From rforno at infowarrior.org Tue Jul 25 06:44:34 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Jul 2017 11:44:34 -0000 Subject: [Infowarrior] - CFP: Pew Survey on the future of information ecosystems and reliable facts Message-ID: <9B24DCD0-73E2-40A2-9601-0AEF6D554091@infowarrior.org> The future of information ecosystems and reliable facts > There are a few more days to be able to participate in this survey. The background: > > The Pew Research Center and Elon University?s Imagining the Internet Center conduct surveys of important stakeholders like you to assess the likely future impacts of the Internet. We hope you'll take 10 minutes to share your thoughts in this new canvassing of experts about technology?s trajectory in the coming decade. > > Our overarching question asks you to weigh in on the likely future of information and misinformation online in the coming decade. > > You will find a link to the survey in the blue box at the bottom of this email. > > Each elaboration you provide will remain anonymous unless you put your name and professional identity at the start of it. This is a confidential survey, however we encourage you to take credit for your remarks as this lends credibility to the results and contributes to a more vibrant conversation. > > Please feel free to share this material with thought leaders in your who would contribute meaningful insights on these questions. Here is the link to send: > > https://www.surveymonkey.com/r/7QZ2YPT > > While we strongly suggest you answer the survey as soon as you receive this invitation, it will be open through this month. The Pew Research Center and Elon University will issue a report later in 2017. In addition, your answers, attributed or anonymous, will also be added to Imagining the Internet research site. > > If you have any questions, please feel free to contact one of us. > > Thank you! > > Lee Rainie, lrainie at pewinternet.org > Director, Internet and Technology Research > Pew Research Center > > Janna Anderson, andersj at elon.edu > Director, Imagining the Internet Center, Elon University From rforno at infowarrior.org Tue Jul 25 12:04:27 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Jul 2017 17:04:27 -0000 Subject: [Infowarrior] - Adobe: Flash to EOL in 2020 Message-ID: <338DCCE6-2027-45F4-8FB4-FA31C89F3FB6@infowarrior.org> (can't come soon enough! -- rick) Flash & The Future of Interactive Content https://blogs.adobe.com/conversations/2017/07/adobe-flash-update.html Posted by Adobe Corporate Communications on July 25, 2017 Adobe has long played a leadership role in advancing interactivity and creative content ? from video, to games and more ? on the web. Where we?ve seen a need to push content and interactivity forward, we?ve innovated to meet those needs. Where a format didn?t exist, we invented one ? such as with Flash and Shockwave. And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web. But as open standards like HTML5, WebGL and WebAssembly have matured over the past several years, most now provide many of the capabilities and functionalities that plugins pioneered and have become a viable alternative for content on the web. Over time, we?ve seen helper apps evolve to become plugins, and more recently, have seen many of these plugin capabilities get incorporated into open web standards. Today, most browser vendors are integrating capabilities once provided by plugins directly into browsers and deprecating plugins. Given this progress, and in collaboration with several of our technology partners ? including Apple, Facebook, Google, Microsoft and Mozilla ? Adobe is planning to end-of-life Flash. Specifically, we will stop updating and distributing the Flash Player at the end of 2020 and encourage content creators to migrate any existing Flash content to these new open formats. Several industries and businesses have been built around Flash technology ? including gaming, education and video ? and we remain committed to supporting Flash through 2020, as customers and partners put their migration plans into place. Adobe will continue to support Flash on a number of major OSs and browsers that currently support Flash content through the planned EOL. This will include issuing regular security patches, maintaining OS and browser compatibility and adding features and capabilities as needed. We remain fully committed to working with partners, including Apple, Facebook, Google, Microsoft and Mozilla to maintain the security and compatibility of Flash content. [To see each partner?s announcement on this news, click on the links inside each partner name.] In addition, we plan to move more aggressively to EOL Flash in certain geographies where unlicensed and outdated versions of Flash Player are being distributed. Adobe will also remain at the forefront of leading the development of new web standards and actively participate in their advancement. This includes continuing to contribute to the HTML5 standard and participating in the WebAssembly Community Group. And we?ll continue to provide best in class animation and video tools such as Animate CC, the premier web animation tool for developing HTML5 content, and Premiere Pro CC. Looking ahead, Adobe will continue to provide the best tools and services for designers and developers to create amazing content for the web. From rforno at infowarrior.org Wed Jul 26 14:57:23 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Jul 2017 19:57:23 -0000 Subject: [Infowarrior] - OT: Fwd: Cost to military of providing medical care for transgender military References: <20170726161133.GA3508@gsp.org> Message-ID: <600BBD9B-F3BF-4AF3-99C5-3B31DACACD6A@infowarrior.org> > Begin forwarded message: > > From: Rich Kulawiec > Subject: Cost to military of providing medical care for transgender military > Date: July 26, 2017 at 12:11:33 EDT > To: Lauren Weinstein , Richard Forno , Dave Farber > > (for IP, if you wish) > > We were told in an official Presidential announcement this morning > that these costs would be "tremendous". > > There is a 2016 Rand report estimating those costs. Here's the summary: > > The Implications of Allowing Transgender Personnel to Serve Openly in the U.S. Military > http://www.rand.org/pubs/research_briefs/RB9909.html > > Here's the full report: > > Assessing the Implications of Allowing Transgender Personnel to Serve Openly > http://www.rand.org/pubs/research_reports/RR1530.html > j > Excerpt from the first link: > > Using private health insurance data on transition-related > treatment costs, the study found that Military Health > System costs would increase by between $2.4 million and $8.4 > million per year if it were to extend this care to transgender > personnel. This amount represents an exceedingly small proportion > of active-component health care expenditures (0.038-0.134 > percent of approximately $6 billion in spending in FY 2014) > and overall DoD health care expenditures (0.005-0.017 percent > of $49.3 billion in actual expenditures for the FY 2014 Unified > Medical Program). > > Please note that Politico recently estimated the cost for a Presidential > trip to Florida (based on comparable costs reported by President > Obama on an expense report for a Palm Beach trip) at approximately $3M. > > ---rsk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Wed Jul 26 14:58:36 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Jul 2017 19:58:36 -0000 Subject: [Infowarrior] - Microsoft launches Windows bug bounty program Message-ID: <3450B8FB-A16E-49FC-8E0C-A17E87B44DA8@infowarrior.org> Microsoft launches Windows bug bounty program with rewards ranging from $500 to $250,000 Microsoft today announced the Windows Bounty Program. Rewards start at a minimum of $500 and can go up to as high as $250,000. To be clear, Microsoft already offers many bug bounty programs. This is also not the first to target Windows features ? the company has launched many Windows-specific bounties starting in 2012. The Windows Bounty Program, however, encompasses Windows 10 and even the Windows Insider Preview, the company?s program for testing Windows 10 preview builds. Furthermore, it also has specific focus areas: Hyper-V, Mitigation Bypass, Windows Defender Application Guard, and Microsoft Edge. Here are the program?s rules (check out Microsoft?s bug bounty FAQ for more): ? Any critical or important class remote code execution, elevation of privilege, or design flaws that compromise a customer?s privacy and security will receive a bounty ? The bounty program is sustained and will continue indefinitely at Microsoft?s discretion ? Bounty payouts will range from $500 USD to $250,000 USD ? If a researcher reports a qualifying vulnerability already found internally by Microsoft, a payment will be made to the first finder at a maximum of 10 percent of the highest amount they could?ve received ? All security bugs are important to us and we request you report all security bugs to secure at microsoft.com via Coordinated Vulnerability Disclosure (CVD) policy If you?re interested in the maximum quarter-million bounty, your only option is Hyper-V program, although you have multiple operating systems to choose from: Windows 10, Windows Server 2012, Windows Server 2012 R2, and Windows Server Insider Preview. Also of note is the Mitigation Bypass and Bounty program?s highest reward of $200,000, but there you can solely target Windows 10. < - > https://venturebeat.com/2017/07/26/microsoft-launches-windows-bug-bounty-program-with-rewards-ranging-from-500-to-250000/ From rforno at infowarrior.org Wed Jul 26 15:00:01 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Jul 2017 20:00:01 -0000 Subject: [Infowarrior] - These cheap phones come at a price -- your privacy Message-ID: <5A31B377-D0BD-4B28-AFA0-11814FC6F0B8@infowarrior.org> These cheap phones come at a price -- your privacy How much do you value your privacy and security? Researchers at Black Hat found a series of phones that are secretly sending data to Chinese servers. by Alfred Ng July 26, 2017 10:30 AM PDT https://www.cnet.com/news/these-cheap-phones-are-costing-you-your-privacy/ From rforno at infowarrior.org Mon Jul 31 08:52:56 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Jul 2017 13:52:56 -0000 Subject: [Infowarrior] - The complete history of the IBM PC, part two: The DOS empire strikes Message-ID: Memories! -- rick The complete history of the IBM PC, part two: The DOS empire strikes The real victor was Microsoft, which built an empire on the back of a shadily acquired MS-DOS. Jimmy Maher (UK) - 7/31/2017, 8:50 AM https://arstechnica.com/gadgets/2017/07/ibm-pc-history-part-2/ (part 1) IBM PC: The complete history, part 1 https://arstechnica.co.uk/gadgets/2017/06/ibm-pc-history-part-1/ From rforno at infowarrior.org Mon Jul 31 09:52:26 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Jul 2017 14:52:26 -0000 Subject: [Infowarrior] - Facebook 'dark ads' can swing political opinions, research shows Message-ID: <7500666D-DF94-487A-AFB2-41505911ED3C@infowarrior.org> Facebook 'dark ads' can swing political opinions, research shows Ads targeted using profiles generated from individual voters? stated interests are more successful in shifting attitudes according to Online Privacy Foundation Alex Hern in Las Vegas @alexhern https://www.theguardian.com/technology/2017/jul/31/facebook-dark-ads-can-swing-opinions-politics-research-shows Monday 31 July 2017 05.07 EDT Last modified on Monday 31 July 2017 08.41 EDT Using ?psychographic? profiles of individual voters generated from publicly stated interests really does work, according to new research presented at the Def Con hacking conference in Las Vegas, Nevada. The controversial practice allows groups to hone their messages to match the personality types of their targets during political campaigning, and is being used by firms including Cambridge Analytica and AggregateIQ to better target voters with political advertising with so-called ?dark ads?. ?Before the referendum results, the concern we had was that people?s biases were being manipulated, either intentionally or unintentionally,? said Chris Sumner, research director and co-founder of the not-for-profit Online Privacy Foundation, who led the research. ?Now we?ve seen this [research], I?m as concerned as I was before. ?It?s not a surprise, it?s what we expected to see. People on one side, whichever side happens to be winning at the time, are going to say ?no, it?s not a problem?, while people who have just lost are going to see it as a big problem.? Psychographic profiling classifies people into personality types using data from social networks such as Facebook. Sumner?s research focused on replicating some of the key findings of psychographic research by crafting adverts specifically targeted at certain personality types. Using publicly available data to ensure that the adverts were seen by the right people at the right time, Sumner tested how effective such targeting can be. Would-be voters were sorted into two groups of people, those with high and low authoritarian tendencies, using a mixture of age, gender, location and interest targeting: younger women score low on authoritarian rankings, while older men score highly. Geographically, Sumner selected five local areas which have been found in previous research to have low authoritarian attitudes ? Cambridge, Liverpool, Manchester, Edinburgh and Hackney ? and seven with high ? Basildon, Chelmsford, Dudley, Thurrock, Mansfield, Rotherham and Swindon. But the most important factor was the use of publicly stated interests to derive a psychographic profile of the recipients. Using information Facebook already knows about its users, Sumner created a high-authoritarian group of people the site has identified as being interested in conservatism and the Daily Mail, and a low-authoritarian group interested in liberalism and the Guardian. To test the groups were accurately sorted, they were asked whether they agreed with the statement ?with regards to internet privacy: if you?ve done nothing wrong, you have nothing to fear?. When randomly sorted, 38% of people agreed with the statement; but once all the psychographic signifiers were incorporated, the low authoritarian group fell to just 25% agreement, while the highly authoritarian group rose to 61%. Knowing the psychographic profiles of the two groups is more useful than simply being able to accurately guess what positions they already hold; it can also be used to craft messages to specifically target those groups, to more effectively shift their opinions. Sumner created four such adverts, two aimed at increasing support for internet surveillance and two aimed at decreasing it, each targeted to a low or high authoritarian group. For example, the highly authoritarian group?s anti-surveillance advert used the slogan ?They fought for your freedom. Don?t give it away!?, over an image of the D-Day landings, while the low authoritarian group?s pro-surveillance message was ?Crime doesn?t stop where the internet starts: say YES to state surveillance?. Sure enough, the targeted adverts did significantly better. The high-authoritarian group was significantly more likely to share a promoted post aimed at them than a similar one aimed at their opposites, while the low authoritarian group ranked the advert aimed at them as considerably more persuasive than the advert that wasn?t. Psychographic targeting is allowed on Facebook, and the company advertises the platform to politicians as the perfect way to ?persuade voters? and ?influence online and offline outcomes?. But the ability for campaigns to perfectly target different messages to different groups has been described by some as a concern for democracy itself, allowing politicians to appeal to the worst side of voters in an almost undiscoverable manner. From rforno at infowarrior.org Mon Jul 31 11:00:08 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Jul 2017 16:00:08 -0000 Subject: [Infowarrior] - =?utf-8?q?LinkedIn=3A_It=E2=80=99s_illegal_to_scr?= =?utf-8?q?ape_our_website_without_permission?= Message-ID: <5548A46E-8E9F-4289-A066-FD3B1987EB59@infowarrior.org> LinkedIn: It?s illegal to scrape our website without permission A legal scholar calls LinkedIn's position ?hugely problematic.? Timothy B. Lee - 7/31/2017, 8:00 AM https://arstechnica.com/tech-policy/2017/07/linkedin-its-illegal-to-scrape-our-website-without-permission/ A small company called hiQ is locked in a high-stakes battle over Web scraping with LinkedIn. It's a fight that could determine whether an anti-hacking law can be used to curtail the use of scraping tools across the Web. HiQ scrapes data about thousands of employees from public LinkedIn profiles, then packages the data for sale to employers worried about their employees quitting. LinkedIn, which was acquired by Microsoft last year, sent hiQ a cease-and-desist letter warning that this scraping violated the Computer Fraud and Abuse Act, the controversial 1986 law that makes computer hacking a crime. HiQ sued, asking courts to rule that its activities did not, in fact, violate the CFAA. James Grimmelmann, a professor at Cornell Law School, told Ars that the stakes here go well beyond the fate of one little-known company. "Lots of businesses are built on connecting data from a lot of sources," Grimmelmann said. He argued that scraping is a key way that companies bootstrap themselves into "having the scale to do something interesting with that data." If scraping without consent becomes illegal, startups like hiQ will have a harder time getting off the ground. But the law may be on the side of LinkedIn?especially in Northern California, where the case is being heard. In a 2016 ruling, the 9th Circuit Court of Appeals, which has jurisdiction over California, found that a startup called Power Ventures had violated the CFAA when it continued accessing Facebook's servers despite a cease-and-desist letter from Facebook. Some details of that case were different?Power Ventures was sending out private messages with the permission and cooperation of Facebook users, while hiQ is scraping data on public webpages. But experts told Ars that the Power Ventures precedent is likely to be bad news for hiQ because it suggests that continuing to access a site after being asked to stop is enough to trigger the anti-hacking law. ?Hugely problematic? LinkedIn's position disturbs Orin Kerr, a legal scholar at George Washington University. "You can't publish to the world and then say 'no, you can't look at it,'" Kerr told Ars. The CFAA makes it a crime to "access a computer without authorization or exceed authorized access." Courts have been struggling to figure out what this means ever since Congress passed it more than 30 years ago. One plausible reading of the law?the one LinkedIn is advocating?is that once a website operator asks you to stop accessing its site, you commit a crime if you don't comply. That's the interpretation suggested by the 2016 Power Ventures decision, which is a binding precedent in California. Power.com was a social network that functioned as a social network aggregator. Through the Power.com website, users could log into other social networks like Facebook, allowing them to access information from multiple social networks simultaneously. To expand its user base, Power asked users to provide their Facebook credentials and then?with their permission?sent Power.com invitations to their Facebook friends. Facebook, naturally, didn't appreciate this marketing tactic. They sent Power a cease-and-desist letter and also blocked the IP addresses Power was using to communicate with Facebook's servers. Facebook sued, claiming that its cease-and-desist letter made Power's access unauthorized under the terms of the CFAA. Power disagreed and argued that having permission from Facebook users was good enough?it didn't need separate approval from Facebook itself. But the 9th Circuit Court of Appeals sided with Facebook last year. "Power users arguably gave Power permission to use Facebook's computers to disseminate messages," the court wrote. "But Facebook expressly rescinded that permission when Facebook issued its written cease-and-desist letter." After this point, the court held, "Power knew it no longer had authorization to access Facebook's computers, but continued to do so anyway." That result bothers Kerr. For example, he said, imagine if CNN sent out letters to reporters at rival news organizations demanding that their reporters not access cnn.com. Under an expansive reading of the law, Kerr told Ars, it would then "become a federal crime to visit a public website." Kerr argues sites wanting to limit access to their site should be required to use a technical mechanism like a password to signal that the website is not, in fact, available to the public. "It's hugely problematic to let the subjective wishes of the website owner and not their objective action" determine what's legal, Kerr told Ars. The Power Ventures case isn't over. Power Ventures asked the Supreme Court to consider the case in May, and the high court hasn't decided whether to do so yet. And for now, the Power Ventures precedent only applies within the 9th Circuit, which covers California and other Western states. Unfortunately for hiQ, the LinkedIn dispute is being heard by California federal courts. Ultimately, Grimmelmann believes, the text of the CFAA doesn't clearly settle this question. Both Kerr's view that running a public website implicitly gives the public authorization to access it and LinkedIn's view that companies can rescind authorization on a case-by-case basis are plausible interpretations of the law. But both scholars argue there are good reasons to favor the more permissive reading of the law. The LinkedIn interpretation of the law gives big website operators like LinkedIn plenty of power over how their sites are used. They argue the courts should preserve the rights of small companies, watchdog groups, and others to gather information from the Web using scraping tools. Timothy B. Lee Timothy covers tech policy for Ars, with a particular focus on patent and copyright law, privacy, free speech, and open government. His writing has appeared in Slate, Reason, Wired, and the New York Times. From rforno at infowarrior.org Sun Jul 9 11:48:51 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:48:51 -0000 Subject: [Infowarrior] - Republicans blast POTUS idea for cyber security unit with Russia Message-ID: <4AEBA988-7AEA-46E0-BAF3-668F7A1FA2F0@infowarrior.org> (PSA: There is no such thing as an ?impenetrable cyber security unit? -- and never will be. "Total security" of anything is a noble goal, but a total myth. --rick) Technology News | Sun Jul 9, 2017 | 11:50am EDT Republicans blast Trump idea for cyber security unit with Russia https://www.reuters.com/article/us-usa-trump-russia-cyber-idUSKBN19U0P4 U.S. President Donald Trump said on Sunday he and Russia's president had discussed forming a cyber security unit, an idea harshly criticized by Republicans who said Moscow could not be trusted after its alleged meddling in the 2016 U.S. election. Tweeting after his first meeting with President Vladimir Putin on Friday, Trump said now was the time to work constructively with Moscow, pointing to a ceasefire deal in southwest Syria that came into effect on Sunday. "Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded and safe," he said following their talks at a summit of the Group of 20 nations in Hamburg, Germany. Republican Senators Lindsey Graham, an influential South Carolina Republican who is a member of the Senate Armed Services Committee, and Marco Rubio of Florida, who opposed Trump for their party's presidential nomination, blasted the idea. "It's not the dumbest idea I have ever heard but it's pretty close," Graham told NBC's "Meet the Press" program, saying that Trump's apparent willingness to "forgive and forget" stiffened his resolve to pass legislation imposing sanctions on Russia. Rubio, on Twitter, said: "While reality & pragmatism requires that we engage Vladimir Putin, he will never be a trusted ally or a reliable constructive partner. "Partnering with Putin on a 'Cyber Security Unit' is akin to partnering with (Syrian President Bashar al) Assad on a 'Chemical Weapons Unit'," he added. Trump argued for rapprochement with Moscow in his campaign but has been unable to deliver because his administration has been dogged by investigations into the allegations of Russian interference in the election and ties with his campaign. Special Counsel Robert Mueller is investigating the matter, including whether there may have been any collusion on the part of Trump campaign officials, as are congressional committees including both the House and Senate intelligence panels. Those probes are focused almost exclusively on Moscow?s actions, lawmakers and intelligence officials say, and no evidence has surfaced publicly implicating other countries despite Trump's suggestion that others could have been involved. Moscow has denied any interference, and Trump says his campaign did not collude with Russia. "I don?t think we can expect the Russians to be any kind of a credible partner in some kind of cyber security unit," Representative Adam Schiff, the top Democrat on the House Intelligence Committee, told CNN's "State of the Union" program. "If that?s our best election defense. We might as well just mail our ballot boxes to Moscow," Schiff added. Separately, U.S. government officials said that a recent hack into business systems of U.S. nuclear power and other energy companies was carried out by Russian government hackers, the Washington Post reported on Saturday. The newspaper said government officials and U.S. industry officials confirmed this was the first time Russian hackers were known to have breached U.S. nuclear power company networks. Trump said he had raised allegations of Russian interference in the 2016 U.S. presidential election with Putin. "I strongly pressed President Putin twice about Russian meddling in our election. He vehemently denied it. I've already given my opinion....." He added: "We negotiated a ceasefire in parts of Syria which will save lives. Now it is time to move forward in working constructively with Russia!" The United States, Russia and Jordan reached a ceasefire and "de-escalation agreement" for southwestern Syria on Friday, as Trump's administration made its first attempt at peacemaking in the country's six-year-old civil war. The ceasefire was holding hours after it took effect on Sunday, a monitor and two rebel officials said. In another tweet, Trump said that "sanctions were not discussed at my meeting with President Putin. Nothing will be done until the Ukrainian & Syrian problems are solved!" The United States has imposed sanctions on Russia for its 2014 annexation of Crimea from Ukraine. Trump appeared to contradict his secretary of state, Rex Tillerson, who told reporters Trump had told Putin that U.S. lawmakers were pushing for additional sanctions against Russia. The U.S. Senate has passed legislation which would put into law sanctions, including on mining and other industries, previously established via former President Barack Obama's executive orders. The bill must pass the House of Representatives before it could go to the White House for Trump's signature. "He's not willing to do anything about it, so it makes me more committed than ever to get sanctions on President Trump's desk punishing Putin," Republican Graham said of Trump. (Writing by Arshad Mohammed; Editing by James Dalgleish) From rforno at infowarrior.org Sun Jul 9 11:49:08 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:49:08 -0000 Subject: [Infowarrior] - =?utf-8?q?Wheeler=3A_On_POTUS=E2=80=99s_Impenetra?= =?utf-8?q?ble_Cyber_Security_Unit_to_Guard_Election_Hacking?= Message-ID: (PSA: There is no such thing as an ?impenetrable cyber security unit? -- and never will be. "Total security" of anything is a noble goal, but a total myth. --rick) On Trump?s Impenetrable Cyber Security Unit to Guard Election Hacking Marcy Wheeler July 9, 2017 Man oh man did Vladimir Putin hand Trump his ass in their meeting the other day. While most the focus has been on Trump?s apparent refusal to confront Putin on the election hack (which Trump is now trying to spin ? pity for him he excluded his credible aides who could tell us how it really went down or maybe that was precisely the point). But I was more interested in Putin and Sergei Lavrov?s neat trick to get Trump to agree to a ?joint working group on cybersecurity.? < - > http://www.emptywheel.net/2017/07/09/on-trumps-impenetrable-cyber-security-unit-to-guard-election-hacking/ From rforno at infowarrior.org Sun Jul 9 11:49:13 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:49:13 -0000 Subject: [Infowarrior] - U.S. faults Russian government in nuclear plant, energy firm hackings Message-ID: <7A451445-2524-4B31-8E5D-A73534EB25CD@infowarrior.org> (But they're going to help us protect our systems anyway, right? -- rick) U.S. faults Russian government in nuclear plant, energy firm hackings Ellen Nakashima http://www.chicagotribune.com/news/nationworld/ct-us-russia-nuclear-plant-hacking-20170708-story.html Russian government hackers were behind recent cyber-intrusions into the business systems of U.S. nuclear power and other energy companies in what appears to be an effort to assess their networks, according to U.S. government officials. The U.S. officials said there is no evidence the hackers breached or disrupted the core systems controlling operations at the plants, so the public was not at risk. Rather, they said, the hackers broke into systems dealing with business and administrative tasks, such as personnel. At the end of June, the FBI and the Department of Homeland Security sent a joint alert to the energy sector stating that "advanced, persistent threat actors" - a euphemism for sophisticated foreign hackers - were stealing network log-in and password information to gain a foothold in company networks. The agencies did not name Russia. The campaign marks the first time Russian government hackers are known to have wormed their way into the networks of American nuclear power companies, several U.S. and industry officials said. And the penetration could be a sign that Russia is seeking to lay the groundwork for more damaging hacks. The National Security Agency has detected specific activity by the Russian spy agency, the FSB, targeting the energy firms, according to two officials. The NSA declined to comment. The intrusions have been previously reported but not the attribution to Russia by U.S. officials. The joint alert from the FBI and DHS, first reported by Reuters on June 30, said the hackers have been targeting the industry since at least May. Several days earlier, E & E News, an energy trade publication, had reported that U.S. authorities were investigating cyber-intrusions affecting multiple nuclear-power-generation sites. < - > http://www.chicagotribune.com/news/nationworld/ct-us-russia-nuclear-plant-hacking-20170708-story.html From rforno at infowarrior.org Sun Jul 9 11:50:11 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:50:11 -0000 Subject: [Infowarrior] - Study: Dutch Piracy Rates In Free Fall Due Mostly To The Availability Of Legal Alternatives Message-ID: <43F18B30-141E-4BBB-BC4E-3547845FC9DB@infowarrior.org> Study: Dutch Piracy Rates In Free Fall Due Mostly To The Availability Of Legal Alternatives The claim that the best way to combat content piracy is to offer good legal alternatives and make them widely available isn't exactly breaking new ground. Case studies made out of several nations' piracy rates, such as in Australia and Norway, demonstrate the severe impact creating good digital marketplace alternatives to piracy can have. Techdirt's think tank arm, the Copia Institute, produced the definitive report highlighting this in multiple countries nearly two years ago. And, yet, the copyright industries and their mouthpiece organizations typically choose to beat the punishment drum instead, going the route of litigation against pirates that ultimately ends up being a PR nightmare, or instead going the route of wholesale censorship on the internet that is equal parts ineffective and alarming to those of us that think such censorship ought to have a high bar to hurdle in order to be implemented. It's with that in mind that any new example that simply offering legal alternatives is a better route is useful to highlight. < - > https://www.techdirt.com/articles/20170706/09383837730/study-dutch-piracy-rates-free-fall-due-mostly-to-availability-legal-alternatives.shtml From rforno at infowarrior.org Sun Jul 9 11:53:11 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:53:11 -0000 Subject: [Infowarrior] - Google is funding AI writers for local UK news reporting Message-ID: <8C382903-2106-40D9-9258-80CE65D23EBE@infowarrior.org> Google is funding AI writers for local UK news reporting https://www.engadget.com/2017/07/07/google-ai-local-news/ The UK Press Association (PA) will soon hand writing duties on thousands of local news stories to robots. Cue headlines about the death of news media (seriously, though, this might be a problem). The news agency just won a ?706,000 ($622,000) grant from Google to run an automated news service with the help of a start-up called Urbs Media, according to The Guardian. The project -- dubbed Radar for "Reporters And Data And Robots" -- will see computers create 30,000 news stories for hundreds of local papers. AI has been used in newsrooms in the past, but it isn't without its faults. Tests have shown that despite being faster than humans, computers can come up short in terms of writing style and readability. And, in most cases, some level of human oversight is required. Radar is no different. The project will depend on human writers to choose the stories (on topics such as crime, health, and employment) that the AI will then write. The computers will also auto-generate graphics, video, and pictures to match the articles. Although it may not be groundbreaking, the PA believes Radar will provide a boost to local news outlets at a difficult time. Regional news providers are struggling with shrinking budgets, while interest in localized news remains just as high. Automating articles on a mass scale is seen as a practical way of meeting that demand. From rforno at infowarrior.org Sun Jul 9 11:54:23 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:54:23 -0000 Subject: [Infowarrior] - Qualcomm Seeks iPhone and iPad Import Ban in the United States Message-ID: <3EC81243-2F5D-4AE3-B840-2E77B59B2398@infowarrior.org> Qualcomm Seeks iPhone and iPad Import Ban in the United States The legal battle between Qualcomm and Apple continues to escalate, with Qualcomm asking the United States International Trade Commission (ITC) to block imports of select iPhone and iPad models, reports Fortune. Qualcomm also wants to stop sales of devices that are already in the United States and has filed a new patent infringement case against Apple in the Southern District of California. According to Qualcomm, Apple is infringing on six Qualcomm patents related to carrier aggregation and technologies that are designed to allow iPhones to save battery life while communicating. The six patents cited by Qualcomm were granted between 2013 and 2017 and are not licensed or standard-essential patents that are part of the ongoing Qualcomm v. Apple battle over royalty payments. < - > https://www.macrumors.com/2017/07/06/qualcomm-iphone-ipad-us-ban/ From rforno at infowarrior.org Sun Jul 9 20:30:57 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Jul 2017 01:30:57 -0000 Subject: [Infowarrior] - POTUS walks back the 'Impenetrable Cybersecurity Unit' idea Message-ID: <8E5FF19D-6B31-418A-916D-7AA32E1DFEDE@infowarrior.org> LOL. Trial balloon floated and popped, all in the same day. YCMTSU. -- rick Trump knocks down prospect of Russian-American cybersecurity unit By Cyra Master - 07/09/17 09:01 PM EDT 15 http://thehill.com/homenews/administration/341226-trump-knocks-down-prospect-of-russian-american-cybersecurity-unit Fresh off a weekend meeting with world leaders, President Trump tweeted Sunday evening that he has low hopes for his proposed U.S.-Russia cyber security unit. ?The fact that President Putin and I discussed a Cyber Security unit doesn't mean I think it can happen. It can't-but a ceasefire can,& did!? Trump tweeted on Sunday about three hours after tweeting about a ceasefire in Syria. In a surprise move coming out of the Group of 20 meetings in Germany, Trump shifted conversation to his proposed "Cyber Security unit," a joint operation with Russia focusing on cyber attacks. U.S. and Russian officials indicated on Friday ? after a meeting between Trump and Russian President Vladimir Putin ? that the two countries would work together in a number of areas, including cybersecurity. Trump tweeted earlier Sunday that he talked with Putin about forming an "impenetrable Cyber Security unit" to guard against issues such as election hacking. That was met with mixed reaction, given the U.S. intelligence community?s conclusion that Russia attempted to interfere with the 2016 presidential election to favor Trump ? a conclusion the president has not said he 100 percent agrees with. Social media users reacted quickly to Trump?s tweet knocking his own proposal....... < - > From rforno at infowarrior.org Mon Jul 10 11:25:05 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Jul 2017 16:25:05 -0000 Subject: [Infowarrior] - =?utf-8?q?Comcast=2C_AT=26T=2C_WhatsApp_all_score?= =?utf-8?q?_low_on_new_=E2=80=9CWho_Has_Your_Back=3F=E2=80=9D_list?= Message-ID: Comcast, AT&T, WhatsApp all score low on new ?Who Has Your Back?? list EFF's annual ratings show that the industry's biggest names have a ways to go. Cyrus Farivar - 7/10/2017, 11:00 AM https://arstechnica.com/tech-policy/2017/07/comcast-att-whatsapp-all-score-low-on-new-who-has-your-back-list/ From rforno at infowarrior.org Tue Jul 11 06:59:06 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Jul 2017 11:59:06 -0000 Subject: [Infowarrior] - Kaspersky Lab Has Been Working With Russian Intelligence Message-ID: <0AC78B4E-BA2F-4C31-A86F-279956D857B7@infowarrior.org> Kaspersky Lab Has Been Working With Russian Intelligence Emails show the software-security maker developed products for the FSB and accompanied agents on raids. By Jordan Robertson and Michael Riley July 11, 2017, 5:00 AM EDT https://www.bloomberg.com/news/articles/2017-07-11/kaspersky-lab-has-been-working-with-russian-intelligence Russian cybersecurity company Kaspersky Lab boasts 400 million users worldwide. As many as 200 million may not know it. The huge reach of Kaspersky?s technology is partly the result of licensing agreements that allow customers to quietly embed the software in everything from firewalls to sensitive telecommunications equipment?none of which carry the Kaspersky name. That success is starting to worry U.S. national security officials concerned about the company?s links to the Russian government. In early May six U.S. intelligence and law enforcement agency chiefs were asked in an open Senate hearing whether they?d let their networks use Kaspersky software, often found on Best Buy shelves. The answer was a unanimous and resounding no. The question, from Florida Republican Marco Rubio, came out of nowhere, often a sign a senator is trying to indirectly draw attention to something learned in classified briefings. Eugene Kaspersky took to Reddit to respond. Claims about Kaspersky Lab?s ties to the Kremlin are ?unfounded conspiracy theories? and ?total BS,? the company?s boisterous, barrel-chested chief executive officer wrote. While the U.S. government hasn?t disclosed any evidence of the ties, internal company emails obtained by Bloomberg Businessweek show that Kaspersky Lab has maintained a much closer working relationship with Russia?s main intelligence agency, the FSB, than it has publicly admitted. It has developed security technology at the spy agency?s behest and worked on joint projects the CEO knew would be embarrassing if made public. Most major cybersecurity companies maintain close ties to home governments, but the emails are at odds with Kaspersky Lab?s carefully controlled image of being free from Moscow?s influence. Kaspersky?s work with Russian intelligence could scare off business in Western Europe and the U.S., where Russian cyber operations have grown increasingly aggressive, including attempts to influence elections. Western Europe and the U.S. accounted for $374 million of the company?s $633 million in sales in 2016, according to researcher International Data Corp. ?When statements are taken out of context, anything can be manipulated to serve an agenda,? the company said in a statement. ?Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have any unethical ties or affiliations with any government, including Russia.? Antivirus companies are especially delicate because the products they make have access to every file on the computers they protect. The software also regularly communicates with the maker to receive updates, which security experts say could theoretically provide access to sensitive users such as government agencies, banks, and internet companies. Adding to the U.S. government?s jitters, Kaspersky recently has developed products designed to help run critical infrastructure such as power grids. The previously unreported emails, from October 2009, are from a thread between Eugene Kaspersky and senior staff. In Russian, Kaspersky outlines a project undertaken in secret a year earlier ?per a big request on the Lubyanka side,? a reference to the FSB offices. Kaspersky Lab confirmed the emails are authentic. The software that the CEO was referring to had the stated purpose of protecting clients, including the Russian government, from distributed denial-of-service (DDoS) attacks, but its scope went further. Kaspersky Lab would also cooperate with internet hosting companies to locate bad actors and block their attacks, while assisting with ?active countermeasures,? a capability so sensitive that Kaspersky advised his staff to keep it secret. ?The project includes both technology to protect against attacks (filters) as well as interaction with the hosters (?spreading? of sacrifice) and active countermeasures (about which, we keep quiet) and so on,? Kaspersky wrote in one of the emails. ?Active countermeasures? is a term of art among security professionals, often referring to hacking the hackers, or shutting down their computers with malware or other tricks. In this case, Kaspersky may have been referring to something even more rare in the security world. A person familiar with the company?s anti-DDoS system says it?s made up of two parts. The first consists of traditional defensive techniques, including rerouting malicious traffic to servers that can harmlessly absorb it. The second part is more unusual: Kaspersky provides the FSB with real-time intelligence on the hackers? location and sends experts to accompany the FSB and Russian police when they conduct raids. That?s what Kaspersky was referring to in the emails, says the person familiar with the system. They weren?t just hacking the hackers; they were banging down the doors. The project lead was Kaspersky Lab?s chief legal officer, Igor Chekunov, a former policeman and KGB officer. Chekunov is the point man for technical support to the FSB and other Russian agencies, say three people familiar with his role, and that includes gathering identifying data from customers? computers. One Kaspersky Lab employee who used to ride along with Russian agents on raids was Ruslan Stoyanov, whose technology underpinned the company?s anti-DDoS efforts, says the person familiar with the program. Stoyanov previously worked in the Interior Ministry?s cybercrime unit. In December he and a senior FSB cyber investigator were arrested on treason charges, adding a bizarre twist to the company?s relationship to the government. Kaspersky Lab has said the case involved allegations of wrongdoing before Stoyanov worked for the company. Stoyanov couldn?t be reached for comment. In the emails, Kaspersky said the aim of the project for the FSB was to turn the anti-DDoS technology into a mass-market product for businesses. ?In the future the project may become one of the items on the list of services that we provide to corporate customers,? he wrote. Kaspersky now sells its DDoS protection service to large companies, installing sensors directly inside customers? networks. The company?s website contains a large red notice that it?s not available in the U.S. or Canada. The U.S. government hasn?t identified any evidence connecting Kaspersky Lab to Russia?s spy agencies, even as it continues to turn up the heat. In June, FBI agents visited a number of the company?s U.S. employees at their homes, asking to whom they reported and how much guidance they received from Kaspersky?s Moscow headquarters. And a bill was introduced in Congress that would ban the U.S. military from using any Kaspersky products, with one senator calling ties between the company and the Kremlin ?very alarming.? Russia?s communications minister promptly threatened sanctions if the measure passed. Indeed, many in Russia see the anti-Kaspersky campaign as politics with a dash of protectionism. ?This is quite useless to find any real evidence, any real cases where Kaspersky Lab would violate their privacy policies and transfer some data from U.S. customers, from U.S. enterprise clients, to Russian intelligence or FSB,? says Oleg Demidov, a consultant for researcher PIR Center in Moscow who studies Russian cyberattacks. ?There are no such cases. At least, they are not publicly discussed.? There?s another possibility, given Kaspersky Lab?s success at embedding its products in sensitive locations. Last year, Eugene Kaspersky announced the launch of the company?s secure operating system, KasperskyOS, designed to run systems that control electrical grids, factories, pipelines, and other critical infrastructure. The U.S. Defense Intelligence Agency reportedly circulated a warning that the product could let Russian government hackers disable those systems, a claim Kaspersky denied. Fourteen years in development, Kaspersky Lab?s secure OS is designed to be easily adaptable for the internet of things, everything from web-connected cameras to cars. That could be a great business model for the Russian company. U.S. national security officials seem determined to make sure it isn?t. ?With Carol Matlack BOTTOM LINE - Kaspersky Lab?s ties to the Russian government may threaten its business in the U.S. and Western Europe, which account for almost 60 percent of its sales. From rforno at infowarrior.org Tue Jul 11 12:31:21 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Jul 2017 17:31:21 -0000 Subject: [Infowarrior] - =?utf-8?q?Critics_Blocked_from_President=E2=80=99?= =?utf-8?q?s_Twitter_Account_File_Suit?= Message-ID: (The Knight 1A Institute is at Columbia University) Critics Blocked from President?s Twitter Account File Suit Joined by seven individuals from across the country, the Knight First Amendment Institute filed suit in the Southern District of New York today contending that President Trump and his communications team are violating the First Amendment by blocking individuals from the @realDonaldTrump Twitter account because they criticized the president or his policies. The Knight Institute sent a letter to the White House last month suggesting that it would file suit if the president and his aides did not unblock individuals who had been blocked because of their views. The White House did not respond to that letter. ?President Trump?s Twitter account has become an important source of news and information about the government, and an important forum for speech by, to, or about the president,? said Jameel Jaffer, the Knight Institute?s executive director. ?The First Amendment applies to this digital forum in the same way it applies to town halls and open school board meetings. The White House acts unlawfully when it excludes people from this forum simply because they?ve disagreed with the president.? The president and his aides have aggressively promoted the @realDonaldTrump account as a key channel for communication between the president and the public. The White House uses the account to make formal announcements, defend the president?s official decisions and actions, report on meetings with foreign leaders, and promote the administration?s positions on health care, immigration, foreign affairs, and other matters. The president?s advisors have stated that tweets from @realDonaldTrump are ?official statements.? < - > https://knightcolumbia.org/news/critics-blocked-presidents-twitter-account-file-suit From rforno at infowarrior.org Wed Jul 12 08:51:06 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Jul 2017 13:51:06 -0000 Subject: [Infowarrior] - Judge: Pacemaker data can be used in Middletown arson trial Message-ID: <1D696496-5368-4955-9CF7-308902D74784@infowarrior.org> Judge: Pacemaker data can be used in Middletown arson trial Lauren Pack Staff Writer 6:48 p.m Tuesday, July 11, 2017 Butler County In what is believed to be the first case of its kind to use data from a beating heart as evidence, a Butler County judge ruled Tuesday that evidence from a pacemaker used to get a Middletown man indicted for arson can be presented at trial. Ross Compton, 59, was indicted in January on felony charges of aggravated arson and insurance fraud for allegedly starting a fire in September 2016 at his Court Donegal house. The blaze caused nearly $400,000 in damages. Middletown detectives said Compton gave statements that were ?inconsistent? with evidence collected at the scene. Compton, who has an artificial heart implant that uses an external pump, told police he was asleep when the fire started. When he awoke and saw the fire, he told police he packed some belongings in a suitcase and bags, broke out the glass of his bedroom window with a cane, and threw the bags and suitcase outside before taking them to his car. Police then obtained a search warrant for all of the electronic data stored in Compton?s cardiac pacing device, according to court records. The data taken from Compton?s pacemaker included his heart rate, pacer demand, and cardiac rhythms before, during and after the fire. A cardiologist who reviewed that data determined, ?it is highly improbable Mr. Compton would have been able to collect, pack and remove the number of items from the house, exit his bedroom window and carry numerous large and heavy items to the front of his residence during the short period of time he has indicated due to his medical conditions,? according to court documents. Defense attorney Glenn Rossi argued Tuesday the pacemaker evidence should be thrown out because the search was an invasion of Compton?s constitutional rights and unreasonable seizure of his private information. < - > http://www.journal-news.com/news/judge-pacemaker-data-can-used-middletown-arson-trial/Utxy63jyrwpT2Jmy9ltHQP/ From rforno at infowarrior.org Wed Jul 12 14:49:05 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Jul 2017 19:49:05 -0000 Subject: [Infowarrior] - Millions of Verizon customer records exposed in security lapse Message-ID: <97515B12-69CA-46C0-A6BB-FB47FF95649E@infowarrior.org> Millions of Verizon customer records exposed in security lapse Customer records for at least 14 million subscribers, including phone numbers and account PINs, were exposed. By Zack Whittaker for Zero Day | July 12, 2017 -- 13:00 GMT (06:00 PDT) | Topic: Security An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company. Nice, which counts 85 of the Fortune 100 as customers, plays in two main enterprise software markets: customer engagement and financial crime and compliance including tools that prevent fraud and money laundering. Nice's 2016 revenue was $1.01 billion, up from $926.9 million in the previous year. The financial services sector is Nice's biggest industry in terms of customers, with telecom companies such as Verizon a key vertical. The company has more than 25,000 customers in about 150 countries. Privacy watchdogs have linked the company to several government intelligence agencies, and it's known to work closely with surveillance and phone cracking firms Hacking Team and Cellebrite. In regulatory filings with the Securities and Exchange Commission, Nice noted that it can't control what customers do with its software. "Our products may also be intentionally misused or abused by clients who use our products," said Nice in its annual report. Chris Vickery, director of cyber risk research at security firm UpGuard, who found the data, privately told Verizon of the exposure shortly after it was discovered in late-June. It took over a week before the data was eventually secured. The customer records were contained in log files that were generated when Verizon customers in the last six months called customer service. These interactions are recorded, obtained, and analyzed by Nice, which says it can "realize intent, and extract and leverage insights to deliver impact in real time." Verizon uses that data to verify account holders and to improve customer service. Each record included a customer's name, a cell phone number, and their account PIN -- which if obtained would grant anyone access to a subscriber's account, according to a Verizon call center representative, who spoke on the condition of anonymity as they were not authorized to speak to the press. Several security experts briefed on the exposure prior to publication warned of phone hijacking and account takeovers, which could allow hackers to break into a person's email and social media accounts protected even by two-factor authentication. Verizon has over 108 million post-paid wireless customers. Six folders for each month from January through to June contained several daily log files, apparently recording customer calls from different US regions, based on the location of the company's datacenters, including Florida and Sacramento. Each record also contained hundreds of fields of additional data, including a customer's home address, email addresses, what kind of additional Verizon services a subscriber has, the current balance of their account, and if a subscriber has a Verizon federal government account, to name a few. One field also appeared to record a customer's "frustration score," by detecting if certain keywords are spoken by a customer during a call. < - > http://www.zdnet.com/article/millions-verizon-customer-records-israeli-data/ From rforno at infowarrior.org Wed Jul 12 14:50:54 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Jul 2017 19:50:54 -0000 Subject: [Infowarrior] - Taking The 'S' Out Of 'TSA:' Minneapolis Screeners Fail To Detect Contraband 94% Of The Time Message-ID: <4DE771EB-CA62-41CC-B02D-072B9DB16069@infowarrior.org> Taking The 'S' Out Of 'TSA:' Minneapolis Screeners Fail To Detect Contraband 94% Of The Time https://www.techdirt.com/articles/20170709/13094137747/taking-s-out-tsa-minneapolis-screeners-fail-to-detect-contraband-94-time.shtml < - > According to officials briefed on the results of a recent Homeland Security Inspector General?s report, TSA agents failed 67 out of 70 tests [95%], with Red Team members repeatedly able to get potential weapons through checkpoints. In one test an undercover agent was stopped after setting off an alarm at a magnetometer, but TSA screeners failed to detect a fake explosive device that was taped to his back during a follow-on pat down. Officials would not divulge the exact time period of the testing other than to say it concluded recently. < - > That percentage could conceivably have been worse. According to Fox 9, the Red Team stopped the audit once it hit the 95% threshold. Even the most sociopathic of us finds it uncomfortable to watch supposedly-trained people fail over and over at the one task they've been assigned. Fox also points out the MSP team has failed before, albeit somewhat less spectacularly. Last year, TSA screeners missed 9 of 12 weapons/explosives. Since that previous low water mark, security has only gotten worse. The TSA's response? To borrow a gun from someone who got past the screeners in order to shoot the messenger. When asked about Thursday?s failing grade, the TSA said, ?TSA cannot confirm or deny the results of internal tests and condemns the release of any information that could compromise our nation?s security." Hey, TSA: it's not the release of information that's compromising national security. It's your employees. If they did their job competently, there'd be nothing to report. From rforno at infowarrior.org Wed Jul 12 17:37:24 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Jul 2017 22:37:24 -0000 Subject: [Infowarrior] - =?utf-8?q?Dear_Security_Conference_Speakers_?= =?utf-8?q?=E2=80=93_EFF=E2=80=99s_Coders_Rights_Project_Has_Your_Back?= Message-ID: Dear Security Conference Speakers ? EFF?s Coders Rights Project Has Your Back By Kurt Opsahl July 12, 2017 2-3 minutes https://www.eff.org/deeplinks/2017/07/dear-security-conference-speakers-effs-coders-rights-project-has-your-back Every year, EFF has lawyers with its Coders? Rights Project on hand in Las Vegas at Black Hat, B-Sides and DEF CON for security researchers with legal questions about their research or presentations. EFF?s Coders? Rights Project protects programmers, researchers, hackers, and developers engaged in cutting-edge exploration of technology. Security and encryption researchers help build a safer future for all of us using digital technologies, but too many legitimate researchers face serious legal challenges that prevent or inhibit their work. The 2017 summer security conference legal team will include: ? Staff Attorney Kit Walsh, who works on exemptions protecting security research and vehicle repair, along with a host of other beneficial activities threatened by Section 1201, the anti-circumvention provision of the Digital Millennium Copyright Act (DMCA). ? Criminal Defense Staff Attorney Stephanie Lacambra, a former Federal and San Francisco Public Defender who has turned her expertise toward defending your civil liberties online. ? Senior Staff Attorney Nate Cardozo, a Computer Fraud and Abuse Act expert who works on issues including the Wassenaar Arrangement, cryptography, hardware hacking, and electronic privacy law. ? Deputy Executive Director and General Counsel Kurt Opsahl, who leads the Coders? Rights Project and has been helping security researchers present at the summer security conferences since DEF CON was at the Alexis Park. If you are wondering about whether your research came into a legal gray area, or concerned that the vendor will threaten legal action, please reach out to info at eff.org. All EFF legal consultations are pro bono (free), part of our commitment to help the security researcher community. You can also stop by the EFF booths at each conference to make an appointment with one of our attorneys, though we highly recommend contacting us as far in advance of your talk as possible. And as always, even if you don?t have a legal question, come say hi at the booth or watch one of our talks at DEF CON From rforno at infowarrior.org Fri Jul 14 06:43:42 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Jul 2017 11:43:42 -0000 Subject: [Infowarrior] - DHS Goes Biometric, Says Travelers Can Opt Out Of Face Scans By Not Traveling Message-ID: DHS Goes Biometric, Says Travelers Can Opt Out Of Face Scans By Not Traveling https://www.techdirt.com/articles/20170713/07133237778/dhs-goes-biometric-says-travelers-can-opt-out-face-scans-not-traveling.shtml From rforno at infowarrior.org Fri Jul 14 06:58:10 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Jul 2017 11:58:10 -0000 Subject: [Infowarrior] - Australia plans law to force tech giants to decrypt messages Message-ID: <4408128D-C0C8-41CC-B523-98846E8BE9C6@infowarrior.org> Australia plans law to force tech giants to decrypt messages https://apnews.com/621e0913072a4cb5a1a7f7338721b059/Australia-plans-law-to-force-tech-giants-to-decrypt-messages CANBERRA, Australia (AP) ? The Australian government on Friday proposed a new cybersecurity law to force global technology companies such as Facebook and Google to help police by unscrambling encrypted messages sent by suspected extremists and other criminals. But some experts, as well as Facebook, warned that weakening end-to-end encryption services so that police could eavesdrop would leave communications vulnerable to hackers. The new law would be modeled on Britain?s Investigatory Powers Act, which was passed by the British Parliament in November and gave intelligence agencies some of the most extensive surveillance powers in the Western world, the government said. The Australian bill that would allow courts to order tech companies to quickly unlock communications will be introduced to Parliament by November, officials said. Under the law, internet companies would have the same obligations telephone companies do to help law enforcement agencies, Prime Minister Malcolm Turnbull said. Law enforcement agencies would need warrants to access the communications. ?We?ve got a real problem in that the law enforcement agencies are increasingly unable to find out what terrorists and drug traffickers and pedophile rings are up to because of the very high levels of encryption,? Turnbull told reporters. ?Where we can compel it, we will, but we will need the cooperation from the tech companies,? he added. The government expected resistance from some tech companies, many of them based in the United States. But the companies ?know morally they should? cooperate,? Turnbull said. ?There is a culture, particularly in the United States, a very libertarian culture, which is quite anti-government in the tech sector,? Turnbull said. ?We need to say with one voice to Silicon Valley and its emulators: ?All right, you?ve devised these great platforms, now you?ve got to help us to ensure that the rule of law prevails,?? he added. Attorney-General George Brandis described the growth of encrypted communication applications such as WhatsApp, Signal, Facebook Messenger and iMessage as ?potentially the greatest degradation of intelligence and law enforcement capability that we have seen in our lifetime.? Brandis said he met the British government?s chief cryptographer last week and believed it was technically possible to decode encrypted messages in a time frame that police needed to act. This could be achieved without so-called back doors ? built-in weaknesses that allowed a tech company access to a communication but could also leave it vulnerable to hackers, Brandis said. Facebook said it had a protocol to respond to requests for police help. But the social media giant said it could not read individual encrypted messages. ?Weakening encrypted systems for them (police) would mean weakening it for everyone,? a Facebook statement said on Friday. Australia was a major driver of a statement agreed at the Group of 20 leaders? summit in Germany last week that called on the tech industry to provide ?lawful and non-arbitrary access to available information? needed to protect against terrorist threats. The Australian Federal Police say the proportion of communication traffic they monitor that was encrypted had grown from 3 percent to more than 55 percent in only a few years. Police say 65 percent of organized crime investigations including terrorism and pedophile rings involved some kind of encryption. From rforno at infowarrior.org Fri Jul 14 13:57:21 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Jul 2017 18:57:21 -0000 Subject: [Infowarrior] - WH releases voter-fraud comments, personal info included Message-ID: White House releases voter-fraud comments, personal info included The Presidential Advisory Commission on Election Integrity just doxed your Aunt Carol; be mad. Rob LeFebvre, @roblef 22m ago in Politics https://www.engadget.com/2017/07/14/white-house-voter-fraud-personal-info/ The White House is bad at technology. The President has a Twitter problem, he faces a suit over blocking users on the service and he doesn't seem to mind talking "Cyber Security" with Putin, who runs the country that allegedly hacked our (and other) elections. The Presidential Advisory Commission on Election Integrity continues to seek the personal, identifying information of everyone who voted in the last election, something it is also being sued for. The commission also asked citizens to write in with feedback. As noted by former Secretary of Labor Chris Lu on Twitter, however, the commission published 112 pages of public comment "without redacting email addresses, home addresses & phone numbers." While it may seem like a good thing that the commission has solicited and shared public comment on its request for voter info, publishing the list of emails it has since received ? without any redaction ? seems like a pretty tone-deaf thing to do. Either they didn't check for personal information, or they didn't care. The crazy thing is that either is possible. The 112-page document contains phone numbers, email and even real world addresses in several of the signatures. This information can be used to identify and harass people with ease. It's possible the committee is required by law to release such public commentary, but they really should have redacted full names, email and home addresses. It's bad enough that the commission wants to spend the time and money to prove rampant voter fraud (that doesn't actually seem to have happened), but to gather and expose those who respond is sincerely irresponsible. How can any state trust the White House with its voter records if the executive committee in charge of the process can't even black out a few email addresses? We've reached out to the White House for comment and will update this post when we hear back. From rforno at infowarrior.org Sat Jul 15 19:02:16 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 16 Jul 2017 00:02:16 -0000 Subject: [Infowarrior] - Always read the fine print. Always. Message-ID: Thousands sign up to clean sewage because they didn't read the small print Those who fell for the gag clause inserted into wifi terms and conditions committed to more than a month of community service https://www.theguardian.com/technology/2017/jul/14/wifi-terms-and-conditions-thousands-sign-up-clean-sewage-did-not-read-small-print Friday 14 July 2017 06.07 EDT Last modified on Friday 14 July 2017 09.27 EDT Do you read the terms and conditions? Probably not. No one does. And so, inevitably, 22,000 people have now found themselves legally bound to 1000 hours of community service, including, but not limited to, cleaning toilets at festivals, scraping chewing gum off the streets and ?manually relieving sewer blockages?. The (hopefully) joke clause was inserted in the terms and conditions of Manchester-based wifi company Purple for a period of two weeks, ?to illustrate the lack of consumer awareness of what they are signing up to when they access free wifi?. The company operates wifi hotspots for a number of brands, including Legoland, Outback Steakhouse and Pizza Express. Purple also offered a prize for anyone who actually read the terms and conditions, and flagged up the ?community service clause?. Just one person claimed it. It?s no surprise that people will agree to anything to get free wifi. In 2014, cybersecurity firm F-Secure ran a similar experiment in London, operating a wifi hotspot that anyone could use ? in exchange for their firstborn child. The so-called ?Herod clause? was clearly stated in the terms and conditions, and six people still signed up. Though it?s not clear how many of them simply dislike their eldest children. F-Secure also pointed out that ?while terms and conditions are legally binding ? it is contrary to public policy to sell children in return for free services, so the clause would not be enforceable in a court of law?. It remains unclear whether terms and conditions in general are actually applicable to the typical customer. While they are contracts, and usually considered legally binding as such, some have argued that the inability to negotiate them violates common law principles of fairness, leaving them void. From rforno at infowarrior.org Sun Jul 16 16:47:20 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 16 Jul 2017 21:47:20 -0000 Subject: [Infowarrior] - U.S. Secret Service rejects suggestion it vetted Trump son's meeting Message-ID: (As the aritcle notes, the Secret Service exists to prevent physical harm to politicians -- not political damage. Some ppl in today's WH don't understand that as they try to pass responsibility onto anyone else for their questionable actions. -- rick) July 16, 2017 / 3:56 PM / an hour ago U.S. Secret Service rejects suggestion it vetted Trump son's meeting Arshad Mohammed and Howard Schneider http://www.reuters.com/article/us-usa-trump-russia-idUSKBN1A10Q9 WASHINGTON (Reuters) - The U.S. Secret Service on Sunday denied a suggestion from President Donald Trump's personal lawyer that it had vetted a meeting between the president's son and Russian nationals during the 2016 campaign. Donald Trump Jr. has acknowledged that he met in New York with Russian lawyer Natalia Veselnitskaya after he was told she might have damaging information about his father's rival, Democrat Hillary Clinton. "Well, I wonder why the Secret Service, if this was nefarious, why the Secret Service allowed these people in. The president had Secret Service protection at that point, and that raised a question with me," Jay Sekulow, a member of the president's legal team, said on Sunday on the ABC news program "This Week." In an emailed response to questions about Sekulow's comments, Secret Service spokesman Mason Brayman said the younger Trump was not under Secret Service protection at the time of the meeting, which included Trump's son and two senior campaign officials. "Donald Trump, Jr. was not a protectee of the USSS in June, 2016. Thus we would not have screened anyone he was meeting with at that time," the statement said. According to emails released by Trump Jr. last week, he eagerly agreed to meet Veselnitskaya, who he was told was a Russian government lawyer. Veselnitskaya has said she is a private lawyer and denies having Kremlin ties. On Friday, NBC News reported that a lobbyist who was once a Soviet counter-intelligence officer participated in the meeting, which was also attended by Trump's son-in-law, Jared Kushner, and the president's former campaign manager, Paul Manafort. The meeting appears to be the most tangible evidence of a connection between Trump's election campaign and Russia, a subject that has prompted investigations by congressional committees and a federal special counsel. Moscow has denied any interference and the president and Trump Jr. have denied any collusion. Sekulow's comments about the Secret Service drew quick criticism, including from Frances Townsend, who advised former Republican President George W. Bush on homeland security. "Ok let's try to deflect blame & throw those in @SecretService who protect @POTUS @realDonaldTrump @FLOTUS & family under the bus," she said on Twitter. The Secret Service's mission is to provide physical protection for the U.S. president. The agency also protects major presidential candidates. But its role in vetting people who meet with a U.S. president or candidates is limited to ensuring physical safety. Lawyer: Trump Unaware of Meeting Trump himself has said he was unaware of the meeting between his son and the Russian lawyer until a few days ago. "The president was not aware about this meeting, did not participate in this meeting," Sekulow told the CBS program "Face the Nation." Sekulow added that Trump was not aware of any meetings between his campaign staff and Russians. A federal special counsel and several congressional panels are investigating allegations by U.S. intelligence agencies that Russia meddled in the 2016 U.S. presidential election to hurt Clinton and help Trump. They are also investigating potential connections between Russian officials and the Trump campaign. Senator Mark Warner, the top Democrat on one of the panels investigating the matter, the Senate Intelligence Committee, told CNN: "The level of credibility from the senior level of this administration really is suspect." Warner said he wanted to hear from everyone who attended the June 2016 meeting. "Whether we will be able to get the Russian nationals to come over and testify is an open question, (but) those people that our committee has jurisdiction over, the Americans, I sure as heck want to talk to all of them," Warner said. Additional reporting by Caren Bohan; Editing by Andrea Ricci and Peter Cooney From rforno at infowarrior.org Mon Jul 17 10:12:39 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Jul 2017 15:12:39 -0000 Subject: [Infowarrior] - IBM Mainframe Ushers in New Era of Data Protection Message-ID: <23866555-12F4-486A-81DE-64267A7E0A7A@infowarrior.org> IBM Mainframe Ushers in New Era of Data Protection ARMONK, NY - 17 Jul 2017: IBM (NYSE: IBM) today unveiled IBM Z, the next generation of the world?s most powerful transaction system, capable of running more than 12 billion encrypted transactions per day. The new system also introduces a breakthrough encryption engine that, for the first time, makes it possible to pervasively encrypt data associated with any application, cloud service or database all the time. < - > https://www-03.ibm.com/press/us/en/pressrelease/52805.wss From rforno at infowarrior.org Tue Jul 18 18:02:23 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Jul 2017 23:02:23 -0000 Subject: [Infowarrior] - POTUS and Putin Held a Second, Undisclosed, Private Meeting Message-ID: <9F02188E-58E3-4FA6-9324-99AEB6016711@infowarrior.org> Trump and Putin Held a Second, Undisclosed, Private Meeting By JULIE HIRSCHFELD DAVISJULY 18, 2017 https://www.nytimes.com/2017/07/18/world/europe/trump-putin-undisclosed-meeting.html WASHINGTON ? The White House acknowledged on Tuesday that President Trump had a second, previously undisclosed, private conversation with President Vladimir V. Putin of Russia this month, raising new questions about their relationship as the cloud of Russia investigations continues to shadow the Trump administration. The hourlong conversation in Hamburg, Germany, took place at a private dinner of the world leaders at a conference hall on the banks of the Elbe River during the Group of 20 economic summit meeting. It followed a more than two-hour formal meeting earlier in the day between the two presidents that included their foreign ministers and featured a fraught discussion about Moscow?s attempts to interfere in the 2016 elections. In the earlier meeting, Mr. Trump questioned the Russian president about his role in the American elections, Mr. Putin denied his involvement, and the two men agreed to move beyond the dispute in the interest of finding common ground on other matters, including a limited cease-fire in Syria. But the intimate dinner conversation, of which there is no official United States government record is the latest to raise eyebrows. Foreign leaders who witnessed it later commented privately on the oddity of an American president flaunting such a close rapport with his Russian counterpart. ?Pretty much everyone at the dinner thought this was really weird, that here is the president of the United States, who clearly wants to display that he has a better relationship personally with President Putin than any of us, or simply doesn?t care,? said Ian Bremmer, president of the Eurasia Group, a Washington-based research and consulting firm, who said he heard directly from attendees. ?They were flummoxed, they were confused and they were startled.? White House officials did not respond to repeated inquiries about the nature or substance of the conversation, but one confirmed that it had occurred without offering any details, and insisted on anonymity because the discussion was private. From rforno at infowarrior.org Tue Jul 4 07:27:53 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:27:53 -0000 Subject: [Infowarrior] - In Voter Privacy Case, EPIC Files for Temporary Restraining Order Message-ID: <1B1AE8CD-D6A1-4E0C-8D42-B07FF03841D6@infowarrior.org> https://epic.org/2017/07/in-voter-privacy-case-epic-fil.html In Voter Privacy Case, EPIC Files for Temporary Restraining Order EPIC today filed for a Temporary Restraining Order to block a demand from a Presidential Commission for millions of state voter records. In papers filed in federal district court in Washington, D.C., EPIC explained that the Commission failed to produce and publish a Privacy Impact Assessment, required by Federal law. EPIC also charged that the Commission?s demand for detailed voter histories violated the Constitutional right to privacy. And EPIC explained that the Commission had already committed two egregious security blunders?(1) directing state election officials to send voter records to an unsecure web site and (2) proposing to publish partial SSNs that would enable identity theft and financial fraud. The Court gave the government until Wednesday, July 5 to file an opposition. EPIC will then file a reply. A ruling is expected by the end of the week. The EPIC lawsuit follows a letter from 50 voting experts and 20 privacy organizations urging state election officials to oppose the Commission?s demand. The case is EPIC v. Commission, No. 17-1320 (D.D.C. filed July 3, 2017). From rforno at infowarrior.org Tue Jul 4 07:32:55 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:32:55 -0000 Subject: [Infowarrior] - Forty-one states have refused Kobach's request for voter information Message-ID: Forty-one states have refused Kobach's request for voter information By Liz Stark and Grace Hauck, CNN http://www.cnn.com/2017/07/03/politics/kris-kobach-letter-voter-fraud-commission-information/index.html Washington, DC (CNN) Forty-one states have defied the Trump administration's request for private voter information, according to a CNN inquiry to all 50 states. State leaders and voting boards across the country have responded to the letter with varying degrees of cooperation -- from altogether rejecting the request to expressing eagerness to supply information that is public. Kansas Secretary of State Kris Kobach, vice chairman of the Presidential Advisory Commission on Election Integrity, which President Donald Trump created by executive order in May, sent a letter to all 50 states last Wednesday requesting a bevy of voter data, which he notes will eventually be made available to the public. The order came months after Trump claimed without evidence that millions had voted illegally in the 2016 presidential election. When states began to express concerns about the legality of his administration's efforts to investigate voter fraud, Trump called them out on Twitter on Saturday, questioning whether they were hiding something. < - > But the commission, which is chaired by Vice President Mike Pence, seemed to misunderstand voter privacy laws nationwide. Every state that responded said it could not provide Social Security numbers, for example. Others said they consider information such as birth dates and party affiliations to be private. < - > http://www.cnn.com/2017/07/03/politics/kris-kobach-letter-voter-fraud-commission-information/index.html From rforno at infowarrior.org Tue Jul 4 10:09:29 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 15:09:29 -0000 Subject: [Infowarrior] - =?utf-8?q?Fwd=3A_HTTPS_Certificate_Revocation_is_?= =?utf-8?q?broken=2C_and_it=E2=80=99s_time_for_some_new_tools?= References: <7F4ABA5F-DDE0-48EB-B110-A114E679653A@roscom.com> Message-ID: <69BB3CB4-65B4-417C-8815-8DCC0FCF5694@infowarrior.org> > Begin forwarded message: > > From: Monty S > Subject: HTTPS Certificate Revocation is broken, and it?s time for some new tools > Date: July 4, 2017 at 10:45:51 EDT > > > FYI > > HTTPS Certificate Revocation is broken, and it?s time for some new tools > https://arstechnica.com/security/2017/07/https-certificate-revocation-is-broken-and-its-time-for-some-new-tools/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Wed Jul 5 06:27:07 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 05 Jul 2017 11:27:07 -0000 Subject: [Infowarrior] - US military intelligence agencies have influenced over 1, 800 movies and TV shows Message-ID: <71B9D752-58C3-4938-989A-7E2A6FF3766E@infowarrior.org> (not surprising to some, but probably astonishing to many. --rick) EXCLUSIVE: Documents expose how Hollywood promotes war on behalf of the Pentagon, CIA and NSA US military intelligence agencies have influenced over 1,800 movies and TV shows By Tom Secker and Matthew Alford Tom Secker and Matthew Alford report on their astonishing findings from trawling through thousands of new US military and intelligence documents obtained under the Freedom of Information Act. The documents reveal for the first time the vast scale of US government control in Hollywood, including the ability to manipulate scripts or even prevent films too critical of the Pentagon from being made???not to mention influencing some of the most popular film franchises in recent years. This raises new questions not only about the way censorship works in the modern entertainment industry, but also about Hollywood?s little known role as a propaganda machine for the US national security apparatus. < - > https://medium.com/insurge-intelligence/exclusive-documents-expose-direct-us-military-intelligence-influence-on-1-800-movies-and-tv-shows-36433107c307 From rforno at infowarrior.org Wed Jul 5 14:03:27 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 05 Jul 2017 19:03:27 -0000 Subject: [Infowarrior] - State Dept. Enlists Hollywood And Its Friends To Start A Fake Twitter Fight Over Intellectual Property Message-ID: State Dept. Enlists Hollywood And Its Friends To Start A Fake Twitter Fight Over Intellectual Property from the um,-guys? dept For all the talk of "fake news" going around these days, you'd think that the federal government would avoid creating more of its own on purpose. And you'd think that the MPAA and RIAA would know better than to join in on such a project. However, the following email was sent to some folks at Stanford Law School asking the law school to join in this fake news project promoting intellectual property via a fake Twitter feud.... < - > https://www.techdirt.com/articles/20170705/10241437723/state-dept-enlists-hollywood-friends-to-start-fake-twitter-fight-over-intellectual-property.shtml From rforno at infowarrior.org Wed Jul 5 18:39:11 2017 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 05 Jul 2017 23:39:11 -0000 Subject: [Infowarrior] - Sharp focus on Alzheimer's may help target drugs Message-ID: (c/o DM) Sharp focus on Alzheimer's may help target drugs By James Gallagher Health and science reporter, BBC News website http://www.bbc.com/news/health-40493868 Abnormal deposits that build up in the brain during Alzheimer's have been pictured in unprecedented detail by UK scientists. The team at the MRC Laboratory of Molecular Biology says its findings "open up a whole new era" in neurodegenerative disease. Their work should make it easier to design drugs to stop brain cells dying. The researchers used brain tissue from a 74-year-old woman who died after having Alzheimer's disease. The form of dementia leads to tangles of a protein called tau spreading throughout the brain. The more tau tangles there are, the worse the symptoms tend to be. Doctors have known this has happened for decades but what has been missing is a detailed understanding of what the tangles look like. The team took advantage of the "resolution revolution" in microscopy to take thousands of highly detailed images of the tau inside the woman's brain tissues. And using computer software, they figured out the tangles look like this: It is pretty meaningless to an untrained eye, but to scientists this could be one of the most important recent discoveries in tackling dementia. Attempts to develop a drug to slow the pace of dementia have been met by repeated failure. But it is hard to come up with a drug when you do not know the precise chemical structure of what you are targeting. Dr Sjors Scheres, one of the researchers, told the BBC News website: "It's like shooting in the dark - you can still hit something but you are much more likely to hit if you know what the structure is. "We are excited - it opens up a whole new era in this field, it really does." Similar dysfunctional proteins are found in many brain diseases. Alzheimer's also has beta amyloid while Parkinson's has alpha synuclein. The structure of tau, published in the journal Nature, is the first to be determined in such detail. Fellow researcher Dr Michel Goedert told the BBC: "This is a big step forward as far as tau goes but it is bigger than that. "This is the first time anybody has determined the high-resolution structure [from human brain samples] for any of these diseases. "The next step is to use this information to study the mechanisms of neurodegeneration." Dr Tara Spires-Jones, from the centre for cognitive and neural systems at the University of Edinburgh, said the findings "substantially advance what we know". She added: "These results will be useful for developing molecules to detect tau tangles in patients and potentially for developing treatments." From rforno at infowarrior.org Thu Jul 6 06:42:42 2017 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 06 Jul 2017 11:42:42 -0000 Subject: [Infowarrior] - POTUS on election meddling: 'Nobody really knows for sure' Message-ID: <4140E1F9-CBFB-4525-A275-664123B5ED62@infowarrior.org> I see Tweety Amin is in the running for the most moronic waffling deflection couldnt-care-less non-answer of the year award. Because, winning. "Nobody really knows for sure" -- and of course, POTUS isn't the least bit interested in finding out. By that logic, a person could have dementia, but "nobody really knows" unless they care enough to visit a doctor and get external, informed, objective, data-driven assessments. -- rick Trump on election meddling: 'Nobody really knows for sure' By Rebecca Savransky - 07/06/17 06:02 AM EDT 300 http://thehill.com/homenews/administration/340780-trump-real-question-is-why-obama-did-nothing-about-meddling President Trump said in Poland on Thursday that he thinks Russia and "people in other countries" likely meddled in the 2016 presidential race, but "nobody really knows." "I think it was Russia and I think it could have been other people in other countries," Trump said during a joint press conference with Polish President Andrzej Duda. "It could have been a lot of people interfered." Trump reiterated during the news conference that he thinks it "could very well have been Russia." "But I think it could well have been other countries and I won't be specific but I think a lot of people interfere," he said. When pressed further, Trump stood by his answer. "I think it was Russia but I think it was probably other people and/or countries, and I see nothing wrong with that statement," he said. "Nobody really knows," he added. "Nobody really knows for sure." "It was Russia and I think it was probably others also and that's been going on for a long period of time." Trump also blasted former President Obama for his response to the Russian meddling. "Barack Obama, when he was president, found out about this, in terms of if it were Russia, found out about it in August," Trump said. "Now, the election was in November. That's a lot of time. He did nothing about it." Trump questioned why the former president did nothing. "They say he choked. Well, I don't think he choked. I think what happened is he thought Hillary Clinton was going to win the election," Trump said. "And he said, lets not do anything about it. Had he thought the other way, he would have done something about it," he continued. "So that's the real question is why did he do nothing form August all the way to November and why did he do nothing. His people said he choked. I don't think he choked." Trump in the past has decried the investigation into the Russian meddling in the 2016 presidential race and possible collusion between his campaign and Moscow, calling the probe a "witch hunt." From rforno at infowarrior.org Thu Jul 6 15:24:09 2017 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 06 Jul 2017 20:24:09 -0000 Subject: [Infowarrior] - In TV Ratings Game, Networks Try to Dissguys Bad Newz from Nielsen Message-ID: <14C38271-B351-43B8-975B-ECBDF6970319@infowarrior.org> In TV Ratings Game, Networks Try to Dissguys Bad Newz from Nielsen They misspell shows to fool the firm?s automated system into ignoring broadcasts on nights with few viewers; ?NBC Nitely News? Joe Flint July 6, 2017 10:22 a.m. ET https://www.wsj.com/articles/in-tv-ratings-game-networks-try-to-dissguys-bad-newz-from-nielsen-1499350955 Boosting TV ratings is easy for networks that don?t mind playing dumb. In a game largely sanctioned by TV-ratings firm Nielsen, television networks try to hide their shows? poor performances on any given night by forgetting how to spell. That explains the appearance of ?NBC Nitely News,? which apparently aired on the Friday of Memorial Day weekend this year, when a lot of people were away from their TVs. The retitling of ?NBC Nightly News? fooled Nielsen?s automated system, which listed ?Nitely? as a separate show. Hiding the May 26 program from Nielsen dramatically improved the show?s average viewership that week. Instead of falling further behind first-place rival ?ABC World News Tonight,? NBC news narrowed the gap. Walt Disney Co.?s ABC declined to comment. The network, though, groused last month when NBC News intentionally misspelled an entire week of ?Nightly News? broadcasts. Altogether, NBC, which is ranked second behind ABC in ratings, has played the misspell card 14 times since the start of the 2016-17 television season last fall. NBC News said it broke no rules. ?As is standard industry practice, our broadcast is retitled when there are pre-emptions and inconsistencies or irregularities in the schedule, which can include holiday weekends and special sporting events,? a show spokesman said. The network needn?t feel defensive. ABC took its own ratings mulligan seven times during the 2016-17 season with ?Wrld New Tonite.? CBS misspelled ?The CBS Evening News? as the ?CBS Evening Nws? 12 times this season. ?It?s a little bit of gamesmanship,? said Bill Carroll, a veteran TV industry consultant. ?It?s a practice that happens with a wink and a nod.? Nielsen projects viewer ratings based on a panel of more than 40,000 homes and 100,000 people. Higher ratings help networks sell commercial time at higher rates. The network misspellings fudge that calculation, and some advertisers say the trick is getting overused. ?Networks never used to do this,? said Billie Gold, director of programming at ad giant Dentsu Inc. Now, she said, it has become the norm. TV news executives say the higher numbers gathered from show misspellings are used only for publicity purposes, and that accurate ratings for the missing broadcasts are readily available to advertisers. Ms. Gold and other ad executives say they are frustrated with the detective work required to kick the tires on network viewer ratings. She said her clients are surprised by the difference between the number of eyeballs the networks claim and Ms. Gold?s tally, which accounts for the altered titles. ?When people ask us why our estimates are so much lower than what they see,? she said. ?We explain the situation, and they have their ?ah-ha? moment.? Faced with complaints that title typos have grown from a trickle to a torrent, Nielsen plans to hold a meeting about it next week for TV industry representatives. ?If we find a network working in contrast to this agreed-upon policy, we address the issue in a direct fashion as a way to maintain fairness and balance for all of our clients and the industry as a whole,? Nielsen said. Nielsen has long had a so-called tilting rule that allows TV networks to fiddle with programs for special circumstances. For years, tilting was used sparingly, reserved primarily for Christmas and Thanksgiving or if a show was pre-empted in parts of the U.S. for a live sports event. Misspelling isn?t the only network trick. CBS boasted that its legal drama ?Bull? was the most-watched new show of the just-finished TV season. Typically, a show?s viewership is calculated using the ratings of both first-run and repeated episodes, which are labeled ?R? or ?repeat.? When CBS submitted its schedule to Nielsen, however, it labeled reruns of ?Bull? as an ?encore.? The ratings service categorized it as a different show and didn?t factor the rerun into the show?s season average. ?That?s bull,? cracked Brad Adgate, a longtime ad executive who studies TV ratings. For advertisers, the network sleight-of-hand is a pain in the neck, he said: ?You have to pay a little more attention if you want do an analysis.? A CBS spokesman declined to comment. Another ratings game involves the calculated placement of national TV commercials. NBC?s ?Saturday Night Live? typically loads all of its national commercials in the first hour of the 90-minute show. Since Nielsen counts viewers of a show only through the last network commercial break, the ratings service ignores SNL?s last half-hour, when viewers generally turn away. Sometimes networks sneak in a second airing of a show and add the additional viewers to tally of the original telecast and hope no one notices. NBC in 2015 persuaded almost a dozen of its local TV station affiliates to rerun ?Nightly News? after 2 a.m. At the time, NBC said, it was focused ?on ways to reach our audience when and how they want to be reached.? A rival network thought otherwise and alerted NBC advertisers to the practice. After learning of the stunt, many advertisers cried foul. They told NBC whoever was watching the newscast at that hour wasn?t the kind of consumer they wanted to reach. NBC said it quickly discontinued the practice. From rforno at infowarrior.org Thu Jul 6 19:04:10 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 07 Jul 2017 00:04:10 -0000 Subject: [Infowarrior] - =?utf-8?q?I_Found_Han----Solo=E2=80=99s_anti-Semi?= =?utf-8?q?tic_Posts=2E_Then=2C_the_Death_Threats_Started=2E?= Message-ID: (some text nsfw) I Found Han----Solo?s anti-Semitic Posts. Then, the Death Threats Started. This is what it?s like to report on extremism in the Trump era. By Jared Yates Sexton July 06, 2017 http://www.politico.com/magazine/story/2017/07/06/hanassholesolo-anti-semitic-posts-215344 From rforno at infowarrior.org Fri Jul 7 06:39:13 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 07 Jul 2017 11:39:13 -0000 Subject: [Infowarrior] - Leaks crackdown sends chills through national security world Message-ID: <5D135067-EF8E-44F5-92CA-D2E32C61BE84@infowarrior.org> Trump?s leaks crackdown sends chills through national security world Agency officials say measures have been taken to isolate leakers, creating a culture of fear. By Ali Watkins and Josh Dawsey 07/07/2017 05:11 AM EDT http://www.politico.com/story/2017/07/07/trumps-leak-vendetta-sends-chills-240274 < - > White House press secretary Sean Spicer declined to comment on fears of a crackdown but said the administration takes leaks seriously. ?This Administration understands the importance of safeguarding classified and sensitive information. Those that leak classified and sensitive information threaten our national security,? Spicer said. But Steven Aftergood, who runs the Federation of American Scientists? Project on Government Secrecy, said the drive against leaks ? something that was also prominent under the Obama administration ? has taken on a more aggressive tone under Trump. ?What?s happening now is there seems to be a broader objection not to any individual leak so much as to the fact of independent reporting that is at odds with the White House narrative,? Aftergood said. < - > There are early indications that the White House considers the release of embarrassing information a transgression tantamount to the unauthorized disclosure of state secrets. Under Trump, there is concern that the full weight of these probes could be used to find political dissidents within the ranks ? with the violation not being rooted in a criminal statute, but instead in Trump?s expectation of loyalty. And there?s a feeling of fundamental unfairness, as leaks continue flowing out of the White House. ?They don?t mind the leaking as long as they control it,? one of the U.S. officials said. From rforno at infowarrior.org Fri Jul 7 08:14:17 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 07 Jul 2017 13:14:17 -0000 Subject: [Infowarrior] - Judge denies DOJ effort to halt Twitter lawsuit over national security orders Message-ID: Judge denies DOJ effort to halt Twitter lawsuit over national security orders Twitter wants to be able to say precisely how many secret orders it received. Cyrus Farivar - 7/6/2017, 4:45 PM A federal judge in California has decided to allow Twitter?s lawsuit against the attorney general?s office to go forward. She rejected arguments that the social media giant should not be allowed to be precise in its transparency reports when describing how it responds to the government?s requests for user data. Twitter has argued that, just as it has been precise in other areas of its transparency report, so too should it be allowed to say precisely how many national security orders it has received from American authorities. For now, under federal law, it is only allowed to describe those numbers in vague ranges, such as ?0 to 499,? and ?500 to 999,? and so forth. Lawyers for Twitter say that this law constitutes a violation of the company?s First Amendment rights and is ?prior restraint,? a concept of blocking legitimate speech before it is uttered. Attorneys from the Department of Justice claimed in a hearing in federal court in Oakland, California, earlier this year that if Twitter is allowed to specifically say how many national security orders it has received, potential adversaries could somehow use that number to inflict harm. But the judge didn?t buy it. ?The Government has not presented evidence, beyond a generalized explanation, to demonstrate that disclosure of the information in the Draft Transparency Report would present such a grave and serious threat of damage to national security as to meet the applicable strict scrutiny standard,? US District Judge Yvonne Gonzalez Rogers wrote in a 21-page order on Thursday. < - > https://arstechnica.com/tech-policy/2017/07/judge-denies-doj-effort-to-halt-twitter-lawsuit-over-national-security-orders/ From rforno at infowarrior.org Fri Jul 7 14:17:31 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 07 Jul 2017 19:17:31 -0000 Subject: [Infowarrior] - W3C has overruled members' objections and will publish its DRM for videos Message-ID: The W3C has overruled members' objections and will publish its DRM for videos Cory Doctorow / 11:04 am Fri Jul 7, 2017 http://boingboing.net/2017/07/07/eschatology-watch.html From rforno at infowarrior.org Fri Jul 7 14:29:58 2017 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 07 Jul 2017 19:29:58 -0000 Subject: [Infowarrior] - Maddow warns other media of fake NSA documents Message-ID: Maddow warns other media of fake NSA documents Joe Concha http://thehill.com/homenews/media/340978-maddow-warns-other-media-of-fake-nsa-documents MSNBC host Rachel Maddow warned other media outlets on Thursday that she believes she was provided forged National Security Agency documents alleging collusion between a Trump campaign official and Russia's efforts to influence last year's presidential election. ?I feel like I need to send this up like a flare for other news organizations in particular,? Maddow said on her program Thursday night. ?Somebody, for some reason, appears to be shopping a fairly convincing fake NSA document that purports to directly implicate somebody from the Trump campaign in working with the Russians in their attack in the election,? she said. ?This is news, because: Why is someone shopping a forged document of this kind to news organizations covering the Trump-Russia affair?? Maddow asked. Maddow explained that she and her producers compared the document they received with a leaked NSA document published last month by The Intercept. That document quickly resulted in the arrest of a 26-year-old federal contractor, Reality Winner. Maddow said she thinks the document she received was created by copying elements of the document published by The Intercept. The MSNBC host made a similar allegation back in March when she suggested Trump himself may have leaked his 2005 tax documents. ?He's the only person who could leak it without concern of being sued by Trump or anyone else,? she said at the time. ?They're trying to threaten us for publishing them which is complete bull.? David Cay Johnston, the reporter who obtained the tax documents, also said while discussing the documents on ?The Rachel Maddow Show? Tuesday that Trump could have been behind the leak, as did MSNBC "Morning Joe" co-host Joe Scarborough. From rforno at infowarrior.org Sat Jul 8 09:26:41 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 08 Jul 2017 14:26:41 -0000 Subject: [Infowarrior] - Author of Original Petya Ransomware Publishes Master Decryption Key Message-ID: <708BA5B8-158B-495C-BB55-940EBFA6BF83@infowarrior.org> Author of Original Petya Ransomware Publishes Master Decryption Key Catalin Cimpanu July 7, 2017 05:37 AM The author of the original Petya ransomware ? a person/group going by the name of Janus Cybercrime Solutions ? has released the master decryption key of all past Petya versions. This key can decrypt all ransomware families part of the Petya family except NotPetya, which isn't the work of Janus. This list includes: ? First Petya ransomware version (flashed white skull on red background during boot-up screens) ? Second Petya version that also included Mischa ransomware (flashed green skull on black background during boot-up screens) ? Third Petya version, also known as GoldenEye ransomware (flashed yellow skull on black background during boot-up screens) < - > This key won't help NotPetya victims because the NotPetya ransomware was created by "pirating" the original Petya ransomware and modifying its behavior by a process called patching. NotPetya used a different encryption routine and was proven to have no connection to the original Petya. < - > https://www.bleepingcomputer.com/news/security/author-of-original-petya-ransomware-publishes-master-decryption-key/ From rforno at infowarrior.org Sun Jul 9 10:11:04 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 15:11:04 -0000 Subject: [Infowarrior] - New Research Estimates Value of Removing DRM Locks Message-ID: <6654C271-B136-47D0-BD71-A6FDB1E337B3@infowarrior.org> New Research Estimates Value of Removing DRM Locks By Cory Doctorow July 9, 2017 https://www.eff.org/deeplinks/2017/07/new-research-estimates-value-removing-drm-locks From rforno at infowarrior.org Sun Jul 9 11:48:38 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 09 Jul 2017 16:48:38 -0000 Subject: [Infowarrior] - Donald Trump Solved the Cyber Message-ID: (PSA: There is no such thing as an ?impenetrable cyber security unit? -- and never will be. "Total security" of anything is a noble goal, but a total myth. --rick) Donald Trump Solved the Cyber Rhett Jones46 minutes ago https://gizmodo.com/donald-trump-solved-the-cyber-1796753272 The morning after the Washington Post published a story claiming that Russians were responsible for cyber-intrusions into the business systems of American energy companies, Donald Trump addressed the cyber. He has a plan. ?Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded,? Trump tweeted. Minds were blown. This is a strategy that no one had considered. Who could imagine that the solution to Russia?s hacking and interference in the 2016 election would be solved by just partnering up with Russia to tighten our(?) cybersecurity? According to Former Secretary of Defense Ash Carter, the Russians would have thought of that. Speaking on CNN?s State of the Union explained that this is standard Moscow procedure: Deny, ask for American intelligence as proof, then propose a working group. When Trump met with Vladimir Putin at the G20 conference in Hamburg on Friday, election hacking was the first item on the agenda according to Secretary of State Rex Tillerson. Trump reportedly opened the meeting by point blank asking Putin, ?I?m going to get this out of the way: Did you do this?? Russia?s Foreign Minister Sergei Lavrov painted a slightly different picture, telling reporters, ?U.S. President Trump said that he heard firm assertions from Russian President Putin that it is not true and that Russian authorities have not meddled in the elections,? Lavrov claims that Trump ?said that he accepts these assertions ? that?s it.? Putin was less direct in his account of the meeting. According to the New York Times, he said that he ?got the impression that my answers satisfied him.? When asked repeatedly if Trump believed Russia?s denials of hacking, he simply said they?d have to ask the American president. When Putin?s spokesperson, Dmitri S. Peskov, was asked about the difference between Tillerson and Lavrov?s characterizations of the meeting, Peskov said, ?Believe Lavrov.? The president has not disputed the Russian Foreign Minister?s version of the meeting. Trump?s Sunday morning tweets are the most substantial account of the meeting from the president that we?ve received yet. And since the White House has said that Trump?s tweets are official statements, I guess we have to take them seriously. We?re really doing this. We?re going to create some sort of joint cyber unit with Russia that will prevent them from hacking. Appearing on ABC?s This Week on Sunday, Treasury Secretary Steve Mnuchin praised the idea. ?What we want to make sure is that we coordinate with Russia, that we?re focused on cybersecurity together, that we make sure that they never interfere in any democratic elections or conduct any cybersecurity.? That was the end of the sentence. We want to coordinate with Russia and make sure they don?t conduct any cybersecurity. Former Trump Campaign Manager and current informal White House advisor Corey Lewandowski appeared on Fox News on Saturday and gave the best indication of what?s going on here. ?What we saw yesterday and what?s been reported yesterday is that the president took this issue directly to Vladimir Putin, questioned him if they were involved in meddling in the elections in any way, shape, or form, and from what we are hearing, the Russians have denied this,? he said. ?I don?t know what else the mainstream media can talk about other than the fact that there was no collusion,? said Lewandowski. ?There was no coordination. Now, the president is taking this issue directly to the president of Russia and raised it so now I think the issue is officially dead.? Putin says he didn?t do it. So, that?s true. And there?s no possible coordination between the campaign and Russia because Putin didn?t do it. Trump has repeatedly indicated that he thinks he can just make this whole issue go away through sheer will. The most prominent example is when he fired FBI Director James Comey and reportedly told the Russian Ambassador in a private meeting, ?I faced great pressure because of Russia. That?s taken off.? It wasn?t. Trump did land himself under investigation for obstruction of justice, though. Republicans were furious with Trump this morning. Senator Marco Rubio tweeted ?Partnering with Putin on a ?Cyber Security Unit? is akin to partnering with Assad on a ?Chemical Weapons Unit?.? And speaking on Meet the Press, Lindsay Graham said that working with Russia on cybersecurity is ?dumbest idea I?ve ever heard.? But Graham also said, ?He understands the world pretty damn well except for Russia... I just don?t get it.? The stupidity is infecting everyone. If you need some sort of reassurance that Trump is just a moron and definitely not a Russian spy, consider one of his subsequent tweets. ?Sanctions were not discussed at my meeting with President Putin,? he wrote. ?Nothing will be done until the Ukrainian & Syrian problems are solved!? Considering there aren?t any sanctions on Russia that are tied to Syria, Trump just raised the stakes on what the US is demanding from the Kremlin. From rforno at infowarrior.org Sun Jul 2 09:09:17 2017 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 02 Jul 2017 14:09:17 -0000 Subject: [Infowarrior] - Russian anti-virus CEO offers up code for US govt scrutiny Message-ID: Jul 2, 7:51 AM EDT Russian anti-virus CEO offers up code for US govt scrutiny By RAPHAEL SATTER and VERONIKA SILCHENKO Associated Press http://hosted.ap.org/dynamic/stories/E/EU_RUSSIA_KASPERSKY MOSCOW (AP) -- The chief executive of Russia's Kaspersky Lab says he's ready to have his company's source code examined by U.S. government officials to help dispel long-lingering suspicions about his company's ties to the Kremlin. In an interview with The Associated Press at his Moscow headquarters, Eugene Kaspersky said Saturday that he's also ready to move part of his research work to the U.S. to help counter rumors that he said were first started more than two decades ago out of professional jealousy. "If the United States needs, we can disclose the source code," he said, adding that he was ready to testify before U.S. lawmakers as well. "Anything I can do to prove that we don't behave maliciously I will do it." Kaspersky, a mathematical engineer who attended a KGB-sponsored school and once worked for Russia's Ministry of Defense, has long been eyed suspiciously by his competitors, particularly as his anti-virus products became popular in the U.S. market. Some speculate that Kaspersky, an engaging speaker and a fixture of the conference circuit, kept his Soviet-era intelligence connections. Others say it's unlikely that his company could operate independently in Russia, where the economy is dominated by state-owned companies and the power of spy agencies has expanded dramatically under President Vladimir Putin. No firm evidence has ever been produced to back up the claims. But this has not stopped what was once gossip at tech conferences from escalating into public accusations from American politicians and intelligence officials amid rising concerns over Russian interference in the United States. Senior U.S. intelligence officials have advised Congress to steer well clear of Kaspersky's products and Congress is weighing a proposal to ban the company from the Pentagon. Law enforcement seems to be taking a hard look at the company as well. On Wednesday, NBC news reported that at least a dozen U.S. employees of Kaspersky were visited at their homes by FBI agents. Kaspersky confirmed the NBC report, although he said he didn't know what the focus of the FBI's questioning was. He did say his relationship with the FBI was now shot. "Unfortunately, now the links to the FBI are completely ruined," he said, explaining that the agency had frozen out his company, one of the few connected to both U.S. and Russian law enforcement. "It means that if some serious crime happens that needs Russian law enforcement to cooperate with FBI, unfortunately it's not possible." The FBI didn't immediately return a message seeking comment, but agents are unlikely to lose much sleep over that. Kaspersky allowed that cooperation between Russia and the United States on cybercrime has often been "far from perfect." But lawmakers' moves to single out the company for special punishment worries even Kaspersky's critics, who note that it would set an unfavorable precedent for American technology firms - many of whom are known to work closely with the U.S. National Security Agency. Kaspersky defended his work during the interview, saying he never benefited from official protection of any kind. "I do understand why we look strange. Because for Russia it's very unusual, a Russian IT that's very successful everywhere around the world. But it's true," he said. Kaspersky said his company does exclusively defensive work, although under questioning he allowed that some unnamed governments had tried to nudge him toward hacking - what he calls "the dark side." "There were several times it was close to that," he said, adding that the officials involved weren't Russian. He said in one case a discussion about defensive cybersecurity cooperation "turned to the offensive." "I stopped that immediately. I don't even want to talk about it," he said. Kaspersky's offer to have his code audited may not quiet all the skeptics, some of whom are concerned less about the integrity of the company's software and more about the company's staff and the data they gather. Like many cybersecurity outfits in the U.S. and elsewhere, some Kaspersky employees are former spies. Kaspersky acknowledged having ex-Russian intelligence workers on his staff, mainly "in our sales department for their relationship with the government sector." But he added that his company's internal network was too segregated for a single rogue employee to abuse it. "It's almost not possible," he said. "Because to do that, you have to have not just one person in the company, but a group of people that have access to different parts of our technological processes. It's too complicated." And he insisted his company would never knowingly cooperate with any country's offensive cyber operations. "We stay on the bright side," he said, "And never, never go to the dark side." --- Satter reported from Kiev, Ukraine. From rforno at infowarrior.org Mon Jul 3 06:22:27 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 03 Jul 2017 11:22:27 -0000 Subject: [Infowarrior] - Independent Press Is Under Siege as Freedom Rings Message-ID: Independent Press Is Under Siege as Freedom Rings Jim Rutenberg MEDIATOR JULY 2, 2017 https://www.nytimes.com/2017/07/02/business/media/independent-press-is-under-siege-as-freedom-rings.html Happy Birthday, America, I guess. You?re old enough to know that you can?t always have a feel-good birthday. And let?s face it: This Fourth of July just isn?t going to be one of them. How could it be when one of the pillars of our 241-year-old republic ? the First Amendment ? is under near-daily assault from the highest levels of the government? When the president of the United States makes viciously personal attacks against journalists ? and then doubles down over the weekend by posting a video on Twitter showing himself tackling and beating a figure with a CNN logo superimposed on his head? (Every time you think he?s reached the limit ?) How could it be when the president lashes out at The Washington Post by making a veiled threat against the business interests of its owner, Jeff Bezos, suggesting that his other company, Amazon, is a tax avoider? (Where have we seen that sort of thing before ? Russia maybe?) Or when the White House plays so many games with its press briefings, taking them off camera and placing conditions on how and when they can run ? or, in the case of its rare, unrestricted live briefings, using them to falsely accuse the news media of ?dishonesty?? For those who cherish a robust free press, it?s hard to feel much like partying after witnessing how some cheered Representative Greg Gianforte, Republican of Montana, for body slamming a reporter for The Guardian, Ben Jacobs. His sin: asking unwelcome questions. The ?he had it coming? camp?s celebration of the violence against a reporter seemed out of step with Mr. Gianforte?s own response. He ultimately apologized, pleaded guilty to assault and pledged a $50,000 donation to the Committee to Protect Journalists. Then again, it wasn?t out of step with President Trump, whose weekend tweet appeared to promote violence against CNN ? which, some argued, violated Twitter?s harassment policies ? certainly undercut Mr. Gianforte?s message of contrition. Yes, America, all of the attacks against something so central to your identity must have you in quite the birthday funk. The likely reaction in anti-press precincts to a column like this one will be that mainstream journalists think they?re above reproach, which is nonsense. When a real news organization makes a mistake, it takes action, as CNN recently did when it retracted an article about the Russia investigation, saying the article had not received the proper vetting. Three people lost their jobs. The Trump administration torqued it into supposed proof that CNN and much of the rest of the news media ? including The New York Times and The Washington Post ? are ?fake news.? It was a powerful reminder to journalists everywhere to take the extra time to get it right, to make sure that the processes that ensure editorial quality and accuracy remain intact and strong. The stakes are higher now, as the anti-press sentiment veers into calls for more action against journalists, if not against journalism itself. Look no further than the new National Rifle Association advertisement. In it, the conservative radio and television star Dana Loesch angrily describes how ?they? ? whoever they are ? ?use their media to assassinate real news,? contributing to a ?violence of lies? that needs to be combated with ?the clenched fist of truth.? Given that the ad was for a pro-gun group, this sort of thing ?tends toward incitement,? Charles P. Pierce wrote in Esquire. (Added context: The N.R.A. chief Wayne LaPierre recently called ?academic elites, political elites and media elites? America?s ?greatest domestic threats.?) The Fox News host Sean Hannity has urged the Trump administration to force reporters to submit written requests in advance of the daily White House press briefing, which, he said, should be narrowly tailored to specific topics the administration wants to talk about. Mr. Hannity?s good buddy Newt Gingrich went one better, suggesting that administration officials fully close the briefing room to the news media, which he has called ?a danger to the country right now.? What?s most extraordinary in all of this is how many people calling for curtailments on the free press are such professed ?constitutionalists? and admirers of the founders. The founders didn?t view the press as particularly enlightened, and from the earliest days of the republic it certainly wasn?t. (To wit, a passage in The Aurora, an early publication, described George Washington as ?the source of all the misfortunes of our country.?) But they drafted the founding documents to enshrine press freedom for good reason. As the Stanford University history professor Jack Rakove said in an interview last week, James Madison was most concerned about a misinformed public?s acting on misplaced passions, and saw the press as an antidote. Were he alive now, Mr. Rakove said, ?Madison would be worried by the idea of government whipping up or exploiting? what he called ?badly formed passions.? Sure, there were the occasional stumbles, like the short-lived Alien and Sedition Acts of 1798, which banned ?false, scandalous and malicious writing? about the government, but they led to stronger free speech protections. So this, our 241st birthday, seems just the time to invite some of our forebears to remind us ? including those at the top of the government ? why a free press is so important. ?Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech.? ? Benjamin Franklin, 1722 ?There is nothing so fretting and vexatious, nothing so justly terrible to tyrants, and their tools and abettors, as a free press.? ? Samuel Adams, 1768 ?The freedom of speech may be taken away ? and, dumb and silent we may be led, like sheep, to the slaughter.? ? George Washington, to officers of the Army, 1783 ?Nothing could be more irrational than to give the people power, and to withhold from them information without which power is abused. A popular government, without popular information, or the means of acquiring it, is but a prologue to a farce or a tragedy; or, perhaps both.? ? James Madison, 1822 ?There is a terrific disadvantage not having the abrasive quality of the press applied to you daily, to an administration. even though we never like it, and even though we wish they didn?t write it, and even though we disapprove, there still isn?t any doubt that we couldn?t do the job at all in a free society without a very, very active press.? ? John F. Kennedy, 1962 ?Since the founding of this nation, freedom of the press has been a fundamental tenet of American life. There is no more essential ingredient than a free, strong and independent press to our continued success in what the founding fathers called our ?noble experiment? in self-government.?? ? Ronald Reagan, 1983 ?Power can be very addictive, and it can be corrosive. And it?s important for the media to call to account people who abuse their power, whether it be here or elsewhere.? George W. Bush, 2017 Jaclyn Peiser contributed reporting. A version of this article appears in print on July 3, 2017, on Page B1 of the New York edition with the headline: Celebrating Independence As Free Press Is Besieged. Order Reprints| Today's Paper|Subscribe From rforno at infowarrior.org Mon Jul 3 16:12:25 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 03 Jul 2017 21:12:25 -0000 Subject: [Infowarrior] - Facebook can track your browsing even after you've logged out, judge says Message-ID: <6160F240-C999-4205-BF4F-D98F695CE5DE@infowarrior.org> Facebook can track your browsing even after you've logged out, judge says Judge dismisses lawsuit accusing Facebook of tracking users? activity, saying responsibility was on plaintiffs to keep browsing history private Olivia Solon in San Francisco and agencies https://www.theguardian.com/technology/2017/jul/03/facebook-track-browsing-history-california-lawsuit Monday 3 July 2017 15.17 EDT Last modified on Monday 3 July 2017 15.33 EDT A judge has dismissed a lawsuit accusing Facebook of tracking users? web browsing activity even after they logged out of the social networking site. The plaintiffs alleged that Facebook used the ?like? buttons found on other websites to track which sites they visited, meaning that the Menlo Park, California-headquartered company could build up detailed records of their browsing history. The plaintiffs argued that this violated federal and state privacy and wiretapping laws. US district judge Edward Davila in San Jose, California, dismissed the case because he said that the plaintiffs failed to show that they had a reasonable expectation of privacy or suffered any realistic economic harm or loss. Davila said that plaintiffs could have taken steps to keep their browsing histories private, for example by using the Digital Advertising Alliance?s opt-out tool or using ?incognito mode?, and failed to show that Facebook illegally ?intercepted? or eavesdropped on their communications. ?Facebook?s intrusion could have easily been blocked, but plaintiffs chose not to do so,? said Davila, who dismissed an earlier version of the five-year-old case in October 2015. Clicking on the Facebook ?like? button on a third party website ? for example, theguardian.com ? allows people to share pieces of content to Facebook without having to copy and paste the link into a status update on the social network. When a user visits a page with an embedded ?like? button, the web browser sends information to both Facebook and the server where the page is located. ?The fact that a user?s web browser automatically sends the same information to both parties does not establish that one party intercepted the user?s communication with the other,? said Davila. The plaintiffs cannot bring privacy and wiretapping claims again, Davila said, but can pursue a breach of contract claim again. Australian internet security blogger Nik Cubrilovic first discovered that Facebook was apparently tracking users? web browsing after they logged off in 2011. Responding to Cubrilovic, Facebook engineer Gregg Stefancik confirmed that Facebook has cookies that persist after log-out as a safety measure (to prevent others from trying to access the account) but that the company does not use the cookies to track users or sell personal information to third parties. However, in 2014 Facebook started using web browsing data for delivering targeted ?interest-based? advertising ? which explains why you see ads for products you have already been looking at online appear in your Facebook feed. To address privacy concerns, Facebook introduced a way for users to opt out of this type of advertising targeting from within user settings. Facebook did not immediately respond to a request for comment. From rforno at infowarrior.org Mon Jul 3 18:04:37 2017 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 03 Jul 2017 23:04:37 -0000 Subject: [Infowarrior] - =?utf-8?q?Winamp=E2=80=99s_woes=3A_How_the_greate?= =?utf-8?q?st_MP3_player_undid_itself?= Message-ID: <6EE602C0-79DA-47FE-A3DC-E8EC836C3E2E@infowarrior.org> Winamp?s woes: How the greatest MP3 player undid itself 15 years on, Winamp "still lives"?but mismanagement blunted its llama-whipping. Cyrus Farivar - 7/3/2017, 11:38 AM https://arstechnica.com/business/2017/07/winamp-how-greatest-mp3-player-undid-itself/ From rforno at infowarrior.org Tue Jul 4 07:20:21 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:20:21 -0000 Subject: [Infowarrior] - New Florida law lets any resident challenge what's taught in science classes Message-ID: New Florida law lets any resident challenge what's taught in science classes Sarah Kaplan 4-5 minutes http://www.orlandosentinel.com/news/nationworld/ct-florida-science-school-law-20170702-story.html Any resident in Florida can now challenge what kids learn in public schools, thanks to a new law that science education advocates worry will make it harder to teach evolution and climate change. The legislation, which was signed by Gov. Rick Scott (R) last week and went into effect Saturday, requires school boards to hire an "unbiased hearing officer" who will handle complaints about instructional materials, such as movies, textbooks and novels, that are used in local schools. Any parent or county resident can file a complaint, regardless of whether they have a student in the school system. If the hearing officer deems the challenge justified, he or she can require schools to remove the material in question. The statute includes general guidelines about what counts as grounds for removal: belief that the material is "pornographic" or "is not suited to student needs and their ability to comprehend the material presented, or is inappropriate for the grade level and age group." Proponents of the new law say it makes the challenge process easier for parents and gives residents a greater say in their children's education. And state Rep. Byron Donalds, R-Naples, who sponsored the bill, told Nature in May that his intent wasn't to target any particular subject. But Glenn Branch, deputy director of the National Council for Science Education, said that affidavits filed by supporters of the bill suggest that science instruction will be a focus of challenges. One affidavit from a Collier County resident complained that evolution and global warming were taught as "reality." Another criticized her child's sixth-grade science curriculum, writing that "the two main theories on the origin of man are the theory of evolution and creationism," and that her daughter had only been taught about evolution. "It's just the candor with which the backers of the bill have been saying, 'Yeah, we're going to go after evolution, we're going to go after climate change,'" that has him worried, Branch said. Based on the affidavits, it seems likely that the law will also be used to request the removal of library books that parents find objectionable. The Florida statute is one of 13 measures proposed this year that Branch and his colleagues consider "anti-science." In Idaho, the legislature rejected several sections of the state's new public school science standards related to climate change - the standards committee was asked to rewrite those sections and resubmit them for approval this fall. Alabama and Indiana both adopted nonbinding resolutions on teacher's "academic freedom," which are generally understood as encouraging educators to "teach the controversy" around subjects like climate change. "Whether it be evolution or the argument about global warming, we don't want teachers to be afraid to converse about such things," state Sen. Jeff Raatz, R-Centerville, a supporter of the resolution, told Frontline. Similar measures in other states didn't make it into law, "but a number of them have advanced farther than we really expected," Branch said. He called 2017 "a busy year" for this type of legislation. In Florida, a group called Florida Citizens for Science urged people keep an eye on challenges to school instructional materials in the coming year. "At this point the fight is at the local level," the group's communication director, Brandon Haught, wrote in a blog post. "If you're not there and willing to stand up for sound science education, then we're done." From rforno at infowarrior.org Tue Jul 4 07:20:24 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:20:24 -0000 Subject: [Infowarrior] - China's cracking down on VPNs to make Great Firewall stronger Message-ID: <48C0C502-8037-40A7-B3C7-A3354FC88424@infowarrior.org> China's cracking down on VPNs to make Great Firewall stronger It will soon be tougher to gain access to Twitter and Facebook inside the country for some users. by Aloysius Low July 4, 2017 12:41 AM PDT https://www.cnet.com/news/chinas-cracking-down-on-vpns-to-make-great-firewall-stronger China's clamping down on users who rely on virtual private networks (VPN) to break free of its notorious internet filter. Dubbed the Great Firewall, the filter blocks access to news sites deemed undesireable by the Chinese government as well as social media sites such as Twitter and Facebook, platforms the Chinese government has no control over. To bypass the restrictions, users have been using a VPN, which routes traffic to servers overseas free of the filters, but this may not be an option soon. GreenVPN has stated that its service will be unavailable after July 1, the company having been given orders by regulatory departments to cease operating, reported Bloomberg. It's likely not the only one, as the report also claims SuperVPN, another popular service, is being blocked. Chinese businesses and startups often rely on VPNs to access Facebook and Twitter to engage customers and fans. They may soon find themselves locked out of the western markets if the Chinese government continues its crackdown going into its leadership renewal event in October, the Chinese Communist Party's 19th Congress. China has also clamped down previously on local social media platforms like Weibo to block "negative talk." From rforno at infowarrior.org Tue Jul 4 07:20:27 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:20:27 -0000 Subject: [Infowarrior] - Facebook takes on the US government over gag order Message-ID: Facebook takes on the US government over gag order The social media powerhouse takes issue with a court order that prohibits it from informing three users that warrants have been issued for their data. by Zoey Chong July 4, 2017 3:29 AM PDT https://www.cnet.com/news/facebook-takes-on-us-because-it-wasnt-allowed-to-speak-freely From rforno at infowarrior.org Tue Jul 4 07:20:34 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:20:34 -0000 Subject: [Infowarrior] - Declaration of Disruption Message-ID: <993A1E83-3C8C-4B9C-82B6-4EFF68592809@infowarrior.org> Declaration of Disruption Peter Wehner JULY 4, 2017 https://www.nytimes.com/2017/07/04/opinion/trump-declaration-of-disruption.html ONE of the essential, if often unstated, job requirements of an American president is to provide stability, order and predictability in a world that tends toward chaos, disarray and entropy. When our political leaders ignore this ? and certainly when they delight in disruption ? the consequences can be severe. Stability is easy to take for granted, but impossible to live without. Projecting clear convictions is important for preventing adversaries from misreading America?s intentions and will. Our allies also depend on our predictability and reassuring steadiness. Their actions in trade and economics, in alliances with other nations and in the military sphere are often influenced by how much they believe they can rely on American support. Order and stability in the executive branch are also linked to the health of our system of government. Chaos in the West Wing can be crippling, as White House aides ? in a constant state of uncertainty, distrustful of colleagues, fearful that they might be excoriated or fired ? find it nearly impossible to do their jobs. This emanates throughout the entire federal government. Devoid of steadfast leadership, executive agencies easily become dysfunctional themselves. Worse yet, if key pillars of our system, like our intelligence and law enforcement agencies, are denigrated by the president, they can be destabilized, and Americans? trust in them can be undermined. Without a reliable chief executive, Congress, an inherently unruly institution, will also find it difficult to do its job, since our constitutional system relies on its various branches to constantly engage with one another in governing. But that?s hardly the whole of it. Particularly in this social media era, a president who thrives on disruption and chaos is impossible to escape. Every shocking statement and act is given intense coverage. As a result, the president is omnipresent, the subject of endless coast-to-coast conversations among family and friends, never far from our thoughts. As Andrew Sullivan has observed, ?A free society means being free of those who rule over you ? to do the things you care about, your passions, your pastimes, your loves ? to exult in that blessed space where politics doesn?t intervene.? A presidency characterized by pandemonium invades and infects that space, leaving people unsettled and on edge. And this, in turn, leads to greater polarization, to feelings of alienation and anger, to unrest and even to violence. A spirit of instability in government will cause Americans to lose confidence in our public institutions. When citizens lose that basic faith in their government, it leads to corrosive cynicism and the acceptance of conspiracy theories. Movements and individuals once considered fringe become mainstream, while previously responsible figures decamp to the fever swamps. One result is that the informal and unwritten rules of political and human interaction, which are at the core of civilization, are undone. There is such a thing as democratic etiquette; when it is lost, the common assumptions that allow for compromise and progress erode. In short, chaotic leadership can inflict real trauma on political and civic culture. All of which brings us to Donald Trump, arguably the most disruptive and transgressive president in American history. He thrives on creating turbulence in every conceivable sphere. The blast radius of his tumultuous acts and chaotic temperament is vast. Mr. Trump acts as if order is easy to achieve and needs to be overturned while disruption and disorder are what we need. But the opposite is true. ?Rage and frenzy will pull down more in half an hour,? Edmund Burke wrote, ?than prudence, deliberation and foresight can build up in a hundred years.? Mr. Trump and his supporters don?t seem to agree, or don?t seem to care. And here?s the truly worrisome thing: The disruption is only going to increase, both because he?s facing criticism that seems to trigger him psychologically and because his theory of management involves the cultivation of chaos. He has shown throughout his life a defiant refusal to be disciplined. His disordered personality thrives on mayhem and upheaval, on vicious personal attacks and ceaseless conflict. As we?re seeing, his malignant character is emboldening some, while it?s causing others ? the Republican leadership comes to mind ? to briefly speak out (at best) before returning to silence and acquiescence. The effect on the rest of us? We cannot help losing our capacity to be shocked and alarmed. We have as president the closest thing to a nihilist in our history ? a man who believes in little or nothing, who has the impulse to burn down rather than to build up. When the president eventually faces a genuine crisis, his ignorance and inflammatory instincts will make everything worse. Republican voters and politicians rallied around Mr. Trump in 2016, believing he was anti-establishment when in fact he was anti-order. He turns out to be an institutional arsonist. It is an irony of American history that the Republican Party, which has historically valued order and institutions, has become the conduit of chaos. Peter Wehner, a senior fellow at the Ethics and Public Policy Center, served in the previous three Republican administrations and is a contributing opinion writer. From rforno at infowarrior.org Tue Jul 4 07:20:36 2017 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 04 Jul 2017 12:20:36 -0000 Subject: [Infowarrior] - Top Silicon Valley investor resigns as allegation of sexual assault emerges Message-ID: <4EAAF191-BE8B-4CF9-9AC1-2BB9F58967A7@infowarrior.org> Top Silicon Valley investor resigns as allegation of sexual assault emerges Hours after investor Dave McClure resigned over inappropriate behavior, another female entrepreneur came forward with her story Olivia Solon and Sam Levin in San Francisco Monday 3 July 2017 22.04 EDT Last modified on Monday 3 July 2017 22.06 EDT A prominent Silicon Valley investor has resigned following allegations of sexual harassment, and just hours before a fresh allegation surfaced, this time of sexual assault. Dave McClure resigned as general partner of 500 Startups, the seed investment group he co-founded in 2010, on Monday after several women accused him of inappropriate behavior. He had already stepped down as chief executive of the investment group following the allegations and published a blog post apologizing for being ?inappropriate?. The blog posted prompted entrepreneur Cheryl Sew Hoy to come forward with an even more serious allegation: that McClure sexually assaulted her three years ago. ?I?m now ready to tell my account of what Dave McClure inflicted on me 3 years ago, in my own apartment. It?s not just inappropriate, it?s assault,? she wrote in a blog post on her website. McClure did not immediately respond to repeated requests for comment. His resignation comes one week after well-connected venture capitalist Justin Caldbeck admitted to sexually harassing female entrepreneurs and stepped down in the face of numerous public accusations. A former Uber engineer?s account of harassment and discrimination also went viral in February, sparking widespread outrage about sexism in Silicon Valley. < - > https://www.theguardian.com/technology/2017/jul/03/silicon-valley-dave-mcclure-resigns-sexual-assault