongering About the Patriot Act from the White House and NYT By Glenn Greenwald @ggreenwald Today at 7:00 AM https://firstlook.org/theintercept/2015/05/28/anonymous-fear-mongering-patriot-act-nyt-wh/ Several of the most extremist provisions of the 2001 Patriot Act are going to expire on June 1 unless Congress reauthorizes them in some form. Obama officials such as Director of National Intelligence James Clapper and new Attorney General Loretta Lynch have been engaged in rank fear-mongering to coerce renewal, warning that we?ll all be ?less safe? if these provisions are allowed to ?sunset? as originally intended, while invoking classic Cheneyite rhetoric by saying Patriot Act opponents will bear the blame for the next attack. In an interview yesterday with the Intercept, ACLU Deputy Legal Director Jameel Jaffer explained why those scare tactics are outright frivolous. Enter the New York Times. An article this morning by Julie Hirschfeld Davis, in the first paragraph, cites anonymous Obama officials warning that ?failing to [strike a deal by the deadline] would suspend crucial domestic surveillance authority at a time of mounting terrorism threats.? Behold the next two paragraphs: ?What you?re doing, essentially, is you?re playing national security Russian roulette,? one senior administration official said of allowing the powers to lapse. That prospect appears increasingly likely with the measure, the USA Freedom Act, stalled and lawmakers in their home states and districts during a congressional recess. ?We?re in uncharted waters,? another senior member of the administration said at a briefing organized by the White House, where three officials spoke with reporters about the consequences of inaction by Congress. ?We have not had to confront addressing the terrorist threat without these authorities, and it?s going to be fraught with unnecessary risk.? Those two paragraphs, courtesy of the Obama White House and the Paper of Record, have it all: the principal weapons that have poisoned post-9/11 political discourse in the U.S. We have the invocation of wholly vague but Extremely Scary and Always Intensifying Terrorism Dangers (?at a time of mounting terrorism threats?). We have the actual terror threat that failure to accede to the government?s demands for power will result in your death (?you?re playing national security Russian roulette?); compare what Bush officials spewed in 2005 about the few members of Congress who tried to enact some mild Patriot Act reforms back then (White House press secretary Scott McClellan: ?In the war on terror, we cannot afford to be without these vital tools for a single moment ? The time for Democrats to stop standing in the way has come?). And we have the New York Times ? in the name of reporting on White House efforts to pressure Congress to act ? granting anonymity to ?senior administration officials? to spew their official fear-mongering script. This isn?t even an instance where some administration ?source? called the paper pretending to leak information that was really just official narrative; this was a White House-arranged call where anonymity was demanded as a condition for the honor of stenographically disseminating their words. Worst of all, it?s all published uncritically. There?s not a syllable challenging or questioning any of these dire warnings. No Patriot Act opponent is heard from. None of the multiple facts exposing these scare tactics as manipulative and false are referenced. It?s just government propaganda masquerading as a news article, where anonymous officials warn the country that they will die if the Patriot Act isn?t renewed immediately, while decreeing that Congressional critics of the law will have blood on their hands due to their refusal to obey. In other words, it?s a perfect museum exhibit for how government officials in both parties and American media outlets have collaborated for 15 years to enact one radical measure after the next and destroy any chance for rational discourse about it. * * * * * Are terror threats ever not ?mounting?? It?s now embedded in the journalistic slogan: Mounting Terrorism Threats. Photo: Ramin Talaie/Getty Images Email the author: glenn.greenwald at theintercept.com -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 28 07:34:01 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 28 May 2015 08:34:01 -0400 Subject: [Infowarrior] - How Airlines Turned Your Vacation Plans Into a Losing Bet Message-ID: <7C64CA45-99F0-4D87-99B6-895E107E3BAC@infowarrior.org> How Airlines Turned Your Vacation Plans Into a Losing Bet Shopping for plane tickets is a Byzantine game, and consumer complaints are growing http://www.bloomberg.com/news/articles/2015-05-28/airline-fares-change-fee-is-focus-of-increasing-consumer-anger -- It's better to burn out than fade away. From rforno at infowarrior.org Thu May 28 15:11:47 2015 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 28 May 2015 16:11:47 -0400 Subject: [Infowarrior] - How Private Contractors Have Created a Shadow NSA Message-ID: <4BF51FB8-7E70-49B8-AA7D-068C0FB65085@infowarrior.org> How Private Contractors Have Created a Shadow NSA A new cybersecurity elite moves between government and private practice, taking state secrets with them. Tim Shorrock May 27, 2015 | This article appeared in the June 15, 2015 edition of The Nation. http://www.thenation.com/article/208481/how-private-contractors-have-created-shadow-nsa About a year ago, I wangled a media invitation to a ?leadership dinner? in northern Virginia sponsored by the Intelligence and National Security Alliance. INSA is a powerful but little-known coalition established in 2005 by companies working for the National Security Agency. In recent years, it has become the premier organization for the men and women who run the massive cyberintelligence-industrial complex that encircles Washington, DC. The keynote speaker was Matthew Olsen, who was then the director of the National Counterterrorism Center (NCTC). He used his talk to bolster the morale of his colleagues, which had recently been stung by the public backlash against the NSA?s massive surveillance programs, the extent of which was still com-ing to light in the steady release of Edward Snowden?s huge trove of documents. ?NSA is a national treasure,? Olsen declared. ?Our national security depends on NSA?s continued capacity to collect this kind of information.? There was loud, sustained applause. One of those clapping was a former Navy SEAL named Melchior Baltazar, the CEO of an up-and-coming company called SDL Government. Its niche, an eager young flack explained, is providing software that military agencies can use to translate hundreds of thousands of Twitter and Facebook postings into English and then search them rapidly for potential clues to terrorist plots or cybercrime. It sounded like the ideal tool for the NSA. Just a few months earlier, Snowden had leaked documents revealing a secret program called PRISM, which gave the NSA direct access to the servers of tech firms, including Facebook and Google. He had also revealed that the NSA and its British counterpart, the GCHQ, had special units focused on cracking encryption codes for social media globally. SDL?s software is perfectly designed for such a task. It might be useful, say, for a team of SEALs on a covert operation trying to make sure their cover wasn?t blown by somebody on social media?something that almost happened when an alert Twitter user in Pakistan picked up early signs of the secret US raid on Osama bin Laden?s compound. And, of course, we don?t know the extent to which the NSA could deploy it. In any case, the software, SDL boasts, is ?securely deployed on-premise, behind the firewall, at over 75 government organizations, including the Department of Defense and the Intelligence Community.? No wonder Baltazar was at the INSA event, rubbing shoulders with the kings and queens of the intelligence-contracting industry. * * * This small company, and INSA itself, are vivid examples of the rise of a new class in America: the cyberintelligence ruling class. These are the people?often referred to as ?intelligence professionals??who do the actual analytical and targeting work of the NSA and other agencies in America?s secret government. Over the last 15 years, thousands of former high-ranking intelligence officials and operatives have left their government posts and taken up senior positions at military contractors, consultancies, law firms, and private-equity firms. In their new jobs, they replicate what they did in government?often for the same agencies they left. But this time, their mission is strictly for-profit. Take Olsen, who served as general counsel for the NSA and as a top lawyer for the Justice Department before joining the NCTC. He is now the president for consulting services of IronNet Cybersecurity, the company founded last year by Army Gen. Keith Alexander, the longest- serving director in the history of the NSA. The firm is paid up to $1 million a month to consult with major banks and financial institutions in a ?cyber war council? that will work with the NSA, the Treasury Department, and other agencies to deter cyberattacks that ?could trigger financial panic,? Bloomberg reported last July. Some members of this unique class are household names. Most cable-news viewers, for example, are familiar with Michael Chertoff and Michael Hayden, two of the top national-security officials in the Bush administration. In 2009, they left their positions at the Justice Department and the NSA, respectively, and created the Chertoff Group, one of Washington?s largest consulting firms, with a major emphasis on security. Other members are unknown except to insiders. Sam Visner, whom I wrote about in a 2013 Nation article about NSA whistleblowers, is in this latter group. A former executive at the giant contractor SAIC, he was hired by Hayden in 2000 and tasked with managing the NSA?s privatized (and disastrous) Trailblazer program, which was outsourced to (who else?) SAIC. He returned to SAIC in 2003, then moved on to the government tech firm Computer Services Corporation, which not only manages but owns the NSA?s internal-communications system. For most of the last six years, as the cyberintelligence industry grew by leaps and bounds under Obama, Visner was running CSC?s massive cybersecurity program for the government. Hardly a week goes by in Washington without a similar transition. In March, The Washington Post described cybersecurity law as ?the latest hot job in the Washington revolving door.? Robert Mueller, the recently retired director of the FBI, had just joined the national-security law practice of WilmerHale. One of his latest tasks? Advising Keith Alexander as he tries to tamp down congressional outrage over his decision to hire two NSA officials, one of whom planned to work simultaneously for IronNet and the agency (he later withdrew). Well, enough, you might say: Isn?t this simply a continuation of Washington?s historic revolving door? The answer is no. As I see it, the cyberintelligence- industrial complex is qualitatively different from?and more dangerous than?the military-industrial complex identified by President Eisenhower in his famous farewell address. This is because its implications for democracy, inequality, and secrecy are far more insidious. It is not new for American defense policies to be shaped by and for the 1 percent. Throughout US history, diplomatic and national-security officials have come directly from the ruling elite, and more often than not they have served those interests while in office. Allen and John Foster Dulles, the brothers and law partners who headed the CIA and the State Department during the Eisenhower administration, were classic examples, running multiple operations to support their own clients. The Eisenhower era also saw the advent of retired generals moving into industry. In 1956, the radical sociologist C. Wright Mills published The Power Elite, a groundbreaking study of the institutions through which the corporations of his day wielded political and economic power. Mills was particularly disturbed by the spectacle of multinational companies appointing prominent generals to their boards. Among those who had traded in their uniforms for big business, he found, were some of the great heroes of World War II: Douglas MacArthur (Remington Rand), Lucius Clay (Continental Can), and Jimmy Doolittle (Shell Oil). This ?personnel traffic,? Mills wrote, symbolized ?the great structural shift of modern American capitalism toward a permanent war economy.? It was a prescient analysis, but Mills was talking only of generals; the idea of high-level government officials going into the military business was unthinkable at the time. The next several decades saw the rise of private security companies and consultancies run by former CIA and FBI agents. Once, in the early 1980s, I was startled to find myself seated next to William Colby, the notorious former CIA director, at a seminar on the Panama Canal. He was there representing a consortium of Japanese construction firms. And, of course, in 1982 Henry Kissinger walked away from his years as national-security adviser and secretary of state to start a corporate consulting firm that remains one of the most powerful in Washington. Even as Cold War officials increasingly drifted toward the corporate world, there was one line they rarely crossed: Until the 1990s, taking positions at defense contractors was considered unseemly. Then came Frank Carlucci, a former CIA deputy director who served as national- security adviser and defense secretary during Ronald Reagan?s second term. Within weeks of retiring, he had joined the boards of no fewer than nine major corporations, including three important military contractors. This was too much for Caspar Weinberger, a former Bechtel executive who was Carlucci?s predecessor at the Pentagon. ?Generally, I would not think it appropriate to serve on the board of a company that had extensive contractual relationships with the department, particularly not if they had those relationships while I was in office,? he told a reporter at the time. ?Cap is entitled to his own preferences,? Carlucci sniffed in response. He went on to chair the Carlyle Group, the private-equity firm that had become the nation?s ninth-largest defense contractor by 2001. Please support our journalism. Get a digital subscription for just $9.50! * * * With the end of the Cold War, Carlucci?s way became the norm. Intelligence and defense budgets were cut after the collapse of the Soviet Union, and thousands of CIA and NSA officers left government for positions with defense contractors. Demand for them grew during the Bosnian War, as the military and its intelligence agencies began hiring private companies to do work historically carried out by the state. Among them was Halliburton, the Texas oil-services and logistics firm. In 1995, after retiring as George H.W. Bush?s defense secretary, Dick Cheney became the CEO of Halliburton. Over the next five years, he transformed the company into one of the world?s largest military contractors. Around the same time, the elder Bush was hired as a senior adviser to the Carlyle Group. By the time Cheney became George W. Bush?s vice president in 2001, outsourcing was official policy, and the migration of senior-level government officials into the defense and intelligence industries was standard practice. Then came the September 11 attacks, after which untold billions of dollars were poured into intelligence and surveillance. This ushered in the new age. What we have now is a national-security class that simultaneously bridges the gap between private and public, merging government careers with jobs as corporate executives and consultants. By retaining their security clearances, many of its members have access to the most highly guarded intelligence, which they use to the benefit of their corporate and government clients. The power they wield is exponentially greater than that of their Cold War predecessors. To see the difference, let?s take a closer look at the Chertoff Group and its best-known executive, Michael Hayden. Chertoff founded his consultancy in March 2009, barely two months after President Obama?s inauguration. The group?s cofounder was Chad Sweet, who had served as Chertoff?s chief of staff at the Department of Homeland Security (DHS) and had earlier worked in the CIA?s National Clandestine Service. In effect, the pair re-created the national-security team that had provided much of the intelligence advice to Bush and Cheney, and they said as much in their literature. According to the firm?s website, the Chertoff Group provides ?business and government leaders with the same kind of high-level, strategic thinking and diligent execution that have kept the American homeland and its people safe since 9/11.? When Hayden came on board in April 2009, he emphasized continuity. ?After serving for decades at the highest levels of the U.S. military and the U.S. intelligence services, I grew accustomed to working alongside remarkably talented and dedicated professionals,? the former NSA director wrote. ?I wanted an opportunity to re-create the experience in the private sector.? And he did just that. One of the firm?s early recruits was Charles E. Allen, a legendary intelligence official who had recently served as director of intelligence for Chertoff?s DHS. Another principal with extensive NSA experience is Paul Schneider, Chertoff?s deputy secretary at DHS; from 2002 to 2003, he was Hayden?s senior acquisition executive at the NSA. That would have put him in charge of all of the NSA?s hugely expensive contracting, which exploded during Hayden?s reign from 1999 to 2005. With other hires, Hayden created a kind of shadow NSA at the Chertoff Group. But this isn?t his only gig. He has also joined the boards of Motorola Solutions (a key NSA contractor) and Alion Science and Technology (likely one as well). Strangely, Hayden?s bio on the Alion website touts his role in domestic surveillance: ?Under his guidance as the Director of NSA, the domestic telephone call database was created to monitor international communications to assist in locating terrorists.? The Chertoff Group doesn?t disclose its clients. But one of its most important functions for both the state and its contractor allies is as a broker of mergers and acquisitions. These aren?t just ?deals?; they also represent significant reorganizations within the intelligence community, which is 70 percent contracted and, like any other industry, requires centralization. Using its team of NSA, CIA, and DHS veterans (who have deep classified knowledge of their agencies? contracting histories and future needs), the Chertoff Group has brokered dozens of deals through its subsidiary, Chertoff Capital. Its areas of focus include cybersecurity, intelligence and data analytics, defense technology and ?Development and Diplomacy (?Soft Power?).? You get the picture. Another way the cyberintelligence elite exerts undue influence is through the media. Matthew Olsen, the former National Counterterrorism Center director and IronNet president, recently joined ABC News as a commentator. Hayden is a fixture on cable news, where he regularly extols the greatness of the NSA and its vast surveillance capabilities. Look into any ?national-security analyst? on television, and you?ll find a member of this class. Watch carefully: Few of them ever diverge from the company (or NSA, or CIA) line. Worse, the networks rarely disclose these conflicts of interest. Meanwhile, members of this dual public/private class rub shoulders at places like INSA, where they often meet behind closed doors to discuss classified programs. And even while making millions of dollars through their contracting and consulting gigs, these former officials advise the same agencies they profit from. Olsen, for example, was just named to the DHS Homeland Security Advisory Council. It?s a cozy, closed, and very profitable world. * * * So what does the existence of such a class mean? First off, it deepens inequality. We all know that corporations can buy access to lawmakers through hefty political donations. Now they have access to some of the state?s most closely held secrets. According to a declassified document obtained in April by The New York Times, Hayden and Alexander were ?read into? Stellar Wind, the warrantless-surveillance program started after 9/11. They are bound by law not to divulge those secrets. But their knowledge based on those secrets is of unfathomable value to the corporations they advise on cybersecurity and acquisitions strategies. That knowledge isn?t shared with the public, but it is available to the companies that can afford it. Second, it places participatory democracy at risk. The vast majority of Americans are excluded from the consequential discussions that take place at the cyber-intelligence elite?s secret meetings. While hashing over controversial programs such as domestic spying, offensive cyberintelligence operations, or FBI terrorist-entrapment programs, the state and corporate leaders at INSA?as well as other places where the new class meets?operate on a completely different plane from the rest of us. Meanwhile, the black hole of secrecy keeps the new hybrid class and its organizations immune from any meaningful oversight by either the executive branch or Congress. To penetrate this shield, there?s a great need for more reporting and whistleblowing about the pernicious role of contractors in national security. Unfortunately, only a few journalists have explored the world of privatized spying. And strangely, virtually none of the documents leaked by Edward Snowden have focused on the corporate elephant that so clearly dominates the surveillance jungle. As far as I?ve been able to track, only one or two of the Snowden documents actually mention contractors. One was released in 2014 as part of a Der Spiegel story on the NSA?s extensive collaboration with the German intelligence agency BND. The 2005 document identified an NSA code name as the ?coverterm [sic] representing NSA?s contract with Computer Services Corporation (CSC) for mission support. All publicly available information regarding work on this contract?will be sanitized so that no association with NSA will be made.? This document has yet to be mentioned by either the Intercept or The Washington Post, the largest recipients of the Snowden trove. In his many public appearances since 2013, including in the film Citizenfour, Snowden himself has played down his relationship with Booz Allen Hamilton, which employed him during his time with the NSA. Tom Drake, one of the whistleblowers who exposed the agency?s corrupt relationship with SAIC and Booz Allen and worked as a senior executive at the NSA until 2008, told me in April that Snowden most likely never had possession of the NSA?s contracts. Because Snowden was an infrastructure analyst, Drake said, ?he wouldn?t have had access to that.? Contracts, he added, are stored in a ?completely different system.? But whether they come from Snowden or another whistleblower, documents on the contractor role at the NSA and other agencies are essential if we are to understand the totality of US spying programs and the full extent of the threats they pose. To confront the surveillance state, we also have to confront the cyberintelligence ruling class and expose it for what it really is: a joint venture of government officials and private-sector opportunists with massive power and zero accountability. -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 31 09:07:26 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 31 May 2015 10:07:26 -0400 Subject: [Infowarrior] - Because, security. Message-ID: <79293051-4F7D-412E-8578-69507CE923C8@infowarrior.org> Muslim woman refused unopened can of Diet Coke on United Airlines, told it could be used as weapon http://www.nydailynews.com/news/national/muslim-woman-denied-unopened-diet-coke-plane-article-1.2241678 -- It's better to burn out than fade away. From rforno at infowarrior.org Sun May 31 17:53:19 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 31 May 2015 18:53:19 -0400 Subject: [Infowarrior] - =?utf-8?q?Senate_advances_NSA_reform_=E2=80=94_bu?= =?utf-8?q?t_program_to_lapse_at_midnight?= Message-ID: <26723399-F6F1-4447-8C0A-443F0CDF10B3@infowarrior.org> Senate advances NSA reform ? but program to lapse at midnight Francis Rivera By Julian Hattem - 05/31/15 06:41 PM EDT http://thehill.com/policy/national-security/243575-senate-advances-nsa-reform-but-program-to-lapse-at-midnight The Senate voted on Sunday to advance legislation reforming National Security Agency surveillance programs. The bipartisan approval sets up a vote on final passage that will send the legislation to the White House, where President Obama has vowed to sign it. But the legislation will not reach Obama?s desk until after midnight, when Patriot Act provisions authorizing the NSA programs expire. That means there will be a lapse of the programs until the Senate can take a final vote on the legislation. Sen. Rand Paul (R-Ky.), who has made the spying programs unearthed by former government contractor Edward Snowden a central part of his presidential candidacy, has vowed to force the expiration of the Patriot Act. Paul argues the USA Freedom Act approved by the House does not go far enough to rein in spying programs that he and his allies argue are unconstitutional. ?Are we going to so blithely give up our freedom? Are we going to so blindly go along and take it?? Paul said in heated remarks on the Senate floor before the vote. ?I?m not going to take it anymore,? he declared, as his voice rose to a shout. ?I don?t think the American people are going to take it anymore.? Paul?s comments came during a rare Sunday session of the Senate that was scheduled because of the deadline. Tensions between Paul and other Senate Republicans were evident throughout Sunday?s proceedings ? particularly when the Kentucky Republican sought to speak in opposition to the bill when Sens. Dan Coates (R-Ind.) and John McCain (R-Ariz.) were holding the floor. ?The senator from Kentucky needs to learn the rules of the Senate,? McCain said. ?Maybe the senator from Kentucky should know the rules of the Senate.? Paul a little more than a week ago blocked the Senate from considering a short-term extension of the Patriot Act, which also could have prevented a lapse in the program if the House had found a way to consider it. Paul blocked motions by his Kentucky colleague, Senate Majority Leader Mitch McConnell, who had sought to win the short-term extension. The clash was remarkable given McConnell?s support of Paul?s presidential bid. The advance of the USA Freedom Act was a defeat for McConnell, who supported a straight extension of the Patriot Act. He and other Senate hawks had tried to win an extension, but fell short of a majority in the Senate in a vote earlier this month. ?It?s now the only realistic way forward,? McConnell conceded from the Senate floor. The USA Freedom Act needed 60 votes to move forward. It had fallen three votes short of that mark earlier this month, but lawmakers changed their position in the last week, seemingly out of a desire to prevent the law from lapsing. Paul?s critics, who have accused him of using the issue as a fundraising mechanism for his White House bid, bemoaned his tactics. The rhetoric turned increased testy on Sunday, as it became increasingly more clear that the civil libertarian was not going to back down. Nothing less than the ability of the government to defend itself from foreign terrorists was at stake, his opponents said. ?It is more essential than ever,? said Sen. Dan Coats (R-Ind.), a member of the Intelligence Committee and defender of the NSA. ?It is more necessary than ever as we?ve seen a higher threat level since 9/11.? McConnell came under heavy criticism from Democrats ahead of Sunday?s vote for not finding a way forward before Sunday. They argued that McConnell had dedicated too much floor time to a separate fight over trade legislation earlier this month. ?This is a manufactured crisis,? Sen. Patrick Leahy (D-Vt.) ? one of the authors of the USA Freedom Act ? said on the Senate floor before the votes. ?This matter should have been taken up and voted on up or down a month ago.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 31 19:24:21 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 31 May 2015 20:24:21 -0400 Subject: [Infowarrior] - Patriot Act powers to lapse at midnight as Senate fails to agree on NSA reform Message-ID: <28CA8251-3E0F-4885-9FCB-89C724B601B9@infowarrior.org> Patriot Act powers to lapse at midnight as Senate fails to agree on NSA reform Dan Roberts and Ben Jacobsin Washington and Spencer Ackerman in New York http://www.theguardian.com/us-news/2015/may/31/nsa-reform-senate-deal-as-patriot-act Republican senator Rand Paul forced at least a temporary shutdown of sweeping US surveillance powers on Sunday night after refusing to allow an accelerated vote on compromise legislation designed to more narrowly restrain the National Security Agency. In a double blow for Washington security hawks, represented by embattled Senate majority leader Mitch McConnell, it now looks likely that Congress will have to wait several days before passing that bill, the USA Freedom Act. The reform legislation, which bans the NSA from collecting Americans? telephone records in bulk, was initially opposed by McConnell. But with the clock ticking down toward the midnight expiration of broader powers initially granted after 9/11 under the Patriot Act, Republican leaders had few options but to get behind the bill as the best way of preserving other surveillance authority. ?This is now the only realistic way forward,? said McConnell as he conceded there was no longer time to seek alternatives to a version of the USA Freedom Act that was previously passed by the House of Representatives. Instead, the Senate majority leader is reluctantly embracing the House-passed bill to which he previously objected, only with the addition of what he called ?a few modest amendments?. McConnell?s concession was a tacit acknowledgement that the bulk collection of US phone records exposed in June 2013 by the Guardian, thanks to leaks from whistleblower Edward Snowden, will end. The Senate voted 77 to 17 to proceed to debate on the USA Freedom Act. Even Paul, after the procedural vote, conceded that the bill will ultimately pass. ?Tonight begins the process of ending bulk collection,? he said. Paul, who is running for president on a libertarian-leaning agenda, added insult to injury for his party?s leaders by refusing to offer consent for a final vote on USA Freedom, which he believes does not go far enough in tackling the surveillance abuses revealed by Snowden. ?I am not going to take it any more and I believe the American people are not going to take it any more,? said Paul as the Senate convened for a rare Sunday evening session to deal with the crisis. McConnell attempted to seek a temporary extension for additional Patriot Act powers to be affected by the expiration of powers unrelated to the NSA?s bulk domestic phone metadata program ? including so-called ?lone-wolf? and ?roving wiretap? capabilities. But even a temporary continuation of those surveillance authorities were opposed by Paul, who has the power to block such attempts to speed up Senate business by seeking unanimous consent. Now, not only will the NSA domestic surveillance program shut down, so will three provisions of the Patriot Act that have long been the bane of privacy advocates ? particularly the ?business records? provision that the FBI has used to amass what a recent Justice Department report described as ?large collections? of Americans? internet data. Paul?s tactics provoked angry seasons from establishment Republicans, including an angry exchange with John McCain, who accused him of jeopardizing national security to boost his presidential campaign. McCain said on Sunday that Paul ?obviously has a higher priority on his fundraising and political ambitions than securing the nation?. Paul, gesturing toward the acrimony that persists in the Senate even after the vote made passage of the USA Freedom Act a forgone conclusion, said that his Republican opponents were rooting for a terrorist attack to embarrass him. ?Some of them I think secretly want an attack on the United States so they can blame it on me,? Paul said. Obama and his intelligence chief, James Clapper, also made a final push on Friday for the Senate to pass the USA Freedom Act, alleging that the expiration of the Patriot Act provisions would expose the US to terrorism. But a Justice Department inspector general report found that the FBI had come to use the business-records provision to amass ?large collections? of Americans? communications data. It noted that the spread of internet access had lead to an explosion in information accessible to the FBI, and cast doubt on Justice Department and congressional assurances that the authority, known as Section 215, is critical for counter-terrorism. ?[T]he agents we interviewed did not identify any major case developments that resulted from use of the records obtained in response to Section 215 orders, but told us that the material produced pursuant to Section 215 orders was valuable in that it was used to support other investigative requests, develop investigative leads, and corroborate other information,? the DoJ report found. Originally mindful of the privacy implications of Section 215, Congress permitted it to ?sunset? after five years. Yet with nearly all aspects of its practical applications hidden under extensive secrecy ? especially the post-2006 addition of NSA bulk surveillance ? reauthorization of the Patriot Act provisions had become routine. The last reapproval, in 2011, passed 72-23 in the Senate and 250-153 in the House. But this time, Snowden?s revelations pierced the veneer of government secrecy and ushered in perhaps the most open debate about surveillance powers in the NSA?s 63-year history. ?No doubt it played a role,? Republican senator Dean Heller told the Guardian. ?I think it played the same role for me as it did for most of the American people, who were surprised and stunned that the government had this sort of access to this kind of data.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 31 20:00:15 2015 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 31 May 2015 21:00:15 -0400 Subject: [Infowarrior] - =?utf-8?q?Don=E2=80=99t_Worry=2C_the_Government_S?= =?utf-8?q?till_Has_Plenty_of_Surveillance_Power_If_Section_215_Sunsets?= Message-ID: May 31, 2015 | By Cindy Cohn and Andrew Crocker Don?t Worry, the Government Still Has Plenty of Surveillance Power If Section 215 Sunsets https://www.eff.org/deeplinks/2015/05/dont-worry-government-still-has-plenty-surveillance-power-if-section-215-sunsets The story being spun by the defenders of Section 215 of the Patriot Act and the Obama Administration is that if the law sunsets entirely, the government will lose critical surveillance capabilities. The fearmongering includes President Obama, who said: ?heaven forbid we?ve got a problem where we could?ve prevented a terrorist attack or could?ve apprehended someone who was engaged in dangerous activity but we didn?t do so.? So how real is this concern? Not very. Section 215 is only one of a number of largely overlapping surveillance authorities, and the loss of the current version of the law will leave the government with a range of tools that is still incredibly powerful. First, there?s the most famous use of Section 215?the bulk collection of telephone records by the NSA. Of course, no matter what law the government relies on, bulk surveillance is unconstitutional. But equally importantly, it doesn?t work. Every assessment about the bulk collection of telephone records, including two by hand-picked administration panels, have concluded that ?collecting it all? hasn?t materially aided any terrorism investigation. The same goes for other still-secret bulk surveillance programs under Section 215, the latest evidence of which came in a recently released oversight report by the Justice Department?s Office of the Inspector General (OIG). And then there?s the matter of targeted investigations. The ACLU?s Jameel Jaffer has explained that this too is scaremongering, because ?the sunset of Section 215 wouldn?t affect the government?s ability to conduct targeted investigations of terrorist threats.? That?s because even without Section 215, the government still has broad powers to collect information during its national security investigations. EFF believes that many of these laws can be scaled back and made more transparent as well, but given the current situation, these are the tools in the national security investigators? toolbox: ? Pen Registers: These allow the government to collect ?dialing, routing, addressing, or signaling information? including telephone numbers dialed and Internet metadata such as IP addresses and email headers. There are two pen register statutes, one for foreign intelligence surveillance and one for law enforcement. Both rely require only that the pen register be likely to obtain information relevant to a national security or criminal investigation respectively. Until the end of 2011, the NSA used the Foreign Intelligence Surveillance Act (FISA) pen register statute to conduct mass surveillance of Internet metadata, much as it still uses Section 215 for mass collection of telephone records. ? The Pre-Patriot Act Business Records Provision: Before the passage of the Patriot Act in 2001, FISA contained a provision allowing the government to obtain business records from transportation carriers and storage facilities. Harley Geiger of the Center for Democracy and Technology has pointed out that under a June 1 sunset, FISA would simply revert to this provision. ? An ECPA ?D Order?: Under Section 2703(d) of the Electronic Communications Privacy Act (ECPA), the government can get a court order for information from ISPs or other communications providers about their customers, including the sorts of metadata the government gets with Section 215. To get a D Order, the government must provide ?specific and articulable facts showing that there are reasonable grounds to believe that . . . the records or other information sought, are relevant and material to an ongoing criminal investigation.? ? Grand Jury Subpoenas: Given that Section 215 explicitly says that the FISA Court (FISC) ?may only require the production of a tangible thing if such thing can be obtained? with a grand jury subpoena, it?s apparent that a grand jury subpoena is a reasonable substitute, at least where a grand jury can be convened. ? National Security Letters (NSLs): Similar to subpoenas, NSLs allow intelligence agencies to collect records from a range of entities including telecommunications providers, financial institutions, credit reporting bureaus, travel agencies and others. Nearly all NSLs include self-certified gag orders, which EFF has successfully challenged as unconstitutional. Nevertheless, the FBI and other agencies can use NSLs to collect much the same information as Section 215, although the government has also misused NSLs to obtain communication records not authorized by the NSL statute. ? Administrative Subpoenas: Many federal agencies have the authority to issue subpoenas for customer records in their normal course of business. These authorities are extremely widespread, comprising 335 different statutes by one count. ? FISA Warrants: Under FISA, the government can get warrants from the FISC for electronic surveillance and physical searches in the context of national security investigations. Although these require a higher showing?probable cause?statistics compiled by EPIC show the FISC routinely issues them, and has done so since FISA was passed in 1978. Some of these laws involve different legal standards than Section 215, and not all of them apply in all contexts, although exactly how the government thinks it can use many of them remains unclear. Moreover, mapping these to the government?s actual use of 215 is imprecise because the government also continues to say that the types of information it obtains with Section 215 are classified. FBI Director James Comey claims the loss of Section 215 would be a ?problem? because at least some of this information can?t be obtained with a subpoena or an NSL but hasn't given any examples. And taken together the government?s tools are formidable, making it difficult to see legitimate, targeted national security information that the government cannot get even without the current version of Section 215, a conclusion confirmed by the Inspector General report that as of 2009 it could not ?identify any major case developments from the records obtained in response to Section 215 orders." Finally, looking beyond Section 215, two other powers would also expire with the Patriot Act sunset. First is the so-called lone wolf provision that the government has never used. Not once. The second is the ?roving wiretaps? provision that had been used only 11 times as of 2013 and for which the government has issued no stories of its actual usefulness in a terrorism investigation. Meanwhile, EFF unearthed evidence that this provision had been misused back in 2011. So it seems there?s little there too. In short, don?t believe the hype that the government will have its hands tied behind its back without Section 215. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.