From rforno at infowarrior.org Tue May 1 07:19:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 May 2012 08:19:48 -0400 Subject: [Infowarrior] - Water challenges and US national security Message-ID: (c/o MM) Water challenges and US national security Filed under: Futures ? by Christopher Bellavita on May 1, 2012 http://www.hlswatch.com/2012/05/01/water-challenges-and-us-national-security/ Time out for a moment from our regularly scheduled cyber issues and al Qaeda commentary for a word from the future, sponsored by the U.S. Intelligence Community. Global Water Security is a report published in February by the Office of the Director of National Intelligence. The 30 page intelligence ?product? is available here. The document tries to answer the following question (for the State Department): How will water problems (shortages, poor water quality, or floods) impact US national security interests over the next 30 years? Here is the Report?s answer: During the next 10 years, many countries important to the United States will experience water problems?shortages, poor water quality, or floods?that will risk instability and state failure, increase regional tensions, and distract them from working with the United States on important US policy objectives. Between now and 2040, fresh water availability will not keep up with demand absent more effective management of water resources. Water problems will hinder the ability of key countries to produce food and generate energy, posing a risk to global food markets and hobbling economic growth. As a result of demographic and economic development pressures, North Africa, the Middle East, and South Asia will face major challenges coping with water problems. The Report mostly focuses on the relationship between water security and US global interests. But the future of water has domestic implications also. Although most of the Colorado River originates in the basin?s upper states (i.e., Colorado, Utah, Wyoming), a 1922 Colorado River Compact allocates most of the water to the lower states (i.e., California, Arizona, Nevada, and New Mexico). Unfortunately, the agreement was based on data from the unseasonably wet five years prior to 1922, estimating the average flow to be 17.5 million acre-feet (maf). The actual average flow over the last 100 years has been nowhere near this number, averaging about 13 maf, with high variability ranging from 4.4 maf to over 22 maf. A 2009 study by the University of Colorado projects that all reservoirs along the Colorado River?which provide water for 27 million people?could dry up by 2057 because of climate change and overuse. More recently, drought and low Lake Mead water levels have resulted in a multi-billion dollar plan to build a 285-mile pipeline to pump groundwater to the Las Vegas area from as far away as Snake Valley, which straddles the Nevada-Utah state line. A 1944 agreement between the United States and Mexico stipulates the terms of water-sharing between the two countries, with water delivery obligations on each side. The Colorado and Rio Grande Rivers, as well as their major tributaries, are covered in the agreement. The agreement allows the United States access to tributary contributions from Mexican rivers, and no Mexican access to contributions from US tributary rivers, and therefore many view the agreement as unfair. Delayed water deliveries, and even efforts to reduce canal water leakage, have occasionally complicated broader relations but have not been a major source of stress. Not yet anyway. Thanks to Dr. James Tindall for telling me about this report. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 1 08:08:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 May 2012 09:08:50 -0400 Subject: [Infowarrior] - FCC Report on Google WiFi Spying Message-ID: <47FFAFE5-7002-48E6-A1BB-68B5CF527155@infowarrior.org> Federal Communications Commission Report on Google WiFi Spying May 1, 2012 in Corporate The following report is a less redacted version of the FCC?s findings on Google?s widespread collection of data from wireless networks in the United States and around the world. The version released by the FCC contained a number of redactions that concealed key portions of the report. The full version of the report was first published by the Los Angeles Times. http://publicintelligence.net/federal-communications-commission-report-on-google-wifi-spying/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 1 12:27:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 May 2012 13:27:50 -0400 Subject: [Infowarrior] - When We Wage Cyberwar, the Whole Web Suffers Message-ID: <927DC298-A0C7-49FA-8619-E8FB16FCAEED@infowarrior.org> (from last week but the points are still valid --rick) When We Wage Cyberwar, the Whole Web Suffers By Susan P. Crawford Apr 25, 2012 7:00 PM ET http://www.bloomberg.com/news/2012-04-25/when-we-wage-cyberwar-the-whole-web-suffers.html Responding to concerns voiced by privacy advocates, conservative groups and hundreds of thousands of Americans, the House Intelligence Committee has revised parts of the Cyber Intelligence Sharing and Protection Act, also known as CISPA. Those provisions would have allowed companies to disclose sensitive information to the government without being accountable to U.S. privacy laws. There will be more amendments offered when the bill reaches the House floor, probably Thursday or Friday. But the real problem with CISPA and similar bills now pending in the Senate (one introduced by Connecticut independent Joe Lieberman gives broad spying powers to Homeland Security; one introduced by Arizona Republican John McCain gives broad spying powers to the Defense Department) is much deeper: This flurry of legislation signals that elements of our government want to wage unconstrained war on other nations in cyberspace, no matter what the consequences may be to humanity. The arms race being driven by this desire is threatening Internet freedom here and abroad. In 2009, Defense Secretary Robert Gates designated cyberspace as the ?fifth domain? for military action. Deputy Defense Secretary William Lynn said in 2010, ?Like air, sea, land and space, we?re going to have to treat cyberspace as an arena where we need to defend our networks and to be able to operate freely.? The U.S. Cyber Command is up and running, enabling cyber ?offensive capabilities? for regional commanders. In January, Congress approved the Pentagon?s ability to wage cyberwar. As terrestrial wars wind down, military contractors are looking for new revenue streams. They have become cyberwar doomsayers, banging the drums of fear and claiming that cybersecurity must be our highest priority. They are also buying tools and code that our government can use to attack other countries online. The result: a market for so-called zero day exploits -- computer threats that attack vulnerabilities in an online application before the developer knows to fix them -- with ever- rising prices. Terrorists probably don?t have the capacity to buy and wield these things, but governments do. Along with this market comes a substantial risk that some of the nasty code whose creation we?ve encouraged will splatter back on our networks. Like all arms races, this vicious cycle provides its own justification: Malicious exploits are out there -- our government is buying them -- and so we need to wall off and surveil U.S. networks to protect ourselves. The dangers of this digital special-ops saber-rattling are breathtaking. Secretary of State Hillary Clinton has been valiantly advocating for Internet freedom, strategic multilateralism, engagement and ?smart power? around the world. The White House has said its objective is to work with other nations to ?encourage responsible behavior and oppose those who would seek to disrupt networks and systems.? Purveyors of cyberfear are going in the opposite direction. They are not interested in engaging with other countries to come up with codes of online conduct or to translate the Geneva Conventions for cyberspace -- so as to avoid collateral damage and protect hospitals, electrical grids, and so on. They want to be able to change ones to zeros on servers around the globe, whatever that means for speech and commerce at home and worldwide. Given the undeniable benefits that the open global Internet has brought to the U.S., building moats around our networks and subjecting them to constant, unaccountable audits and other restraints -- all in the service of an immense online warfighting machine staffed by military contractors -- would be burning the village in order to save it. It cannot be that we have lost our national ability to think creatively, expand our policy options and engage with other nations to introduce the constraints of the laws of war into online settings. In space, we?re pursuing an international code of conduct that will govern acceptable behavior. We need to translate those norms to cyberspace. Our openness has always carried some risks to the U.S. We can be attacked. We should always prefer principled engagement - - even with our enemies -- to bellicosity driven by fear, particularly when our own citizens will otherwise be deeply harmed. We don?t have enough guns to direct at everyone around the world. We might as well communicate. (Susan P. Crawford is a Bloomberg View columnist and a visiting professor at the Harvard Kennedy School of Government and Harvard Law School. She is a former special assistant to President Barack Obama for science, technology and innovation policy. The opinions expressed are her own.) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 1 14:23:49 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 May 2012 15:23:49 -0400 Subject: [Infowarrior] - U.S. Piracy Watch List Hits A New Low With 2012 Report Message-ID: <57442277-5F42-4F5A-9C72-BA84A683E22D@infowarrior.org> Stop Being Poor: U.S. Piracy Watch List Hits A New Low With 2012 Report Tuesday May 01, 2012 http://www.michaelgeist.ca/content/view/6456/125/ The U.S. Trade Representative released its annual Special 301 Report yesterday, unsurprisingly including Canada on the Priority Watch list. While inclusion on the list is designed to generate embarrassment in target countries, this year's report should elicit outrage. Not only is the report lacking in objective analysis, it targets some of the world's poorest countries with no evidence of legal inadequacies and picks fights with any country that dare adopt a contrary view on intellectual property issues. The inclusion of Canada on the priority watch list is so lacking in objective analysis as to completely undermine the credibility of the report. The Canadian "analysis" amounts to 173 words that hits on the usual dubious complaints (and given criticism of countries such as Chile for their notice-and-notice system, Israel for their statutory damages rules, and many countries on border enforcement, the Canadian criticism will clearly not end with the enactment of Bill C-11). By comparison, China is treated as equivalent to Canada on the priority watch list, yet garners over 4,600 words. Earlier this year, I completed a submission with Public Knowledge to the USTR Special 301 process that examined current Canadian law as well as Bill C-11. It concluded: the USTR should be guided by U.S. law in evaluating the laws of other countries. Viewed from a U.S. law perspective, Canadian copyright laws provide adequate and effective protection to US IP rights owners. Limitations and exceptions in current Canadian law as well as proposed limitations and exceptions do not derogate from the effectiveness of these protections. Furthermore, Canadian authorities effectively enforce copyright laws. Consequently, rates of infringement in Canada are low and the markets for creative works are expanding. Placement of Canada on the Special 301 Watch List or Priority Watch List in the face of this evidence would be unjustified. It would only lead to undermining the legitimacy of the Special 301 process. The USTR report also confirms the Canadian government's view that the Special 301 exercise produces little more than a lobbying document on behalf of U.S. industry. The Canadian position, as described to a House of Commons committee in 2007 (and repeated regularly in internal government documents): In regard to the watch list, Canada does not recognize the 301 watch list process. It basically lacks reliable and objective analysis. It's driven entirely by U.S. industry. We have repeatedly raised this issue of the lack of objective analysis in the 301 watch list process with our U.S. counterparts. This year, the International Intellectual Property Alliance recommended ten countries for inclusion on the priority watch list. The USTR included all ten. The problems with the report extend well beyond the inclusion of Canada. The report targets countries for expressing contrary views of intellectual property. For example, last year the Swiss government completed a major study on online copyright infringement, concluding that no new legislative action was needed. That wasn't enough to get the country on the list, but did lead to the following comments: Regarding Switzerland in particular, the United States has serious concerns regarding the inability of rights holders to secure legal redress involving copyright piracy over the Internet. The United States strongly encourages Switzerland to combat online piracy vigorously and to ensure that rights holders can protect their rights on the Internet. Perhaps the most shameful inclusion in this year's report are a series of countries whose primarily fault is being poor. For example, the list includes Guatemala, a small country the size of Tennessee with a per capita GDP of just over $5,000. It is coming out of an economic depression that had a severe impact on rural income. The IIPA did not ask for it to be included on the Special 301 Report. In response to past pressures and the conclusion of a trade agreement, Guatemala amended its copyright laws, toughened penalties, created a special IP prosecutor, and increased IP enforcement within the government. Yet the USTR included it with the following comment: Guatemala remains on the Watch List in 2012. Guatemala continued to make progress in 2011 by enacting legislation to strengthen penalties for the production and distribution of counterfeit medications. In addition, Guatemala?s IPR prosecutor remained active in the past year, despite a lack of resources, and enforcement efforts resulted in a sustained level of seizures and an increase in convictions. The interagency IPR working group also remained active in working to improve coordination among IPR-related agencies, and Guatemala participated actively in training efforts. However, pirated and counterfeit goods continue to be widely available in Guatemala, and enforcement efforts are hampered by limited resources and the need for better coordination among all enforcement agencies. The United States encourages Guatemala to continue its enforcement efforts against the manufacture of pirated and counterfeit goods, and to take steps to improve its judicial system. The United States looks forward to continuing to work with Guatemala to address these and other matters. Note that the USTR is not criticizing Guatemala's laws nor enforcement efforts as the government has complied with repeated U.S. demands to shift resources toward IP enforcement. Indeed, there is no obvious reason for inclusion on the Special 301 list other than an attempt to lobby a country that ranks 123rd worldwide in per capita GDP to spend even more money enforcing US intellectual property rights rather than on education, health care or infrastructure, the sorts of expenditures that might improve the country's overall economy and ultimately lead to reduced rates of infringement. The same tactic is employed against countries such as Costa Rica (81st per capita GDP with complaints that more resources should be allocated to enforcement) or Romania (77th per capita GDP with complaints about more resources on enforcement). Moreover, with repeated complaints against countries seeking to ensure adequate access to medicines for their citizens or access to books in schools, this year's report hits a new low. It demonstrates the failure of the enforcement agenda and stands as an embarrassment for one of the world's richest countries to prioritize its IP rights over human and economic rights in the developing world. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 1 22:35:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 May 2012 23:35:43 -0400 Subject: [Infowarrior] - Terrorist Plots, Helped Along by the F.B.I. Message-ID: OPINION Terrorist Plots, Helped Along by the F.B.I. http://mobile.nytimes.com/2012/04/29/opinion/sunday/terrorist-plots-helped-along-by-the-fbi.xml By DAVID K. SHIPLER Published: April 29, 2012 THE United States has been narrowly saved from lethal terrorist plots in recent years - or so it has seemed. A would-be suicide bomber was intercepted on his way to the Capitol; a scheme to bomb synagogues and shoot Stinger missiles at military aircraft was developed by men in Newburgh, N.Y.; and a fanciful idea to fly explosive-laden model planes into the Pentagon and the Capitol was hatched in Massachusetts. But all these dramas were facilitated by the F.B.I., whose undercover agents and informers posed as terrorists offering a dummy missile, fake C-4 explosives, a disarmed suicide vest and rudimentary training. Suspects na?vely played their parts until they were arrested. When an Oregon college student, Mohamed Osman Mohamud, thought of using a car bomb to attack a festive Christmas-tree lighting ceremony in Portland, the F.B.I. provided a van loaded with six 55-gallon drums of "inert material," harmless blasting caps, a detonator cord and a gallon of diesel fuel to make the van smell flammable. An undercover F.B.I. agent even did the driving, with Mr. Mohamud in the passenger seat. To trigger the bomb the student punched a number into a cellphone and got no boom, only a bust. This is legal, but is it legitimate? Without the F.B.I., would the culprits commit violence on their own? Is cultivating potential terrorists the best use of the manpower designed to find the real ones? Judging by their official answers, the F.B.I. and the Justice Department are sure of themselves - too sure, perhaps. Carefully orchestrated sting operations usually hold up in court. Defendants invariably claim entrapment and almost always lose, because the law requires that they show no predisposition to commit the crime, even when induced by government agents. To underscore their predisposition, many suspects are "warned about the seriousness of their plots and given opportunities to back out," said Dean Boyd, a Justice Department spokesman. But not always, recorded conversations show. Sometimes they are coaxed to continue. Undercover operations, long practiced by the F.B.I., have become a mainstay of counterterrorism, and they have changed in response to the post-9/11 focus on prevention. "Prior to 9/11 it would be very unusual for the F.B.I. to present a crime opportunity that wasn't in the scope of the activities that a person was already involved in," said Mike German of the American Civil Liberties Union, a lawyer and former F.B.I. agent who infiltrated white supremacist groups. An alleged drug dealer would be set up to sell drugs to an undercover agent, an arms trafficker to sell weapons. That still happens routinely, but less so in counterterrorism, and for good reason. "There isn't a business of terrorism in the United States, thank God," a former federal prosecutor, David Raskin, explained. "You're not going to be able to go to a street corner and find somebody who's already blown something up," he said. Therefore, the usual goal is not "to find somebody who's already engaged in terrorism but find somebody who would jump at the opportunity if a real terrorist showed up in town." And that's the gray area. Who is susceptible? Anyone who plays along with the agents, apparently. Once the snare is set, law enforcement sees no choice. "Ignoring such threats is not an option," Mr. Boyd argued, "given the possibility that the suspect could act alone at any time or find someone else willing to help him." Typically, the stings initially target suspects for pure speech - comments to an informer outside a mosque, angry postings on Web sites, e-mails with radicals overseas - then woo them into relationships with informers, who are often convicted felons working in exchange for leniency, or with F.B.I. agents posing as members of Al Qaeda or other groups. Some targets have previous involvement in more than idle talk: for example, Waad Ramadan Alwan, an Iraqi in Kentucky, whose fingerprints were found on an unexploded roadside bomb near Bayji, Iraq, and Raja Khan of Chicago, who had sent funds to an Al Qaeda leader in Pakistan. But others seem ambivalent, incompetent and adrift, like hapless wannabes looking for a cause that the informer or undercover agent skillfully helps them find. Take the Stinger missile defendant James Cromitie, a low-level drug dealer with a criminal record that included no violence or hate crime, despite his rants against Jews. "He was searching for answers within his Islamic faith," said his lawyer, Clinton W. Calhoun III, who has appealed his conviction. "And this informant, I think, twisted that search in a really pretty awful way, sort of misdirected Cromitie in his search and turned him towards violence." THE informer, Shahed Hussain, had been charged with fraud, but avoided prison and deportation by working undercover in another investigation. He was being paid by the F.B.I. to pose as a wealthy Pakistani with ties to Jaish-e-Mohammed, a terrorist group that Mr. Cromitie apparently had never heard of before they met by chance in the parking lot of a mosque. "Brother, did you ever try to do anything for the cause of Islam?" Mr. Hussain asked at one point. "O.K., brother," Mr. Cromitie replied warily, "where you going with this, brother?" Two days later, the informer told him, "Allah has more work for you to do," and added, "Revelation is going to come in your dreams that you have to do this thing, O.K.?" About 15 minutes later, Mr. Hussain proposed the idea of using missiles, saying he could get them in a container from China. Mr. Cromitie laughed. Reading hundreds of pages of transcripts of the recorded conversations is like looking at the inkblots of a Rorschach test. Patterns of willingness and hesitation overlap and merge. "I don't want anyone to get hurt," Mr. Cromitie said, and then explained that he meant women and children. "I don't care if it's a whole synagogue of men." It took 11 months of meandering discussion and a promise of $250,000 to lead him, with three co-conspirators he recruited, to plant fake bombs at two Riverdale synagogues. "Only the government could have made a 'terrorist' out of Mr. Cromitie, whose buffoonery is positively Shakespearean in its scope," said Judge Colleen McMahon, sentencing him to 25 years. She branded it a "fantasy terror operation" but called his attempt "beyond despicable" and rejected his claim of entrapment. The judge's statement was unusual, but Mr. Cromitie's characteristics were not. His incompetence and ambivalence could be found among other aspiring terrorists whose grandiose plans were nurtured by law enforcement. They included men who wanted to attack fuel lines at Kennedy International Airport; destroy the Sears Tower (now Willis Tower) in Chicago; carry out a suicide bombing near Tampa Bay, Fla., and bomb subways in New York and Washington. Of the 22 most frightening plans for attacks since 9/11 on American soil, 14 were developed in sting operations. Another New York City subway plot, which recently went to trial, needed no help from government. Nor did a bombing attempt in Times Square, the abortive underwear bombing in a jetliner over Detroit, a planned attack on Fort Dix, N.J., and several smaller efforts. Some threats are real, others less so. In terrorism, it's not easy to tell the difference. David K. Shipler is the author of "Rights at Risk: The Limits of Liberty in Modern America." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 2 07:11:18 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 08:11:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?Military_leaders_seek_higher_pro?= =?windows-1252?q?file_for_Pentagon=92s_Cyber_Command_unit?= Message-ID: <952D83BB-A007-4FBB-BA5D-7E7D9B1C1A8D@infowarrior.org> Military leaders seek higher profile for Pentagon?s Cyber Command unit By Ellen Nakashima, Published: May 1 http://www.washingtonpost.com/world/national-security/military-officials-push-to-elevate-cyber-unit-to-full-combatant-command-status/2012/05/01/gIQAUud1uT_print.html Senior military leaders are recommending that the Pentagon?s two-year-old cyberwarfare unit be elevated to full combatant command status, sending a signal to adversaries that the U.S. military is serious about protecting its ability to operate in cyberspace, officials said. Gen. Martin E. Dempsey, chairman of the Joint Chiefs of Staff, will recommend the change to Defense Secretary Leon E. Panetta, said officials who spoke on the condition of anonymity to discuss classified matters. Final approval rests with President Obama. Little opposition is expected, though the timeline is uncertain. A Pentagon spokesman, Capt. John Kirby, declined to discuss the pending move. The elevation of Cyber Command to a level on a par with commands protecting entire regions and continents would give the nation?s top cyberwarriors more direct access to Dempsey and Panetta, allowing them more clout in the struggle for resources. Created in 2010 at Fort Meade, Cyber Command employs about 750 people ? far fewer than most combatant commands ? and reports to Strategic Command, based in Omaha. The U.S. military has nine combatant commands, the newest of which, Africa Command, began operations in 2008. U.S. officials say the establishment of a combatant command for cyberwar fits the administration?s multi-pronged cyber-strategy by projecting military force as a deterrent, even as efforts are ongoing in the diplomatic realm to reduce tensions with adversaries. ?It certainly emphasizes the importance of cyber as a strategic priority,? said retired Air Force Lt. Gen. John ?Soup? Campbell, a former commander of the military?s first joint cyberdefense unit, set up in 1988. ?It shortens the chain of command up to the president and secretary of defense. It sends a signal that it?s a four-star general?s job to advocate for the cyber mission. That?s important.? The elevation of Cyber Command could contribute to the perception in some countries that the United States is a military aggressor in cyberspace, though officials say the cyberwarfare unit is heavily focused on defense and limited in its use of offense. The change in status would not resolve a host of more fundamental issues, such as the scope of its authority to defend the nation. Officials are still debating under what circumstances military commanders can respond on their own to hostile acts in cyberspace and how far notions of state sovereignty should apply in cyberspace. Making Cyber Command a combatant command could exacerbate some issues, several experts said. ?I would caution rushing to have Cyber Command be a unified [combatant] command,? which would mean it directs cyber-operations globally, retired Marine Gen. James Cartwright Jr., a former vice chairman of the Joint Chiefs of Staff, said at a recent cyberwar symposium sponsored by the Center for Strategic and International Studies (CSIS). He said the regional commands should be in charge of their own operations. ?You really need that [regional] context to apply the art of war and the weapons to affect the adversary?s mind-set,? Cartwright said. The move also would raise a novel personnel issue. The head of Cyber Command, Gen. Keith Alexander, also is the head of the Fort Meade-based National Security Agency, which spies electronically on foreign enemies on behalf of numerous government agencies as well as the military. The potential tension between those jobs could grow, some analysts say, if Cyber Command is elevated. ?No other unified commander is encumbered with a task like being director of NSA,? said Michael V. Hayden, a former director of the NSA and the CIA. ?In my mind that makes it almost decisive that you separate the two tasks.? ?They?re both more than full-time jobs,? he said. ?Frankly, having the director of one of the nation?s premier intelligence agencies also serve as a combatant commander creates conflicts of interest.? But James A. Lewis, director of the CSIS?s technology and public policy program, noted that the ?bulk of the heavy lifting? for Cyber Command is already done by the NSA. ?There is always a risk when you put a military guy in charge that support for the military will overshadow civilian requirements, but Alexander is particularly sensitive to that,? Lewis said. When Alexander retires, he said, ?you might want to think about splitting the job.? ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 2 07:13:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 08:13:25 -0400 Subject: [Infowarrior] - Wealthy Americans Queue to Give Up Their Passports Message-ID: <395B80FE-10EC-4618-883D-3B546309C69B@infowarrior.org> Wealthy Americans Queue to Give Up Their Passports By Giles Broom - May 1, 2012 6:01 PM ET http://www.bloomberg.com/news/2012-05-01/wealthy-americans-queue-to-give-up-passports-in-swiss-capital.html Rich Americans renouncing U.S. citizenship rose sevenfold since UBS AG (UBSN) whistle-blower Bradley Birkenfeld triggered a crackdown on tax evasion four years ago. About 1,780 expatriates gave up their nationality at U.S. embassies last year, up from 235 in 2008, according to Andy Sundberg, secretary of Geneva?s Overseas American Academy, citing figures from the government?s Federal Register. The embassy in Bern, the Swiss capital, redeployed staff to clear a backlog as Americans queued to relinquish their passports. The U.S., the only nation in the Organization for Economic Cooperation and Development that taxes citizens wherever they reside, is searching for tax cheats in offshore centers, including Switzerland, as the government tries to curb the budget deficit. Shunned by Swiss and German banks and facing tougher asset-disclosure rules under the Foreign Account Tax Compliance Act, more of the estimated 6 million Americans living overseas are weighing the cost of holding a U.S. passport. ?It started with the fallout from UBS and non-U.S. banks feeling it?s too risky to deal with Americans abroad,? said Matthew Ledvina, a U.S. tax lawyer at Anaford AG in Zurich. ?It will increase because Fatca will require banks to track down people, some of whom will make voluntary disclosures before renouncing their citizenship.? Renunciations are higher in Switzerland because American expatriates expect extra scrutiny of their affairs after the UBS case and as the U.S. probes 11 other Swiss financial firms for aiding offshore tax evasion, said Martin Naville, head of the Swiss-American Chamber of Commerce in Zurich. Absurd Tax Laws ?Most of the real cross-border tax troubles have been around Switzerland,? Naville said. ?We?ve got absurd tax laws coming into force because of the activities of certain people who tried to hide money.? During a 10-minute renunciation ceremony in a booth with bullet-proof glass windows, embassy staff ask exiting Americans whether they are acting voluntarily and understand the implications of giving up their passports. They pay a fee of $450 to renounce and may incur an ?exit tax? on unrealized capital gains if their assets exceed $2 million or their average annual U.S. tax bill is more than $151,000 during the past five years. They receive a certificate within three months, telling them they are no longer American citizens and entitled to the services and protection of the U.S. government. Taxman Cometh The U.S. embassy in Bern declined to comment on renunciations. The U.S. State Department doesn?t disclose annual figures, said Elizabeth Finan a spokeswoman for the Washington- based department, adding that ?on average? 1,100 people give up their citizenship each year. While the U.S. taxes citizens regardless of where they reside, overseas income of as much as $95,100 is exempt and credits help compensate for foreign taxes paid. Americans living in Switzerland can?t take advantage of the absence of a capital gains tax in the Alpine country or tax deductions allowed on pension contributions. ?Every dollar you save, you lose to the U.S. tax man,? said tax lawyer Ledvina. ?That?s one reason why people give up citizenship.? Americans, who disclose their non-U.S. bank accounts to the IRS, must file the more expansive 8938 form beginning this year that asks for all foreign financial assets, including insurance contracts, loans and shareholdings in non-U.S. companies. Imperial Overreach The 2010 Fatca law requires banks to withhold 30 percent from ?certain U.S.-connected payments? to some accounts of American clients who don?t disclose enough information to the IRS. ?There is incredible frustration at the audacity and imperial overreach of this law,? said David Kuenzi, a tax adviser at Thun Financial Advisors in Madison, Wisconsin, referring to Fatca. Failure to file the 8938 form can result in a fine of as much as $50,000. Clients can also be penalized half the amount in an undeclared foreign bank account under the Banks Secrecy Act of 1970. ?It?s a big brother concept,? said Brent Lipschultz, a partner at New York-based accounting firm EisnerAmper. The implementation of Fatca from next year comes after UBS, Switzerland?s largest bank, paid a $780 million penalty in 2009 and handed over data on about 4,700 accounts to settle a tax- evasion dispute with the U.S. Whistle-blower Birkenfeld was sentenced to 40 months in a U.S. prison in 2009 after informing the government and Senate about his American clients at the Geneva branch of Zurich-based UBS. Voluntary Disclosures The UBS settlement led to about 33,000 voluntary disclosures to the IRS in the three years through 2011 and the repatriation of billions of dollars to the U.S. Swiss banks saw their offshore North American assets shrink by about 60 percent to 60 billion Swiss francs ($66 billion) in 2010 from three years earlier, according to Boston Consulting Group. American Citizens Abroad, a Geneva-based organization that campaigns for taxation based on residency, said the government doesn?t always distinguish between U.S.-based tax dodgers with offshore accounts and expatriates that need foreign banking services. ?The perception is that any American living overseas is there for a nefarious reason,? said Marylouise Serrato, executive director of the organization that has members in 90 countries. ?There isn?t a deep understanding in the U.S. of why American citizens would move overseas.? Civil War Hangover Taxing Americans resident overseas is a ?hangover from the Civil War? and the introduction of federal income tax in 1861, according to Jackie Bugnion of American Citizens Abroad. The rules make it harder for Americans to hold foreign bank accounts and gain access to mortgages, she said. German lenders Deutsche Bank AG and HVB Group terminated the securities accounts of some U.S. citizens following the announcement of stricter reporting requirements. Swiss Raiffeisen Group, Switzerland?s third-biggest banking network, decided at the end of last year to sever ties with U.S.- domiciled clients and refuse new applications from any American, said Philippe Thevoz, a spokesman for the St.Gallen, Switzerland-based firm. The additional compliance costs for companies to ensure that Americans they hire are filing the correct U.S. tax returns and asset-declaration forms are at least $5,000 per person, said Ledvina. Where individuals are getting their returns prepared, the expense may amount to $1,500 to $2,000, which is pushing expatriates to consider giving up citizenship. ?The compliance costs are high and they?re getting worse,? Ledvina said. ?It?s hard to serve two authorities and the problem for Americans abroad is that the IRS doesn?t care.? To contact the reporter on this story: Giles Broom in Geneva at gbroom at bloomberg.net To contact the editor responsible for this story: Frank Connelly at fconnelly at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 2 07:23:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 08:23:35 -0400 Subject: [Infowarrior] - RIM going keyboardless Message-ID: If that's the case, my next phone in all likelihood will be the JesusPhone. The physical keyboard was the primary reason I went with a Crackberry to begin with. --- rick RIM CEO Bets on BlackBerry Without Keyboard to Challenge Apple By Hugo Miller - May 1, 2012 http://www.bloomberg.com/news/print/2012-05-02/rim-ceo-bets-on-blackberry-without-keyboard-to-challenge-apple.html When Research In Motion Ltd. (RIM) Chief Executive Officer Thorsten Heins unveiled a prototype of the new BlackBerry 10 phone yesterday, it lacked a feature that has kept legions of users loyal to the platform: a physical keyboard. At the BlackBerry World expo in Orlando, Florida, he showed off a sleek touch-screen device that more closely resembled an iPhone or Android smartphone than the keypad-equipped BlackBerrys of old. While RIM still plans to produce models with keyboards, the demonstration was the biggest signal yet that the company was shifting to a touch-screen world. RIM, which is counting on its redesigned BlackBerry 10 lineup to reverse a sales slump, faces a quandary. Smartphone users have embraced virtual keyboards, evidenced by Apple Inc. (AAPL) and Google Inc. (GOOG) accounting for more than 80 percent of the market. Even so, taking away RIM?s physical keypad removes a feature that distinguishes it from the competition. ?Some will lament it, but others will embrace it,? said Nigel Hughes, a vice president in charge of sales at Ashburn, Virginia-based SteelCloud Inc., which builds BlackBerry- compatible security software and hardware for customers such as the Department of Defense. ?It?s a recognition that the future is without a keyboard.? < - > Scrapping the physical keyboard from the initial BlackBerry 10 device will put it in closer competition with the iPhone and Android models, such as the Samsung Galaxy S. That could be tough for RIM, said Stephen Beck, a managing partner at the technology consulting firm CG42 LLC in Wilton, Connecticut. ?If you?re forcing a migration to non-keyboard, you?re going to get people asking, ?What?s the best of breed of those devices??? Beck said. ?Given the momentum of iPhone and Android, that?s going to be a tough argument for RIM to win.? Michael Clewley, director of handheld software product management at RIM, reassured BlackBerry World attendees that the company will eventually offer something for everyone with the BlackBerry 10 operating system. That may include slide-out keyboards, as well as traditional keypads. ?RIM has always had a wide range of devices,? he said yesterday. ?We?re dedicated to having a form factor that fits your needs.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 2 10:05:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 11:05:37 -0400 Subject: [Infowarrior] - more on ... RIM going keyboardless References: <8809D909-9383-4E0E-8BE5-54AEC4299993@siliconbunny.com> Message-ID: <76DD60B4-06F9-41E0-AEB7-E29372D8EAC8@infowarrior.org> Begin forwarded message: > From: Tom > > So, as well as using their products, amongst other things, I write apps for RIM devices - specifically the Playbook tablet. I also write apps for Nokia's Symbian devices, and for Windows Phone. I'm not massively partisan - although I do like using the Playbook, and by preference I use a BB Bold every day (superior security and messaging capability). I've been following the Blackberry Jam conference with interest because it'll have an impact on what I write and what I use. > > The device they showed off yesterday has been consistently mis-represented by the media, even despite RIM going out of their way to be specific about what it was and what it was for. > > The device (which all attendees get for free) is not a prototype. It's not a new phone design. It's not a new tablet. It's not a design statement, nor a statement of future direction. > > It's purely a developer device - alpha release hardware to enable the attending developers to start writing apps for Blackberry OS 10. > > The word from RIM themselves: > > "The purpose of this seeding is to give BlackBerry 10 Jam developer attendees a testing device to create excitement as they start to develop BlackBerry 10 applications alongside us. > > To be clear, this is not a BlackBerry 10 device. It's the BlackBerry 10 Dev Alpha. It includes a modified version of the BlackBerry PlayBook OS which shows the path to the BlackBerry 10 OS, which has been customized to a phone. This device will allow developers to test the applications they are building with our BlackBerry 10 toolsets. " > > The BB OS 10 API framework is hooked in to the current Playbook OS (QNX) which will form the basis of BB OS 10. So it makes sense that the alpha device is essentially a smaller form-factor Playbook. RIM's NDA roadmap got leaked at the start of the year, and shows a clear plan to release both QWERTY and touchscreen BB OS 10 devices - in exactly the same way they currently have a split between touch screen, low-end QWERTY and high-end QWERTY devices. > > The three things that can be taken away from this are: > - - the next model of the Playbook, with 3G/4G support, must be pretty close to release (going on the hardware inside the developer device) :-) > - - the media will misrepresent anything if it gives them readers > - - few media outlets actually do 'journalism' any more, it's much easier to quickly repeat what other people are saying with a bit of editorial spin on top > > This .... 'inaccuracy' :-) ... about the device being handed out was first reported by the NYT, who have since modified and updated their story. > From rforno at infowarrior.org Wed May 2 17:25:03 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 18:25:03 -0400 Subject: [Infowarrior] - Screwed by the TSA? Now there's an app for that Message-ID: <8A610FD2-B8BC-4A7A-ACA9-69252B00E5B7@infowarrior.org> http://boingboing.net/2012/05/02/screwed-by-the-tsa-now-there.html The Sikh Coalition just released the FlyRights app. It?s a smart phone app that gives travelers who believe they?ve been the victim of discrimination by the TSA the ability to submit formal complaints directly from their smart phones. You should have this on your phone the next time you fly! Available for both Android and iOS. Makes perfect sense to me that a Sikh organization would be the one to put this together, given all of the idiot-hate that community has received post-9/11. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 2 17:29:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 May 2012 18:29:25 -0400 Subject: [Infowarrior] - Big Win For Bloomberg TV: FCC Rules In Its Favor In Comcast Dispute Message-ID: Big Win For Bloomberg TV: FCC Rules In Its Favor In Comcast Dispute By Alex Weprin on May 2, 2012 4:41 PM http://www.mediabistro.com/tvnewser/big-win-for-bloomberg-tv-fcc-rules-in-its-favor-in-comcast-dispute_b126144 Breaking: Comcast subscribers should expect to see Bloomberg TV next to Fox News, CNN and CNBC in the coming weeks. The FCC has found in Bloomberg?s favor in its long-running complaint with Comcast. In case you aren?t up to speed: Bloomberg argued to the FCC that?as part of its deal to acquire NBCUniversal? Comcast promised to place ?independent? news networks in the same channel ?neighborhoods? as the major TV news channels. Today, the FCC said that yes, Comcast must place Bloomberg TV in the same neighborhoods as its competitors like CNBC and Fox Business, as well as general news channels like CNN or Fox News (read the full FCC decision after the jump). If a Comcast region has multiple news ?neighborhoods,? then Bloomberg must be placed in one of them. Comcast says it ?respectfully disagree[s]? with the decision, and that it will immediately file an appeal. Comcast?s full statement is after the jump. Theoretically, the decision could open the floodgates for lawsuits from other independent programmers such as Current TV, Al Jazeera or BBC World News, which will argue that they too deserve to be placed in those neighborhoods. FBN and similar networks would not be eligible because they are associated with larger media companies. The FCC attempted to somewhat undercut potential lawsuits by strictly defining a news channel as such in the decision: "Based on the definition of ?independent news channel?58 and the phrasing of the news neighborhooding condition, we conclude that the term ?news channels,? as used in the condition, refers to channels whose programming during the hours from 6:00 a.m. to 4 p.m. is focused on reporting and analysis relating to public affairs or local affairs of general interest or relating to business." That would seem to exclude Current TV, at least for now, though Current is expected to ramp up its original dayside programming in the next few months. Either way, this decision is a big, big deal. It means that Bloomberg TV will immediately be much easier to find for Comcast customers (Comcast is the country?s largest cable provider), and opens the possibility of other independent news channels such as BBC World News filing complaints of their own. It also means that Comcast channel lineups may have to change to make room for Bloomberg and any other news channels that secure carriage in news neighborhoods. The FCC decision may have answered some questions, but it opens the door for many more. Stay tuned. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 3 07:19:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 08:19:26 -0400 Subject: [Infowarrior] - =?windows-1252?q?Judge=3A_An_IP-Address_Doesn=92t?= =?windows-1252?q?_Identify_a_Person_=28or_BitTorrent_Pirate=29?= Message-ID: Judge: An IP-Address Doesn?t Identify a Person (or BitTorrent Pirate) ? Ernesto ? May 3, 2012 http://torrentfreak.com/judge-an-ip-address-doesnt-identify-a-person-120503/ A landmark ruling in one of the many mass-BitTorrent lawsuits in the US has suffered a severe blow to a thus far lucrative business. Among other things, New York Judge Gary Brown explains in great detail why an IP-address is not sufficient evidence to identify copyright infringers. According to the Judge this lack of specific evidence means that many alleged BitTorrent pirates have been wrongfully accused by copyright holders. Mass-BitTorrent lawsuits have been dragging on for more than two years in the US, involving more than a quarter million alleged downloaders. The copyright holders who start these cases generally provide nothing more than an IP-address as evidence. They then ask the courts to grant a subpoena, allowing them to ask Internet providers for the personal details of the alleged offenders. The problem, however, is that the person listed as the account holder is often not the person who downloaded the infringing material. Or put differently; an IP-address is not a person. Previous judges who handled BitTorrent cases have made observations along these lines, but none have been as detailed as New York Magistrate Judge Gary Brown was in a recent order. In his recommendation order the Judge labels mass-BitTorrent lawsuits a ?waste of judicial resources.? For a variety of reasons he recommends other judges to reject similar cases in the future. One of the arguments discussed in detail is the copyright holders? claim that IP-addresses can identify the alleged infringers. According to Judge Brown this claim is very weak. ?The assumption that the person who pays for Internet access at a given location is the same individual who allegedly downloaded a single sexually explicit film is tenuous, and one that has grown more so over time,? he writes. ?An IP address provides only the location at which one of any number of computer devices may be deployed, much like a telephone number can be used for any number of telephones.? ?Thus, it is no more likely that the subscriber to an IP address carried out a particular computer function ? here the purported illegal downloading of a single pornographic film ? than to say an individual who pays the telephone bill made a specific telephone call.? The Judge continues by arguing that having an IP-address as evidence is even weaker than a telephone number, as the majority of US homes have a wireless network nowadays. This means that many people, including complete strangers if one has an open network, can use the same IP-address simultaneously. ?While a decade ago, home wireless networks were nearly non-existent, 61% of US homes now have wireless access. As a result, a single IP address usually supports multiple computer devices ? which unlike traditional telephones can be operated simultaneously by different individuals,? Judge Brown writes. ?Different family members, or even visitors, could have performed the alleged downloads. Unless the wireless router has been appropriately secured (and in some cases, even if it has been secured), neighbors or passersby could access the Internet using the IP address assigned to a particular subscriber and download the plaintiff?s film.? Judge Brown explains that the widespread use of wireless networks makes a significant difference in cases against file-sharers. He refers to an old RIAA case of nearly a decade ago where the alleged infringer was located at a University, on a wired connection offering hundreds to tracks in a shared folder. The Judge points out that nowadays it is much harder to pinpoint specific infringers. Brown also cites various other judges who?ve made comments on the IP-address issue. In SBO Pictures, Inc. v. Does 1-3036 for example, the court noted: ?By defining Doe Defendants as ISP subscribers who were assigned certain IP addresses, instead of the actual Internet users who allegedly engaged in infringing activity, Plaintiff?s sought-after discovery has the potential to draw numerous innocent internet users into the litigation, placing a burden upon them that weighs against allowing the discovery as designed.? Judge Brown concludes that in these and other mass-BitTorrent lawsuits it is simply unknown whether the person linked to the IP-address has anything to do with the alleged copyright infringements. ?Although the complaints state that IP addresses are assigned to ?devices? and thus by discovering the individual associated with that IP address will reveal ?defendants? true identity,? this is unlikely to be the case,? he concludes. In other words, the copyright holders in these cases have wrongfully accused dozens, hundreds, and sometimes thousands of people. Aside from effectively shutting down all mass-BitTorrent lawsuits in the Eastern District of New York, the order is a great reference for other judges dealing with similar cases. Suing BitTorrent users is fine, especially one at a time, but with proper evidence and not by abusing and misleading the courts. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 3 07:34:32 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 08:34:32 -0400 Subject: [Infowarrior] - more on ... RIM going keyboardless References: Message-ID: <84DF741D-FE1D-4D2A-AA3D-1623165ED382@infowarrior.org> Begin forwarded message: > From: Bruce > > Karl Denninger had some appropriate comments: > > http://market-ticker.org/akcs-www?post=205451 From rforno at infowarrior.org Thu May 3 09:55:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 10:55:51 -0400 Subject: [Infowarrior] - OT: Regarding Stock "Analysis" Message-ID: Very good commentary by Josh Brown, whose blog I follow regularly. In short, avoid any "broker generated" (sell-side) analysis/research/calls.....which is something I've said for years. However, Josh's commentary is well-worth it, and in his own pithy, colourful way[1]. :) You Are Now About to Witness the Strength of Street Knowledge http://www.thereformedbroker.com/2012/05/03/you-are-now-about-to-witness-the-strength-of-street-knowledge/ [1] IE, contains some well-reasoned profanity. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 3 11:44:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 12:44:08 -0400 Subject: [Infowarrior] - Barnes and Noble censors Linux magazine Message-ID: <7546FADC-BF7D-4812-9619-D97BD72BE7F6@infowarrior.org> Learn to Hack pulled from Barnes and Noble Posted at 12:08pm on Thursday May 3rd 2012 We've just learned that issue 154 of Linux Format, the one with 'Learn to Hack' on the cover, was removed from Barnes and Noble bookstores in the US after a complaint was made. We'd like to apologise if you were affected and couldn't find a copy..... As a reminder, we?ve put the contents of the main feature online: http://www.tuxradar.com/content/learn-hack < - > http://tuxradar.com/content/learn-hack-was-pulled-barnes-and-noble --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 3 12:16:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 13:16:16 -0400 Subject: [Infowarrior] - Suppressed data on mutant H5N1 human-killer virus published Message-ID: Suppressed data on mutant H5N1 human-killer virus PUBLISHED By Adam Smith ? Get more from this author Posted in Biology, 3rd May 2012 16:01 GMT http://www.theregister.co.uk/2012/05/03/h4n1_flu_study_published/ Strains of bird flu that could spread among humans have been created in the lab - and now full details on just how this was done have been published openly, raising fears that the research could be used by terrorists to craft a deadly bio-weapon plague. Bird flu, or H5N1, has killed more than half of the 600 people it is known to have infected, but it cannot spread easily between people. So Yoshihiro Kawaoka of the University of Wisconsin-Madison set out to find whether H5N1 could evolve in the wild into a form that was transmissible between humans. Kawaoka?s FBI-approved team first created thousands of mutant versions of H5N1. From these they identified a version that could stick to cells in the human nose and throat and then combined this with the strain from the wild that caused the 2009 pandemic. With this hybrid virus, the scientists infected ferrets and watched for when the virus evolved a strain that could spread through the air and infect healthy ferrets in neighbouring cages. According to Kawaoka, the study shows that relatively few mutations are required for the virus to acquire the ability to transmit between mammals, including humans. The strain created during Kawaoka?s research is less severe than the one that caused the 2009 pandemic, it is susceptible to Tamiflu and it did not kill any of the ferrets in the experiments. But there may be further strains not studied that have the ability to evolve transmissibility. In fact, the researchers have already spotted strains with one of the mutations they identified in Egypt. As Laurence Fishburne?s character in Contagion says: ?Someone doesn?t need to weaponise the bird flu. The birds are doing that.? Kawoaka is less dramatic, claiming that the results can help authorities to prevent or prepare for an outbreak. "This study has significant public health benefits and contributes to our understanding of this important pathogen,? he said. ?By identifying mutations that facilitate transmission among mammals, those whose job it is to monitor viruses circulating in nature can look for these mutations so measures can be taken to effectively protect human health." It is an argument made repeatedly over the past few months by Kawoaka and his colleague Ron Fouchier, a researcher at the Erasmus Medical Center in Rotterdam and author of another blocked bird flu paper. Although Kawaoka?s research is now published, Fouchier?s remains under wraps, even though Science magazine has said it will publish the work. The concerns over the researchers? studies came from the US National Science Advisory Board for Biosecurity (NSABB). The body?s decision to block the research kickstarted months of tense discussion between virologists, security experts and journal editors. Last month, the NSABB reversed its controversial decision after Kawaoka and Fouchier amended their papers. ?The revised papers had more clarity on risks and benefits,? said the NSABB?s Paul Keim, who added that the board comprises scientists, not ?generals and colonels and majors?. Fouchier admitted at an emergency conference convened in April to discuss the controversy, that most of the extra 1000 words he added to his paper dealt with the level of biosecurity in place during the research. The Dutch virologist explained that due to the biosecurity conditions in place, if an accident were to happen, ?the public won?t be exposed, but the individuals in the laboratory will be?. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 3 17:15:43 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 May 2012 18:15:43 -0400 Subject: [Infowarrior] - OT: The Fed's Jelly Donut Policy Message-ID: I appreciate Einhorn's use of 'Simpsons' references in explaining complex economics to the general reader! --rick The Fed's Jelly Donut Policy David Einhorn President, Greenlight Capital, Inc. < - BIG SNIP - > http://www.huffingtonpost.com/david-einhorn/fed-interest-rates_b_1472509.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 4 07:12:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 May 2012 08:12:38 -0400 Subject: [Infowarrior] - Feds seize site for year sans proof of infringement Message-ID: Feds Seized Hip-Hop Site for a Year, Waiting for Proof of Infringement ? By David Kravets ? Email Author ? May 3, 2012 | ? 5:00 pm | For more than a year, and without explanation, the government redirected hip-hop site Dajaz1.com to this landing page. Federal authorities who seized a popular hip-hop music site based on assertions from the Recording Industry Association of America that it was linking to four ?pre-release? music tracks gave it back more than a year later without filing civil or criminal charges because of apparent recording industry delays in confirming infringement, according to court records obtained by Wired. The Los Angeles federal court records, which were unsealed Wednesday at the joint request of Wired, the Electronic Frontier Foundation and the First Amendment Coalition, highlight a secret government process in which a judge granted the government repeated time extensions to build a civil or criminal case against Dajaz1.com, one of about 750 domains the government has seized in the last two years in a program known as Operation in Our Sites. Apparently, however, the RIAA and music labels? evidence against Dajaz1, a music blog, never came. Or, if it did, it was not enough to build a case and the authorities returned the site nearly 13 months later without explanation or apology. Cindy Cohn, the EFF?s legal director, said the site?s 13-month seizure by the Immigration and Customs Enforcement bureau highlights the RIAA?s influence over the government. President Barack Obama has tapped at least five former RIAA attorneys for senior positions in the Justice Department. ?Here you have ICE making a seizure, based on the say-so of the record company guys, and getting secret extensions as they wait for their masters, the record companies, for evidence to prosecute,? Cohn said in a telephone interview. ?This is the RIAA controlling a government investigation and holding it up for a year.? ICE, a branch of the Department of Homeland Security, has the power to seize web domains engaged in infringing activity under the same forfeiture laws used to seize property like houses, cars and boats allegedly tied to illegal activity such as drug running or gambling. But seizing a domain name raises First Amendment concerns ? though nothing in the court records show that the government or the court was concerned about the prolonged seizure of the site that is akin to an online printing press. In the Dajaz1 case, the authorities seized the site in November 2010 on the word of the RIAA that four songs linked to on the site were unauthorized, the records show. Yet nearly a year later, in September 2011, the government was secretly seeking yet another extension to build its case, ostensibly because it was still waiting for the recording industry to produce evidence, the records show. All the while, the site?s owner and his attorney were left out of the loop, as the court record was sealed from them and the public. The Dajaz1 site was redirected to a government landing page saying it was seized by customs officials. On Sept. 7, 2011, about 11 months after the government seized Andre Nasib?s site, a Department of Homeland Security agent wrote a declaration to U.S. District Judge Margaret Morrow of Los Angeles, explaining the reason for seeking a third time extension to build a case. The agent said ?a sampling of content obtained from the Dajaz1.com website and its purported affiliate websites was submitted for rights holder evaluation and has yet to be returned.? The agent, Andrew Reynolds, wrote virtually the exact same sentence in a July 13, 2011 declaration (.pdf), in which the government sought its second extension of time to build a case. However, Reynolds? declaration in September for the first time mentioned the RIAA by name. ?Additionally, a representative with the Recording Industry Association of America (RIAA) has stated that he will provide a very comprehensive statement to ICE?s and CBP?s [Customs and Border Protection's] outstanding questions, in coordination with corresponding rights holders, which will be forthcoming in approximately 30 days,? Reynolds wrote. (.pdf) Other than the unsealing orders won by Wired, EFF and the First Amendment Coalition, that Reynolds filing was the last one in the case ? meaning the record does not say whether the RIAA or other industry players ever produced the promised report. The Los Angeles federal prosecutor in the case, Steven Welk, did not respond for comment. Welk?s office agreed to unseal the documents, but said that it did so without conceding there was any First Amendment or common law necessity to do so. In December, when the site was returned, the authorities said it was ?the appropriate and just result.? The RIAA declined to comment on the unsealed documents, which Wired provided to it for review. < -- > http://www.wired.com/threatlevel/2012/05/weak-evidence-seizure/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 4 13:26:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 May 2012 14:26:13 -0400 Subject: [Infowarrior] - FBI: We need wiretap-ready Web sites -- now Message-ID: This reminds me of the Clipper Chip debates back in the '90s. ----rick FBI: We need wiretap-ready Web sites -- now CNET learns the FBI is quietly pushing its plan to force surveillance backdoors on social networks, VoIP, and Web e-mail providers, and is asking Internet companies not to oppose a law making those backdoors mandatory. http://news.cnet.com/8301-1009_3-57428067-83/fbi-we-need-wiretap-ready-web-sites-now/ by Declan McCullagh May 4, 2012 9:24 AM PDT The FBI is asking Internet companies not to oppose a controversial proposal that would require the firms, including Microsoft, Facebook, Yahoo, and Google, to build in backdoors for government surveillance. In meetings with industry representatives, the White House, and U.S. senators, senior FBI officials argue the dramatic shift in communication from the telephone system to the Internet has made it far more difficult for agents to wiretap Americans suspected of illegal activities, CNET has learned. The FBI general counsel's office has drafted a proposed law that the bureau claims is the best solution: requiring that social-networking Web sites and providers of VoIP, instant messaging, and Web e-mail alter their code to ensure their products are wiretap-friendly. "If you create a service, product, or app that allows a user to communicate, you get the privilege of adding that extra coding," a person who has reviewed the FBI's draft legislation told CNET. The requirements apply only if a threshold of a certain number of users is exceeded, according to a second person briefed on it. The FBI's proposal would amend a 1994 law, called the Communications Assistance for Law Enforcement Act, or CALEA, that currently applies only to telecommunications providers, not Web companies. The Federal Communications Commission extended CALEA in 2004 to apply to broadband networks. FBI Director Robert Muller is not asking companies to support the bureau's CALEA expansion, but instead is "asking what can go in it to minimize impacts," one participant in the discussions says. That included a scheduled trip this month to the West Coast -- which was subsequently postponed -- to meet with Internet companies' CEOs and top lawyers. A further expansion of CALEA is unlikely to be applauded by tech companies, their customers, or privacy groups. Apple (which distributes iChat and FaceTime) is currently lobbying on the topic, according to disclosure documents filed with Congress two weeks ago. Microsoft (which owns Skype and Hotmail) says its lobbyists are following the topic because it's "an area of ongoing interest to us." Google, Yahoo, and Facebook declined to comment. In February 2011, CNET was the first to report that then-FBI general counsel Valerie Caproni was planning to warn Congress of what the bureau calls its "Going Dark" problem, meaning that its surveillance capabilities may diminish as technology advances. Caproni singled out "Web-based e-mail, social-networking sites, and peer-to-peer communications" as problems that have left the FBI "increasingly unable" to conduct the same kind of wiretapping it could in the past. In addition to the FBI's legislative proposal, there are indications that the Federal Communications Commission is considering reinterpreting CALEA to demand that products that allow video or voice chat over the Internet -- from Skype to Google Hangouts to Xbox Live -- include surveillance backdoors to help the FBI with its "Going Dark" program. CALEA applies to technologies that are a "substantial replacement" for the telephone system. "We have noticed a massive uptick in the amount of FCC CALEA inquiries and enforcement proceedings within the last year, most of which are intended to address 'Going Dark' issues," says Christopher Canter, lead compliance counsel at the Marashlian and Donahue law firm, which specializes in CALEA. "This generally means that the FCC is laying the groundwork for regulatory action." Subsentio, a Colorado-based company that sells CALEA compliance products and worked with the Justice Department when it asked the FCC to extend CALEA seven years ago, says the FBI's draft legislation was prepared with the compliance costs of Internet companies in mind. In a statement to CNET, Subsentio President Steve Bock said that the measure provides a "safe harbor" for Internet companies as long as the interception techniques are "'good enough' solutions approved by the attorney general." Another option that would be permitted, Bock said, is if companies "supply the government with proprietary information to decode information" obtained through a wiretap or other type of lawful interception, rather than "provide a complex system for converting the information into an industry standard format." A representative for the FBI told CNET today that: "(There are) significant challenges posed to the FBI in the accomplishment of our diverse mission. These include those that result from the advent of rapidly changing technology. A growing gap exists between the statutory authority of law enforcement to intercept electronic communications pursuant to court order and our practical ability to intercept those communications. The FBI believes that if this gap continues to grow, there is a very real risk of the government 'going dark,' resulting in an increased risk to national security and public safety." The FBI's legislation, which has been approved by the Department of Justice, is one component of what the bureau has internally called the "National Electronic Surveillance Strategy." Documents obtained by the Electronic Frontier Foundation show that since 2006, Going Dark has been a worry inside the bureau, which employed 107 full-time equivalent people on the project as of 2009, commissioned a RAND study, and sought extensive technical input from the bureau's secretive Operational Technology Division in Quantico, Va. The division boasts of developing the "latest and greatest investigative technologies to catch terrorists and criminals." But the White House, perhaps less inclined than the bureau to initiate what would likely be a bruising privacy battle, has not sent the FBI's CALEA amendments to Capitol Hill, even though they were expected last year. (A representative for Sen. Patrick Leahy, head of the Judiciary committee and original author of CALEA, said today that "we have not seen any proposals from the administration.") Mueller said in December that the CALEA amendments will be "coordinated through the interagency process," meaning they would need to receive administration-wide approval. Stewart Baker, a partner at Steptoe and Johnson who is the former assistant secretary for policy at Homeland Security, said the FBI has "faced difficulty getting its legislative proposals through an administration staffed in large part by people who lived through the CALEA and crypto fights of the Clinton administration, and who are jaundiced about law enforcement regulation of technology -- overly jaundiced, in my view." On the other hand, as a senator in the 1990s, Vice President Joe Biden introduced a bill at the FBI's behest that echoes the bureau's proposal today. Biden's bill said companies should "ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law." (Biden's legislation spurred the public release of PGP, one of the first easy-to-use encryption utilities.) The Justice Department did not respond to a request for comment. An FCC representative referred questions to the Public Safety and Homeland Security Bureau, which declined to comment. From the FBI's perspective, expanding CALEA to cover VoIP, Web e-mail, and social networks isn't expanding wiretapping law: If a court order is required today, one will be required tomorrow as well. Rather, it's making sure that a wiretap is guaranteed to produce results. But that nuanced argument could prove radioactive among an Internet community already skeptical of government efforts in the wake of protests over the Stop Online Piracy Act, or SOPA, in January, and the CISPA data-sharing bill last month. And even if startups or hobbyist projects are exempted if they stay below the user threshold, it's hardly clear how open-source or free software projects such as Linphone, KPhone, and Zfone -- or Nicholas Merrill's proposal for a privacy-protective Internet provider -- will comply. The FBI's CALEA amendments could be particularly troublesome for Zfone. Phil Zimmermann, the creator of PGP who became a privacy icon two decades ago after being threatened with criminal prosecution, announced Zfone in 2005 as a way to protect the privacy of VoIP users. Zfone scrambles the entire conversation from end to end. "I worry about the government mandating backdoors into these kinds of communications," says Jennifer Lynch, an attorney at the San Francisco-based Electronic Frontier Foundation, which has obtained documents from the FBI relating to its proposed expansion of CALEA. As CNET was the first to report in 2003, representatives of the FBI's Electronic Surveillance Technology Section in Chantilly, Va., began quietly lobbying the FCC to force broadband providers to provide more-efficient, standardized surveillance facilities. The Federal Communications Commission approved that requirement a year later, sweeping in Internet phone companies that tie into the existing telecommunications system. It was upheld in 2006 by a federal appeals court. But the FCC never granted the FBI's request to rewrite CALEA to cover instant messaging and VoIP programs that are not "managed"--meaning peer-to-peer programs like Apple's Facetime, iChat/AIM, Gmail's video chat, and Xbox Live's in-game chat that do not use the public telephone network. If there is going to be a CALEA rewrite, "industry would like to see any new legislation include some protections against disclosure of any trade secrets or other confidential information that might be shared with law enforcement, so that they are not released, for example, during open court proceedings," says Roszel Thomsen, a partner at Thomsen and Burke who represents technology companies and is a member of an FBI study group. He suggests that such language would make it "somewhat easier" for both industry and the police to respond to new technologies. But industry groups aren't necessarily going to roll over without a fight. TechAmerica, a trade association that includes representatives of HP, eBay, IBM, Qualcomm, and other tech companies on its board of directors, has been lobbying against a CALEA expansion. Such a law would "represent a sea change in government surveillance law, imposing significant compliance costs on both traditional (think local exchange carriers) and nontraditional (think social media) communications companies," TechAmerica said in e-mail today. Ross Schulman, public policy and regulatory counsel at the Computer and Communications Industry Association, adds: "New methods of communication should not be subject to a government green light before they can be used." Last updated at 10 a.m. PT "Going Dark" timeline June 2008: FBI Director Robert Mueller and his aides brief Sens. Barbara Mikulski, Richard Shelby, and Ted Stevens on "Going Dark." June 2008: FBI Assistant Director Kerry Haynes holds "Going Dark" briefing for Senate appropriations subcommittee and offers a "classified version of this briefing" at Quantico. August 2008: Mueller briefed on Going Dark at strategy meeting. September 2008: FBI completes a "high-level explanation" of CALEA amendment package. May 2009: FBI Assistant Director Rich Haley briefs Senate Intelligence committee and Mikulsi staffers on how bureau is "dealing with the 'Going Dark' issue.'" Mikulski plans to bring up "Going Dark" at a closed-door hearing the following week. May 2009: Haley briefs Rep. Dutch Ruppersberger, currently the top Democrat on House Intelligence, who would later co-author CISPA. September 2008: FBI staff briefed by RAND, which was commissioned to "look at" Going Dark. November 2008: FBI Assistant Director Marcus Thomas, who oversees the Quantico-based Operational Technology Division, prepares briefing for President-Elect Obama's transition team. December 2008: FBI intelligence analyst in Communications Analysis Unit begins analysis of VoIP surveillance. February 2009: FBI memo to all field offices asks for anecdotal information about cases where "investigations have been negatively impacted" by lack of data retention or Internet interception. March 2009: Mueller's advisory board meets for a full-day briefing on Going Dark. April 2009: FBI distributes presentation for White House meeting on Going Dark. April 2009: FBI warns that the Going Dark project is "yellow," meaning limited progress, because of "new administration personnel not being in place for briefings." April 2009: FBI general counsel's office reports that the bureau's Data Interception Technology Unit has "compiled a list of FISA dockets... that the FBI has been unable to fully implement." That's a reference to telecom companies that are already covered by the FCC's expansion of CALEA. May 2009: FBI's internal Wikipedia-knockoff Bureaupedia entry for "National Lawful Intercept Strategy" includes section on "modernize lawful intercept laws." May 2009: FBI e-mail boasts that the bureau's plan has "gotten attention" from industry, but "we need to strengthen the business case on this." June 2009: FBI's Office of Congressional Affairs prepares Going Dark briefing for closed-door session of Senate Appropriations subcommittee. July 2010: FBI e-mail says the "Going Dark Working Group (GDWG) continues to ask for examples from Cvber investigations where investigators have had problems" because of new technologies. September 2010: FBI staff operations specialist in its Counterterrorism Division sends e-mail on difficulties in "obtaining information from Internet Service Providers and social-networking sites." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 4 14:45:27 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 May 2012 15:45:27 -0400 Subject: [Infowarrior] - It's too early to bury a news story Message-ID: This kind of stuff normally comes out after 5PM ET on Friday .... not mid-afternoon!! -- rick U.S. Announces Compromise on Fracking Disclosure By JOHN M. BRODER Published: May 4, 2012 WASHINGTON ? The Obama administration on Friday issued a proposed rule governing hydraulic fracturing for oil and gas on public lands that will for the first time require disclosure of the chemicals used in the process. But in a significant concession to the oil industry, companies will have to reveal the composition of fluids only after they have completed drilling, not before ? a sharp change from the government?s original proposal, which would have required disclosure of the chemicals 30 days before a well could be started. The walkback of the rule followed a series of meetings at the White House after the original regulation was proposed in February. Lobbyists representing oil industry trade associations and individual major producers like ExxonMobil, XTO Energy, Apache, Samson Resources and Anadarko Petroleum met with officials of the Office of Management and Budget, who reworked the rule to address industry concerns about overlapping state regulations and the cost of compliance. < - > http://www.nytimes.com/2012/05/05/us/new-fracking-rule-is-issued-by-obama-administration.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat May 5 21:05:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 May 2012 22:05:30 -0400 Subject: [Infowarrior] - NZ: Powerful surveillance cameras read texts Message-ID: <6209336B-E2EB-42EB-AEE5-E37A4B3D007E@infowarrior.org> Powerful surveillance cameras read texts SHABNAM DASTGHEIB Last updated 05:00 03/05/2012 http://www.stuff.co.nz/technology/digital-living/6848897/Powerful-surveillance-cameras-read-texts Surveillance cameras are now so powerful that they were able to zoom in on individual spectators at the Rugby World Cup and read their text messages. Details of police monitoring used for the first time during the tournament were discussed at a privacy forum in Wellington yesterday, at which it was revealed that the average person is digitally recorded about a dozen times a day ? and even more if they use email and social media frequently. Superintendent Grant O'Fee told the forum how one incident at the Rugby World Cup "tweaked in my head" a concern about possible privacy breaches. Camera operators who were scanning the crowd for unruly behaviour or suspicious packages chose to zoom in on a person who was texting. "He was actually texting about the poor quality of the game of rugby. But it did occur to me that there was an issue there - had he been texting something that was of some consequence to us, there may have been privacy issues." He confirmed later that the level of monitoring used during the World Cup would continue for all big test matches. CCTV now operates inside many buildings, including hospitals, supermarkets, malls, and around public toilets. There are 11 cameras in Wellington city centre, recording 24 hours a day. In Britain, drone cameras, mobile cameras on cars and cameras on police helmets are in frequent use. Soon, technology will exist that can pick up on raised voices, and sniffing devices will be able to detect drug residue, Stirling University lecturer William Webster told the forum. Privacy Commissioner Marie Shroff said some overseas developments were amazing and she imagined there would be concern if and when that technology was implemented in New Zealand. Civil liberties lawyer Michael Bott warned against becoming desensitised to digital surveillance. "It's quite worrying when we, by default, move to some sort of Orwellian 1984 where the state or Big Brother watches your every move. The road to hell is paved with good intentions and we don't realise what we are giving up when we give the state the power to monitor our private lives." Ms Shroff said that, although reading someone's text messages in public could cause concern, the legitimacy of the action depended on what it was used for. "We need to be aware of that ? that potentially texting in a public place can be caught on a CCTV camera. If the text showed the person was plotting a riot or something, then it might well be legitimate for the police to use that under the coverage of exemption for law-enforcement activities. "But if they were to use it simply out of nosiness, that might not be exempt," she said. Former detective Trevor Morley said the average person had nothing to fear if they were not doing anything illegal. "The only people who need to be concerned about these advances in technology that the police are using are the people who are abusing it, or the people who are acting in an anti-social manner." Ms Shroff added that education and awareness of surveillance tactics were crucial. "The law can do only so much. There are many, many great uses for the technology and we just have to make sure we balance those so it doesn't become ridiculously intrusive into our lives." YOUR DIGITAL FOOTPRINT Your Digital Footprint An average person is digitally recorded about a dozen times a day, and more if they use email and social media frequently There are 11 CCTV cameras throughout Wellington city centre, recording 24 hours a day Movement can be tracked through mobile phones and computers Work access cards can be used to track your location CCTV operates inside many buildings, including hospitals, supermarkets, malls, and around public toilets Any online search, online purchase, eftpos or credit card transaction, or smartcard used for car parking is recorded Social media usage is tracked and used for marketing and advertising. Any information put online is there forever Some smart electricity systems track usage --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat May 5 21:07:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 May 2012 22:07:40 -0400 Subject: [Infowarrior] - =?windows-1252?q?Facebook_Stops_Users_From_Postin?= =?windows-1252?q?g_=91Irrelevant_Or_Inappropriate=92_Comments?= Message-ID: Is This Censorship? Facebook Stops Users From Posting ?Irrelevant Or Inappropriate? Comments http://techcrunch.com/2012/05/05/facebooks-positive-comment-policy-irrelevant-inappropriate-censorship/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 6 14:17:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 May 2012 15:17:00 -0400 Subject: [Infowarrior] - Range of brain diseases could be treated by single drug Message-ID: <0755E1B9-85DA-4F44-9C92-555CA975B168@infowarrior.org> http://www.bbc.co.uk/news/health-17952797?print=true 6 May 2012 Last updated at 13:34 ET Range of brain diseases could be treated by single drug By James Gallagher Health and science reporter, BBC News The tantalising prospect of treating a range of brain diseases, such as Alzheimer's and Parkinson's, all with the same drug, has been raised by UK researchers. In a study, published in Nature, they prevented brain cells dying in mice with prion disease. It is hoped the same method for preventing brain cell death could apply in other diseases. The findings are at an early stage, but have been heralded as "fascinating". Many neuro-degenerative diseases result in the build-up of proteins which are not put together correctly - known as misfolded proteins. This happens in Alzherimer's, Parkinson's and Huntington's as well as in prion diseases, such as the human form of mad cow disease. Turn off Researchers at the University of Leicester uncovered how the build-up of proteins in mice with prion disease resulted in brain cells dying. They showed that as misfolded protein levels rise in the brain, cells respond by trying to shut down the production of all new proteins. It is the same trick cells use when infected with a virus. Stopping production of proteins stops the virus spreading. However, shutting down the factory for a long period of time ends up killing the brain cells as they do not produce the proteins they actually need to function. The team at the Medical Research Council laboratory in Leicester then tried to manipulate the switch which turned the protein factory off. When they prevented cells from shutting down, they prevented the brain dying. The mice then lived significantly longer. Each neuro-degenerative disease results in a unique set of misfolded proteins being produced, which are then thought to lead to brain cells dying. Prof Giovanna Mallucci told the BBC: "The novelty here is we're just targeting the protein shut-down, we're ignoring the prion protein and that's what makes it potentially relevant across the board." The idea, which has not yet been tested, is that if preventing the shut down protects the brain in prion disease - it might work in all diseases that have misfolded proteins. Prof Mallucci added: "What it gives you is an appealing concept that one pathway and therefore one treatment could have benefits across a range of disorders. "But the idea is in its early stages. We would really need to confirm this concept in other diseases." 'Fascinating' The study has been broadly welcomed by other scientists although many point out that the research is in its infancy. Professor of Molecular Neurobiology at King's College London, Roger Morris, said it was a "breakthrough in understanding what kills neurons". He added: "There are good reasons for believing this response, identified with prion disease, applies also to Alzheimer's and other neuro-degenerative diseases. "And because it is such a general response, we already have some drugs that inhibit this response." Prof Andy Randall, from the University of Bristol, said: "This is a fascinating piece of work. "It will be interesting to see if similar processes occur in some of the common diseases with such deposits, for example Alzheimer's and Parkinson's disease. "Furthermore, if this is the case, can modulating this same pathway be a route to new therapeutic approaches in these more prevalent conditions that afflict many millions of sufferers around the world? Ultimately only more research will tell us this." Dr Eric Karran, the director of research at Alzheimer's Research UK, said: "The findings present the appealing concept that one treatment could have benefits for a range of different diseases; however the idea is in its early stages. "The research focuses on the effects of the prion protein and we would need to see the same results confirmed in Alzheimer's and Parkinson's to really strengthen the evidence." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 6 14:35:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 May 2012 15:35:02 -0400 Subject: [Infowarrior] - Avengers becomes biggest film opening of all time Message-ID: <46072E28-33F7-4E90-9CA7-DAEDF7115F30@infowarrior.org> How much do you want to bet that the MPAA will spin anything less next weekend as the result of online piracy? -- rick Avengers becomes biggest film opening of all time Hollywood is celebrating after "The Avengers" achieved easily the biggest film opening of all time. < - > http://www.telegraph.co.uk/culture/film/film-news/9249596/Avengers-becomes-biggest-film-opening-of-all-time.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 06:57:27 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 07:57:27 -0400 Subject: [Infowarrior] - =?windows-1252?q?Meanwhile=2C_in_the_land_of_the_?= =?windows-1252?q?free=85?= Message-ID: Feature ? May / June 2012 Meanwhile, in the land of the free? In the US, you can still say almost anything, but someone just may be listening in By Dan Gillmor http://www.cjr.org/feature/meanwhile_in_the_land_of_the_f.php?page=all&print=true In December 2010, the major payment systems used to buy goods and services online decided that Wikileaks was no longer an acceptable customer. Mastercard, Visa, and PayPal summarily cut off service, putting Wikileaks into deep financial trouble and further marginalizing an organization that had become an object of fear and loathing inside the US government and other centers of wealth and power. While many in the new media world sounded an alarm, the response of journalists from legacy news organizations was mostly silence, except to take note of what had happened. By ignoring the implications of what had happened?a financial blockade of an organization engaged in recognizably journalistic pursuits?traditional media people demonstrated how little they understood or appreciated the information ecosystem in which they also exist. And by failing to object, loudly, they gave tacit assent to tactics that should chill people who genuinely believe in free speech. It was not the first time traditional journalists failed to grasp a fundamental reality: Governments and businesses are creating choke points inside that emerging ecosystem?points of control where interests unfriendly to journalism can create not just speed bumps on the fabled information highway, but outright barricades. This is not just an issue for journalists in places like China or Saudi Arabia or Russia, where governments are creating more and more stringent restrictions on what people can say and do online. It is an American matter as well. In the developed world, Hollywood and other corporate interests have taken the lead in threatening the Internet?s freewheeling nature?and they?ve had plenty of help from government. The Obama administration has pushed gratifyingly hard to open up speech for dissidents in dictatorships, and decried censorship elsewhere. Yet the US government has also acted to curb online communications it deems objectionable. While this clampdown is often in service of the copyright lobby, the tactics have sometimes smacked more of authoritarian regimes than of the American tradition. The administration?s campaign against Wikileaks and prosecutions of journalists? sources highlight the vulnerability of journalism, and the public?s right to know, in this networked age, what government is doing in our names and with our money. Years ago, when mass media had achieved economies of scale that created significant barriers to entry, media critics worried about consolidation of a different kind. A small number of giant companies increasingly owned the media most Americans read, watched, and listened to each day. This was a legitimate fear, and while Congress allowed significant concentration it didn?t allow utter dominance by any single corporate entity. Even so, journalism was dominated by newspaper monopolists at the local level and a cozy oligopoly nationally. In theory and, so far, mostly in practice, the Internet broke things open. We all came to own a printing press, we believed, and we could make what we created available to a potentially global audience. But a new kind of corporate oligopoly is emerging. Coupled with increasingly controlling activities by government, often in concert with corporate interests, the new choke points threaten to re-centralize media, or at least return control to a few dominant parties. Who are they? Start with telecommunications carriers. There are two main kinds: wired-line and mobile. Among the former, in most American communities there are, at most, two ?broadband? service providers: the cable and phone companies. Keep in mind that both were at one time monopolies established with government protection. (Also keep in mind that cable is vastly superior in bandwidth in most places, in part due to the lack of fiber investment by the phone industry, and is rapidly becoming the de facto broadband provider where it?s available.) These wired-line carriers believe that they should be able to decide what bits of information get delivered in what order and at what speed, if they get delivered at all. Think about what that means: the ability to play favorites in content. Most broadband carriers have instituted bandwidth caps; Comcast has even canceled the service of those who?ve used too much. Carriers are also becoming content providers themselves, as Comcast did when it bought NBC Universal, creating a plain conflict of interest. This is why a principle called ?network neutrality? has emerged in recent years. It essentially says that the carriers should not favor one kind of content, or conversation, over another. The carriers have challenged the Federal Communications Commission?s tiny moves toward network neutrality, and it?s not hard to see why. If they can have a duopoly, with little incentive to truly compete, they can use that dominance to cut deals with big content companies at the expense of smaller players, including what startup media operations might want to provide. And as the carriers become content providers themselves, the incentive to make these choices grows. Comcast says that its own streaming video service won?t count against its bandwidth cap, unlike streaming video services it doesn?t own; a loophole in the FCC?s already-weak regulations may give the cable giant cover. (Note: I own a small number of shares in Netflix, which offers a video streaming service that does count against the cap.) The serious potential for problems with wired-line broadband is nothing next to the actual situation with mobile carriers. They?ve already won the FCC?s approval to discriminate in their network practices, and they have bandwidth limits a fraction the size of wired-line carriers? limits. Clearly they cannot handle the kind of traffic that a cable or DSL line can bear, given network limitations, but they?re using relative scarcity to create customer-controlling business models. Recently, AT&T?s mobile arm declared its interest in charging some application developers for preferred connections to their customers. Who could afford that? Companies like Facebook, certainly, but smaller players would be hard-pressed to compete in such an environment. The telecommunications industry is hardly the only choke point looming in our future. The copyright industries have every intention of being another. Hollywood and its allies have some rational worries, in particular the possibility that file-sharing sites beyond the reach of the law will destroy their businesses by making unstoppable infringement the rule rather than the exception. But it?s worth noting that the major film studios have a longstanding loathing of technology they can?t control?at least until it makes them money, as with videotape, once Hollywood?s top object of paranoia. In the Internet era, copyright holders have gotten Congress to write increasingly restrictive laws designed to prevent infringement but which have dramatic side effects; you are not legally allowed to back up the DVD you purchased, for example, nor can you quote from it by ?ripping? a small segment to another file. The copyright lobby didn?t pull off its most brazen attempted coup early in 2012, when Internet users and companies rose up against the House of Representatives? ?Stop Online Piracy Act? and companion Senate legislation. These laws would have created outright Internet censorship in some cases, and a long-range effect, venture capitalists warned, would have been to slow innovation in any area where the entertainment industry felt threatened. Distressingly, if not surprisingly, these issues have received scant coverage from the major television news channels, whose corporate parents have huge entertainment interests and have overwhelmingly supported harsh copyright laws. We should never underestimate Congress? talent for getting cyber-issues wrong. Even as lawmakers backed away from the dangerous SOPA legislation, they took up ?cyber-security? bills that would be even more of a threat to the Internet, legislation that would give government vast new powers and all but compel telecommunications companies to spy on their customers. As I write this, support was building for a draconian bill, but its fate is unclear. As it turns out, Hollywood has persuaded the Obama administration on a number of occasions to use (or misuse) existing law against services it deems to be infringing. In a case that journalists did cover, the administration confiscated the domain name of hip-hop website dajaz1.com in November 2010?and then stonewalled requests for information and redress, the site?s attorney told reporters. Not until a year later did the government return the domain name, with no serious explanation and a minimal expression of regret for an act of outright censorship. It?s difficult to imagine the American government taking a newspaper?s website offline, or preventing it from delivering its print copies; yet something like that happened in this case. (Disclosure: The First Amendment Coalition, a nonprofit organization of which I am a member of the board, has taken an interest in this case.) Entertainment companies aren?t the only corporate interests that threaten journalists? ability to do their jobs. Private companies are creating their own ecosystems, with minimal regulatory interference, that news organizations find tantalizingly useful but which may turn out to be a mixed blessing. Consider Apple. The news industry?s longstanding love affair with what has become the most valuable company on Earth expanded with the death of Steve Jobs. But Apple has a long history of controlling behavior. If you create a journalism app to be sold in the iPhone or iPad marketplace, you explicitly give Apple the right to decide whether your journalism content is acceptable under the company?s vague guidelines. Apple has used this to block material it considers improper, including (until the company came under fire for this) refusing for a time to allow Mark Fiore, who has won a Pulitzer Prize for his cartoons, to sell his own app. Given the dominance Apple now enjoys in the tablet market, journalists should have a Plan B. Apple?s paranoia (not too strong a word) and secretive ways have led it to attack journalism itself. In 2004 the company tried to force several websites to disclose their sources in their Apple coverage; the case was a direct challenge to fundamental business-journalism practices. (Note: I played a small role in that case, filing declarations on behalf of the websites that they were engaged in protected journalism.) Facebook is another potential threat to independent journalism. Most journalists feel they have no choice but to use the social networking service, which has become by far the most dominant site online. But Facebook?s walled-garden approach?it is creating what amounts to an alternative Internet?brings risks. Moreover, Facebook and a small number of other technology companies are capturing the bulk of online advertising. Amazingly, more and more news organizations are outsourcing their online commenting to Facebook, further solidifying the position of a company that gains vastly more from these arrangements?namely detailed information on users? browsing habits?than it gives up. To the extent that journalists participate in their ecosystems, they are fueling their top competitors. That competition clearly includes search engines. Google, for example, has enormous power to decide who is visible, and has collected staggering amounts of data on our individual preferences and how we use the Internet. So far, the company has behaved in mostly benign ways. But it may not always be in the hands of people who take seriously the ?don?t be evil? mantra the founders established at the beginning. Government regulators are taking closer looks at the technology companies. This is potentially an important brake on abuse. But as we?ve seen repeatedly, Republican presidents tend not to enforce antitrust laws with anywhere near the effort?such as it is?that Democrats bring. It has taken news people too long to understand this, but the Obama administration may have been the least friendly to journalism of any, regardless of party, in recent times?notably in its zeal to prosecute leakers and penchant for secrecy. It?s impossible to know to what extent the government has used post-2001 authority to keep an eye on journalists? communications with sources, or at least to find out who the sources were after the fact. What is clear is that prosecutions of sources have expanded dramatically, and that journalists need to upgrade their own techniques and technology when it comes to protecting sources. (See this sidebar(LINK.) Despite a number of worthy initiatives to open up some government data, moreover, the administration has by many accounts been more secretive than its predecessors on matters of vital public interest. And as noted earlier, the administration?s pursuit of Wikileaks and Julian Assange, with some unfortunate cheerleading from journalists who should know better, ultimately is a threat to all journalism and free speech. The promise of the Internet was profound: a radically decentralized, democratized medium where anyone could publish and anyone could be heard. The reaction from industries and governments that feel threatened by the Net is to re-centralize. This may simply be the nature of modern capitalism and government, and the forces of control are getting more powerful every day. They are a direct threat to journalism and innovation. Journalists are at long last starting to take note?and we can only hope it?s not too late. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 10:39:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 11:39:10 -0400 Subject: [Infowarrior] - ACTA is effectively dead Message-ID: <2980802D-655B-4FDC-8CCB-CAC552DD7FC9@infowarrior.org> May 4, 2012, 1:19 PM GMT Kroes Throws in Towel on ACTA http://blogs.wsj.com/tech-europe/2012/05/04/kroes-throws-in-towel-on-acta/ ACTA is effectively dead, the European Commissioner for the Digital Agenda admitted Friday. An official spokesman said the ?political reality? was the fight was over. Neelie Kroes, speaking at a conference in Berlin, told delegates: ?We have recently seen how many thousands of people are willing to protest against rules which they see as constraining the openness and innovation of the Internet. ?This is a strong new political voice. And as a force for openness, I welcome it, even if I do not always agree with everything it says on every subject. ?We are now likely to be in a world without SOPA and without ACTA.? Her spokesman agreed that while Ms. Kroes never said ACTA was dead, the ?political reality? is that it is. The move is a tacit recognition that the controversial treaty, which saw thousands take to the streets in protest, is no more. The agreement requires ratification by all parties as well as the European Parliament. That now looks highly unlikely. Three of the four main parliamentary groups have already come out against ACTA. ?Acta does not provide a good balance between the protection of intellectual property rights and fundamental freedoms,? group president Guy Verhofstadt has said. With support from the socialists and greens it was unlikely that the European Parliament would back the treaty. Parliament?s largest group, the EPP, has not taken a position. The European Commission agreed last month to refer the treaty to European Court of Justice to establish if it posed a danger to the rights of individual European citizens. The controversial agreement, which opponents say was conducted behind closed doors, aimed to fight against counterfeiting at international level through greater co-ordination of anti-counterfeiting measures and tougher enforcement. Updated at 4 May 12 @16:39: added comments on political bloc views and confirmation of the comments by the official spokesman. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 10:51:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 11:51:52 -0400 Subject: [Infowarrior] - Why Is the TPP Such a Big Secret? Message-ID: Why Is the TPP Such a Big Secret? Posted: 05/04/2012 1:15 pm http://www.huffingtonpost.com/tim-robertson/trans-pacific-partnership_b_1476261.html Next week in Dallas, negotiations for what's likely to be the largest Free Trade Agreement (FTA) in U.S. history will continue in near total secrecy, despite growing demands for an open process. The darkness surrounding the talks isn't surprising, considering the American public's increasing disapproval of FTAs and the laundry list of corporate handouts under discussion. What is surprising is United States trade representative Ron Kirk's growing crackdown on public involvement, despite claims of "unprecedented transparency." The Trans-Pacific Partnership Free Trade Agreement (TPP) is being negotiated as a nine country FTA between the U.S., Australia, Brunei Darussalam, Chile, Malaysia, New Zealand, Peru, Singapore and Vietnam. Canada, Japan and Mexico are all expected to join talks, and many see more Pacific Rim countries including China and Russia eventually signing on. With floundering WTO talks, the TPP could very well establish U.S. trade policy for the next generation, yet all talks are happening behind closed doors and public influence has been increasingly suppressed. Just this February, during unannounced TPP meetings in Los Angeles, the USTR apparently strong-armed the host hotel into canceling a health group-sponsored luncheon seeking to expose how Big Pharma's patent rights demands challenge AIDS treatment worldwide. Meanwhile, 20th Century Fox, itself lobbying for severe copyright measures, were permitted to give trade negotiators a multi-hour tour of their film-production facilities. This lopsided allocation of influence has been standard for the TPP. Corporations and their lobbyists have seen consistent access to the negotiations -- about 600 corporate advisors can review and comment on working TPP texts -- and trade negotiators from partner countries. The Washington International Trade Association's "World Trade Reception" for Trans-Pacific FTA negotiators featured the A-Team of corporate lobby groups and some of the most powerful corporations in the U.S. hobnobbing amongst trade ministers, with nary a voice for the public, unions, environmental or public health groups. So, what exactly is the USTR hiding? Well, there are quite a few damning secrets: Secret No. 1: The TPP is covertly attacking the same internet freedom rights that spurred online protests over ACTA and SOPA. Secret No. 2: The TPP would make it more enticing for corporations to offshore jobs by opening our market to Vietnamese labor, which has significantly lower average wages than China. Secret No. 3: The TPP could be a death sentence to patients with AIDS, tuberculosis, and other treatable diseases around the world. Secret No. 4: The TPP would ban capital controls and impose limits on financial regulation, including post-recession checks on firm size and risky investments. Secret No. 5: Americans hate FTAs! Recent polls have found more than twice as many Americans think FTAs hurt than help, and 69 percent of Americans think they cost jobs, which they do. The list goes on, as there are 26 separate negotiating chapters, covering issues as diverse as labor, environmental, and procurement rules, which just drew the ire of 69 Members of Congress. Congress has also lamented the continued secrecy of the negotiations. After proposing Senate amendments forcing TPP transparency, U.S. Sen. Ron Wyden (D-Ore) told Kirk, "I feel very strongly with respect to TPP about getting the proposals that you're looking at... online so that the public can have a chance to be heard on it," during a March Senate Finance Committee hearing. None of this has dissuaded the USTR from the non-democratic nature of the talks. Starting in Dallas, he's actually doubling down by eliminating the day-long stakeholder presentation program, leaving civil society just a side tabling session. The only way the corporate shopping list that is the TPP can get past public scrutiny is if no one ever hears about it. Fortunately, activists are fighting back May 8 to 18 in Dallas, and an online petition has already garnered thousands of signatures calling on Kirk to release TPP proposals. We've learned from past FTAs that exposure to the light of democracy can stop them in their tracks. The TPP is no different. Please help return democracy to trade talks by signing the petition and sharing this article. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 14:15:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 15:15:48 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google=92s_Android_Infringed_Ora?= =?windows-1252?q?cle=92s_Java=2C_Jury_Says?= Message-ID: Google?s Android Infringed Oracle?s Java, Jury Says By Karen Gullo - May 7, 2012 http://www.bloomberg.com/news/print/2012-05-07/google-s-android-infringed-oracle-s-java-jury-says.html A jury said Google Inc. (GOOG), the largest Web-search provider, infringed copyrights for Oracle Corp. (ORCL)?s technology in developing Android software running on more than 300 million mobile devices, while jurors couldn?t decide unanimously whether Google made ?fair use? of the intellectual property. The 12-member panel announced the verdict today in federal court in San Francisco, with jurors telling the judge they were at an impasse over one question. The three-part case is over Oracle?s Java programming language used to develop Google?s Android. The decision came in the copyright phase of an eight-week intellectual-property trial that began April 16 and next will shift to Oracle?s claims of patent infringement. A third phase, on damages, will follow the other two. Oracle alleged that Google, based in Mountain View, California, stole copyrights and patents for the Java language when it developed the Android operating systems for mobile devices, which were released in 2007. Oracle acquired Java when it bought Java-developer Sun Microsystems Inc. in 2010. Java is a free language. Oracle, based in Redwood City, California, argued that the parts of Java that Google used are covered by copyrights and that the search engine company was required to pay for a license to use the technology. Google denied infringement, saying it developed Android from scratch and that the Java elements it used aren?t covered by copyrights. Any bits of copied Java in Android were fair and legal to use, Google told the jury. The next phase of the case is about two Java patents Oracle alleges were infringed. The case is Oracle v. Google, 10-3561, U.S. District Court, San Francisco To contact the reporter on this story: Karen Gullo in San Francisco at kgullo at bloomberg.net. To contact the editor responsible for this story: Michael Hytha at mhytha at bloomberg.net. ?2012 BLOOMBERG L.P. ALL RIGHTS RESERVED. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 16:51:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 17:51:08 -0400 Subject: [Infowarrior] - Half of all Macs will lack access to security updates by summer Message-ID: Half of all Macs will lack access to security updates by summer Mountain Lion's impending debut means Apple will stop supporting Snow Leopard, unless it changes a decade-old habit Gregg Keizer May 7, 2012 (Computerworld) http://www.computerworld.com/s/article/9226949/Half_of_all_Macs_will_lack_access_to_security_updates_by_summer Unless Apple changes its security update practice, nearly half of all Mac users will be adrift without patches sometime this summer. Apple will launch OS X 10.8, aka Mountain Lion, in the next few months, and then will -- baring a change in a decade-old habit -- stop serving patches to OS X 10.6, or Snow Leopard. Although Apple has never spelled out its support policy for older operating systems, it has always dropped an edition around the time it has two newer versions in play. If the current OS X is dubbed "n," then "n-2" support ends at the debut of "n." In other words, patches are provided only to the newest OS X and the one immediately preceding it. The company has practiced this since OS X's birth: The second iteration, 10.1 -- dubbed Puma -- received its final security update in January 2004, three months after the appearance of OS X 10.4, or Panther. More recently, Apple snuffed out support for OS X 10.5, aka Leopard, when 10.7, or Lion, shipped. The former got its last security update in June 2011, a month before the latter was released. If Apple continues this policy, Snow Leopard users will stop seeing patches about the time Mountain Lion ships. Apple has not set a hard date for OS X 10.8's debut, although it has pegged "late summer." But Snow Leopard currently accounts for 41.5% of all versions of OS X, according to Web metrics company Net Applications' latest statistics. Assuming Snow Leopard's share continues to drop at the average pace of the last six months, it will still power 34.4% of all Macs in August or 32.6% in September. With earlier editions included, that means 48.4% of all Macs will be without security updates if Apple stops serving Snow Leopard in August. If it continues patching until September, the number sans fixes drops to 45.9%. Some security professionals see those numbers as too high, and Apple's support lifespan too short. "[OS X] 10.6 released in August 2009, which means that any Mac purchased prior to that date and not subsequently upgraded will be running a version which receives no security support [Emphasis in origin]," Robin Stevens, part of the University of Oxford's network security team, said in a blog post last month. "[Apple has] been complacent in terms of their attitude to security and support, especially when compared to their chief competitor [Microsoft]," Stevens added. "By comparison, Apple appear to be making minimal effort, and are putting their customers at risk as a result." Stevens wanted Apple to commit to a support lifetime of at least five years. Other experts don't see Apple's support practice as the biggest problem, but instead tagged the company's notorious silence. OS X's average support lifetime measures 35 months, but if the short-lived Cheetah is dropped from the mix, the number climbs to 41 months. "The average seems to be about three years," said Andrew Storms, director of security operations for nCircle Security, talking about the length of time Apple provides security updates for a given edition of OS X. "That's not bad if you compare it to hardware amortization. But really, the bigger issue is that no one really knows. Apple doesn't communicate how long it will support a version or a roadmap for future releases." John Pescatore, a Gartner analyst, agreed, citing Apple's lack of a roadmap as the biggest sticking point for companies that increasingly must manage Macs alongside Windows PCs. "That's not enterprise friendly," he said. Apple's opacity stands in contrast to Microsoft, which has long clearly laid out its support lifecycle, and regularly reminds users when an edition of Windows or Office is nearing its end. "When they decide to release a new OS X, if you're behind two [versions], you're DOA or SOL, take your pick," said Storms. "But we never see those blogs from Apple that we do from Microsoft reminding that you need to upgrade [to keep receiving security updates]." Pescatore didn't have a problem with Apple's support lifecycle, calling it "in the middle" between Microsoft's 10-year policy for Windows and the constantly-updating cloud services like Google Apps or Microsoft's Office 365. More to the point, Apple's shorter support stretch is how things are quickly leaning, said Pescatore, ticking off the typical two-year turnover of smartphones and businesses taking to the cloud because of continuous updates. Customers, including IT managers, better get used to it. "In the real world, IT is going to have less and less control over the OS," said Pescatore. "IT really doesn't want to operate that way -- they'll try to fight it -- but they're going to have to learn how. Fighting the trend is going to be impossible." Even though the recent Flashback malware campaign has demonstrated that unsupported Leopard Macs were infected at a rate almost double its market share, Pescatore said the move to shorter support lifespans will continue. And customers will adopt. If they can't, the market will provide solutions -- as it has before for Windows -- to keep Macs safer. And most users can upgrade when Apple releases a new operating system, Pescatore and Stevens noted. While Apple has yet to define the migration path for Snow Leopard users, it has dropped hints that they may be able to upgrade to Mountain Lion: Snow Leopard machines can be boosted to Mountain Lion's developers preview. Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is gkeizer at computerworld.com. See more by Gregg Keizer on Computerworld.com. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 7 18:56:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 19:56:17 -0400 Subject: [Infowarrior] - Fwd: 4 high-tech ways the federal government is spying on private citizens References: <7EB33041E473EC4B8C08A7CA087AC8720281C19C@0015-its-exmb12.us.saic.com> Message-ID: Begin forwarded message: > From: MM > 4 high-tech ways the federal government is spying on private citizens > By Tecca | Today in Tech ? 4 hrs ago > http://news.yahoo.com/blogs/technology-blog/4-high-tech-ways-federal-government-spying-private-153556125.html > > One of the running jokes in the 1980s was how the former Soviet Union spied on its private citizens. As comedian Yakov Smirnoff used to joke: "In Soviet Russia, TV watches you!" But here in America, we were all safe from the prying eyes of the government. > > Fast forward to 2012, when the U.S. government actually has the tools and capabilities to spy on all its citizens. These eyes go well beyond red light cameras. Right now, the government is tracking the movements of private citizens by GPS, reading private citizens' emails, and possibly even reading what you're saying on Facebook. It does so all in the name of law enforcement and Homeland Security, of course ? but whether or not that makes you feel safer is up to you. > > 1. The NSA is building a massive data center in Utah to read every email you'll ever send. > Many of us are aware that little of what we say on social networks is really private. But you'd think your emails would be safe from prying eyes ? especially those of your government. Not so, once the government completes work on a top-secret Utah data center reportedly built to spy on civilian communications. > > The $2 billion facility, slated to be complete by September 2013, is allegedly designed to be able to filter through yottabytes (10^24 bytes) of data. Put into perspective, that's greater than the estimated total of all human knowledge since the dawn of mankind. If leaked information about the complex is correct, nothing will be safe from the facility's reach, from cell phone communications to emails to what you just bought with your credit card. And encryption won't protect you ? one of the facility's priorities is breaking even the most complex of codes. > > The good news (if there is any) is that the sheer volume of internet traffic and emails sent in a single day is far too much to be read by human eyes. Instead, the government will likely need to rely on complicated algorithms to assess each transmission and decide if they represent a security threat. So you're probably out of the government's earshot here... as long as you watch what you say. > > 2. The FBI maintains detailed files on numerous public, semi-public, and private figures. > Have you ever thought of taking a job with the government? If you value your privacy, think twice ? the government runs incredibly extensive background searches on its high-profile applicants. > > What kind of information does the government want from its applicants? Well, when former Apple CEO Steve Jobs was under consideration for a job with George H.W. Bush's administration in 1991, the FBI compiled a massive file on him. Included in that file: the fact that Jobs had a 2.65 GPA, his history of marijuana and LSD usage, and his tendencies to "distort reality" and to "twist the truth" in order to achieve his goals. > > Of course, Jobs is far from the only figure with an FBI file. Other public personalities profiled by the FBI include John Lennon, Marilyn Monroe, Jimi Hendrix, and even Anna Nicole Smith. If you're curious about what goods the FBI has on you, you can always submit a request to view your own personal file. It is worth noting, of course, that the government doesn't profile everyone ? just certain people of interest. > > 3. Homeland Security is reading your tweets and Facebook status messages. > Unless you play around with your Twitter and Facebook privacy settings, just about anything you say is public. So it might not come as a surprise that the Department of Homeland Security is seeking contractors to build software and hardware capable of reading through what it calls "publicly available social media." Essentially, the government wants to read through your tweets and status messages to see if there's any information that might help in detecting threats. > > There are some ground rules to the project. The government won't pose as a Twitter follower and won't accept or send any Facebook friend requests. Still, even with those restrictions, there's a lot of information floating out there for the feds to read, even if most of it is nonsense about Justin Bieber. > > 4. Your ISP may soon be required to keep files on what sites you visit. > The idea sounds pretty far out there ? a law that would require your internet service provider to keep constant tabs on you, along with detailed records of what websites you visited and when. But that's exactly what the Hawaii state legislature proposed this January with H.B. 2288 and companion bill S.B. 2530. The bill, sponsored by State Rep. John Mizuno (D), "requires internet service providers... keep consumer records for no less than two years." The bill then goes on to specify that these records must include "each subscriber's information and internet destination history information." > > Thankfully, the bills' sponsors withdrew the offending legislation from debate. But the reason wasn't just public outcry. Also a factor was the fact that the U.S. House of Representatives is considering a similar bill titled Protecting Children From Internet Pornographers Act. That bill, sponsored and written by Texas Republican Representative Lamar Smith, would mandate that commercial ISPs create logs of customers' names, bank information, and IP addresses. That information could later be used by attorneys seeking to prosecute in a criminal trial or even in civil cases and divorce trials. > > Not much is private anymore > Between private companies violating your privacy and now the government, is there any way to avoid prying eyes? Not really, unless you make significant changes in the way you use the web. So before you send that next tweet or post that next Facebook status message, think about whether or not you'd be okay with a complete stranger looking at it ? because that's very well what may happen. > > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Mon May 7 19:12:53 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 May 2012 20:12:53 -0400 Subject: [Infowarrior] - =?windows-1252?q?DHS_Concedes_Airport_Body_Scanne?= =?windows-1252?q?r_=91Vulnerabilities=92?= Message-ID: <415D02E7-B97C-4B77-8708-62C7C3F7BC4D@infowarrior.org> Homeland Security Concedes Airport Body Scanner ?Vulnerabilities? ? By David Kravets ? Email Author ? May 7, 2012 | ? 6:45 pm http://www.wired.com/threatlevel/2012/05/body-scanner-vulnerabilities/ Federal investigators ?identified vulnerabilities in the screening process? at domestic airports using so-called ?full body scanners,? according to a classified internal Department of Homeland Security report. DHS has spent nearly $90 million replacing traditional magnetometers with controversial X-ray body scanning machines that are intended to detect items that could be missed by a metal detector. Exactly how bad the body scanners are is not being divulged publicly, but the Inspector General report made eight separate recommendations on how to improve screening. The news comes as authorities are examining an underwear bomb, allegedly seized by the CIA in Yemen as it allegedly thwarted an Al-Qaida plot to destroy a U.S.-bound airplane, according to The Associated Press. Authorities are now looking to determine if the bomb could have passed through airport screeners without being detected. Meanwhile, an unclassified version of the Inspector General report, unearthed Friday by the Electronic Information Privacy Center, may give credence to a recent YouTube video allegedly showing a 27-year-old Florida man sneaking a metallic object through two different Transportation Security Administration body scanners at American airports. The TSA agreed with all of the Inspector General?s recommendations. The Inspector General did not immediately respond to a request for comment. In March, meanwhile, a TSA spokeswoman said ?These machines are safe? when asked to address a video by Jonathan Corbett, of Miami Beach, who allegedly had discovered a method tobeat the body scanners, which number 600 and are in about 140 U.S. airports. A brief YouTube video allegedly shows Corbett, who had sewn a pocket to the side of his shirt, getting past two body scanners with a metallic object in that pocket. It was not immediately known when the TSA published its unclassified summary, TSA Penetration Testing of Advanced Imaging Technology. It comes with a ?November 2011? date and can be found on the DHS Office of Inspector General website under the heading ?OIG Reports: Fiscal Year 2012.? It?s not the first time the body scanners, produced by Rapiscan and L-3 Communications, have come under attack. In a three-part series last year, Wired reported that, indeed, there were suspected security flaws with them. Even the Government Accountability Office ? Congress? investigative arm ? said the devices might be ineffective. And the Journal of Transportation Security suggested terrorists might fool the Rapiscan machines by taping explosive devices to their stomachs. The unclassified summary said the government has spent $87 million on the scanners, which includes $10 million for ?installation and maintenance.? To quiet privacy concerns, the authorities are also spending $7 million to ?remove the human factor from the image review process? and replace the passenger?s image with an avatar. The unclassified version said the ?quantitative and qualitative results of our testing are classified.? Passengers who refuse to go through the machines are subject to intense physical patdowns. Many have complained the process includes being sexually groped. Amie Stepanovich, an EPIC attorney, said the group would file a Freedom of Information Act claim in a bid to get access to the full report. ?This involves a program that is important to the public,? she said in a telephone interview. EPIC had sued the government, claiming the machines were an unconstitutional breach of Americans? privacy. A federal appeals court sided with the authorities, although the court said the government did not adhere to the law when it began implementing the machines at airports as early as 2007. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 08:04:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 09:04:36 -0400 Subject: [Infowarrior] - =?windows-1252?q?OT=3A_Economic_Alert=3A_If_You?= =?windows-1252?q?=92re_Not_Worried_Yet=85You_Should_Be?= Message-ID: <6B762E8F-63D1-48E2-86E3-A11396AA5DD1@infowarrior.org> Interesting reading and I daresay contains more than a good number of points. --- rick Economic Alert: If You?re Not Worried Yet?You Should Be Submitted by Brandon Smith from Alt-Market For the past four years I have been covering the progression of the global economic crisis with an emphasis on the debilitating effects it has had on the American financial system. Only once before have I ever issued an economic alert, and this was at the onset of the very first credit downgrade in U.S. history by S&P. I do not take the word ?alert? lightly. Since 2008 we have seen a cycle of events that have severely weakened our country?s foundation, but each event has then been followed by a lull, sometimes 4 to 6 months at a stretch, which seems to disarm the public, drawing them back into apathy and complacency. The calm moments before each passing storm give Americans a false sense of hope that our capsized fiscal vessel will somehow right itself if we just hold on a little longer... < - > http://www.zerohedge.com/news/economic-alert-if-you%E2%80%99re-not-worried-yet%E2%80%A6you-should-be From rforno at infowarrior.org Tue May 8 08:06:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 09:06:34 -0400 Subject: [Infowarrior] - CISPA Sponsor Warns Bill Is Needed Because China's Chinese Hackers From China Are Stealing All-American Secrets Message-ID: <44E66F38-BA5B-48F9-890C-936CAD91D0F2@infowarrior.org> CISPA Sponsor Warns Bill Is Needed Because China's Chinese Hackers From China Are Stealing All-American Secrets (China!) from the give-them-to-us-instead dept http://www.techdirt.com/articles/20120504/08384918786/cispa-sponsor-warns-bill-is-needed-because-chinas-chinese-hackers-china-are-stealing-all-american-secrets-china.shtml While the focus on the cybersecurity debate shifts to the Senate, the supporters of CISPA are still loudly trumpeting that bill's supposed merits. Though the final legislation that will go before the President is undecided, and may not even be based on CISPA in the end, the details of the bill are still very important, as they contribute to the overall shape of the discussion about cybersecurity. As part of the ongoing media campaign, CISPA author Mike Rogers took to the pages of The Detroit News last week to drum up support with a screed that reeks of nationalist fearmongering and utterly misrepresents the scope and purpose of the language in the bill. < - > Rogers should be careful?if he says 'China' any more times, Fu Manchu might appear in the mirror and drain his 401(k). Once he's got the reader good and scared of the Yellow Menace (having thrown in a few emotional appeals to hardworking Michigan autoworkers for good measure), he explains how CISPA is needed to take care of all those annoying regulations that limit government power and protect people's privacy: < - > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 12:36:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 13:36:55 -0400 Subject: [Infowarrior] - FDA may let patients buy drugs without prescriptions Message-ID: FDA may let patients buy drugs without prescriptions By Paige Winfield Cunningham The Washington Times Sunday, April 29, 2012 http://www.washingtontimes.com/news/2012/apr/29/fda-may-let-patients-buy-drugs-without-prescriptio/print/ In a move that could help the government trim its burgeoning health care costs, the Food and Drug Administration may soon permit Americans to obtain some drugs used to treat conditions such as high blood pressure and diabetes without obtaining a prescription. The FDA says over-the-counter distribution would let patients get drugs for many common conditions without the time and expense of visiting a doctor, but medical providers call the change medically unsound and note that it also may mean that insurance no longer will pay for the drugs. "The problem is medicine is just not that simple," said Dr. Matthew Mintz, an internist at George Washington University Hospital. "You can't just follow rules and weigh all the pros and cons. It needs to be individualized." Under the changes that the agency is considering, patients could diagnose their ailments by answering questions online or at a pharmacy kiosk in order to buy current prescription-only drugs for conditions such as high cholesterol, certain infections, migraine headaches, asthma or allergies. By removing the prescription requirement from popular drugs, the Obama administration could ease financial pressures on the overburdened Medicare system by paying for fewer doctor visits and possibly opening the door to make seniors pay a larger share of the cost of their medications. The change could have mixed results for non-Medicare patients. Although they may not have to visit a doctor as often, they could have to dish out more money for medications because most insurance companies don't cover over-the-counter drugs. "We would expect that out-of-pocket costs for insured individuals, including those covered by Medicare, would be increased for drugs that are switched from prescription to OTC status," said Dr. Sandra Adamson Fryhofer, who testified last month on behalf of the American Medical Association in an FDA-held public hearing. Pharmacists and doctors have lined up on opposite sides of the issue. Often trying to combat a public perception that downplays their medical training, pharmacists embrace the notion that they should be able to dole out medication for patients' chronic conditions without making them go through a doctor. "We think it's a great development for everybody ? for pharmacists, for patients and the whole health care system," said Brian Gallagher, a lobbyist for the American Pharmacists Association. "The way we look at it is there are a lot of people out there with chronic conditions that are undertreated and this would enable the pharmacists to redirect these undertreated people back into the health care system." Medical providers urged caution, saying the government should not try to cut health care costs by cutting out doctors. "What the government via the FDA has decided to do is just bypass the expensive doctor and to satisfy some safety concerns of letting people just pick out their medications is make sure they have to get counsel by the pharmacists," Dr. Mintz said. "I believe there is value to using pharmacists, but not at the expense of primary care." Although the FDA says more patients will be likely to obtain the drugs they need under the proposed model, Dr. Fryhofer questioned whether the agency has sufficiently proved that. "The FDA has not offered any evidence establishing that it is safe, or patient outcomes are improved, when patients with hypertension, [high cholesterol], asthma or migraine headaches self-diagnose and manage these (or other) serious chronic medical conditions on their own," she said. Comments on the proposal are due by May 7. FDA spokeswoman Erica Jefferson said the agency will issue a decision sometime after that but didn't offer a more specific time frame. "The agency is still reviewing the public comments and will make a determination on the best path forward once this has been completed," she said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 17:18:47 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 18:18:47 -0400 Subject: [Infowarrior] - 'Bionic' woman Claire Lomas completes London Marathon Message-ID: <0DF1EEC7-686B-44AD-A9C6-3C016CC79EE6@infowarrior.org> And as I heard on BBCNews this evening, major props go to those other marathoners who gave up their medals so that Claire could have one for completing the event!! -- rick 8 May 2012 Last updated at 10:09 ET 'Bionic' woman Claire Lomas completes London Marathon http://www.bbc.co.uk/news/uk-england-leicestershire-17988848 A paralysed Leicestershire woman has become the first person to complete a marathon in a "bionic" suit. The ?43,000 device allows Claire Lomas to walk by detecting shifts in her balance. Mrs Lomas, from Eye Kettleby near Melton Mowbray, was paralysed from the chest down when she broke her back in a horse-riding accident in 2007. The 32-year-old crossed the finish line at 12:50 BST - 16 days after starting the race with 36,000 other people. She was met by cheering onlookers and a Pearly King and Queen as she walked beneath an arch of red balloons. Mrs Lomas said: "It was really emotional and I couldn't believe the support - I'm still in shock really. 'Good group' "The last half a mile or so was pretty easy to walk because I had everyone just pushing me forward," she said. "I've had a really good group with me and it would have been impossible without them." So far she has raised about ?80,000 for Spinal Research, a charity which funds medical research around the world to develop treatments for paralysis caused by a broken back or neck. Mrs Lomas walked about two miles a day to complete the course, accompanied by her husband Dan, mother Joyce and 13-month-old daughter Maisie. Organisers have been criticised for insisting that Mrs Lomas would not appear in the official results or receive a medal for finishing, as rules state competitors must complete the course on the same day. The 32-year-old broke her neck, back and ribs and punctured a lung when her horse threw her off as she took part in the Osberton Horse Trials in Nottinghamshire. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 17:25:45 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 18:25:45 -0400 Subject: [Infowarrior] - TSA Arrests Raise Questions of Who Screens the Screeners Message-ID: TSA Arrests Raise Questions of Who Screens the Screeners By Jeff Plungis - May 8, 2012 http://www.bloomberg.com/news/print/2012-05-08/tsa-arrests-raise-questions-of-who-screens-the-screeners.html The arrests of U.S. Transportation Security Administration employees on charges of accepting bribes from drug-smugglers is escalating calls from Republicans to overhaul an agency under fire for patting down young children and senior citizens. ?They?re hiring people without checking out their backgrounds,? Representative John Mica, a Florida Republican who heads the House transportation committee, said in an interview. ?It?s almost every week. We?ve had another drug ring. We?ve had smuggling. We?ve had them stealing out of people?s luggage.? Questions about how effectively the 52,000-employee TSA is screening its screeners have added to other embarrassments for the agency, including purchases of equipment that didn?t work, checkpoint confrontations between agents and members of Congress, and missing a loaded gun that got onto an American Airlines flight at the Dallas-Fort Worth airport in January. The issues may come up in the House as soon as May 9, when the House Oversight and Government Reform Committee and Mica?s panel jointly hold a fourth hearing on TSA practices. Representative Paul Broun, a Georgia Republican, called in April for TSA Administrator John Pistole?s resignation. He asked the House Homeland Security Committee on May 1 to hold hearings to investigate TSA officers? ?misconduct, unprofessionalism and corruption.? Senator Rand Paul, a Kentucky Republican, started a petition this month to eliminate the agency, created by Congress to take over airport security after the Sept. 11 terrorist attacks. In January, the Kentucky Republican set off a false alarm while passing through a screening machine, then refused to submit to a pat down. Background Checks The arrest April 25 of two current and two former TSA screeners at Los Angeles International Airport marked the third bribery case involving agency employees this year. Also in April, a TSA screener admitted to accepting $1,200 in bribes from drug traffickers sending the narcotic oxycodone from Florida to Connecticut through an airport in White Plains, New York. Agency officers have also been accused of stealing iPads, cash, laptops and jewelry from baggage. ?This pattern suggests there?s something wrong in the vetting process TSA uses in hiring and screening its own people,? said Robert Poole, director of transportation studies at the Reason Foundation in Los Angeles, which advocates for free market solutions to policy issues. ?It?s certainly a question Congress should be asking.? All TSA security officers undergo thorough criminal background checks, submitting their fingerprints to the FBI and cross-checking names against terrorist watch lists, Kawika Riley, a TSA spokesman, said in an e-mail. Growing Theft Applicants are supposed to be disqualified for any one of 28 criminal offenses ranging from interference with navigation to espionage, treason and felony arson. Theft and bribery felonies are on the list, as are unpaid taxes, child support arrears or $7,500 in delinquent debt. It?s the same process airports use in vetting workers who have access to secure areas. The TSA said in a 2008 post on its official blog that more than 200 employees had been fired for theft. Last year, taking a closer look at agency numbers, the news website New York Press concluded the number had expanded to about 500. Since January, TSA agents have been accused of stealing iPads and smuggling travelers? personal items out of the airport in a hidden jacket pocket. Agents were sentenced to jail terms after being convicted of stealing $40,000 from a checked bag at New York?s John F. Kennedy International Airport. Employee Temptation TSA screeners typically start part-time, and wages depend on the local cost of living. A starting screener at Newark earns $15.74 an hour, while the same position in Columbus, Mississippi, pays $13.96, according to job postings. ?Wherever you combine fairly low-paid employees with temptation, whether it be drug money or expensive bottles passing through their hands, you?re going to have larceny and malfeasance,? said George Hobica, founder of Airfarewatchdog.com, a consumer travel website. Some level of corruption can be expected in any agency, said former Homeland Security Secretary Michael Chertoff. The TSA must keep refining its practices and upgrading working conditions for screeners, who are under extreme stress from a monotonous job and dealing with frustrated travelers, he said. ?The New York Police Department is a phenomenal police department, but from time to time you hear of cases of cops who kill somebody or take bribes from organized crime,? Chertoff said in an interview. ?It doesn?t mean you throw out the police department, it just means you have to be vigilant.? Unpopular Work The House voted last year to cap the number of full-time TSA screeners at 46,000. The agency had 52,269 full-time equivalent positions devoted to aviation security last year, according to budget documents. The agency doesn?t specify how many of those employees are screeners. TSA Administrator John Pistole has said the agency employs about 14,000 part-time screeners. ?There?s always going to be a recurrence of embarrassing incidents,? said Stewart Verdery, a former Department of Homeland Security assistant secretary, now a lobbyist with Monument Policy Group in Washington. ?The case is a good reminder that background checks have to be ongoing,? he said in an e-mail. ?There?s a reason Congress has been insisting on refreshed checks for security officials.? Closed-Circuit Cameras Pistole, speaking at the National Press Club in March, said theft has been an issue at the security administration, other U.S. agencies and airlines, and is a security concern. The TSA uses closed-circuit cameras in checked-baggage areas to deter theft and rebut false accusations of stealing, Pistole said. In cases where the video shows theft has occurred, the agency fires the individuals and seeks criminal prosecutions, he said. Mica has proposed turning over the hiring and managing of airport screeners to private companies, making the TSA a smaller agency focused on determining which individuals pose risks. Private security companies can be held to a higher standard than the government, said Stephen Amitay, federal legislative counsel for the National Association of Security Companies in Washington. Companies would face penalties or the cancellation of a contract for any criminal activity, Amitay said. TSA standards are treated as minimums that companies would exceed to employ and retain a better-performing workforce, he said. ?There?s a strong incentive for the company, its managers and screeners to make sure that everyone is abiding by the requirements of the contract,? Amitay said. To contact the reporter on this story: Jeff Plungis in Washington at jplungis at bloomberg.net To contact the editor responsible for this story: Bernard Kohn at bkohn2 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 17:31:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 18:31:39 -0400 Subject: [Infowarrior] - Congress To Amend NDAA To Give DoD & NSA Greater 'Cyberwar' Powers Message-ID: <98D45BA0-86E9-4BE2-8098-6F629B9D6771@infowarrior.org> Congress To Amend NDAA To Give DoD & NSA Greater 'Cyberwar' Powers http://www.techdirt.com/articles/20120508/12553818834/congress-to-amend-ndaa-to-give-dod-nsa-greater-cyberwar-powers.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 8 19:30:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 May 2012 20:30:22 -0400 Subject: [Infowarrior] - OZ Web snooping plan a step closer to reality Message-ID: <3CD36FE2-53EA-45D2-B3C1-82DC6CBDAAF9@infowarrior.org> Web snooping plan a step closer to reality May 8, 2012 - 2:17PM http://www.theage.com.au/it-pro/government-it/web-snooping-plan-a-step-closer-to-reality-20120508-1y9vr.html Any device connected to the internet such as a computer, smartphone or tablet could soon have its web history logged and retained for up to two years by telecommunications companies for law enforcement purposes under reforms being proposed by the Gillard government. Attorney-General Nicola Roxon announced last Friday that the federal government would review national security legislation, part of which concerns preserving telecommunications data. Roxon said she had asked the Parliamentary Joint Committee on Intelligence and Security to consider the potential reforms through public hearings and emphasised that referring them to the committee was the beginning of the review process, adding that the government would "be seeking diverse views" before determining which reforms to pursue. Advertisement: Story continues below A terms of reference for the committee is yet to be released, but a draft copy circulating around parliament which Fairfax, publisher of IT Pro, has seen indicates that the committee will be asked to look at a controversial data retention proposal for telcos. A spokesman for Nicola Roxon said it would be released when it was finalised by the committee. The spokesman added that it was important to note that the government had "made no decisions" about data retention and said many of IT Pro's questions regarding what exactly telcos would need to potentially log were up "for consideration" of the committee in the first instance, not the government. The draft terms of reference states the committee will be tasked with looking at a tailored data retention period "for up to 2 years for parts of a data set". It doesn't define what the data set will consist of but some fear it will include any data telcos can log and store on customers, including their web browsing history. Plans to force telcos like Telstra and Optus to log and retain the internet activities of every internet connection - regardless of whether a customer has been suspected of any wrongdoing - were first revealed in June 2010 when telco industry sources disclosed that they were involved in secret discussions with government officials. A data retention scheme already exists in the European Union and has been adopted by certain member states. In Romania and the Czech Republic, however, it was ruled to be unconstitutional while in Germany a court ordered the records be deleted. Where internet access is concerned, telcos in European Union member states must retain for a period of between six months and 2 years the necessary data as specified in the Data Retention Directive. The directive specifies the categories of data to be retained, namely data necessary for identifying: (a) the source of a communication; (b) the destination of a communication; (c) the date, time and duration of a communication; (d) the type of a communication; (e) users' communication equipment or what purports to be their equipment; and (f) the location of mobile communication equipment. The EU directive doesn't indicate that telcos store the content of a communication but telco sources in Australia said in 2010 that the data that they were being asked to log and keep for law enforcement did include web browsing history, a claim which was rejected by the spokesman for the then Attorney-General, Robert McClelland. Telco sources fired back, with one of them saying the spokesman's claims were "not accurate". Another said the spokesman was being "a bit cute" to say web browsing history wasn't included. Greens communications spokesman Scott Ludlam said on Friday that he didn't support the data retention proposal and believed it was "premised on the unjustified paranoia that all Australians are potential criminal suspects". He believes its introduction would be based on "an ambit claim for surveillance overkill". In a telephone interview yesterday, he said the data retention proposal would be similar to government proposing Australia Post start opening every single envelope and item that is transacted through the postal network, making a quick photocopy, and sticking it in a filing cabinet "just in case you turned out to be a terrorist down the track". "Now that is effectively what is being proposed over much more intimate and wide-raging sets of data than what the postal service carries," Ludlam said. Telstra said it did not generally comment on law enforcement and national security issues but referred IT Pro to a submission it supported to an inquiry by the Communications Alliance on data retention. That inquiry came about in 2010 when Senator Ludlam raised his concerns in parliament regarding data retention and wanted the government to answer questions about it publicly. The Communications Alliance submission said that any capture and storage of data generated by customers using a telecommunications service raised "issues of data access, protection and privacy". It added that storing such data became "complex and difficult" when the storage became "mandated by government on every citizen of Australia on a 'just in case' basis". The exact details of the web browsing data the government was proposing ISPs collect is contained in a document that was released under freedom of information laws in 2010. But from the highly censored document released (of which about 90 per cent was blacked out with a permanent marker) it was impossible to know how far the government was planning to take the policy. The idea behind making telcos keep customer data - which they wouldn't normally store as they have no use for it - is believed to have been primarily driven by law enforcement. The Australian Federal Police, for example, has been pressuring the government to implement the data retention scheme and has made it clear that it wants web searches and history stored by telcos. "It is important that we have the ability to retain the data," AFP assistant commissioner and national manager of high tech crime operations Neil Gaughan was quoted to have told reporters in Sydney in 2010. "We don't want to see what people are watching on TV, we want to see what people are looking at on the internet." The AFP said in a statement today that as the data retention proposal was a policy currently under consideration by federal government, it would not be appropriate to comment. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 9 07:47:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 May 2012 08:47:05 -0400 Subject: [Infowarrior] - Cyber Briefings 'Scare The Bejeezus' Out Of CEOs Message-ID: Cyber Briefings 'Scare The Bejeezus' Out Of CEOs by Tom Gjelten http://www.npr.org/2012/05/09/152296621/cyber-briefings-scare-the-bejeezus-out-of-ceos May 9, 2012 For the CEOs of companies such as Dell and Hewlett-Packard, talk of cyberweapons and cyberwar could have been abstract. But at a classified security briefing in spring 2010, it suddenly became quite real. "We can turn your computer into a brick," U.S. officials told the startled executives, according to a participant in the meeting. The warning came during a discussion of emerging cyberthreats at a secret session hosted by the office of the Director of National Intelligence and the departments of Defense and Homeland Security, along with Gen. Keith Alexander, head of the U.S. military's Cyber Command. The meeting was part of a public-private partnership dubbed the "Enduring Security Framework" that was launched at the end of 2008. The initiative brings chief executives from top technology and defense companies to Washington, D.C., two or three times a year for classified briefings. The purpose is to share information about the latest developments in cyberwarfare capabilities, highlighting the cyberweapons that could be used against the executives' own companies. "We scare the bejeezus out of them," says one U.S. government participant. The hope is that the executives, who are given a special one-day, top-secret security clearance, will go back to their companies and order steps to deal with the vulnerabilities that have been pointed out. "I personally know of one CEO for whom it was a life-changing experience," says Richard Bejtlich, chief security officer for Mandiant, a cybersecurity firm. "Gen. Alexander sat him down and told him what was going on. This particular CEO, in my opinion, should have known [about the cyberthreats] but did not, and now it has colored everything about the way he thinks about this problem." The Virtual Tools Of War Among the computer attack tools discussed during the briefings are some of the cyberweapons developed by the National Security Agency and the Cyber Command for use against U.S. adversaries. Military and intelligence officials are normally loath to discuss U.S. offensive cybercapabilities, but the CEOs have been cleared for some information out of a concern that they need to know what's possible in the fast-evolving world of cyberwarfare. Alexander himself hinted at the rationale for the briefings during testimony in March, before the Senate Armed Services Committee. "When we see what our folks are capable of doing, we need to look back and say, 'There are other smart people out there that can do things to this country,' " Alexander said. "We need to look at that and say, 'How are we going to defend [against them]?' " The fear is that cyberweapons developed by the U.S. military could at some point fall into enemy hands and be turned against a U.S. target. "There are nation-states, to include the United States, who are building cybertools to prevail in a ... disagreement," Mike McConnell, the former U.S. director of national intelligence, said during a recent cybersecurity conference hosted by Bloomberg. "The worry is, what happens when some of those tools, and there are thousands of them, get released inadvertently, or somebody steals [them] to sell to a terrorist group?" The 2010 revelation that U.S. cyberwarriors could turn a computer into a "brick" stemmed from research into a design flaw in U.S. computers, according to several sources. It was determined that an adversary could conceivably update computer firmware ? the low-level software that dictates how the hardware works ? to make the machine useless. Computer manufacturers had known about the firmware design issue previously, but they had not realized it would be possible for an adversary to exploit the flaw by actually getting into the machine and destroying it. The manufacturers subsequently ordered a reconfiguration of their computers to fix the flaw, and no damage was done. But two participants in the 2010 meeting say the CEOs were sobered by what they learned there. Need To Work Together To government and industry officials alike, such incidents underscore the importance of public-private partnership in the effort to address cyberthreats. But the Enduring Security Framework collaboration remains limited to a select few executives, and much threat information remains secret. "That's the policy dilemma," McConnell said during the Bloomberg cybersecurity conference. "How do we establish a regime where that information can be shared with corporate America at the unclassified level in real time?" Proposals to promote greater information sharing between government and industry are a key part of new cybersecurity legislation being considered on Capitol Hill. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 9 10:46:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 May 2012 11:46:40 -0400 Subject: [Infowarrior] - New anti-piracy propaganda to run before movies, courtesy of FBI, ICE, and MPAA Message-ID: (Another reason not to buy DVDs or BluRays. ---rick) New anti-piracy propaganda to run before movies, courtesy of FBI, ICE, and MPAA May 9, 2012 By Andrew Couts http://www.digitaltrends.com/movies/new-anti-piracy-propaganda-to-run-before-movies-courtesy-of-fbi-ice-and-mpaa/ New DVDs and Blu-ray movies will soon include twice as many anti-piracy warnings to ignore. Two new anti-piracy warnings will soon be added to select DVD and Blu-ray movies, the U.S. government announced late Tuesday. The additional warnings come courtesy of a coalition of copyright infringement fighters that includes the National Intellectual Property Rights Coordination Center (IPR Center), U.S. Immigration and Customs Enforcement?s (ICE) Homeland Security Investigations (HSI) wing, the FBI, and six member studios of the Motion Picture Association of America (MPAA). The first screen (above) is a joint anti-piracy warning from the FBI and HSI, which says that, ?The unauthorized reproduction or distribution of this copyrighted work is illegal. Criminal copyright infringement is investigated by federal law enforcement agencies and is punishable by up to 5 years in prison and a fine of $250,000.? Because that?s probably not enough to scare your movie-loving pants off, a second warning (above), this one baring the IPR Center?s logo, includes the following ?educational message?: ?Piracy is not a victimless crime. For more information on how digital theft harms the economy, please visit www.iprcenter.gov.? ?Our nation?s film and TV business is critical to our economy,? said ICE Director John Morton in a statement. ?Its creativity and imagination have made American entertainment one of our greatest exports over the decades, but criminals are increasingly engaging in new forms of digital theft. Law enforcement must continue to expand how it combats criminal activity; public awareness and education are a critical part of that effort.? As some of you may recall, the HSI is the government organization behind Operation in Our Sites, which aims to seize websites accused of copyright infringement, either through the distribution of intellectual property like music, movies, and TV shows, or through the sale of counterfeit goods, like knock-off sports jerseys or fake Gucci bags. HSI has so far seized more than 760 domains. The organization boasts that this has led to the arrest or charing of 11 ? yes, 11 ? individuals for criminal copyright infringement, and the seizure of more than $1 million. These seizures have not all been above-board, however: Recently released court documents show that ICE held popular hip hop website Dajaz1.com for more than a year without a single scrap of evidence that it had been used to distribute copyrighted songs. The copyright industry asserts that piracy has cost the U.S. economy 360,000 jobs, $16 billion in lost wages, and $2.6 billion in lost taxes. More recent studies, however, show that revenue in the music, movie, video game, and book publishing industries has risen over the past few years. Regardless of which numbers you believe, it?s clear that the anti-piracy camp believes there is some progress to be made by posting new warnings on DVDs ? though, if you ask us, this is precisely the wrong tactic. After all, the majority of people who are going to see these warnings have either purchased the DVD legally, or rented it legally, and are therefore clearly not the ones who need to be taught a lesson in copyright law. In fact, it is exactly these kind of condescending, pestering messages that drive people to pirate movies in the first place. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 9 11:11:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 May 2012 12:11:22 -0400 Subject: [Infowarrior] - BeyondTrust acquires eEye Message-ID: <05E5D4F2-05B1-4EA6-AC91-E9229A6AB045@infowarrior.org> BeyondTrust acquires eEye in union of security vendors eEye name to fade away, but founder Marc Maiffret gets CTO role at BeyondTrust By Ellen Messmer, Network World May 09, 2012 12:04 AM ET http://www.networkworld.com/news/2012/050912-beyondtrust-eeye-258887.html BeyondTrust, a software firm that specializes in identity and access management for the enterprise, has announced the acquisition of eEye Digital Security, which makes products for vulnerability management, patch remediation, malware defense and configuration compliance. BeyondTrust, based in Carlsbad, Calif., and eEye, in Phoenix, are both privately-held companies and did not disclose financial terms of the arrangement, but they do say the goal is to combine their basic fields of expertise with the intention of creating new products. The company name eEye will eventually be phased out, though company founder Marc Maiffret (one of Network World's "12 White Hat hackers you should know") will take on the role of CTO at BeyondTrust to help define strategy. Jim Zierick, executive vice president of product operations at BeyondTrust, emphasizes that eEye security products, including Blink and Retina, will continue to be supported and developed. "The Retina and Blink brand names will go on," says Zierick, noting that the driver to bring together the two companies is that their strengths are complementary, something that became understood in working together with customers using eEye's security as well as the BeyondTrust PowerBroker line. With the companies now merged for a total of about 250 employees, the potential to build a unified product line combining features is being explored. Maiffret says gaining the BeyondTrust knowledge about network users and their access privileges and combining it with knowledge about vulnerability assessment and remediation offers new ways to think about how to tackle fixing vulnerabilities. For instance, employees that have broad access to the Internet and who may be more at risk for malware than others that are more restricted, plus those who have "more important access" to corporate resources, could logically be considered priorities when it's time to deal with patch management. "Where we want to go, is to be able to make smarter decisions in security, and really automating it," Maiffret says. Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 9 12:41:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 May 2012 13:41:54 -0400 Subject: [Infowarrior] - Wolfenstein 3D turns 20 years old Message-ID: Wolfenstein 3D turns 20 years old Bethesda celebrates classic Nazi shooter with free IOS and web browser versions By Alastair Stevenson Wed May 09 2012, 17:27 http://www.theinquirer.net/inquirer/news/2173608/wolfenstein-3d GAMES DEVELOPER Bethesda Software has celebrated the 20th anniversary of classic first-person shooter (FPS) Wolfenstein 3D by dropping the IOS app's price and releasing a free web browser version. The new web browser version, which can be played here, is a faithful full release of the original game, seeing you take the role of an American soldier seeking to escape the Nazi Castle Wolfenstein during World War II. Bethesda Software has also dropped the price of the stripped down IOS version of Wolfenstein 3D, making it available for free on Itunes for a limited time. The IOS version is compatible with Apple's Iphone, Ipod Touch, and Ipad devices. The game is considered by many as the grandparent of most modern FPS game titles. It was originally developed by John Carmack at Id and published by Apogee Software in 1992 as free shareware. Carmack later went on to team up with designer John Romero to develop the iconic Doom FPS, releasing it just one year later in 1993. ? Source: The Inquirer (http://s.tt/1bjEC) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 9 16:38:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 May 2012 17:38:13 -0400 Subject: [Infowarrior] - Congress: The TSA Is Wasting Hundreds Of Millions In Taxpayer Dollars Message-ID: <319542EF-73FD-4378-8C54-707EFB26F975@infowarrior.org> Congress: The TSA Is Wasting Hundreds Of Millions In Taxpayer Dollars from the oversight-indeed dept http://www.techdirt.com/articles/20120509/10161518848/congress-tsa-is-wasting-hundreds-millions-taxpayer-dollars.shtml The House Oversight Committee has come out with a report slamming the TSA for tremendous amounts of waste, specifically in the "deployment and storage" of its scanning equipment. Basically, it sounds like the TSA likes to go on giant spending sprees, buying up security equipment and then never, ever using it. A few data points ? As of February 15, 2012, the total value of TSA?s equipment in storage was, according to TSA officials, estimated at $184 million. However, when questioned by Committee staff, TSA?s warehouse staff and procurement officials were unable to provide the total value of equipment in storage. ? Committee staff discovered that 85% of the approximately 5,700 major transportation security equipment currently warehoused at the TLC had been stored for longer than six months; 35% of the equipment had been stored for more than one year. One piece of equipment had been in storage more than six years ? 60% of its useful life. ? As of February 2012, Committee staff discovered that TSA had 472 Advanced Technology 2 (AT2) carry-on baggage screening machines at the TLC and that more than 99% have remained in storage for more than nine months; 34% of AT2s have been stored for longer than one year. ? TSA knowingly purchased more Explosive Trace Detectors (ETDs) than were necessary in order to receive a bulk discount under an incorrect and baseless assumption that demand would increase. TSA management stated: ?[w]e purchased more than we needed in order to get a discount.? Oh yeah, and it appears that the TSA isn't very good at tracking this stuff. When asked about the total cost of managing this equipment, the TSA was unable to provide an answer. And then it appeared to willfully mislead Congress about this: ? TSA intentionally delayed Congressional oversight of the Transportation Logistics Center and provided inaccurate, incomplete, and potentially misleading information to Congress in order to conceal the agency?s continued mismanagement of warehouse operations. ? TSA willfully delayed Congressional oversight of the agency?s Transportation Logistics Center twice in a failed attempt to hide the disposal of approximately 1,300 pieces of screening equipment from its warehouses in Dallas, Texas, prior to the arrival of Congressional staff. ? TSA potentially violated 18 U.S.C. Sec. 1001, by knowingly providing an inaccurate warehouse inventory report to Congressional staff that accounted for the disposal of equipment that was still in storage at the TLC during a site visit by Congressional staff. ? TSA provided Congressional staff with a list of disposed equipment that falsely identified disposal dates and directly contradicted the inventory of equipment in the Quarterly Warehouse Inventory Report provided to Committee staff on February 13, 2012. One of the theories that was floated a few years ago when there was that big rush to rollout the nudie scanners, was that much of it was being driven by fear mongering from former government officials, like Michael Chertoff, who had economic relationships with the makers of the equipment. This report doesn't confirm any of that, but it sure seems to fit that narrative pretty perfectly. Fear monger away, have the TSA buy a ton of questionable equipment it doesn't actually need, and then have much of that equipment just sit in a warehouse. All on the taxpayers' dime. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 10 07:11:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 10 May 2012 08:11:26 -0400 Subject: [Infowarrior] - =?windows-1252?q?U=2ES=2E_Military_Taught_Officer?= =?windows-1252?q?s=3A_Use_=91Hiroshima=92_Tactics_for_=91Total_War=92_on_?= =?windows-1252?q?Islam?= Message-ID: (c/o MM) ... the reports/presentations mentioned are in PDFs and linked in the original article. ---rick U.S. Military Taught Officers: Use ?Hiroshima? Tactics for ?Total War? on Islam ? By Noah Shachtman and Spencer Ackerman ? http://www.wired.com/dangerroom/2012/05/total-war-islam/ ? May 10, 2012 | ? 4:00 am | ? Categories: Crime and Homeland Security Lt. Col. Matthew A. Dooley's Joint Staff Forces College presentation on "A Counter-Jihad Op Design Model" (.pdf) calls for violent measures in a war against Islam. The U.S. military taught its future leaders that a ?total war? against the world?s 1.4 billion Muslims would be necessary to protect America from Islamic terrorists, according to documents obtained by Danger Room. Among the options considered for that conflict: using the lessons of ?Hiroshima? to wipe out whole cities at once, targeting the ?civilian population wherever necessary.? The course, first reported by Danger Room last month and held at the Defense Department?s Joint Forces Staff College, has since been canceled by the Pentagon brass. It?s only now, however, that the details of the class have come to light. Danger Room received hundreds of pages of course material and reference documents from a source familiar with the contents of the class. The chairman of the Joint Chiefs of Staff recently ordered the entire U.S. military to scour its training material to make sure it doesn?t contain similarly hateful material, a process that is still ongoing. But the officer who delivered the lectures, Army Lt. Col. Matthew A. Dooley, still maintains his position at the Norfolk, Virginia college, pending an investigation. The commanders, lieutenant colonels, captains and colonels who sat in Dooley?s classroom, listening to the inflammatory material week after week, have now moved into higher-level assignments throughout the U.S. military. For the better part of the last decade, a small cabal of self-anointed counterterrorism experts has been working its way through the U.S. military, intelligence and law enforcement communities, trying to convince whoever it could that America?s real terrorist enemy wasn?t al-Qaida ? but the Islamic faith itself. In his course, Dooley brought in these anti-Muslim demagogues as guest lecturers. And he took their argument to its final, ugly conclusion. ?We have now come to understand that there is no such thing as ?moderate Islam,?? Dooley noted in a July 2011 presentation(.pdf), which concluded with a suggested manifesto to America?s enemies. ?It is therefore time for the United States to make our true intentions clear. This barbaric ideology will no longer be tolerated. Islam must change or we will facilitate its self-destruction.? Dooley could not be reached for comment. Joint Forces Staff College spokesman Steven Williams declined to discuss Dooley?s presentation or his status at the school. But when asked if Dooley was responsible for the course material, he responded, ?I don?t know if I would classify him [Dooley] as responsible. That would be the commandant? of the school, Maj. Gen. Joseph Ward. That makes the two-star general culpable for rather shocking material. In the same presentation, Dooley lays out a possible four-phase war plan to carry out a forced transformation of the Islam religion. Phase three includes possible outcomes like ?Islam reduced to a cult status? and ?Saudi Arabia threatened with starvation.? (It?s an especially ironic suggestion, in light of today?s news that Saudi intelligence broke up the most recent al-Qaida bombing plot.) International laws protecting civilians in wartime are ?no longer relevant,? Dooley continues. And that opens the possibility of applying ?the historical precedents of Dresden, Tokyo, Hiroshima, Nagasaki? to Islam?s holiest cities, and bringing about ?Mecca and Medina['s] destruction.? Dooley?s ideological allies have repeatedly stated that ?mainstream? Muslims are dangerous, because they?re ?violent? by nature. Yet only a few of al-Qaida?s most twisted fanatics were ever caught musing about wiping out entire cities. ?Some of these actions offered for consideration here will not be seen as ?political correct? in the eyes of many,? Dooley adds. ?Ultimately, we can do very little in the West to decide this matter, short of waging total war.? Dooley, who has worked at the Joint Forces Staff College since August 2010, began his eight-week class with a straightforward, two-part history of Islam. It was delivered by David Fatua, a former West Point history professor. ?Unfortunately, if we left it at that, you wouldn?t have the proper balance of points of view, nor would you have an accurate view of how Islam defines itself,? Dooley told his students. Over the next few weeks, he invited in a trio of guest lecturers famous for their incendiary views of Islam. Shireen Burki declared during the 2008 election that ?Obama is bin Laden?s dream candidate.? In her Joint Forces Staff College lecture, she told students that ?Islam is an Imperialist/Conquering Religion.? (.pdf) Stephen Coughlin claimed in his 2007 master?s thesis that then-president George W. Bush?s declaration of friendship with the vast majority of the world?s Muslims had ?a chilling effect on those tasked to define the enemy?s doctrine.? (.pdf) Coughlin was subsequently let go from his consulting position to the military?s Joint Staff, but he continued to lecture at the Naval War College and at the FBI?s Washington Field Office. In his talk to Dooley?s class (.pdf), Coughlin suggested that al-Qaida helped drive the overthrow of Egyptian strongman Hosni Mubarak and Libyan dictator Muammar Gadhafi. It was part of a scheme by Islamists to conquer the world, he added. And Coughlin mocked those who didn?t see this plot as clearly as he did, accusing them of ?complexification.? Coughlin titled his talk: ?Imposing Islamic Law ? or ? These Aren?t the Droids Your Looking For!? Former FBI employee John Guandolo told the conspiratorial World Net Daily website last year that Obama was only the latest president to fall under the influence of Islamic extremists. ?The level of penetration in the last three administrations is deep,? Guandolo alleged. In his reference material for the Joint Forces Staff College class, Guandolo not only spoke of today?s Muslims as enemies of the West. He even justified the Crusades, writing that they ?were initiated after hundreds of years of Muslim incursion into Western lands.? Guandolo?s paper, titled ?Usual Responses from the Enemy When Presented With the Truth? (.pdf), was one of hundreds of presentations, documents, videos and web links electronically distributed to the Joint Forces Staff College students. Included in that trove: a paper alleging that ?it is a permanent command in Islam for Muslims to hate and despise Jews and Christians? (.pdf). So was a video lecture from Serge Trifkovic, a former professor who appeared as a defense witness in several trials of Bosnian Serb leaders convicted of war crimes, including the genocide of Muslims. A web link, titled ?Watch Before This Is Pulled,? supposedly shows President Obama ? the commander-in-chief of the senior officers attending the course ? admitting that he?s a Muslim. Dooley added the caveats that his views are ?not the Official Policy of the United States Government? and are intended ?to generate dynamic discussion and thought.? But he taught his fellow military officers that Obama?s alleged admission could well make the commander in chief some sort of traitor. ?By conservative estimates,? 10 percent of the world?s Muslims, ?a staggering 140 million people ? hate everything you stand for and will never coexist with you, unless you submit? to Islam. He added, ?Your oath as a professional soldier forces you to pick a side here.? It is unclear if Dooley?s ?total war? on Muslims also applied to his ?Muslim? commander in chief. After the Pentagon brass learned of Dooley?s presentation, the country?s top military officer, Joint Chiefs of Staff Chairman Gen. Martin Dempsey, issued an order to every military chief and senior commander to get rid of any similar anti-Islam instructional material. Dempsey issued the order because the White House hadalready instructed the entire security apparatus of the federal government ? military and civilian ? to revamp its counterterrorism training after learning of FBI material that demonized Islam. By then, Dooley had already presented his apocalyptic vision for a global religious war. Flynn has ordered a senior officer, Army Maj. Gen. Frederick Rudesheim, to investigate how precisely Dooley managed to get away with that extended presentation in an official Defense Department-sanctioned course. The results of that review are due May 24. Ironically, Dooley and his guest lecturers paint a dire picture of the forward march of Islamic extremism right as its foremost practitioner feared its implosion. Documents recently declassified by the U.S. government revealed Osama bin Laden fretting aboutal-Qaida?s brutal methods and damaged brand alienating the vast majority of Muslims from choosing to wage holy war. Little could he have known that U.S. military officers were thinking of ways to ignite one. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 10 07:25:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 10 May 2012 08:25:20 -0400 Subject: [Infowarrior] - More insanity at the airport Message-ID: TSA points to the airline; airline points to TSA. Accountability? Fuggedaboutit. Idiots all. -- rikc Baby, 18 months old, ordered off plane at Fort Lauderdale airport Little Riyanna's father: 'We were humiliated' UPDATED 12:18 AM EDT May 10, 2012 http://www.wpbf.com/news/south-florida/Baby-18-months-old-ordered-off-plane-at-Fort-Lauderdale-airport/-/8788880/13038550/-/item/1/-/nj6oai/-/index.html FORT LAUDERDALE, Fla. - WPBF contacted JetBlue and was told this was an issue with the Transportation Safety Administration. JetBlue also said both it and the TSA are investigating the incident. But the TSA disagreed, telling WPBF this is an airline issue and therefore, it is not investigating. The TSA also said that since Riyanna and her parents were issued boarding passes, that means they had been cleared by the TSA and were definitely not on the no-fly list. Riyanna's father said he plans to consult an attorney. "We were humiliated," he said. "We were embarrassed. We were picked on." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 10 23:53:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 00:53:55 -0400 Subject: [Infowarrior] - J.P. Morgan's $2 Billion Blunder Message-ID: ? BUSINESS ? Updated May 10, 2012, 11:00 p.m. ET J.P. Morgan's $2 Billion Blunder Bank Admits Losses on Massive Trading Bet Gone Wrong; Dimon's Mea Culpa http://online.wsj.com/article/SB10001424052702304070304577396511420792008.html#printMode By DAN FITZPATRICK, GREGORY ZUCKERMAN and LIZ RAPPAPORT A massive trading bet boomeranged on J.P. Morgan Chase & Co., leaving the bank with at least $2 billion in trading losses and its chief executive, James Dimon, with a rare black eye following a long run as what some called the "King of Wall Street." The losses stemmed from wagers gone wrong in the bank's Chief Investment Office, which manages risk for the New York company. The Wall Street Journal reported early last month that large positions taken in that office by a trader nicknamed "the London whale" had roiled a sector of the debt markets. The bank, betting on a continued economic recovery with a complex web of trades tied to the values of corporate bonds, was hit hard when prices moved against it starting last month, causing losses in many of its derivatives positions. The losses occurred while J.P. Morgan tried to scale back that trade. The bank's strategy was "flawed, complex, poorly reviewed, poorly executed and poorly monitored," Mr. Dimon said Thursday in a hastily arranged conference call with analysts and investors after the stock-market close. He called the mistake "egregious, self-inflicted," and said: "We will admit it, we will fix it and move on," he said. The CEO emphasized that the bank remains profitable despite the trading loss. "While we don't give overall earnings guidance and we are not confirming current analyst estimates, if you did adjust current analyst estimates for the loss, we still earned approximately $4 billion after-tax this quarter give or take," he said on the call. The bank earned $5.38 billion in the first quarter. The trading loss tarnishes the reputation of the bank, which came through the financial crisis better than most peers. It comes at a time when large banks are fighting efforts by regulators to rein in risky trading. Banks have been arguing that measures to do that, such as the so-called Volcker rule, would hurt liquidity and raise prices in markets. The rule, set to take effect July 21 if regulators can finalize details, restricts banks' ability to trade with their own money but would give them at least two years to fully comply. The trading loss "plays right into the hands of a whole bunch of pundits out there," Mr. Dimon said. "We will have to deal with that?that's life." Asked about the Volcker rule, he said, "This doesn't violate the Volcker rule, but it violates the Dimon principle." J.P. Morgan shares fell about 6.5% to $38.09 in after-hours trading. Citigroup was off about 3.6%, SunTrust 3.3%, Fifth Third Bancorp 2.7%, Bank of America 2.6%, Morgan Stanley 2.5% and Goldman Sachs 2.4%. J.P. Morgan, the nation's largest bank by assets, said in its quarterly filing with regulators Thursday that the plan it has been using to hedge risks "has proven to be riskier, more volatile and less effective as an economic hedge than the firm previously believed." It slashed its estimate for the unit that houses the Chief Investment Office to $800 million in second-quarter losses from a previous estimate of $200 million in profits. Mr. Dimon said the trading losses were "slightly more" than $2 billion so far in the second quarter. A person close to the bank said the current loss is actually $2.3 billion. The losses have been offset by about $1 billion in gains on securities sales. Mr. Dimon said "volatility" in markets could cost the bank an additional $1 billion this quarter. The Journal reported in April that hedge funds and other investors were making bets in the market for insurance-like products called credit-default swaps, or CDS, to try to take advantage of trades done by a London-based trader named Bruno Michel Iksil who worked out of the Chief Investment Office, or CIO. Tracking the Trading ? April 5: The Wall Street Journal reports a trader at J.P. Morgan known in the market as the 'London Whale' made large bets on credit derivatives. J.P. Morgan says his unit is meant to 'hedge structural risks.' ? April 10: WSJ reports the J.P. Morgan trader had stopped making trades. ? April 13: J.P. Morgan reports first-quarter earnings. CFO Doug Braunstein says the bank is 'very comfortable' with the unit's positions. CEO James Dimon calls media coverage on the matter a 'tempest in the teapot.' ? May 10: J.P. Morgan says it has taken $2 billion in losses so far. Mr. Dimon calls the strategy 'flawed, complex, poorly reviewed, poorly executed and poorly monitored.' Among the things he says he should have paid more attention to, Mr. Dimon deadpans: 'newspapers.' Mr. Dimon said on the company's first-quarter earnings call April 13 that questions about the office's trading were "a complete tempest in a teapot." The CEO didn't learn of the full extent of the losses until after that earnings call on April 13, said a person familiar with the situation. On Thursday he admitted the bank acted "defensively" when news reports surfaced. "With hindsight we should have been paying more attention to it," he said. "This not how we want to run a business." Mr. Iksil is still at the bank, said people close to the bank. He didn't respond to an email requesting comment. People within the CIO group, which has been under the radar at J.P. Morgan and not well understood by analysts following the company, were long aware Mr. Iksil had built derivative positions with a face value of $100 billion or more. Mr. Dimon was regularly briefed on details of some of the group's positions, according to several people close to the matter, suggesting he too overlooked the potential risks of the trade. A massive trading bet left J.P. Morgan Chase with at least $2 billion in trading losses; its chief executive, James Dimon, called the trade an 'egregious, self-inflicted,' mistake. The CIO group once had a large trade designed to protect the company from a downturn in the economy. Earlier this year, it began reducing that position and take a bullish stance on the financial health of certain companies and selling protection that would compensate buyers if those companies defaulted on debts. Mr. Iksil was a heavy seller of CDS contracts tied to a basket, or index, of companies. In April the cost of protection began to rise, contributing to the losses. Mr. Iksil's group had roughly $350 billion of investment securities at Dec. 31, according to company filings, or about 15% of the bank's total assets. J.P. Morgan's investment bank's "value-at-risk," a measure of how much money it stands to lose on a given day, nearly doubled in the first quarter, according to the filing Thursday. It rose to an average of $170 million from $88 million a year earlier. Risk-taking was driven largely by positions taken in the CIO group, said the company. The value-at-risk for that division averaged $129 million in the first quarter, more than double a year earlier. The bank attributed the jump to "changes in the synthetic credit portfolio held by CIO." "This is yet another example of the need for the more than $700 trillion derivatives market to be brought into the light of financial regulation," said Dennis Kelleher, president of Better Markets, a liberal nonprofit focused on financial reform. The losses could potentially expose bank employees to so-called clawback policies that permit the recovery of compensation in the event of a financial restatement. Banks like J.P. Morgan have adopted such policies, which also are required under the Dodd-Frank financial overhaul law. Mr. Dimon said the bank has an extensive review under way of what went wrong, which he said included "many errors," "sloppiness" and "bad judgment." Asked what, in hindsight, he should have paid more attention to, Mr. Dimon deadpanned: "newspapers." ?Victoria McGrane, Katy Burne and Robin Sidel contributed to this article. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 11 07:53:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 08:53:38 -0400 Subject: [Infowarrior] - Apple, the Other Cult in Hollywood Message-ID: <558502F0-9048-4C71-8FA5-9FADA31D804F@infowarrior.org> Apple, the Other Cult in Hollywood By Peter Burrows and Andy Fixmer on May 10, 2012 http://www.businessweek.com/articles/2012-05-10/apple-the-other-cult-in-hollywood For most of Gossip Girl?s first four seasons, none of the hit show?s glamorous teens carried the most talked-about smartphone of the last five years: Apple?s (AAPL) iPhone. Because of a product placement deal, they could only be seen with phones chosen by Verizon Wireless. Then, this season, shortly after the deal lapsed, several main characters started receiving their ?Xoxo, Gossip Girl? texts on Apple?s hit device. The cast?s sudden conversion cost the Cupertino (Calif.)-based iPhone maker nothing. Apple has spent decades strengthening its subtle but powerful grip over Hollywood, and unlike many companies, says it never pays for its products to appear on television or in movies. The company?s gadgets were discussed or shown 891 times on TV in 2011, up from 613 in 2009, according to researcher Nielsen (NLSN). In the same year, iDevices appeared in more than 40 percent of the movies that topped the weekly box office, according to Brandchannel, which tracks product appearances. That?s nearly twice the penetration of the next most common brands in Hollywood?Dell (DELL), Chevy (GM), and Ford (F). This dominance comes as product placement?s importance grows. Due to DVRs, fewer people watch TV ads. Many more purchasing decisions are driven by the chatter on Facebook and other social media?and much of that is driven by movies and television. And Apple?s traditional ads have carried less oomph recently, according to ad tracking firm Ace Metrix. Test audiences judged one recent ad for the iCloud online service 15 percent less favorably than previous spots. ?Apple hasn?t been up to its normal brilliant performance for much of the past year,? says Ace Metrix Chief Executive Officer Peter Daboll. Hollywood product placements help make up the difference. When Jon Holtzman was an Apple marketing manager in the early 1990s, the company had no inventory reserved for set decorators and prop masters. Filmmakers interested in using an Apple product had to wait for reporters to return review models and often got older devices. Holtzman successfully lobbied to make product placement as much of a priority as the editorial loan program and privileged access for employees? friends and family. And that made the newest devices available to Hollywood. Holtzman also tried to persuade higher-ups to make a small but important product change. In the 1990s, Apple?s PowerBook laptops included a company logo on the lid that faced the user sitting at the computer. When the lid was opened, the logo was upside down. Holtzman knew this was inconvenient to filmmakers and had stickers printed to cover the actual logo and have it appear correctly onscreen. A few years after Steve Jobs returned in 1997, he flipped the logo for good. Apple was struggling in those days, and then, as always, refused to pay for product placement, though the company did acquiesce to the occasional quid pro quo. In 1996 it secured a starring role for its PowerMac laptop in the first Mission: Impossible film in part by agreeing to promote the movie in its ads. The resulting TV spots were essentially clips from the movie with a few Apple logos mixed in. ?We saved almost $500,000 in production costs?and got Brian De Palma to direct and Tom Cruise to act in it,? says Holtzman. Such barter deals are common today, and Apple is rare in having the luxury to skip them. The latest Mission: Impossible movie, directed by Brad Bird (who directed two movies for Pixar Animation Studios (DIS), formerly owned by Steve Jobs), featured eight minutes of screen time for iPhones, iPads, and iMacs, according to Eric Smallwood, senior vice president with Front Row Marketing Services. Smallwood estimates the value of that screen time at $23 million. BMW (BMW) cars were also featured prominently in the blockbuster, but the carmaker agreed to make a number of investments to support the film, according to Ruben Igielko-Herrlich, co-founder of Propaganda Gem, which arranged the deal. BMW spent millions making custom cars for the film and shipping them to sets in Dubai and elsewhere. It also featured the movie in its own ads and hosted screenings at dealerships. Jim Christensen, a longtime public-relations executive with Hewlett-Packard (HPQ), runs a program that loans HP gear to movies and TV shows. His annual budget is ?not even close? to $100,000, and HP gets lots of free product placement, but usually in scenes where filmmakers want the setting to feel, well, typical. ?If the studio is using the product as it would be used in the real world, then it makes perfect sense to select HP,? says Christensen, who has gotten HP desktops on the sets of The Office and CSI: Crime Scene Investigation. ?Government agencies use tons of HP.? Apple products, on the other hand, sometimes take a lead role as an object of devotion, as in a famous 2010 episode of Modern Family. Airing just two days before the first iPad hit stores, the episode centered around dad Phil Dunphy?s quest for the new device. The plotline was unusual in part because Modern Family executive producer Steve Levitan has on multiple occasions nixed eight-figure product placement deals that don?t feel true to the plot, according to a branding expert who asked not to be named to protect business relationships. Levitan declined to comment. Gavin Polone, a producer of HBO?s Curb Your Enthusiasm and movies including Panic Room, says that?s just the way it goes sometimes: Producers and executives may make plot changes or write entire episodes merely because they love a brand or in exchange for freebies. ?Apple won?t pay to have their products featured, but they are more than willing to hand out an endless amount of computers, iPads, and iPhones,? he says. ?It?s kind of a graft situation.? The bottom line: Apple products were in more than 40 percent of top movies last year, an advantage as traditional advertising falls flat. With Aaron Ricadela Burrows is a senior writer for Bloomberg Businessweek, based in San Francisco. Fixmer is a reporter for Bloomberg News in Los Angeles. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 11 11:44:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 12:44:51 -0400 Subject: [Infowarrior] - Facebook Co-Founder Gives Up U.S. Citizenship Before IPO Message-ID: <086AC5E1-7CC3-422C-885C-4399C359B107@infowarrior.org> Facebook Co-Founder Saverin Gives Up U.S. Citizenship Before IPO By Danielle Kucera, Sanat Vallikappen and Christine Harper - May 11, 2012 http://www.bloomberg.com/news/print/2012-05-11/facebook-co-founder-saverin-gives-up-u-s-citizenship-before-ipo.html Eduardo Saverin, the billionaire co- founder of Facebook Inc. (FB), renounced his U.S. citizenship before an initial public offering that values the social network at as much as $96 billion, a move that may reduce his tax bill. Facebook plans to raise as much as $11.8 billion through the IPO, the biggest in history for an Internet company. Saverin?s stake is about 4 percent, according to the website Who Owns Facebook. At the high end of the IPO valuation, that would be worth about $3.84 billion. His holdings aren?t listed in Facebook?s regulatory filings. Saverin, 30, joins a growing number of people giving up U.S. citizenship, a move that can trim their tax liabilities in that country. The Brazilian-born resident of Singapore is one of several people who helped Mark Zuckerberg start Facebook in a Harvard University dorm and stand to reap billions of dollars after the world?s largest social network holds its IPO. ?Eduardo recently found it more practical to become a resident of Singapore since he plans to live there for an indefinite period of time,? said Tom Goodman, a spokesman for Saverin, in an e-mailed statement. Saverin?s name is on a list of people who chose to renounce citizenship as of April 30, published by the Internal Revenue Service. Saverin renounced his U.S. citizenship ?around September? of last year, according to his spokesman. Singapore doesn?t have a capital gains tax. It does tax income earned in that nation, as well as ?certain foreign- sourced income,? according to a government website on tax policies there. Exit Tax Saverin won?t escape all U.S. taxes. Americans who give up their citizenship owe what is effectively an exit tax on the capital gains from their stock holdings, even if they don?t sell the shares, said Reuven S. Avi-Yonah, director of the international tax program at the University of Michigan?s law school. For tax purposes, the IRS treats the stock as if it has been sold. Renouncing your citizenship well in advance of an IPO is ?a very smart idea,? from a tax standpoint, said Avi-Yonah. ?Once it?s public you can?t fool around with the value.? Saverin previously scuffled with Zuckerberg, his Harvard University classmate, over his ownership in Facebook. Saverin sued him and settled for an undisclosed amount. The 2010 movie ?The Social Network? added to Saverin?s fame after it portrayed him as a scorned friend who provided the company?s early financing and then was squeezed out. In the film, written by Aaron Sorkin, Saverin was portrayed by Andrew Garfield, who will play Spider-Man in ?The Amazing Spider- Man.? Saverin?s Investments Saverin moved to the U.S. in 1992, and became a citizen in 1998, his spokesman said. He has invested in Asian, U.S. and European companies, according to his spokesman. He plans to invest in Brazilian and in other global companies that have strong interests in entering the Asian markets. ?Accordingly, it made the most sense for him to use Singapore as a home base,? Goodman said in the statement. His U.S. holdings include Jumio Inc., an online payments company, and ShopSavvy Inc., a price-comparison service. Renouncing citizenship is an option chosen by increasing numbers of Americans. A record 1,780 gave up their U.S. passports last year compared with 235 in 2008, according to government records. Income-tax rates for top U.S. earners will rise to 39.6 percent from 35 percent next year, and rates on capital gains and dividends also are scheduled to rise unless Congress blocks the increases. ?Tax Cost? ?It?s a loss for the U.S. to have many well-educated people who actually have a great deal of affection for America make that choice,? said Richard Weisman, an attorney at Baker & McKenzie in Hong Kong. ?The tax cost, complexity and the traps for the unwary are among the considerations.? Some of the world?s largest wealth-management firms have ramped up efforts to fight tax evasion ahead of Washington?s implementation of the Foreign Account Tax Compliance Act, known as Fatca, which seeks to prevent tax evasion by Americans with offshore accounts. HSBC Holdings Plc, Deutsche Bank AG, Bank of Singapore Ltd. and DBS Group Holdings Ltd. all say they have turned away business. The 2010 law, to be phased in starting Jan. 1, 2013, requires financial institutions based outside the U.S. to obtain and report information about income and interest payments accrued to the accounts of American clients. That means additional compliance costs for banks and fewer investment options and advisers for all U.S. citizens living abroad, which may depress banks? returns. Facebook plans to price its IPO on May 17, offering 337.4 million shares at $28 to $35 each. The shares will be listed on the Nasdaq Stock Market under the symbol FB. Morgan Stanley, JPMorgan Chase & Co. and Goldman Sachs Group Inc. are leading the sale. To contact the reporters on this story: Danielle Kucera in San Francisco at dkucera6 at bloomberg.net Sanat Vallikappen in Singapore at vallikappen at bloomberg.net Christine Harper in New York at charper at bloomberg.net To contact the editors responsible for this story: Tom Giles at tgiles5 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 11 11:52:53 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 12:52:53 -0400 Subject: [Infowarrior] - SOPA Supporters Urge White House To Use Secretive TPP Process To Insert Draconian New IP Laws Message-ID: <57C9520F-D42E-46C2-9179-B5031CBCCED5@infowarrior.org> SOPA Supporters Urge White House To Use Secretive TPP Process To Insert Draconian New IP Laws from the sopa-reunion dept We've been warning for a while about the TPP negotiations, and how the big interests who pushed SOPA were making a concerted effort to use the (very questionable and extremely secretive) nature of international trade negotiations to sneak through many of the things they wanted in SOPA, without any scrutiny. Make no mistake: while the public has no access to, or information about, what the federal government is negotiating, the big special interests are well informed. As pressure has been mounting against TPP, it appears that the US Chamber of Commerce has "brought the band back together," putting outa letter to the Obama administration explaining why draconian IP rules must be included in the TPP. The letter is signed by a who's who of SOPA supporters, including (of course) the Chamber of Commerce, the MPAA, the RIAA, A2IM, PhRMA, AAP, BSA, ESA and more. Basically, it's a bunch of also ran industry trade groups whining to the feds that they can't innovate anymore and they need economically damaging mercantilist-style protectionism. < - > http://www.techdirt.com/articles/20120510/03250118857/sopa-supporters-urge-white-house-to-use-secretive-tpp-process-to-insert-draconian-new-ip-laws.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 11 12:17:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 13:17:08 -0400 Subject: [Infowarrior] - Court won't order Google-NSA interactions released Message-ID: <63FC5E89-CAAF-4A02-AC58-1B1B96D347AE@infowarrior.org> Court won't order Google-NSA interactions released By FREDERIC J. FROMMER | Associated Press ? 26 mins ago http://news.yahoo.com/court-wont-order-google-nsa-interactions-released-151646654--finance.html WASHINGTON (AP) ? A federal appeals court has turned down a Freedom of Information Act request to disclose National Security Agency records about the 2010 cyberattack on Google users in China. The Electronic Privacy Information Center, which focuses on privacy and civil liberties, sought communications between Google and the NSA, which conducts worldwide electronic surveillance and protects the U.S. government from such spying. But the NSA refused to confirm or deny whether it had any relationship with Google. The NSA argued that doing so could make U.S. government information systems vulnerable to attack. A federal district court judge sided with the NSA last year, and on Friday, a three-judge panel of the U.S. Court of Appeals for the District of Columbia upheld the ruling. In 2010, Google complained about major attacks on its website by Chinese hackers and suggested the Chinese government may have instigated them. The Chinese government denied any involvement. Soon after, there were news reports that Google was teaming up with the NSA to analyze the attack and help prevent future ones. The privacy center's FOIA request drew a "Glomar" response, in which an agency refuses to confirm or deny the existence of records. The term refers to a case in the 1970s, when the CIA refused to confirm or deny the existence of the Glomar Explorer, a ship disguised as an ocean mining vessel that the CIA used to salvage a sunken Soviet submarine. Courts consistently have upheld Glomar responses. "In reviewing an agency's Glomar response, this court exercises caution when the information requested" involves national security, Judge Janice Rogers Brown wrote in the unanimous appeals court panel's ruling. "NSA need not make a specific showing of potential harm to national security in order to justify withholding information" under one of the law's exemptions because Congress has already, in enacting the FOIA statute, decided that disclosure of NSA activities is potentially harmful. Brown said the question was whether acknowledging the existence or nonexistence of the requested material would reveal an NSA activity. The privacy center argued that some of the records it sought ? unsolicited communications from Google to NSA ? are not covered by exemptions cited by the NSA. "The existence of a relationship or communications between the NSA and any private company certainly constitutes an 'activity' of the agency" subject to exemption, Brown wrote. "Whether the relationship ? or any communications pertaining to the relationship ? were initiated by Google or NSA is irrelevant to our analysis." "Moreover," she added, "if private entities knew that any of their attempts to reach out to NSA could be made public through a FOIA request, they might hesitate or decline to contact the agency, thereby hindering its information assurance mission," which focuses on protecting national security information and information systems. Brown, an appointee of former President George W. Bush, was joined in the ruling by Judges Brett Kavanaugh, another George W. Bush appointee, and Douglas Ginsburg, who was appointed by --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 11 13:35:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 May 2012 14:35:34 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google=92s_Brin_Makes_Strides_in?= =?windows-1252?q?_Hunt_for_Parkinson=92s_Cure?= Message-ID: Google?s Brin Makes Strides in Hunt for Parkinson?s Cure By Robert Langreth - May 11, 2012 http://www.bloomberg.com/news/print/2012-05-11/google-s-brin-makes-strides-in-hunt-for-parkinson-s-cure-health.html Sergey Brin, the 38-year-old co- founder of Google Inc. (GOOG), is making strides in his quest to find a cure for Parkinson?s, a progressive disease his DNA and family history suggest may afflict him as early as 10 years from now. The advances are encouraging Pfizer Inc. (PFE) and GlaxoSmithKline Plc (GSK) to pursue a new class of medicines that may become the first to slow the progress of Parkinson?s disease in a unique collaboration that Brin is funding. Brin, who began donating to Parkinson?s research in 2005, accelerated that giving after he learned in 2008 he has a flawed gene that presents him with a 50 percent chance of getting the disease by age 70. So far Brin has donated $132 million, mostly through the Michael J. Fox Foundation for Parkinson?s Research, to help create a DNA database of 7,000 patients and to support work on the first targeted treatments that aim at the genetic causes of the movement disorder. ?If I felt it was guaranteed to cure Parkinson?s disease a check for a billion dollars would be the easiest one I have written,? he said in an interview. ?Pretty much everybody in the world has or will have some serious condition. How much is it worth to you to have that condition be potentially curable?? Among the recipients of Brin?s largess is the company his wife, Anne Wojcicki, started to create a database of genetic information and which found that Brin had the Parkinson?s gene. Depression and Dementia While existing Parkinson?s medicines help with symptoms, they don?t slow the progression of the disease, in which brain cells involved in coordinating movement die off, leading to tremors, stiffness, slowness, difficulty speaking, depression and dementia. Parkinson?s afflicts about 1 million people in the U.S., and 1 in 100 people over age 60. It was first described in an 1817 essay by the British surgeon James Parkinson about six patients with a ?shaking palsy.? A 2009 study estimated the disease costs Americans $10.8 billion a year, including $6.22 billion in medical costs such as drug treatments and nursing home care, and $4.56 billion more in lost wages and other indirect costs. ?As of today there?s nothing specific that Sergey can do about it, but that doesn?t mean he can?t try to drive change, which we?re doing,? said Wojcicki, co-founder and chief executive of closely held personal genomics company 23andMe Inc., in an interview. Brin?s Mother Brin?s mother, Eugenia, a former computer scientist at NASA, first began to suffer symptoms in 1997 at age 49. A genetic test developed by 23andMe showed Brin and his mother have the Parkinson?s gene. Brin?s funding efforts through the Fox Foundation are studying specific blocking mechanisms that may offer the first real treatment to slow the disease. ?I was very surprised? to get the result in 2008, Brin said. ?I wasn?t alarmed. I felt empowered. I felt I could invest in the research,? said Brin, who has a net worth of about $19 billion. Brin and Wojcicki ?have been hugely helpful,? said Michael J. Fox, the actor who started his eponymous foundation in 2000, nine years after developing Parkinson?s disease. ?People of their profile, who are smart and savvy, when they get involved in such a big way it encourages scientists to take it seriously and it encourages industry to take it seriously,? Fox said in a telephone interview. ?EBay for Research? Wojcicki said the company she founded in 2006 is aiming to create an ?EBay for research? that would speed discoveries in difficult diseases by connecting doctors and researchers to unprecedented amounts of gene data. ?If Sergey is in the database, I just don?t want 23andMe to have access to the data, I want every smart LRRK2 researcher to have access,? she said in an interview referring to the Parkinson?s-linked gene mutation Brin carries known as LRRK2. Better sharing of data from millions of patients would speed research into treatments for everything from brain diseases to heart disease to cancer, Brin said. ?It could be transformational,? he said. People with Parkinson?s are short on dopamine, a natural substance in the brain essential to normal nerve activity. Researchers have identified 6 rare Parkinson?s genes, including the LRRK2 mutation first discovered in 2004. Gene Study Since then, Brin and Wojcicki have funneled $124.9 million to the Fox Foundation, making them the organization?s biggest funder. Starting in 2009, Brin has also funded researchers at 23andMe to create a DNA database, the largest gene study of Parkinson?s patients in the world, according to the Mountain View, California-based company. He has agreed to underwrite genotyping for the first 10,000 people who join. Brin has also contributed $7 million to the Parkinson?s Institute and Clinical Center. Brin started donating in earnest to the Fox Foundation after the group?s co-founder Deborah W. Brooks, a former vice president at Goldman Sachs Group Inc. (GS), heard in 2004 that his mother had the disease. She called Intel Corp. (INTC) co-Founder Andrew Grove, a Parkinson?s sufferer and foundation donor. Grove set up a dinner with Brin and Brooks at the Stanford Park Hotel in Menlo Park, California, near Stanford University, she said. At the dinner, Brin grilled Brooks on the state of Parkinson?s disease research. The meeting led to a partnership. The Fox Foundation has helped 23andMe get patients for its database. Parkinson?s is ?uniquely suited? to Web-based research, since patients often have difficulty getting to the doctor yet are able to report symptoms online and send in a saliva sample, said Nick Eriksson, a 23andMe biostatistician. First Results The data effort has started to yield results. Researchers at 23andMe last year said they had spotted a gene that may protect against the harmful effects of LRRK2, explaining why some people with the mutation never get the disease. Scientists at Stanford University reported in March 2011 they had transformed skin cells donated from Eugenia Brin into brain cells with Parkinson?s symptoms. These cells, and similar cell lines from other patients, will let researchers duplicate the disease in the lab to test for potential drugs, said William Langston, who treats Brin?s mother and runs the Parkinson?s Institute and Clinical Center based in Sunnyvale, California. John Hardy, a brain genetics researcher at University College London whose department has received Fox Foundation funding, calls the LRRK2 gene ?almost a dream target? for companies searching for Parkinson?s drugs. The gene creates a protein that can be blocked with chemicals similar to certain cancer drugs already on the market, giving researchers a head start on finding a targeted drug. Posing Challenges The obstacles toward creating drugs that slow Parkinson?s are daunting. Researchers know little about how LRRK2 weakens brain cells, and by the time the disease is diagnosed the majority of dopamine-producing neurons may already be dead. Researchers are only beginning to develop tests to spot the disease earlier, when it might still be possible to preserve the brain cells. Ted Dawson, a neuroscientist at Johns Hopkins University in Baltimore, is maintaining his optimism. While human trials are still several years off, ?it is just going to be a matter of time to move these forward,? said Dawson, who showed in 2010 that compounds used against LRRK2 could block brain cell death in mice. The mutation creates a defective protein that kills brain cells within 24 to 48 hours in the test tube, according to research from Dawson. Blocking the protein might stop or slow progress of the disease. Places to Start The new findings are giving drug and biotechnology companies starting points for personalized drugs that will first be tested in subsets of patients with the bad genes, said Owen Ross, a brain genetics researcher at the Mayo Clinic in Jacksonville, Florida. ?The momentum has been incredible,? he said. While LRRK2 is directly responsible for 1 or 2 percent of Parkinson?s cases, the research ?could have implications for the vast majority of Parkinson?s patients,? Ross said. Researchers at Eli Lilly & Co. (LLY) began working on drugs to block LRRK2, ?literally the day after the first papers got published,? said Kalpana Merchant, chief scientific officer for translational science for the Indianapolis-based drugmaker. ?Now we have a gene tied to the disease where we know how to target it with drug-like molecules,? she said. When Brin realized he had DNA that suggested he, like his mother, could eventually suffer from the disease he and Wojcicki determined they wanted to do something big. Manhattan Project When the Fox Foundation?s Brooks was contacted, she visited Brin at Google?s headquarters with a suggestion: Why not create a Manhattan Project to devise drugs against LRRK2? Brin signed on with a $20 million donation, $15 million designated for LRRK2, and has been the main sponsor on the Fox Foundation?s LRRK2 effort since. Last year, Brin and Wojcicki pledged to match any further new donations of as much as $50 million, with half the money directly targeted for research into LRRK2. The Fox Foundation directly funds Pfizer and GlaxoSmithKline to do LRRK2 drug research. A larger group of industry advisers, including scientists from Pfizer, Glaxo, Lilly and Elan Corp. (ELN), holds regular calls to discuss roadblocks toward making LRRK2 drugs that researchers could help solve. The collaboration helps share the risk of drug discovery and gives Pfizer access to a worldwide network of experts on LRRK2, said Michael Ehlers, chief scientific officer for Pfizer?s neuroscience research, in a telephone interview. Maybe for Sergey ?It is a natural kind of alliance? that will become more common, he said. Pfizer could have a LRRK2 medicine in human trials in two to three years, he said. Money from the foundation in 2009 allowed Glaxo to hire contract chemists to craft drugs against LRRK2, said Alastair Reith, the research manager who leads the project. Without the funding, Glaxo?s work might have languished, as drug companies ?are paring back quite drastically? in brain diseases, he said. Parkinson?s, which afflicts fewer people than Alzheimer?s, ?isn?t high in the pecking order,? he said by telephone. Eugenia Brin, now retired and living in Los Altos Hills, California, is philosophical about the chances for a cure. ?I do hope they find a drug,? she said in a telephone interview. ?It may be too late for me -- but maybe in time for Sergey.? To contact the reporter on this story: Robert Langreth in New York at rlangreth at bloomberg.net To contact the editor responsible for this story: Reg Gale at rgale5 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 13 20:12:47 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 May 2012 21:12:47 -0400 Subject: [Infowarrior] - The Floppy Disk means Save, and 14 other old people Icons that don't make sense anymore Message-ID: The Floppy Disk means Save, and 14 other old people Icons that don't make sense anymore May 9, 2012 9:42 PM What happens when all the things we based our icons on don't exist anymore? Do they just become, ahem, iconic glyphs whose origins are shrouded in mystery? < - > http://www.hanselman.com/blog/TheFloppyDiskMeansSaveAnd14OtherOldPeopleIconsThatDontMakeSenseAnymore.aspx From rforno at infowarrior.org Mon May 14 06:42:33 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 May 2012 07:42:33 -0400 Subject: [Infowarrior] - More Americans Worried About Cybarmegeddon Than Terrorism, Study Finds Message-ID: <0D594FD6-1D72-4162-88B6-3A3A0153FB97@infowarrior.org> (c/o MM) (and I'm glad Wired responsibly points out who sponsored this survey. --rick) More Americans Worried About Cybarmegeddon Than Terrorism, Study Finds ? By Ryan Singel ? http://www.wired.com/threatlevel/2012/05/cyberarmegeddon-terrorism/ ? May 11, 2012 | ? 3:09 pm | ? Categories: Cybarmageddon! More Americans want the presidential candidates to focus on protecting the government and the electrical grid against hackers than fighting terrorism groups. That?s according to a new security study by Unisys (.pdf), which found that the three highest priorities for Americans when it comes to security issues in the presidential campaign are: ? Protecting government computer systems against hackers and criminals (74 percent) ? Protecting our electric power grid, water utilities and transportation systems against computer or terrorist attacks (73 percent) ? Homeland security issues such as terrorism (68 percent) The survey, based off a random phone survey of 1,000 households in America, asked, ?How important is it for a candidate to emphasize the following issues in the upcoming 2012 presidential election?? along with a set of questions about how worried Americans were about other security issues, such as identity theft and online fraud. Threat Level is conflicted by the results. Should we cry over proof of the success of the security-industrial complex?s PR campaign to convince Americans that cybarmegeddon is near? Or do we rejoice that Americans seem to finally be rejecting post-9/11 fear mongering? And we wonder whether Mat Honan will update the name of his fantastic Obama-idealization parody site from BarackObamaIsYourNewBicycle to BarackObamaIsYourNewFirewall. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 14 13:43:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 May 2012 14:43:00 -0400 Subject: [Infowarrior] - USTR gets publicly p0wn3d at industry TPP (and deservedly so) Message-ID: <48A6A330-141E-43FB-B9CB-80CCDE23F147@infowarrior.org> Party ends badly for U.S. trade reps, federal agents By Andy Bichlbaum on May 12 2012 - 2:24pm Tagged: http://yeslab.org/tpp --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 07:22:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 08:22:35 -0400 Subject: [Infowarrior] - Talking Surveillance Cameras Coming to U.S. Streets Message-ID: <60954E7B-AA9E-40A3-8CD5-7E50BB5E0475@infowarrior.org> Talking Surveillance Cameras Coming to U.S. Streets ?Intellistreets? system now being installed with DHS backing Paul Joseph Watson Infowars.com Monday, May 14, 2012 http://www.infowars.com/talking-surveillance-cameras-coming-to-u-s-streets/print/ Talking surveillance cameras that bark orders at passers-by and can also record conversations are heading for U.S. streets, with manufacturer Illuminating Concepts announcing the progress of its ?Intellistreets? system. As we first reported last year, high tech street lights with ?homeland security applications? are now being installed in major U.S. cities. The street lights also have loudspeakers that can give audible warnings to individuals, mimicking the talking surveillance cameras in the UK that shout out orders through microphones telling people to pick up litter or leave the area. A recent press release put out by Amerlux announces the company?s partnership with Illuminating Concepts to further advance the rollout of ?Intellistreets?. The announcement confirms that the street lights will have a number of ?homeland security features? including a loudspeaker system that will be used to ?engage captive audiences?. ?The built-in speaker can broadcast emergency information,? states the press release, adding, ?SmartSite luminaires can be equipped with a variety of cameras and sensors to ensure real-time 24/7-security coverage. The sensors detect a variety of threats that enable rapid response from emergency personnel or help prevent crime and gain control of the streets.? The press release adds that the SmartSite system developed to operate the ?Intellistreets? surveillance hubs is intended not only for street lighting but also for ?retail malls, sports venues, on college campuses, and in new construction,? and ?might well become commonplace? in the near future. Not only can the street lights, now being rolled out in Detroit, Chicago and Pittsburgh with Department of Energy backing, act as surveillance cameras, Minority Report-style advertising hubs, and Homeland Security alert systems, they are ?also capable of recording conversations,? according to a report by ABC 7. The ABC video clip, featured at the end of this article, includes creepy footage of the street lights being used to transmit Orwellian security alerts, including ?pay attention please?.please stand by for a public safety announcement,? and ?this is a security alert?. Illuminating Concepts responded to the controversy over ?Intellistreets? last year by ludicrously claiming the system did not represent a ?big brother? intrusion, as if talking surveillance cameras that also record private conversations are a perfectly normal concept. The company also denied that it had received funding from the Department of Homeland Security yet subsequent reports confirmed that owner Ron Harwood is now ?working with Homeland Security? to implement the high tech network, which is connected via a ubiquitous wi-fi system. In reality, the system represents Big Brother on steroids ? George Orwell?s worst nightmare come to life with interconnected wireless ?telescreens? blanketing America, all in the name of safety and security. ********************* Paul Joseph Watson is the editor and writer for Prison Planet.com. He is the author of Order Out Of Chaos. Watson is also a regular fill-in host for The Alex Jones Show and Infowars Nightly News. Article printed from Infowars: http://www.infowars.com URL to article: http://www.infowars.com/talking-surveillance-cameras-coming-to-u-s-streets/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 08:04:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 09:04:59 -0400 Subject: [Infowarrior] - Comcast Wants You to Watch Commercials Message-ID: <8A0154A8-CE2A-4CF5-9F5F-3C2748099D9B@infowarrior.org> Comcast Wants You to Watch Commercials By Swanni http://www.tvpredictions.com/comcast051512.htm Washington, D.C. (May 15, 2012) -- Comcast has filed for a patent for a new technology that would force viewers to watch ads even when they try to skip them on their Digital Video Recorders. That's according to an article by FierceCable. The cable operator's move is in sharp contrast to Dish Network's new Auto Hop DVR feature that allows viewers to watch recorded shows on the four major broadcast networks without ever seeing a commercial. Network executives blasted Dish's new feature yesterday, but the satcaster said it wants to "champion" the interests of subscribers, not advertisers or networks. Comcast, of course, has subscribers, too -- more than 22 million of them, in fact -- but the company now also owns NBC which needs advertising revenue to exist. According to FierceCable, Comcast's new technology would force viewers to see an alternate ad when they hit the Fast Forward button to skip a commercial. The ad would be partially visible. FierceCable writes that Comcast is also pursuing a strategy that would target alternative ads to subscribers based on viewing habits and demographics. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 11:47:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 12:47:52 -0400 Subject: [Infowarrior] - Issa Releases TPP Intellectual Property Rights Chapter Message-ID: Issa Releases the Trans Pacific Partnership Intellectual Property Rights Chapter on KeepTheWebOPEN.com 5/15/2012 http://issa.house.gov/index.php?option=com_content&task=view&id=976&Itemid=28&Itemid=4 WASHINGTON, DC ? As the 12th round of closed-door negotiations continue, Congressman Darrell Issa (R-CA) today released the draft intellectual property chapter of the Trans Pacific Partnership (TPP) on KeepTheWebOPEN.com, while calling on US Trade Representative Ron Kirk to publicly release the latest text U.S. negotiators are seeking to include in the agreement. TPP is being negotiated by the United States, Australia, Brunei, Chile, Malaysia, New Zealand, Peru, Singapore and Vietnam, but because the Obama Administration has kept citizens, many-stakeholders and Congress in the dark, little is known about the intellectual property (IP) rights chapter of TPP beyond rumors and this February 2011 U.S. draft proposal. "At a time when the American people and Internet users all around the world are rightfully wary of any closed-door negotiations that could adversely impact their ability to freely and openly access the Internet, the Obama Administration continues to pursue a secretive, closed-door negotiating process for the Trans Pacific Partnership," Issa said. "I have decided to publish the intellectual property rights chapter of TPP in Madison so that the public can provide input to those negotiating this agreement, and to push this Administration - and the federal government as a whole - to be open, transparent and inclusive when it comes to international intellectual property rights agreements that have potentially serious consequences for the Internet community." http://issa.house.gov/index.php?option=com_content&task=view&id=976&Itemid=28&Itemid=4 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 17:13:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 18:13:37 -0400 Subject: [Infowarrior] - U.S Unveils Alzheimer's Strategy Amid Disturbing Projections Message-ID: <1E731681-C325-4791-A2D4-8210278B4A91@infowarrior.org> U.S Unveils Alzheimer's Strategy Amid Disturbing Projections http://www.wibw.com/home/nationalnews/headlines/US_Unveils_Alzheimers_Strategy_Amid_Disturbing_Projections__151588695.html (CNN)-- It's an exceptional moment in the struggle to find effective treatments for Alzheimer's disease, says one expert. Why? Take a look at these disturbing Alzheimer's statistics projected for 2050: ? 11 million additional people will have the condition in the United States ? 115.4 million will have it worldwide, compared to the current figure of about 35.6 million ? $1.1 trillion will be spent in the U.S. on caregiving costs, compared with $200 billion this year. Staring in the face of these sobering numbers, the Obama administration offered details Tuesday of how it plans to take on this mysterious disease that destroys the brain. The new strategy supports a $7.9 million dollar study on an insulin nasal spray treatment. Separately, researchers will work on the first-ever Alzheimer's prevention trial in people with a genetic predisposition to develop the condition. The strategy also offers solutions for collaborating across federal and state agencies and for informing the public through a one-stop website, www.alzheimers.gov. "The plan gives us a blueprint to build on our research efforts," U.S. Secretary of Health and Human Services Kathleen Sebelius said Tuesday at the announcement of the government's new plan. "These actions are the cornerstone of an ambitious and aggressive agenda." Dr. Francis Collins, director of the National Institutes of Health, said at the announcement that, scientifically speaking, we are in an "exceptional moment" with Alzheimer's, with more "revelations" coming out all the time. Alzheimer's currently affects more than 5 million Americans. Health officials detailed the new plan Tuesday at the Alzheimer?s Disease Research Summit 2012: Path to Treatment and Prevention. Leading Alzheimer's researchers from around the world are at the National Institutes of Health today to talk about which research should be emphasized. President Obama signed the National Alzheimer?s Project Act into law in January 2011, which called for a coordinated national plan to fight Alzheimer's. In February of 2012, the administration said it would push for a $156 million increase in funding for Alzheimer's research over the next two years. That's in addition to the $450 million already being spent. As of Tuesday, Obama's proposed 2013 budget allows for a $100 million increase for anti-Alzheimer's efforts, which is part of the $156 million. The other part is for 2012. Still, funding for Alzheimer's research in the United States has not even approached the level of monetary support for other major diseases. Last year, the NIH spent $3 billion on research into AIDS, $4.3 billion on heart disease, and $5.8 billion for cancer, according to the Alzheimer's Association. The current thinking among Alzheimer's experts is that early detection and intervention ? even before symptoms begin ? is better. Individuals with only mild memory problems may hold the most promise for testing treatments. Scientists know that beta-amyloid plaques in the brain are associated with Alzheimer's disease, but they are not necessarily a precursor to it. Still, MRI and PET scans can detect these plaques and, combined with mild memory problems, there's a high likelihood of developing full-blown Alzheimer's. There's also a rare form of Alzheimer's that is genetically driven. Funding is only one part of finding solutions for this debilitating disease. In practice scientists find it challenging to get a lot of participation in clinical trials. Some people don't want to risk the possible side effects of an experimental drug; others do want to try new drugs, but fear being placed in the placebo group. And elderly people may have practical difficulties getting to the study location. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 17:27:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 18:27:10 -0400 Subject: [Infowarrior] - =?windows-1252?q?Testing_a_Drug_That_May_Stop_Alz?= =?windows-1252?q?heimer=92s_Before_It_Starts?= Message-ID: <767F937D-1392-4CDF-A49C-F7F90BE57E2E@infowarrior.org> Testing a Drug That May Stop Alzheimer?s Before It Starts By PAM BELLUCK Published: May 15, 2012 http://www.nytimes.com/2012/05/16/health/research/prevention-is-goal-of-alzheimers-drug-trial.html In a clinical trial that could lead to treatments that prevent Alzheimer?s disease, people who are genetically guaranteed to suffer from the disease years from now ? but who do not yet have any symptoms ? will for the first time be given a drug intended to stop them from developing it, federal officials announced Tuesday. Experts say the study will be one of only a very few ever conducted to test prevention treatments for any genetically predestined disease. In Alzheimer?s research, the trial is unprecedented, ?the first to focus on people who are cognitively normal but at very high risk for Alzheimer?s disease,? said Dr. Francis S. Collins, director of the National Institutes of Health. Most of the study?s participants will be drawn from an extended family of 5,000 people who live in Medell?n, Colombia, and remote mountain villages outside that city. The family is believed to have more members who suffer from Alzheimer?s than any other in the world. Those who possess a specific genetic mutation begin showing cognitive impairment around age 45, and full-blown dementia around age 51. The 300 family members who participate in the initial phase of the trial will be years away from developing symptoms. Some will be as young as 30. The $100 million study will run for five years, but results on sophisticated tests may indicate in as little as two years whether the drug is helping to delay memory decline or brain changes, said Dr. Eric M. Reiman, executive director of the Banner Alzheimer?s Institute in Phoenix, and a lead researcher on the study. Dr. Reiman and Alzheimer?s experts not involved in the study say that though a relatively small percentage of people with Alzheimer?s have the genetic early-onset form that affects the Colombian family, the trial is expected to answer questions that could apply to the millions of people worldwide who will develop more conventional Alzheimer?s disease. ?It offers a tremendous opportunity for us to answer a large number of questions, while at the same time offering these people some significant clinical help that otherwise they never would have had,? said Dr. Steven DeKosky, an Alzheimer?s researcher who is vice president and dean of the University of Virginia School of Medicine. Dr. DeKosky was part of a large group of experts consulted in early discussions about a prevention trial, but is not involved in the study. Some 5.4 million Americans currently have Alzheimer?s disease, and the numbers are expected to swell as the baby boom generation ages. Dr. Reiman and his team are already planning a similar drug trial for people considered to be at increased risk for conventional Alzheimer?s in the United States. The study announced Tuesday will include a small number of Americans with gene mutations guaranteed to cause early-onset Alzheimer?s. The study is part of the federal government?s first national plan to address Alzheimer?s disease, details of which were unveiled Tuesday by Kathleen Sebelius, the secretary for health and human services. In it, the government took the unusual step of finding $50 million from the current year?s N.I.H. budget to pay for research including the Colombia trial. An additional budget increase of $100 million is proposed for 2013, mostly for research, but some of it for education, caregiver support and data collection. Whether the Colombia trial will succeed is, of course, no sure thing. Many clinical trials fail, and the history of Alzheimer?s research is marked by a frustrating results from treatments it was hoped would be promising. But the unique nature of trying a drug years before a person?s brain is ravaged by the disease is considered a promising approach to identifying what causes Alzheimer?s and how to potentially prevent the disease. The Colombia drug trial will be financed with $16 million from the National Institutes of Health, about $15 million from private donors through the Banner Institute and $65 million from Genentech, the drug?s American manufacturer. If the drug, Crenezumab, which attacks the formation of amyloid plaques in the brain, is shown to forestall memory or cognitive problems, plaque formation or other signs of brain deterioration, scientists will have discovered that prevention or delay is possible and that the answer would appear to lie in targeting amyloid years before dementia develops. Many, but not all, Alzheimer?s researchers believe that amyloid is an underlying cause of Alzheimer?s. ?We really believe in wanting to help these folks, and if in fact we can really prevent the disease, it holds tremendous potential for preventing the disease in a broader population,? said Richard Scheller, Genentech?s executive vice president of research and early development. In 2010, The New York Times reported on the tragedy of dementia in this large Colombian family. Many of the relatives are debilitated in their prime working years as their memories unravel, and the disease eventually assaults their ability to move, eat, speak and communicate. At the time, a team of scientists in Colombia and Arizona were laying the groundwork for a study to test medications on family members. Dr. Reiman said his team worked to persuade pharmaceutical companies to invest in the unusual, and sensitive, research. ?We would have to be like Mark Twain,? he said, ?getting the companies to pay to whitewash the fence and give us access to their most promising treatments.? But it took months of painstaking planning to navigate the thorny scientific and ethical issues involved in giving drugs to people who are healthy. ?There?s a lot at stake here,? said Dr. Pierre N. Tariot, director of the Banner Alzheimer?s Institute and a leader of the study. ?We have to do everything we can to do it in the right way.? Researchers, American officials and drug companies were especially sensitive to the fact that the study would be conducted on people in a developing country, many of whom have little education, paltry incomes and a history of superstitions about the disease they call ?la bobera? ? the foolishness. ?The first thing I did was to ask myself the question, are we taking advantage of these folks?? Dr. Scheller said. ?The answer was clearly no.? The risks, he said, were balanced by the fact that if nothing is done, ?they?re going to get this terrible, terrible disease for sure.? Finding a way to prevent or delay Alzheimer?s is a priority for scientists because decades of research have resulted in only a few drugs that can treat dementia once it starts, and that delay decline for only a few months. In addition, researchers have learned that the brain begins deteriorating as long as 20 years before dementia begins. Many scientists believe that waiting until symptoms appear is much too late to begin treatment because the brain has already been so significantly damaged. Prevention studies have been difficult and expensive to do, primarily because the cause of most Alzheimer?s is unclear and it is impossible to predict exactly who will develop it. The few trials of prevention therapies ? involving ginkgo biloba, women?s hormone replacement treatment, and anti-inflammatory drugs ? have involved people not guaranteed to get the disease. These therapies either failed or caused adverse side effects. Testing drugs on that kind of population ?would take too many healthy volunteers, too much money, and too many years to wait for enough people to develop memory and thinking problems to see if treatment worked,? Dr. Reiman said. The Colombian population is ideal for such tests because it is large enough to provide solid results, and it is easy to identify whom the disease will strike, and when. Crenezumab, the drug in the Colombia trial, was chosen in part because it appears to be safer than other drugs that are designed to clear amyloid from the brain, said Dr. Francisco Lopera, a Colombian neurologist who is a leader of the study. Other anti-amyloid treatments have caused edema in the blood vessels, an imbalance of fluid that can cause serious side effects. In safety studies on Crenezumab, ?people didn?t have that problem,? said Dr. Lopera, who has worked with the Colombian family for decades and, with Dr. Kenneth S. Kosik of the University of California, Santa Barbara, identified the family?s illness as Alzheimer?s and the genetic mutation that causes it. Crenezumab is currently being given in two clinical trials to people with mild to moderate symptoms of dementia in the United States, Canada and Western Europe to see if it can help reduce cognitive decline or amyloid accumulation, according to Genentech. In the Colombia study, expected to start early next year, 100 family members who carry the mutation will receive the drug every two weeks in an injection administered at a hospital. Another 100 mutation carriers will receive a placebo. And because many people do not want to know if they have the mutation, researchers will also include 100 non-carriers in the study; they will receive a placebo. ?I can?t think of a trial that?s been done like this,? Dr. Scheller said. In other trials, including those involving people with dementia, ?they know they have it.? Many tests will be used to evaluate whether the drug is effective. Researchers have developed a sophisticated battery of five memory and cognitive tests that have been shown in other studies to detect subtle alterations in recall and thinking ability that usually go unnoticed. The measurements, Dr. Tariot said, will involve recalling a list of words after a period of distraction, naming common objects, a nonverbal reasoning test, answering questions about time and place, and a drawing test in which participants copy increasingly complex figures. ?The question is, does the treatment slow down loss of memory in carriers?? Dr. Tariot said. ?Does it slow down the likelihood of developing typical aspects of dementia like mild cognitive impairment?? Dr. Tariot said researchers will also assess changes in people?s emotional state, ?irritability, sadness, crying, anxiety, impulsivity ? these are cardinal features of the disease as it emerges.? The scientists will also take physiological measurements, including PET scans that measure amyloid, PET scans that measure how glucose is metabolized in the brain, M.R.I. scans that measure whether the brain is shrinking, and cerebral spinal fluid tests that measure levels of amyloid and tau, a protein that accumulates in dying brain cells. If any of these biochemical indicators or biomarkers ends up being improved by the drug, that could be another important scientific breakthrough, Dr. Reiman said. Scientists might then be able to treat one of these Alzheimer?s biomarkers, in the same way that high blood pressure and cholesterol are considered treatable biomarkers of impending heart disease. For Dr. Lopera, the approval of the study is not only a scientific milestone, but a hard-won personal victory after years of observing the agony of so many family members. ?This is an opportunity that they were waiting for a long time,? Dr. Lopera said. ?This is the first time that we can give them hope.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 15 20:00:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 May 2012 21:00:36 -0400 Subject: [Infowarrior] - Beyond CISPA: The cybersecurity bills you need to worry about right now Message-ID: Beyond CISPA: The cybersecurity bills you need to worry about right now May 15, 2012 By Andrew Couts http://www.digitaltrends.com/web/beyond-cispa-the-cybersecurity-bills-you-need-to-worry-about-right-now-cybersecurity-act-of-2012-secure-it-act/ With CISA pushed to the back burner, the Senate is set to consider two alternative cybersecurity bills, both of which are far more expansive than CISPA ? and each with many of the same problems, according to privacy advocates. Here is everything you need to know about the Cybersecurity Act of 2012 and the SECURE IT Act before they hit the Senate floor for a vote this month. We?ve had a bit of a break from Congress? cybersecurity legislative hoopla since the House passed the contentious Cyber Intelligence Sharing and Protection Act (CISPA) late last month. But with the Senate back from recess, the fight over Internet regulation is roarin? and ready to roll. Despite all the fears surrounding CISPA ? a bill that would make it easier for the Federal government and businesses to share information (including users? private communications) ? the rumblings from Capitol Hill suggest that CISPA won?t even make it onto the Senate?s agenda, thanks to broad opposition from Senate Democrats and a veto threat from President Obama. (That?s right ? you probably don?t have to worry about CISPA itself anymore, though that?s not saying much.) Instead, the Senate is expected to take up two alternative bills, the Cybersecurity Act of 2012 (CSA), and the SECURE IT Act, sometime this month. Here is a (relatively) concise rundown of what these bills are, and why civil liberties advocates say they too threaten our individual privacy. What is the Cybersecurity Act of 2012? The Cybersecurity Act of 2012 (officially known as S. 2105, and often referred to in the press as the ?Lieberman-Collins bill?) seeks to establish robust security standards to protect against ?cyber threats,? with a particular emphasis on the protection of ?critical infrastructure? networks in the U.S, such as electrical grids and air traffic control systems. Companies that operate such systems, assets, or networks would be required to prove to the government that they have certain safeguards in place to protect against cyberattacks. Like CISPA, CSA also removes certain legal barriers to allow for greater information sharing between the government and the private sector. Finally, CSA establishes the Department of Homeland Security (DHS) as the Federal government?s lead agency for controlling the cybersecurity infrastructure. Read the CRS summary of CSA here. Or read the full text here. The CSA was introduced to the Senate on February 14 by Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman (I-CT), Ranking Member Susan Collins (R-ME), Commerce Committee Chairman Jay Rockefeller (D-WV), and Select Intelligence Committee Chairman Dianne Feinstein (D-CA). Only one other senator, Sen, Sheldon Whitehouse (D-RI), has co-sponsored the bill since its introduction, though it has explicit support from Senate Majority Leader Harry Reid (D-NV), and the Obama White House. What is the SECURE IT Act? Officially known as S. 2151 in the Senate, and H.R.4263 in the House, SECURE IT is a direct response to CSA. Like CSA and CISPA, both the Senate and House versions of SECURE IT remove legal barriers to allow for greater sharing of information between the government and businesses. Unlike CSA, however, SECURE IT does not establish a governmental regulatory system to oversee cybersecurity threats or to make sure that security standards are in place for critical infrastructure. Instead, SECURE IT provides a number of incentives to companies that choose to share ?cyber threat information? with the Federal government. Furthermore, SECURE IT establishes criminal penalties for a wide range of cybercrimes, from ?trafficking in passwords? to causing damage to critical infrastructure networks or systems. SECURE IT was first introduced by Sen. John McCain (R-AZ), and has seven co-sponsors in the Senate, all top-ranking Republicans. In the House, SECURE IT was introduced by Rep. Mary Bono Mack (R-CA), and has one co-sponsor. Read the full text of S. 2151 here, and the full text of H.R. 4263 here. What is difference between the Cybersecurity Act of 2012 and SECURE IT? Two words: government regulation. The fight over these two bills is classic Washington bi-partisanship. The Democrat-backed CSA establishes a governmental regulatory apparatus that would put in place certain mandatory requirements that private companies (specifically those that deal with critical infrastructure) would have to meet. While some say that CSA doesn?t go far enough towards enforcing these standards, Republicans don?t like this ?big government? approach to cybersecurity at all. SECURE IT?s chief sponsor, Sen. John McCain, has called CSA a ?regulatory leviathan.? And critics in the private sector insist that CSA would put harmful burdens on businesses. There are, however, quite a few key differences in the eyes of critics, which I?ll get into below. What do civil liberty advocates have to say about these bills? They are against both of them. (Surprise!) This week, more than two dozen groups signed on to two separate (but very similar) letters decrying CSA and SECURE IT. Their points of contention with these two bills often echo one another, but do differ to varying degrees. The letters are both worth reading in full (here, here), but here is a concise-as-possible list of their complaints: Sharing personally identifiable information CSA: Actually, CSA is better than either SECURE IT or CISPA on this point, as it requires that companies make every ?reasonable? effort to strip shared data of personally identifiable information. However, the ACLU says that this still does not go far enough to protect private information. SECURE IT: Critics say SECURE IT has no ?meaningful requirements to ensure that private information is anonymized,? and would actually allow companies ?to share the virtually limitless category of private information that ?fosters situational awareness?? for U.S. security purposes. Privacy law overrides CSA: As with CISPA, CSA effectively overrides all other privacy laws to allow companies to share ?communications and records? with the government, even if that information has nothing to do with cyber threats. SECURE IT: SECURE IT does basically the same thing for privacy laws, and also overrides tort laws. Sharing with the military CSA: Under CSA, the Department of Homeland Security would establish which government agencies may access information shared under CSA. The legislation allows DHS to designate the National Security Agency (NSA), and other military agencies with little to no public oversight, as ?exchanges? of this information ? something civil liberties groups say is unacceptable. (This also remains a primary complaint against CISPA.) SECURE IT: Not only does SECURE IT allow the NSA and other defence agencies to access private information shared under the legislation ? it requires it. All information shared under SECURE IT must be immediately shared with the NSA and other military organizations, ?thereby nullifying a company?s choice to share user or customer information with a civilian, rather than a military agency.? Using data for other crimes CSA: This is perhaps one of the most problematic parts of CSA. Information shared under the legislation may be used for any other criminal investigation ? even those that have absolutely nothing to do with cybersecurity ? as long as the information ?appears to relate to a crime which has been, is being, or is about to be committed.? This, critics say, is a direct attack on the Fourth Amendment requirements for warrants and other privacy safeguards. SECURE IT: Less extreme than CSA on this point, SECURE IT still allows the government to use information shared under the legislation for ?many other crimes? unrelated to cybersecurity, especially many ?for which a wiretap may be used.? Again, critics say this is detrimental to our Fourth Amendment protections. Company liability CSA: Companies that share information with the government under CSA are granted legal immunity (meaning they cannot be sued or charged with criminal offenses) for doing so. By giving companies this immunity, CSA eliminates their ability to offer meaningful privacy guarantees to users, or to compete with each other by offering better protections than their competitors. It also takes away users? or customers? ability to sue these companies for sharing their information with the Federal government. SECURE IT: The exact same complaint exists for SECURE IT. In short, both CSA and SECURE IT share many of the same complaints against CISPA, to a greater or lesser degree, depending on which part of the bills you?re looking at. This (above) is only a portion of the complaints made by rights advocates, so it is definitely worth reading both the full text of these bills (warning: they are very, very long), as well as the letters, if you want to have a thorough understanding of the issues at play. Also, the Electronic Frontier Foundation (EFF), one of the organizations that signed both of the letters mentioned above, goes into much greater detail about the problems with these bills here. Do we really need cybersecurity legislation? According to those in Congress, the answer is a resounding ?YES! For the love of all that is good in this world, YES!? Or, as Sen. Lieberman explains: ?This bill would begin to arm us for battle in a war against the cyber mayhem that is being waged against us by our nation?s enemies, organized criminal gangs, and terrorists who would use the Internet against us as surely as they turned airliners into guided missiles. The nation responded after 9/11 to improve its security. Now we must respond to this challenge so that a cyber 9/11 attack on America never happens.? This ?cyber 9/11? line is one that has been used by nearly all those pushing cybersecurity legislation ? CSA, SECURE IT and CISPA alike. No surprise there, since the scare tactic seems to be working. Wired points out a new study by Unisys (pdf), which shows that more Americans now view cyberattacks as a greater threat to the country than terrorism ? a rather amazing thing, considering the years of terrorism fear-mongering that those of us in the U.S. have gone through since the final months of 2001. That said, even organizations like the Center for Democracy and Technology (CDT) ? a key player in the fight against CISPA ? says that greater safeguards against cyberattacks are needed. It is impossible to say at the moment, however, whether the threats are genuinely as serious as the politicians make them out to be, or whether legislation like CSA or SECURE IT is needed to protect against those threats. What happens next? Neither CSA nor SECURE IT have yet been placed on the Senate?s agenda, though it is widely believed that CSA will come up for consideration on the Senate floor sometime this week. SECURE IT, which does not have the support of Majority Leader Harry Reid, will likely go up for a vote sometime later in the month. (There is no timeframe yet for the House version of SECURE IT going up for a full vote.) If either CSA or SECURE IT pass, the legislation will then likely be reconciled with CISPA (if CISPA is brought forth at all) before it can go to President Obama?s desk for his signature (or veto, as the case may be). However, the Republican-controlled House has indicated repeatedly that it will not pass a bill that imposes great government regulation, which would likely cause problems for CSA. In the end, it may be Obama?s veto pen ? or lack thereof ? that decides the future of our online privacy. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 16 06:20:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 May 2012 07:20:25 -0400 Subject: [Infowarrior] - Senior DHS staffers have no LE (or cyber) experience Message-ID: I feel oh-so-much-safer now, don't you? /sarcasm --rick Senior Homeland Security staffers have no law enforcement experience By Matthew Boyle - The Daily Caller 11:44 PM 05/14/2012 http://dailycaller.com/2012/05/14/senior-homeland-security-staffers-have-no-law-enforcement-experience/?print=1 President Barack Obama?s Homeland Security secretary, Janet Napolitano, has presided over the hiring of at least four senior staffers and advisers who have no law enforcement experience but align politically with the president. Jordan Grossman was a special adviser and deputy to the deputy chief of staff at the Department of Homeland Security, for instance, yet his resume shows no law enforcement experience. Before Grossman got his post in January 2009, he was a ?special assistant? at the Obama-Biden presidential transition team after working for Obama?s 2008 election campaign. Before that, Grossman worked as a research assistant at the Annenberg Public Policy Center, a communications think tank at the University of Pennsylvania. Grossman also interned for the left-wing Center for American Progress, and for the Democratic Congressional Campaign Committee. He lists no law enforcement experience on his resume, even though the Obama administration had hired him into a senior law enforcement role. Grossman has since left his government position for to attend Harvard Law School. * Vladimir Skoric serves as a ?special assistant? to the Homeland Security ?deputy under secretary for cybersecurity.? Skoric began his career in politics in May 2007 as a ?volunteer coordinator? at Obama For America. He then interned for Washington Democratic Sen. Patty Murray and served as Obama For America?s Washington, D.C. youth director. Skoric has also worked for The Small Business Project, Inc., as a business development analyst for a little more than two years. That organization describes itself as a company that ?brings knowledge and expertise in starting small business programs to intermediaries, which in turn serve to strengthen small businesses locally,? focusing specifically on ?providing forestry sector expertise.? Its mission does not have anything to do with law enforcement. Even so, Skoric scored a senior level position in Obama?s Homeland Security Department. (RELATED: Homeland Security stalls Florida voter clean-up efforts) Chris Stelmarski describes his Homeland Security Department work as ?digital strategy.? Before landing in the upper echelons of the Obama administration?s law enforcement headquarters, he worked as a freelance photographer for Penn Ave Photography, and as a political strategist for Blue State Digital, a political campaign firm that helped Obama win the 2008 election. Before that, Stelmarski worked as a technology staffer for Ohio Democratic Sen. Sherrod Brown?s 2006 campaign. Like the others, Stelmarski lists no law enforcement experience on his resume. And like the others, the Obama administration hired him to take a senior Homeland Security job. The Daily Caller recently reported on the case of Nate Snyder, the department?s Counterterrorism Working Group staff and CVE [Countering Violent Extremism] Working Group lead. Snyder has had his current Homeland Security post since March 2011, according to his profile on the LinkedIn social networking website. He was previously the department?s deputy White House liaison. Before joining the Obama administration, Snyder worked for the Service Employees International Union and for Obama?s 2008 presidential campaign. Snyder also lists no law enforcement experience on his resume. He attracted attention on May 1 for tweeting out praise for left-wing ?May Day? protests. After TheDC first reported on the incident, Snyder?s Twitter account was locked to outsiders and the tweet was deleted. Spokespersons for the Department of Homeland Security have not responded to TheDC?s requests for comment on why Napolitano?s department hires people with no law enforcement experience into senior law enforcement positions. *UPDATE: Within minutes of The Daily Caller publishing this article, Grossman updated his LinkedIn page to reflect the fact he no longer works for the Department of Homeland Security. It?s unclear exactly why he left the position ? it appears as though it was so he could focus on his Harvard Law School studies ? but he left Obama?s Department of Homeland Security in June of last year. He had presented himself as a current Obama DHS employee until at least Sunday of this week on his LinkedIn page. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 16 06:46:35 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 May 2012 07:46:35 -0400 Subject: [Infowarrior] - Another Cybersecurity Bill Runs Into Trouble on Capitol Hill Message-ID: <9E392637-3FA4-498B-B2C2-D240852C326C@infowarrior.org> Are people starting to wake up to this latest round of Congressional idiocy (I mean, 'gift to') the cyberindustrial complex? Or is this just a head-fake before approval? -- rick (c/o ferg) May 15, 2012, 9:53PM Another Cybersecurity Bill Runs Into Trouble on Capitol Hill by Anne Saita https://threatpost.com/en_us/blogs/another-cybersecurity-bill-runs-trouble-capitol-hill-051512 A U.S. Senator's bill to broaden cybersecurity intelligence gathering is in trouble after other legislators question whether proposed protections comes at the expense of citizens' privacy. The bill introduced by Sen. Joe Lieberman (I-CT) to strengthen cybersecurity through better public-private information sharing is the latest congressional proposal to come into the crosshairs of civil liberties groups and privacy advocates. Their campaign to stop passage of the bill as it is currently written may be working, given statements released this week from Lieberman's congressional counterparts. ?I have serious concerns about this bill,? Sen. Al Franken (D-MN) told the Web site Politico in a statement. ?As written, the legislation moves aside decades of privacy laws to allow companies to freely monitor American citizens? communications and give their personal information to the federal government ? and grants companies near total immunity for doing so.? Democratic Sen. Richard Blumenthal of Connecticut said, ?I think that the definitions have to be narrowed and the privacy safeguards have to be strengthened." He, like some others, are concerned about the type of data companies turn over to the goverment may be misused or abused as the draft now exists. Like other controversial bills in recent months, some lawmakers are concerned that current language allows too much private consumer information can be shared without impunity in the name of stopping cybercrimals. This Senate bill is similar to the Cyber Intelligence Sharing and Protection Act (CISPA) bill passed in the U.S. House of Representatives by 80 votes last month. Critics of CISPA, like Lieberman's bill, voiced concern that companies could share their customer's private data with any branch of government, including the military -- which they say effectively amounts to spying on American citizens. While Lieberman's bill is running into trouble with some Democrats, it also is being met with skepticism by Republicans who question another provision on protecting the nation's critical infrastructure. Published reports say some GOP senators don't see the need for government to force operators to secure their systems. These bills and others aim to better protect both public and private networks against cyberattacks by sharing intelligence gathered from myriad sources. To do so, lawmakers believe, companies need an incentive to share their proprietary data and government needs more authority to protect critical networks owned by private businesses. Among the more vocal opponents to these cybersecurity bills is the American Civil Liberties Union, the Center for Democracy and Technology, TechFreedom, the Electronic Frontier Foundation and The Constitution Project. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 16 06:51:21 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 May 2012 07:51:21 -0400 Subject: [Infowarrior] - U.S. has 55 daily encounters with "suspected terrorists" Message-ID: U.S. has 55 daily encounters with "suspected terrorists" By Mark Hosenball | Reuters ? 13 hours ago http://ca.news.yahoo.com/u-55-daily-encounters-suspected-terrorists-222758155--finance.html WASHINGTON (Reuters) - Law enforcement and homeland security personnel face an average of 55 daily encounters with "known or suspected terrorists" named on government watchlists, officials told Reuters. The figure - which equals more than 20,000 contacts per year - underscores the growing sweep of the watchlists, which have expanded significantly since a failed Christmas Day 2009 bombing attempt of a U.S. airliner. But officials note that very few of those daily contacts lead to arrests. Civil liberties groups question the use of watchlists, and they have been ridiculed for ensnaring innocent citizens. U.S. officials said the encounters, which involve airport and border security personnel as well as federal and local law enforcement officers, are reported to the Terrorist Screening Center (TSC), an interagency unit led by an FBI official based in a tightly guarded building in northern Virginia. At its headquarters, the TSC operates a 24-hour command center, resembling something from a Hollywood thriller, complete with giant wall-screen projections and signs flashing "SECRET." Officials said that when a law enforcement or homeland security officer in the field stops a person whose name matches a name in the TSC's databases, the officer is supposed to phone the TSC command center for instructions. Based on information in the databases, the TSC then will advise the officer in the field how to proceed, which could range from releasing the suspect to calling in federal officers as backup. The command center gets between 100 and 150 inquiries a day, of which an average of 55 involve individuals who turn out to be listed on one of the federal watch lists, officials said. Of those calls, about 60 percent come from federal officers at border or airport security posts; the rest come from local police. "There are incidents every single day," said TSC director Timothy Healy. The watchlists include the best known "no fly list" as well as a "selectee list" of people who the government thinks should get extra screening or questioning before being allowed to board an airplane. LISTS GET LONGER Officials acknowledge that the number of names on these lists - and particularly the no-fly list - have grown considerably since Christmas Day 2009, when a Nigerian-born militant who was listed in a classified database called TIDE, but not the no-fly list, successfully boarded a US-bound aircraft but then failed to detonate a bomb which Yemeni militants had helped him stash in his underpants. Before that incident, the number of names on the no-fly list was around 4,000. U.S. officials said it now contains about 20,000 names while the selectee list contains another 18,000. A new threat to aviation security surfaced earlier this month, in the form of a foiled plot by al Qaeda's Yemeni affiliate to deploy a more sophisticated "underwear" bomb. The watchlists have been the subject of controversy - most recently last week when an 18-month-old girl and her parents were taken off a JetBlue flight when the toddler's name appeared on a no-fly security list, apparently the result of a computer glitch. While the U.S. government has instituted measures to enable people to petition for their names to be deleted, officials insist that over time the lists have become more accurate. Watchlisting officials say that airlines maintain their own lists of potentially troublesome passengers; often, they said, when a well-publicized case arises of a prominent or innocent person being denied boarding, it is because the air carrier, rather than the government, misconstrued the identity of someone on its proprietary lists. But Nusrat Choudhury, a lawyer for the American Civil Liberties Union, said her organization is pursuing legal action on behalf of people who have unjustifiably been restricted from flying. She said redress mechanisms maintained by the government are at best "ineffective." Two or three of the inquiries per day turn out to be people listed on the "no fly" list, the most restrictive of the watchlists maintained by the TSC. A suspect's name is put on the "no fly" list if they are deemed by government experts to be a threat to aviation, to be planning an attack or if they are "operationally capable" and are known to be planning to attend, or to have already attended, a militant training camp. Fewer than 500 of the individuals on the no-fly list are U.S. citizens, officials said. (Editing by Cynthia Osterman) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 16 07:25:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 May 2012 08:25:37 -0400 Subject: [Infowarrior] - CmdrTaco on Why Hollywood is doomed Message-ID: <1A8CDBF5-70A7-4977-B8EA-651700EE3DE6@infowarrior.org> Rob ?CmdrTaco? Malda Chief Strategist and Editor-at-Large, WaPo Labs Why Hollywood is doomed By Rob ?Cmdrtaco? Malda, Published: May 15 http://www.washingtonpost.com/national/on-innovations/why-hollywood-is-doomed/2012/05/15/gIQAAL3YRU_story.html?hpid=z16 The only way the film industry can survive, according to entertainment lobbyists, is for Congress to pass a series of escalating, alphabet soup laws. I?m referring to the Digital Millennium Copyright Act (DMCA) of 1998 and the recent attempts by the entertainment industry to push sister anti-piracy bills ? the Stop Online Piracy Act (SOPA) in the Senate and the Protect Intellectual Property Act (PIPA) in the House ? into law. These pieces of legislation assume guilt on the part of content consumers while simultaneously erasing their rights to privacy. But, before you cast aspersions, consider that Hollywood does this to protect the industry?s ability to create jobs, art, and money. They see a shrinking box office that spells the end for their industry, and they blame piracy. There?s one problem with all of this: ?The Avengers? opening weekend ended with a record-annihilating $207 million box office total. That single weekend haul was larger than all but the largest of blockbusters? take in their entire multi-month run. It also crushed ?Harry Potter And the Deathly Hallows Part 2,? the former all-time weekend record holder, by $38 million. To date, the ?Avengers? has grossed over $1 billion worldwide. But the threat of piracy to the U.S. economy and its ability to create jobs is a powerful narrative. This is why we?ve been bombarded with a series of bills and laws to regulate the sharing of copyrighted content online. Only legislation and penalties can punish the pirates and give the studios their deserved riches! Well, that?s how the script from Hollywood reads. After more than a decade of attempts to legally halt media piracy, codecs compress video files better and faster while cameras embedded in smartphones fit into ever smaller pockets. Once upon a time, there was only the relatively centralized threat of Napster. But legal attacks have forced the pirates to further decentralize. Now, Hollywood must play whack-a-mole against countless piracy Web sites. While Hollywood blames piracy, at least for now, I put the blame squarely on texts and tweets. These days, a month-long $100 million marketing campaign culminates in a 24-hour social network frenzy. The first $10 million-worth of ticket purchasers influence the potential $90 million-worth with knee-jerk reviews broadcast via their smartphones. These viewers determine if the movie will make a profit. Ultimately, Hollywood, here?s the secret: Make good movies. ?The Avengers? is simply fantastic. It?s no surprise, since the film?s director, Joss Whedon (of Buffy and Firefly-fame), is known for making cult, ensemble TV action. His most recent film, prior to ?The Avengers?, is ?The Cabin in the Woods? -- still the most fun movie of 2012. This summer, Whedon made a movie that stands tall and proud among the very best of summer blockbusters. So, Hollywood, instead of going after the piracy boogeyman, why not focus your efforts on texters who instantly alert their friends that your latest blockbuster stinks. Those are the folks hurting your bottom line. Or you could just make better movies. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 07:52:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 08:52:22 -0400 Subject: [Infowarrior] - Report: Facebook Search to Launch in 2013 Message-ID: <959FD13D-52AD-4054-A8DD-3C9106976E74@infowarrior.org> Facebook Search to Launch in 2013 May 16, 2012 Facebook headquarters, California by Mike Malley http://www.berfrois.com/2012/05/facebook-search/ Facebook are due to launch their own search engine in early 2013, according to a source at the Californian company. An official announcement is likely in the next 24 hours as Mark Zuckerberg seeks to ramp up the hype for their IPO on Friday. ?Facebook Search? will be billed as a social search engine, with results based on a user?s data and that of their friends. Zuckerberg is said to be determined for Facebook to leapfrog Google as the most popular site on the internet. Having a search engine accessed within the social network is seen as integral to this ambition. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 07:54:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 08:54:30 -0400 Subject: [Infowarrior] - The Facebook IPO Message-ID: (And no, I'm not touching this thing. IMHO it's grossly over-valued, surrounded by a huge bubble-mania, and I suspect the only folks left holding the bag in a year will be the retailers and small funds who are suckered into thinking this is the next GOOG or AAPL. BTW, I think their revenues peaked 3 or 4 quarters ago if I remember their SEC filings correctly. -- rick) Last updated: May 16, 2012 8:47 pm Early Facebook backers add to share sale By Telis Demos in New York http://www.ft.com/intl/cms/s/0/80f2e7a0-9f59-11e1-a255-00144feabdc0.html# Some of Facebook?s earliest backers plan to sell an additional $3bn worth of shares in Thursday?s initial public offering, as they take advantage of a wave of public interest in the social network group?s flotation. The move will increase the number of shares on offer by 25 per cent, with proceeds flowing to existing investors such as Goldman Sachs, Tiger Global Management and Accel Partners. Investor demand has been stoked by a cross-country US roadshow over the past two weeks, allowing Facebook to increase the size of its offering from $12bn to as much as $18bn. However, the company continues to rankle some large institutional investors who fear that the IPO?s rising price and heavy insider selling could make Facebook shares more volatile after their market debut. The company lifted its price range to $34 to $38 this week, from the $28 to $35 initially indicated. ?We?re seeing a whole new level of insider selling. It went from something you can explain away [to potential investors] to something that?s harder to,? said Sam Hamadeh, a former banker and chief executive of PrivCo, a boutique research firm. Typical IPOs see limited selling by management and early investors, as incoming shareholders expect the interests of key board members to remain aligned with their own. The market for Facebook?s shares is ?massively oversubscribed? with especially strong demand by individual investors, according to a survey of investors by IPO Boutique, an advisory firm. The deal now could raise as much as $18bn if, as expected, an overallotment is exercised, making it the second-largest US IPO ever. The largest extra sales are by Tiger Global Management, a hedge fund that plans to sell 23m shares, up from more than 3m previously. Goldman Sachs, which attracted attention for scuttling plans to market pre-IPO Facebook shares to US investors, has more than doubled the number it plans to sell, raising up to $1bn. The bank itself is selling shares as are its investment management units. While the number of shares being sold directly by Facebook remains at 180m, worth $6.8bn at the top of the price range, board members are also selling more. Peter Thiel and James Breyer, who represents venture capital firm Accel Partners, are both increasing their sales. Mark Zuckerberg, the company?s founder, is not selling additional shares, though the sales of shares by board members who have pledged control of their voting shares to him will reduce his voting stake to 55.5 per cent from 57 per cent, according to figures from PrivCo. The sale will leave about 20 per cent of Facebook?s shares in public hands, more closely in line with the 10-year average for US tech companies of 25 per cent, according to Dealogic. Other recent deals, such as the IPOs of Yelp, Groupon and Zynga, sold closer to 10-15 per cent. Facebook?s shares, to be listed with the symbol ?FB? on Nasdaq, are due to begin trading on Friday. The size of Facebook?s offer could rise further when underwriters set the final price. Under US securities rules, the IPO could price as high as $45 ? or 20 per cent above its offering range ? without Facebook having to file fresh documents with regulators. Facebook?s offering alone may see the internet software sector surpass the height of the dotcom boom for money raised in a year. However, Facebook?s coat-tails have not driven a broader global rebound in new equity issuance, with investors still skittish about companies more closely tied to economic growth. Even with Facebook?s sale, global proceeds from IPOs would be $47bn via 285 issues so far this year. At this time last year, proceeds were $74bn from 367 deals, according to Thomson Reuters. Copyright The Financial Times Limited 2012. You may share using our article tools. Please don't cut articles from FT.com and redistribute by email or post to the web. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 07:56:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 08:56:30 -0400 Subject: [Infowarrior] - People Power 2.0 - How civilians helped win the Libyan information war. Message-ID: <34C01B58-953D-4ECF-A987-6FFB22710B13@infowarrior.org> People Power 2.0 How civilians helped win the Libyan information war. http://www.technologyreview.com/web/40214/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 08:28:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 09:28:00 -0400 Subject: [Infowarrior] - The 'EX-PATRIOT' Act introduced Message-ID: <260ECF85-3761-4445-B474-384BEBA7FFC0@infowarrior.org> (Alas, it's not what we would hope it would do. How typical. Wonder how many staff hours it took to come up with that witty name? -- rick) May 17, 2012 7:01am Senators to Unveil the ?Ex-Patriot Act? to Respond to Facebook?s Saverin?s Tax ?Scheme? http://abcnews.go.com/blogs/politics/2012/05/senators-to-unveil-the-ex-patriot-act-to-respond-to-facebooks-saverins-tax-scheme/ Sen. Chuck Schumer, D-N.Y., has a status update for Facebook co-founder Eduardo Saverin: Stop attempting to dodge your taxes by renouncing your U.S. citizenship or never come to back to the U.S. again. In September 2011, Saverin relinquished his U.S. citizenship before the company announced its planned initial public offering of stock, which will debut this week. The move was likely a financial one, as he owns an estimated 4 percent of Facebook and stands to make $4 billion when the company goes public. Saverin would reap the benefit of tax savings by becoming a permanent resident of Singapore, which levies no capital gains taxes. At a news conference this morning, Sens. Schumer and Bob Casey, D-Pa., will unveil the ?Ex-PATRIOT? ? ?Expatriation Prevention by Abolishing Tax-Related Incentives for Offshore Tenancy? ? Act to respond directly to Saverin?s move, which they dub a ?scheme? that would ?help him duck up to $67 million in taxes.? The senators will call Saverin?s move an ?outrage? and will outline their plan to re-impose taxes on expatriates like Saverin even after they flee the United States and take up residence in a foreign country. Their proposal would also impose a mandatory 30 percent tax on the capital gains of anybody who renounces their U.S. citizenship. The plan would bar individuals like Saverin from ever reentering the United States again. ?Eduardo recently found it more practical to become a resident of Singapore since he plans to live there for an indefinite period of time,? Tom Goodman, Saverin?s spokesman, told Bloomberg News in an email. Last year 1,700 people renounced their U.S. citizenship. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 09:31:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 10:31:44 -0400 Subject: [Infowarrior] - =?windows-1252?q?Scientists_=91euphoric=92_over_p?= =?windows-1252?q?romise_of_mind-controlled_robotic_arm?= Message-ID: Scientists ?euphoric? over promise of mind-controlled robotic arm May 16, 2012 By Earnest Cavalli http://www.digitaltrends.com/cool-tech/scientists-euphoric-over-promise-of-mind-controlled-robotic-arm/ A team of researchers at Brown University have developed a robotic arm to assist the disabled, and after much work have unveiled incredible results. For most of us, reaching out and picking up a bottle of water to have a drink is such a simple task that we aren?t even capable of taking it for granted. It just happens. Consciously, we barely register the action, as it?s just that engrained in our existence, and requires so little focus and thought. However, there are many people for whom this simple action is impossible. For people like this, an ongoing study at Rhode Island?s Brown University holds an immense amount of promise. The study, dubbed BrainGate2, seeks to aid the disabled by implanting a small microchip in the motor cortex of their brains that effectively allows them to control a robotic arm with their thoughts. Brown University?s official press release offers an in-depth explanation: A 58-year-old woman (?S3?) and a 66-year-old man (?T2?) participated in the study. They had each been paralyzed by a brainstem stroke years earlier which left them with no functional control of their limbs. In the research, the participants used neural activity to directly control two different robotic arms, one developed by the DLR Institute of Robotics and Mechatronics and the other by DEKA Research and Development Corp., to perform reaching and grasping tasks across a broad three-dimensional space. The BrainGate2 pilot clinical trial employs the investigational BrainGate system initially developed at Brown University, in which a baby aspirin-sized device with a grid of 96 tiny electrodes is implanted in the motor cortex ? a part of the brain that is involved in voluntary movement. The electrodes are close enough to individual neurons to record the neural activity associated with intended movement. An external computer translates the pattern of impulses across a population of neurons into commands to operate assistive devices, such as the DLR and DEKA robot arms used in the study now reported in Nature. Though this sort of thing has been standard fare in science fiction for decades, the actual mechanics of creating a system like this is exceedingly complicated. The researchers long ago figured out how to use these implants to control objects in a two-dimensional space, and the act of grasping is relatively simple, but maneuvering the robotic arm in three-dimensional space complicates the necessary commands exponentially. ?To move from this type of two-dimensional movement to movements involving reaching out for an object, grasping it and then guiding it in three-dimensional space is a huge step for us,? said John Donoghue, director of the Brown Institute for Brain Science. As with all such scientific breakthroughs, though this seems quite promising, there is still much work to be done. The arm, as is, is a bit too unwieldy for general use, and its actions, while surprisingly dextrous, aren?t exactly on par with the deft movements of the human hand. ?We have much more work to do, but the encouraging progress of this research is demonstrated not only in the reach-and-grasp data, but even more so in S3?s smile when she served herself coffee of her own volition for the first time in almost 15 years,? said Dr. Leigh Hockberg, lead author of the BrainGate2 study. On the positive side, the researchers are quite pleased at how readily the human body has accepted the brain implants. To date, 15 people have been given the devices and none of them have shown ill effects from the procedure. The team?s next goal is to develop a system of reliable wireless transmission that would negate the need for wires attached directly to the implant. Then, once the robotic arm is up to snuff, the research team hopes to reconfigure the system to send commands directly to a patient?s muscles. That?s still a long ways off, but for those who have severed their spinal cords, it offers a tantalizing possibility of one day being able to control their own bodies again. Nature has a very impressive video of the robotic arm in action that we would highly recommend you watch. It?s the kind of thing that makes you realize we?re living the sci-fi dreams of our father?s generation. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 09:41:11 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 10:41:11 -0400 Subject: [Infowarrior] - Military Detention Law Blocked by New York Judge Message-ID: Military Detention Law Blocked by New York Judge (Update 2) By Bob Van Voris and Patricia Hurtado - May 17, 2012 12:01 AM ET http://www.bloomberg.com/news/2012-05-16/military-detention-law-blocked-by-new-york-judge.html Opponents of a U.S. law they claim may subject them to indefinite military detention for activities including news reporting and political activism persuaded a federal judge to temporarily block the measure. U.S. District Judge Katherine Forrest in Manhattan yesterday ruled in favor of a group of writers and activists who sued President Barack Obama, Defense Secretary Leon Panetta and the Defense Department, claiming a provision of the National Defense Authorization Act, signed into law Dec. 31, puts them in fear that they could be arrested and held by U.S. armed forces. The complaint was filed Jan. 13 by a group including former New York Times reporter Christopher Hedges. The plaintiffs contend a section of the law allows for detention of citizens and permanent residents taken into custody in the U.S. on ?suspicion of providing substantial support? to people engaged in hostilities against the U.S., such as al-Qaeda. ?The statute at issue places the public at undue risk of having their speech chilled for the purported protection from al-Qaeda, the Taliban, and ?associated forces? - i.e., ?foreign terrorist organizations,?? Forrest said in an opinion yesterday. ?The vagueness of Section 1021 does not allow the average citizen, or even the government itself, to understand with the type of definiteness to which our citizens are entitled, or what conduct comes within its scope.? Enforcement Blocked Forrest?s order prevents enforcement of the provision of the statute pending further order of the court or an amendment to the statute by Congress. Ellen Davis, a spokeswoman for U.S. Attorney Preet Bharara in Manhattan, declined to comment on the ruling. The plaintiffs claim Section 1021 is vague and can be read to authorize their detention based on speech and associations that are protected by the First Amendment to the Constitution. Hedges and two other plaintiffs testified in a hearing before Forrest in March, the judge said. A fourth plaintiff submitted a sworn declaration. The government put on no evidence, Forrest said. Forrest, an Obama appointee who has served on the Manhattan federal court since October, rejected the government?s arguments that the plaintiffs lacked standing to sue over the law and that it merely reaffirmed provisions in an earlier law, the 2001 Authorization for Use of Military Force, which was passed in the wake of the Sept. 11, 2001, terrorist attacks. Plaintiffs? Activities In her opinion, Forrest said the government declined to say that the activities of Hedges and the other defendants don?t fall under the provision. Forrest held a hearing in March at which government lawyers didn?t call any witnesses or present evidence, according to the judge. The government did cross- examine the plaintiffs who testified and submitted legal arguments. ?The government was given a number of opportunities at the hearing and in its briefs to state unambiguously that the type of expressive and associational activities engaged in by plaintiffs -- or others -- are not within Section 1021,? Forrest said. ?It did not. This court therefore must credit the chilling impact on First Amendment rights as reasonable -- and real.? Hedges, who testified he has been a foreign news correspondent for 20 years, said he has reported on 17 groups that are on a State Department list of terrorist groups. Hedges testified that after the law was passed, he changed his dealings with groups he had reported on, Forrest said. ?I think the ruling was not only correct, but courageous and important,? Hedges said in a telephone interview yesterday. The case is Hedges v. Obama, 12-cv-00331, U.S. District Court, Southern District of New York (Manhattan). To contact the reporters on this story: Bob Van Voris in Manhattan federal court at rvanvoris at bloomberg.net; Patricia Hurtado in Manhattan federal court at phurtado at bloomberg.net. To contact the editor responsible for this story: Michael Hytha at mhytha at bloomberg.net. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 09:47:24 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 10:47:24 -0400 Subject: [Infowarrior] - Media manipulation has sent us into Facebook IPO overload Message-ID: <510D7D2D-4F0D-4A27-928A-56A36E8F5831@infowarrior.org> Stop the madness: Media manipulation has sent us into Facebook IPO overload May 17, 2012 By Molly McHugh http://www.digitaltrends.com/social-media/stop-the-madness-media-manipulation-has-officially-sent-us-into-facebook-ipo-overload/ The Facebook IPO has turned tech media into a hungry pack of vultures, picking at whatever can be scavenged and spit out between now and the big day. 2012 has been the year of the Facebook IPO. At long last, everybody?s favorite (or at least, most often used) social network is going to cash in on its years of data hoarding and future-defining, and this has collectively touched a nerve within the tech community. It?s a frenzy, really: every day, there are uncountable new stories about how Facebook stock will plummet or skyrocket, how users should beware, or not care at all, and most depressingly how Mark Zuckerberg wears hoodies. We?ve rallied around the Facebook IPO in almost cult-like, apocalyptic way, and the tech reporting community has turned into a sort of gossipy group of middle schoolers who think they know more about banking and finances than they actually do ? which, for the record, is the worst kind of middle schooler. Is this about Wall Street or the Web? The moment that Facebook issued its S-1 form, the tech media began salivating. It was vulture-like. And since that moment, it?s all spiraled uncontrollably to this point where technology news is completely and utterly obsessed with milking this story for all its worth and desperately trying to make it more applicable. There?s a natural intersection of business news and tech news because technology and digital media have become huge enterprise platforms. And we?ve been here before. Maybe not exactly here, but somewhere like it. During the Dot Com rush of the 90s, the Internet captured the attention of investors, entrepreneurs, and everyone in between. This go round, it?s creating an almost unhealthy obsession with Facebook?s IPO. Yes, it?s crazy that a Website started in a dorm room has spiraled into a billion-dollar company ? but there?s this attitude that come Friday, everything changes. That the Internet will be different and Facebook will be different; that how we interact with Facebook is being inherently changed. And it?s not. When Facebook launched Timeline or Open Graph or announced its new marketing platform, these things meant something for users and developers and the tech community at large. But this is about investors, and we just couldn?t help but blur those lines. And for that? You deserve an apology Your news feed has been overwhelming flooded with Facebook IPO buzz and for most of you, it means nothing. It?s not entirely unwarranted: many of us have been using, watching, writing, and reading about Facebook since it first started, and that fact that it?s about to go public deserves commentary and analysis. But this? this is unacceptable. The desperation with which tech media have fueled the fire is unforgiveable (these are real headlines): ? How Facebook?s IPO will change your life ? Facebook IPO: The musical ? How will Mark Zuckerberg?s hoodie affect the Facebook IPO? ? Facebook IPO: Good for Jews? ? Investing in the Facebook IPO? You may have a mental disorder Who needs to care, and who really, really doesn?t Some of the reaching is natural: articles exploring what it means for recent Facebook acquisitions or implications for it company?s mobile approach are warranted. But at a certain point, this isn?t in readers best interest. The mania of it all makes it ripe for fear mongering, as everyone likely saw with the ?Everyone distrusts Facebook! Don?t trust Facebook!? articles that have been cropping up. It?s like we all know this subject doesn?t have a lot of play with the average person interested in tech, because it?s about big money and Wall Street, but in order to make it tangible we twist and prod and pull until we find a way to bring it to the mass audience?s level. But that?s pandering and it isn?t good for anybody. I?ve seen articles that claim you?re an idiot if you aren?t trying to get a piece of the Facebook stock and others that call you one if you are. Then there are the unstoppable editorials about users mass deleting their accounts, that the site is a passing fad, that there are new privacy concerns. These articles have been written time and time again, only now they might seem to carry extra weight because there?s this other big news about the IPO, and naturally tying them together gives a story more weight and makes it mean something to more users. In reality, the list of who actually needs be reading this stuff day in and day out is relatively short. If you: ? Work for Facebook ? Invested in Facebook ? Are an investment banker ? Follow the stock market (are you seeing a pattern here?) Who doesn?t: ? Everyone else For the rest of us, it?s interesting for sure, but it isn?t life-changing. You will not become richer or poor and Facebook will become better or worse, which it would have regardless of an IPO. The Facebook IPO is more about Wall Street than the Website, and that?s why followers of consumer tech who realize this drumming up headlines business is nothing more than a game should brace themselves. It?s going to get a lot worse before it gets better. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 10:48:21 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 11:48:21 -0400 Subject: [Infowarrior] - OT:A Letter from Mark Zuckerberg Message-ID: A Letter from Mark Zuckerberg http://www.borowitzreport.com/2012/05/17/a-letter-from-mark-zuckerberg/ MENLO PARK, CA (The Borowitz Report) ? On the eve of Facebook?s IPO, Founder and CEO Mark Zuckerberg published the following letter to potential investors: Dear Potential Investor: For years, you?ve wasted your time on Facebook. Now here?s your chance to waste your money on it, too. Tomorrow is Facebook?s IPO, and I know what some of you are thinking. How will Facebook be any different from the dot-com bubble of the early 2000?s? For one thing, those bad dot-com stocks were all speculation and hype, and weren?t based on real businesses. Facebook, on the other hand, is based on a solid foundation of angry birds and imaginary sheep. Second, Facebook is the most successful social network in the world, enabling millions to share information of no interest with people they barely know. Third, every time someone clicks on a Facebook ad, Facebook makes money. And while no one has ever done this on purpose, millions have done it by mistake while drunk. We totally stole this idea from iTunes. Finally, if you invest in Facebook, you?ll be far from alone. As a result of using Facebook for the past few years, over 900 million people in the world have suffered mild to moderate brain damage, impairing their ability to make reasoned judgments. These will be your fellow Facebook investors. With your help, if all goes as planned tomorrow, Facebook?s IPO will net $100 billion. To put that number in context, it would take JP Morgan four or five trades to lose that much money. One last thing: what will, I, Mark Zuckerberg, do with the $18 billion I?m expected to earn from Facebook?s IPO? Well, I?m considering buying Greece, but that would still leave me with $18 billion. LOL. Friend me, Mark --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 12:35:25 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 13:35:25 -0400 Subject: [Infowarrior] - WH Cybersecurity Czar Howard Schmidt Retiring Message-ID: <4CD4E414-796E-41C4-9972-C94080D80393@infowarrior.org> May 17, 2012, 10:54AM White House Security Czar Howard Schmidt Retiring by Dennis Fisher http://threatpost.com/en_us/blogs/white-house-security-czar-howard-schmidt-retiring-051712 Howard Schmidt, the top White House information security adviser, is retiring after more than two years on the job and several decades in security both in government and private industry. Schmidt is in his second stint as the White House security chief and he's leaving at a time when cybersecurity has moved into the top tier of military and economic concerns for the country. The departure is a blow to the Obama administration's efforts on cybersecurity and comes at a time when the White House is wrangling with Congress on legislation designed to address various information security problems and weaknesses. There are competing proposals in Congress right now and one of the major sticking points has been what kind of information companies will be allowed to share with government agencies regarding attacks and vulnerabilities. Schmidt, who will leave at the end of the month, took on the role of White House cybersecurity coordinator in early 2010 after a varied and long career in security and law enforcement. He was the CISO of Microsoft, and Air Force officer and had earlier served as the top cybersecurity officer in the George W. Bush administration. After Obama took office, the top information security job was vacant for quite a while and word at the time was that the job had been offered to a variety of top executives in the security industry, but no one had been interested. The position was seen as having a lot of prestige, but not much in the way of power because the responsibility for information security inside the federal government is so splintered. The Department of Homeland Security, U.S. Cyber Command, National Security Agency and other groups all have some sort of responsibility for security. There were not many takers for the job of throwing a rope around all of that mess and trying to work with the private sector and other governments to fight cybercrime. "The private sector in the prevention of crime is very key, and, once again, look at a continuum. The products that are created, whether it?s software or hardware, become more resistant to some of the things that we see out there, whether it?s phishing/spearphishing, whether it?s vulnerabilities in software and hardware where private sector has a lead role in being able to reduce that from taking place," Schmidt said in an interview last year. "The other piece, as when we look at some of the things like the National Cyber Security Alliance here in the U.S., we look at some of the other partnerships that take place in Australia, Canada, U.K. and how they work with the private sector, just even some of the messaging thing about how to protect your identity online. ENISA, the European Network Information Security Agency has done a lot of really good work in what they call the AR Group, the Awareness Raising Group that puts together some best practices for consumers and businesses and everything. So, working with the private sector is really key, because they can not only help build the technology that reduces the likelihood of becoming a victim, but they can also help spread the message with their customers." Schmidt will be replaced in the White House by Michael Daniel, who works in the budget office, according to a report in the Washington Post. Daniel has worked on intelligence and security issues for several years. One of the major initiatives undertaken by the White House during Schmidt's tenure was the development of the National Strategy for Trusted Identities in Cyberspace, a blueprint for the adoption of non-password based online identities. Schmidt said he saw the development of alternative authentication methods as a key for improving security. "We?re starting to see a lot of these companies working with other companies to make sure we?re looking at the full breadth of things, not only the one-time password that may be on your mobile device, but also what can we do to make sure that somebody doesn?t wind up hijacking that through some other sort of mechanism? So, overall, I think there?s a full recognition of the challenges we have moving forward. The people that I?ve talked to in the national program office I?ve talked with recognize that the status quo doesn?t apply here, that we can take a lot from the experiences we?ve had in the past and the next generation of trusted identities or strong authentication or in-person proofing, we can much improve over where we?ve been to date, so very, very positive," he said in the 2011 interview with Threatpost. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 12:44:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 13:44:26 -0400 Subject: [Infowarrior] - Comcast suspends bandwidth cap Message-ID: <57ABD795-A29C-49A8-A36D-F3952E10E208@infowarrior.org> Comcast to Replace Usage Cap With Improved Data Usage Management Approaches Posted by Cathy Avgiris, Executive Vice President and General Manager, Communications and Data Services, Comcast Cable, in Broadband http://blog.comcast.com/2012/05/comcast-to-replace-usage-cap-with-improved-data-usage-management-approaches.html Today, the way people use video and access information has changed dramatically. Four years ago, when we first instituted a broadband Internet data usage threshold, the iPhone had just been introduced...the iPad didn't exist...and the experience of watching streaming video on your home PC or through a Roku box or direct to an Internet-capable TV was much different than it is now. While the world was changing, so were we. Over the past few years, we have been an industry leader in innovation ? delivering exciting new products to our customers on a regular basis. Our recent announcements about the Xfinity TV app, Streampix, HBOGO, WatchESPN, and Xfinity TV on the Xbox 360 are just a few examples of how we're using new platforms to deliver new services to a range of consumer devices and screens. In 2008, we announced an Internet data usage policy that allowed residential customers up to 250 GB of data usage per month. It was widely recognized that this was far above any normal (including very heavy) residential use of our high-speed data service, and in fact, that remains the case today. (Netflix April 2011 Letter to Shareholders; PC World ? "Are Broadband Usage Caps Inevitable?"; ArsTechnica: "Comcast starts 250 GB bandwidth caps October 1"). With the passage of time, it's important to remember that the purpose of the usage threshold was simply to ensure that all of our customers were treated fairly and had a consistent and superior experience while using our high-speed data service. That has been and will be our sole goal. We've never had any intention to limit the lawful use of the Internet or restrict our customers' ability to view online video. Importantly, we have consistently treated all video carried over the public Internet the same whether it comes from our sites or anywhere else on the public Internet. XfinityTV.com, nbc.com, Hulu, Netflix or YouTube, and every other Internet video site (whether our site or a third-party site) is treated, and will continue to be treated, exactly the same. That's consistent with FCC rules and consistent with what we have always done and continue to do. We've also always said that we would evaluate customer usage and a variety of other factors and make adjustments as the marketplace evolved. Please see our FAQs and a Venture Beat story on this topic. Over the last several years, we have periodically reviewed this policy, and for the last six months we have been analyzing the market and our process and think that now is the time to begin to move to a new plan. This conclusion was only reinforced when, in recent weeks, some of the conversation around our new product introductions focused on our data usage threshold, rather than on the exciting opportunities we are offering our customers. So as the market and technology have evolved, we've decided to change our approach and replace our static 250 GB usage threshold with more flexible data usage management approaches that benefit consumers and support innovation and that will continue to ensure that all of our customers enjoy the best possible Internet experience over our high-speed data service. In the next few months, therefore, we are going to trial improved data usage management approaches comparable to plans that others in the market are using that will provide customers with more choice and flexibility than our current policy. We'll be piloting at least two approaches in different markets, and we'll provide additional details on these trials as they launch. But we can give everyone an overview today. The first new approach will offer multi-tier usage allowances that incrementally increase usage allotments for each tier of high-speed data service from the current threshold. Thus, we'd start with a 300 GB usage allotment for our Internet Essentials, Economy, and Performance Tiers, and then we would have increasing data allotments for each successive tier of high speed data service (e.g., Blast and Extreme). The very few customers who use more data at each tier can buy additional gigabytes in increments/blocks (e.g., $10 for 50 GB). The second new approach will increase our data usage thresholds for all tiers to 300 GB per month and also offer additional gigabytes in increments/blocks (e.g., $10 per 50 GB). In both approaches, we'll be increasing the initial data usage threshold for our customers from today's 250 GB per month to at least 300 GB per month. In markets where we are not trialing a new data usage management approach, we will suspend enforcement of our current usage cap as we transition to a new data usage management approach, although we will continue to contact the very small number of excessive users about their usage. Our goal with this improved approach, these consumer trials, and our continued investment in our network is to create products that meet the needs of all of our residential customers (even the heaviest users) and provide everyone with a choice. Of course, as we bring new product innovations to our customers on multiple platforms, we must address the realities of managing a network that services more than 20 million customers. As the FCC has acknowledged repeatedly, we have to manage data usage on our network for the benefit of all of our customers And we're committed to manage data usage on our network with a clear set of important principles designed to maximize the benefits of using our high-speed data service to access the Internet for all of our customers ? principles of consistency, fairness and non-discrimination. At all times, including during our pilot tests, we will be transparent to our customers. We will provide our customers with the information they need to select the service level and options appropriate to their needs, including providing our customers the tools necessary to manage their use of our high-speed Internet service. Given this changing and dynamic marketplace, we will continue to consider other ways to ensure that all of our customers are treated fairly and have a consistent and superior experience while using our residential high speed Internet service in the way in which it is intended. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 14:32:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 15:32:31 -0400 Subject: [Infowarrior] - OpEd: Regardless Of What The Propaganda Says, This Is Not How A Free Society Treats People Message-ID: Guest Post: Regardless Of What The Propaganda Says, This Is Not How A Free Society Treats People http://www.zerohedge.com/news/guest-post-regardless-what-propaganda-says-not-how-free-society-treats-people Submitted by Simon Black of Sovereign Man Regardless Of What The Propaganda Says, This Is Not How A Free Society Treats People I?ve been in the US for a little more than 24-hours. And having flipped through the TV channels trying to figure out what useless drivel big media is passing off as ?news?, I realized that I?m going to vomit if I hear the word ?fair? one more time. This concept of ?fair? seems to be dominating discussion of the US government?s dismal fiscal condition. The talking heads say that it?s ?fair? for wealthy Americans to pay higher taxes and bail the country out? or that everyone needs to pay his/her ?fair? share. The whole logic is absurd: you do not ?fix? the country?s fiscal imbalances by giving the idiots in charge even more resources to squander? it?s like dumping gasoline on a forest fire. Somehow the debate seems to have missed this point. This ?fair? nonsense is also very dangerous. Just ask any three-year old? ?fair? is completely arbitrary. It?s like a Wiki version morality? if enough people agree on it, it?s fair. In this case, ?fair? is defined in the sole discretion of those who are the direct beneficiaries of confiscating other people?s money. But let?s look at the numbers: According to the IRS statistical database, the top 1% of income earners in the United States pays roughly 40% of all US individual income tax. They also get audited at least 5-times more than anyone else. Fair? The other major complaint seems to be that the wealthy are ?abusing? capital gains rules in order to pay a 15% rate instead of a 35% rate. Duh. That?s why they?re wealthy, and stay wealthy? they don?t WORK for a living, they OWN assets which are subject to capital gains. It seems so bizarre that a country once regarded as the freest, most economically enviable in the world would treat its productive citizens with such hostility. This is where Eduardo Saverin comes in. The Facebook co-founder, who finds himself a few billion dollars richer this week, recently renounced his US citizenship. And, to the intelligentsia, it?s not ?fair?. ?Saverin needs to pay his fair share! He owes America more,? they whine, completely ignorant that the 30-year old is already forking over a $500+ million exit tax (which may end up in the billions). Apparently it?s not good enough that the company Saverin co-founded has created tens of thousands of jobs, spawned entire industries, and produced oodles of new millionaires. Oh yeah, it?s also made things damn easy for the CIA, NSA, and FBI. You?d think Uncle Sam would pin a medal on his chest. But no. Saverin left behind a lot of value and decided to move on to greener pastures in Singapore. Now the do-gooders in Congress are cooking up new legislation (the EX-PATRIOT Act) designed to permanently bar ?renunciants? like Saverin from re-entering the United States. It?s interesting that, rather than change their ways of doing business and introducing legislation that provides incentives for productive people to come here and stay here, they maintain policies that chase people away, and introduce new ones to lock the door after they?re gone. The lesson here (especially for natural-born citizens) is this: simply by accident of birth, you are born with a lifelong obligation that you never signed up for to finance the corrupt misdealings of the political class. And if you choose to abandon this obligation, they will bar you from ever entering your homeland again. Regardless of what the propaganda says, this is not how a free society treats people. It might look and feel like a representative democracy on the surface, but under the hood it?s the modern day equivalent of feudal serfdom. The land of the free has certainly fallen a long way --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 17 15:04:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 16:04:05 -0400 Subject: [Infowarrior] - Google Can Track Ships At Sea -- Including US Navy; Detailed Maps Planned of Sea Bottom Message-ID: <08C94A12-56CE-457E-87CF-7081CC0035EA@infowarrior.org> Google Can Track Ships At Sea -- Including US Navy; Detailed Maps Planned of Sea Bottom By Sydney J. Freedberg Jr. and Colin Clark Published: May 17, 2012 http://defense.aol.com/2012/05/17/google-satellites-can-track-every-ship-at-sea-including-us-na/ VIRGINIA BEACH, VA: Google will soon make public information about virtually every ship at sea, giving the current location and identity even of American warships. While the company is consulting with the Navy and others about security issues, it plans to go public with the data soon. Google paid several million dollars for satellite technology to pinpoint ships' locations. "These things cost three million dollars for the whole program," Michael Jones, "Chief Technology Advocate" at Google Ventures, said at the annual Joint Warfighting Conference held by the US Naval Institute and the electronics industry group AFCEA. Google has talked to representatives of 50 navies worldwide about their new technology and has discovered it tracks ships better than their own commanders can. "I watch them and they can't see themselves," Jone said. "It angers me as a citizen that I can do this and the entire DoD can't." Like its nascent project to map the ocean floor, Google's new technology to track ships on the surface takes advantage of prior investments by others. In this case, it's the Maritime Automatic Identification System, known as AIS, a system of transponders installed in all legitimate seagoing vessels that periodically transmit their position to avoid collisions even when the crews can't physically see each other due to darkness or heavy weather. AIS signals are only designed to be detectable up to 20 nautical miles away, but researchers led by Greece's University of the Aegean developed larger, land-based antenna that can pick up the signal over greater distances -- but that still only picks up vessels relatively close to shore. From overhead, however, Google's twin satellites can detect ships anywhere on the ocean. The company is already working with governments around the world to help them track fishing vessels poaching in their exclusive economic zones and plans to make the data available to an estimated billion users of Google Maps. While the ship tracking maps are interesting, this is not a new technology although Google has apparently improved it. Google's involvement will mean, of course, that virtually anyone in the world can access the information. Still, there are very clear limits to the technology. Most important, any ship can turn off its transmitter, meaning that Google's tool probably doesn't pose any threat to critical military operations. As an intelligence source noted, Google's shipping data faces important limits. "It's not the ships you can see, but the ships you can't see that matter," this source said. However, the technology clearly could be useful for practitioners of change detection, people looking for patterns to US and other seaborne operations. It could conceivably be useful to terrorists and pirates looking to plan attacks on commercial shipping, for example. A longer term project may pose graver risks. Google has a five-year project to map the entire ocean floor using an unmanned seagoing sensor, whose accuracy -- within "a few centimers" might discover the resting places of top-secret spy satellites and other sunken wreckage national security authorities had thought was hidden forever, potentially triggering a "treasure hunt" by foreign powers, Jones warned. "ONR [Office of Naval Research] had done research on this but they had run out of funding," Jones said. So Google tracked down 17 people who had worked on the project before their contracts were cancelled, hired them, and has restarted the initiative itself. "The Navy's tested it, it works great; [but] they got too poor. They just couldn't do it," said Jones, himself the proud son of a Navy sailor. "That's just not right." Detailed knowledge of the sea bottom has historically been the purview of those relatively few countries with submarine fleets and deep sea submersibles. These programs are just examples of the kind of intelligence data available to anyone with a modest investment "instead of a huge 20-year national program," Jones said. Google already uses the 20 billion photos publicly available on the internet to generate uncannily accurate three-dimensional composite images of cities and individual buildings around the world, even including the interiors of major landmarks like St. Peter's Basilica in the Vatican. Said Jones, "Don't sit idly by while adversaries use new technology and you just sleep." However, several intelligence experts noted that, while Google's data possesses enormous commercial appeal its military and intelligence utility is limited. Most Google images are weeks or months old, at least, making them problematic for that most rarified and demanding use -- targeting. And as one intelligence source noted: "Just because you have the data, doesn't mean you can analyze the data or know how to use it." From rforno at infowarrior.org Thu May 17 20:08:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 May 2012 21:08:12 -0400 Subject: [Infowarrior] - Cybersecurity: How US utilities passed up chance to protect their networks Message-ID: <6098A94E-AA3C-4C2F-910C-DB6FDF0C57A4@infowarrior.org> The Christian Science Monitor - CSMonitor.com Cybersecurity: How US utilities passed up chance to protect their networks Cybersecurity needs are not hypothetical, as the recent DHS warning of a cyberattack on the US natural gas industry shows. Why then was a post-9/11 initiative to secure US utilities dropped? http://www.csmonitor.com/layout/set/print/content/view/print/512531 By Mark Clayton, Staff writer posted May 17, 2012 at 5:13 pm EDT With America now trying to thwart a cyberattack on its natural gas industry, it is helpful to recall the hectic days after 9/11, when industry scientists raced to shield from potential terrorist cyberattacks hundreds of thousands of vulnerable devices that control vital valves and switches on America's gas pipelines, water plants, and power grid. It was a race that seemed winnable. After five years of intense effort, a 35-member team of industrial-control-system wizards from the gas, water, and electric utilities industries had created a powerful new encryption system to shield substations, pipeline compressors, and other key infrastructure from cyberattack. But just weeks before it was to be finalized in 2006, the funding plug was pulled on the encryption system, called AGA-12, by the American Gas Association and its partners at the electric power and water utility industries, some who worked on the project recall. To this day, the cancelation of the project has called into question whether US utilities will, on their own, invest in measures necessary to protect their networks. Tested at a Los Angeles water treatment plant, a gas utility in Chicago, and other locations, AGA-12 worked well. National labs verified it. Experts said it was good to go. Yet with 9/11 receding in memory, utility industry executives had begun worrying anew about the cost of deploying the system, former project participants say. Today, six years after AGA-12 was aborted and 11 years after the World Trade Center attacks, the US natural gas industry is trying to thwart a real cyberattack campaign, according to the US Department of Homeland Security (DHS). Congress, meanwhile, is still debating whether voluntary or mandatory security standards are the best way to secure America's critical infrastructure. All of which leaves researchers who helped develop AGA-12 frustrated and a little wistful about the digital shield that they say would have provided a badly needed layer of security ? especially in light of a trend toward cyberattacks on critical infrastructure companies. "Technically it was an excellent standard and we were almost done with it when the project was terminated," says William Rush, a now-retired scientist formerly with the Gas Technology Institute, who chaired the effort to create the AGA-12 standard. "One of the things I wake up in the middle of night and worry about is what to do if we've just been attacked. That's not the time to worry about it ? now's the time." AGA-12, he says, was designed to secure older industrial control system devices out in the field, many of which still today communicate by modem and phone line, radio, or even wireless signal, but were never designed with cybersecurity in mind and remain highly vulnerable today. It's not clear that AGA-12 could have stopped the "spear-phishing" type of cyberattack now under way against the natural gas industry, experts say. But it could stop at least one kind: attacks directly on systems in the field of the kind DHS has highlighted in numerous studies and reports. Installed in front of each vulnerable device would have been an AGA-12 gatekeeper, a sealed black box with a processor and cryptographic software inside, he explains. That "bump in the wire" would sift and decipher commands coming in from legitimate operators, but shield the vulnerable industrial control systems behind them from any false signals that might allow a hacker to take over. "It was never intended to be a silver bullet," Dr. Rush says. "But it would definitely have provided quite a lot more protection for critical infrastructure like gas pipelines and the power grid than we have right now." The reality of the cyberthreat was driven home in late March, when DHS issued the first of four confidential "alerts" warning of a cyberattack campaign against US natural gas pipeline companies' computer networks. Some researchers have linked the attack to a 2011 attack for which US officials blame China. Those recent attacks follow a trend in which corporate and industrial networks belonging to critical infrastructure companies are seen to be a growing target. In April, the cybersecurity company McAfee and the Center for Strategic and International Studies (CSIS), a Washington think tank, found that 40 percent of electric utility company officials in 14 countries said their networks were under attack and more vulnerable than ever. Meanwhile, in an election year, Congress and the Obama administration are wrangling over new cybersecurity standards for critical infrastructure companies ? primarily whether they should be based on a voluntary or mandatory approach. "The issue isn't a lack of standards," says James Lewis, director of the Technology and Public Policy Program at CSIS. "It's the lack of a business case for individual companies to spend for public safety. This [AGA-12 case] just confirms it. They know what to do to make things secure and have chosen not to do it for sound business reasons. A voluntary approach doesn't work." At least six energy industry organizations that have developed voluntary cybersecurity standards for their industrial control systems would disagree. They include the North American Electric Reliability Corporation (NERC), International Electrotechnical Commission, American Petroleum Institute, and the AGA. But because the standards are voluntary or are "guidelines," it's unclear how widely they have been acted upon. Asked if field devices have received added protections that supplanted the need for AGA-12, Jake Rubin, an AGA spokesman, says the AGA, federal government, and industry groups ?have put cybersecurity guidelines in place that independent operators are using currently in the field.? However, he adds, ?The ?bump in the wire? concept cannot be applied to all existing systems.? "AGA members are committed to the safe and reliable delivery of clean natural gas to their customers at affordable and stable prices," says Mr. Rubin, an AGA spokesman in an e-mail response. "They must make decisions that balance these factors, with safety always being the top priority for America?s natural gas utilities.? But other observers say that while some newer equipment with better security has been adopted in recent years, many of the same vulnerabilities remain because long-lived industrial control systems are rarely replaced if still functioning. Without a mandate, few companies will incur the cost to deploy enhanced security systems, they say. ?We found that the adoption of security measures in important civilian industries badly trailed the increase in threats over the last year,? Stewart Baker, a former DHS official who led the CSIS and McAfee study, said in a statement in April. Critical infrastructure industry executives (oil, gas, electric power, water) made only modest progress over the past year in securing their networks, the survey found. In the energy sector, security technology adoption grew just one percentage point (to 51 percent) with oil and gas industries increasing by three percentage points (to 48 percent). Even back in 2006 when memories of 9/11 were sharper, the business case for spending the money to become more secure just wasn't there, says Dennis Holstein, an independent researcher who helped write the AGA-12 implementation documents. "What I think killed AGA-12 more than anything else was the cost of it," Holstein says. "It was a success. But nobody was willing to pay $500 for a bump in the wire solution even if it radically improved security. I haven't seen any deployment of it." Protecting hundreds of thousands of miles of interstate gas pipelines, water supplies and even the power grid with the new encryption boxes was clearly a bottom-line decision, says John Kinast, a former senior engineer at the Gas Technology Institute, now retired, who was a primary researcher developing AGA-12. "As time went on, and we got farther from 9/11, there was just this feeling from the industry side that, 'Well, gee ? nobody's attacking us, so maybe it's not such an issue,' " he says in an interview. "But it's more than complacency. When you look at the cost-benefit and try to formulate a payback for a bump in the cord ? for something that hasn't happened yet ? it's just tough to make the case." The urgency has reemerged at times. After revelations in the fall of 2010 that a digital weapon called Stuxnet had homed in on and wrecked centrifuges in Iran's nuclear facilities, it was clear to many that hypothetical threats to industrial control systems were for real ? and many energy industry officials were alarmed. "There was a burst of panic in the [gas industry] executive suites, and rightly so over Stuxnet, but at this point nothing has materialized," says Rush, the retired Gas Technology Institute scientist. Now the gas pipeline industry is experiencing a cyberattack publicly identified in April by DHS, although it's still not clear to what degree the attacks are aimed at merely stealing information on corporate systems ? or at mapping the control system vulnerabilities for operating natural gas pipelines. ?To our knowledge, the ?cyberintrusions? reported to DHS have had no impact on deliveries or the safety of the pipeline system," Don Santa, president and CEO of the Interstate Natural Gas Association of America, said in a statement May 8. Members of his association, which has its own detailed cybersecurity guidelines, operate 223,000 miles of the 319,000 miles of natural gas transmission pipelines in the US. Even so, some say America needs to take more direct steps to protect aging critical infrastructure including, ironically enough, something like the AGA-12 standard. Fortunately, about two years ago, the Institute of Electrical and Electronics Engineers (IEEE), a powerful body that sets standards for industrial electrical equipment, dusted off the AGA-12 protocol and renamed it the IEEE 1711-2010 preliminary standard. It is set to be finalized soon ?? about 11 years after research on it began. But even now, selling a "bump in the wire" cybersecurity box remains a tough sales pitch for vendors pitching IEEE 1711-2010 boxes to gas, electric, and water companies that have old, insecure devices slathered across the American countryside. "The vulnerabilities are still out there, but now we have the equipment to patch it," says Tien Van, president of Sequi, Inc., a Tustin, Calif., systems provider that began building IEEE 1711 equipment. "We have sold some, but not too many of these.? Companies still don't want to spend the money to fix this." ? The Christian Science Monitor. All Rights Reserved. Terms under which this service is provided to you. Privacy Policy. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 18 07:22:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 May 2012 08:22:26 -0400 Subject: [Infowarrior] - London's Amazingly Explicit Surveillance State Mascot For The 2012 Olympics Message-ID: <5CA6560F-10F8-436A-B673-13E4206FC26B@infowarrior.org> London's Amazingly Explicit Surveillance State Mascot For The 2012 Olympics Has A Huge Camera Eye That 'Records Everything' Olympic mascots are often controversial. Usually this is because they are weird blobby cartoon characters with goofy names that seem to have been dreamed up by creators who mainlined Mountain Dew Code Red while watching 24 straight hours of Pokemon. The official mascot for the 2012 Olympics, set in London, has that going for it but is also controversial for an entirely different reason. London, the premiere panoptic city was one of the first to blanket itself with CCTV cameras; its heavy security and surveillance cordon is nicknamed the Ring of Steel. London decided to make its surveillance yen a dominant feature of its otherwise goofy mascots. ?Wenlock? and ?Mandeville? both have a huge single eye made out of a camera lens so that they can ?record everything.? Image at right is from the official London Olympics website. In case that?s too subtle for you, the Olympic organizers have offered a dress-up version of Wenlock in a policeman outfit. ?This has to be a joke. Please let this be a joke,? tweeted a privacy enthusiast I follow on Twitter, linking to this: It is not in fact a joke; Surveillance State Wenlock also shows up on the official shopping page for the London 2012 Olympics. The origin story for the sibling surveillance enthusiasts is that ?they were fashioned from droplets of the steel used to build the Olympic stadium,? reports the Guardian, saying the Olympic Committee passed over ?anthropomorphic pigeons, an animated tea pot and a Big Ben with arms and legs? to choose the all-seeing mascots. A surveillance mascot is appropriate for the 2012 Games. This Olympics will certainly win a gold medal for security measures. From the Guardian: < - > http://www.forbes.com/sites/kashmirhill/2012/05/17/londons-amazingly-explicit-surveillance-state-mascot-for-the-2012-olympics-has-a-huge-camera-eye-that-records-everything/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 18 10:45:33 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 May 2012 11:45:33 -0400 Subject: [Infowarrior] - =?windows-1252?q?US_=93Six_Strikes=94_Anti-Piracy?= =?windows-1252?q?_Scheme_Delayed?= Message-ID: <211C0997-4B54-4A5F-9E90-D955FBDB153E@infowarrior.org> US ?Six Strikes? Anti-Piracy Scheme Delayed ? Ernesto ? May 18, 2012 http://torrentfreak.com/us-six-strikes-anti-piracy-scheme-delayed-120518/ Soon the file-sharing habits of millions of BitTorrent users in the United States will be monitored as part of an agreement between the MPAA, RIAA, and all the major ISPs. Those caught sharing copyright works will receive several warning messages and will be punished if they continue to infringe. However, it now appears that the much-discussed July start date will have to wait until later in the year as the parties involved may fail to meet the provisional deadline. In the coming months the Center for Copyright Information (CCI) will start to track down ?pirates? as part of an agreement all major U.S. Internet providers struck with the MPAA and RIAA. The parties agreed on a system through which copyright infringers are warned that their behavior is unacceptable. After six warnings ISPs may then take a variety of repressive measures, which include slowing down offenders? connections and temporary disconnections. The plan was announced under the name ?Copyright Alerts? in July last year and the first ISPs were expected to send out the first warnings before the end of 2011. But this deadline passed silently and as things stand now it looks like the July 1, 2012 deadline is not going to be met by all ISPs either. TorrentFreak asked the CCI about the upcoming target date, and their response suggests that things may take longer than expected. ?The dates mentioned in the Memorandum of Understanding (MOU) are not hard deadlines but were intended to keep us on track to have the Copyright Alert System up and running as quickly as possible and in the most consumer friendly manner possible,? a spokesperson told us. ?We do not intend to launch until we are confident that the program is consumer friendly and able to be implemented in a manner consistent with all of the goals of the MOU. We expect our implementation to begin later this year.? In other words, it?s taking more time than expected. That said, the CCI did inform us that they have finally selected a third-party company that will be responsible for monitoring BitTorrent swarms. However, the name of the firm remains a secret for now. ?The technology partner we have identified and begun working with is an independent and impartial expert and we expect to have an announcement about the independent expert shortly,? TorrentFreak was told. As described in the agreement, this independent ?technology partner? will first be tested by yet another independent expert to see if their data collection methods stand up to scrutiny. This is a possible reason for the ?delay? but there are many more. At their end the internet providers all have to create a system that allows them to keep track of the warnings. To ensure the privacy of subscribers, this database of alleged pirates is not stored centrally. Hoping to find out more about what type of punishments ISPs have planned and their views on the agreement, we contacted several of them. Verizon was quick to respond but didn?t want to provide any details on the planned punishments. The ISP did say that they believe the voluntary agreement is the right solution for the piracy problem. ?Verizon has always said that copyright infringement is wrong and through this voluntary consumer friendly system, we believe we can educate our consumers and offer them access to legal alternatives,? the company told TorrentFreak. ?We believe this program offers the best approach to the problem of illegal file sharing and, importantly, is one that respects the privacy and rights of our subscribers. It also provides a mechanism for helping people to find many great sources of legal content.? Other Internet providers contacted by TorrentFreak, including Comcast and AT&T, did not respond to repeated inquiries about the BitTorrent crackdown. The CCI, however, ensured TorrentFreak that none of the ISPs has plans to terminate the accounts of subscribers. Temporary disconnections remain as one of the possible punishments. Which measures the various ISPs will choose remains a mystery for now. We?ll publish more on this and other details of the scheme in the near future. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 18 15:46:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 May 2012 16:46:56 -0400 Subject: [Infowarrior] - Facebook IPO a relative dud (compared to the hype & hope) Message-ID: <64A70019-C1E6-46B9-A024-340962C15B66@infowarrior.org> Facebook Falls Back to IPO Price Underwriters Stepped In to Support Social Network's Shares at Offering Price By JACOB BUNGE, JENNY STRASBURG and RYAN DEZEMBER http://online.wsj.com/article/SB10001424052702303448404577411903118364314.html Faceebook's IPO was delayed after traders experienced problems with their orders. Simon Constable joins Rolfe Winkler on Markets Hub with details. Photo: Reuters. Facebook Inc.'s FB +0.61% public debut had plenty of buzz but not much pop. The shares opened 11% higher, but struggled to stay above their $38 offering price and ended the day up just 23 cents. It was a tepid debut for one of the largest and most closely watched initial public offerings. More than 30 brokerages and banks were involved in the offering, which saw a nearly 571 million shares change hands on Friday?a record for a stock debut. The Internet company's shares opened Friday around $42 and within the first half hour fell as low as $38. The stock recovered as underwriters stepped in to support the price, according to people familiar with the matter. But in the final hour of trading, the shares lost steam and fell back to the $38 level. There have been only six other initial public offerings that raised more than $5 billion since 1995 and the average first day performance has been a 13% gain, according to Dealogic. Two of them, Visa Inc. V -2.06% with a 28% gain in 2008 and United Parcel Service Inc. UPS -1.04% in 1999 with a 36% gain, well outperformed Facebook. Companies and the bankers who take them public typically like to see a first-day pop in the share price, to make the deal worthwhile for those buying at the so-called inside price and to increase investors' enthusiasm for the stock. The debut was marred by a 30-minute delay in the opening of the shares, coupled with reports from traders about lack of communication about orders. That threatened to dent the reputation of Nasdaq OMX Group, NDAQ -4.39% operator of the Nasdaq Stock Market, which competed aggressively with the New York Stock Exchange for the chance to list the deal. Nasdaq officials told exchange members in a notice at noon that its staff was "investigating an issue in delivering trade execution messages" from trades made in Facebook's IPO. Around 1 p.m. Nasdaq indicated it would provide a "manual report" to brokers with information on Facebook trades. Once the stock opened, trading was robust?100 million shares traded in the first few minutes and more than 200 million shares changed hands in the first hour. The record for most shares traded on the day of an IPO had been held by General Motors Co., GM -1.99% at 458 million. But during the delay, and afterwards, traders said they were having trouble changing or canceling orders they had submitted to Nasdaq's queue starting at 7:30 a.m. Traders said the orders were accepted normally, but the usual process for canceling or altering an order wasn't accepted, suggesting problems with the queue. "We're still waiting" for trade confirmations, said Mark Turner, co-head of sales trading for electronic brokerage Instinet, about 90 minutes after Facebook's stock opened for trading. One investor said at 12:20 p.m. he was frustrated after a market order he put in around 11:40 a.m., for 1,000 shares, still hadn't been acknowledged by Nasdaq some 40 minutes later. "It's not reasonable," he said, adding that shorter delays for an order of 10,000 or 20,000 shares would be more understandable. Traders speculated the glitches could be tempering demand for Facebook shares, because would-be buyers couldn't be sure where they stood with earlier orders. Representatives for Nasdaq OMX had no immediate comment. Shares of the company were down 2% midafternoon with the market flat and other exchange operators trading higher. One person familiar with public offerings called Facebook's a success, saying that, the delay aside, the trading indicated the stock was well priced. The person said big one-day pops are far-less common in large offerings where lots of trading can help keep pricing efficient. Social media stocks are among the day's biggest losers. Online games maker Zynga Inc. ZNGA -13.42% shares dropped 13% to $7.17 and have been halted after hitting a single-stock circuit breaker. The stock fell more than 10% in five minutes, prompting the halt. Zynga is closely tied to Facebook, as 11% of the social network's revenue comes from Zynga. Facebook's offering, as expected, drew in investors large and small. Michael Mullaney, vice president and chief investment officer for Boston-based Fiduciary Trust, which primarily represents high-net-worth individuals, opted not to put in an order with underwriters before the offering, and instead bought shares on the open market Friday. "If we did get one it would have been a small piece," said Mr. Mullaney of an allocation. "And then who would we give it to? Which one of our clients gets the shares? I'd rather trade it on the open market with every Tom, Dick and Harry. It makes my life easier." On Friday at 1 p.m., Mr. Mullaney said in an email that he had received his shares at the price he liked, but considered the IPO "a dud." Meanwhile Theophilus Hodges, a 36-year-old property manager, stopped into an E*Trade branch in downtown Chicago on Friday morning specifically to open an account to buy Facebook shares, he said. "If it wasn't for Facebook I wouldn't be here," he said as he left the branch to go to his bank and transfer money into his new account. "I missed out on Groupon GRPN -6.69% when it went public, so I'm not going to miss the boat this time." Mr. Hodges said he plans to invest $10,000 in Facebook shares?including $4,500 of his own money and $5,500 from his mother. Mr. Hodges expressed confidence in Mark Zuckerberg as Facebook's CEO and said he isn't worried about Mr. Zuckerberg being young. "To me, he's a genius. You know, he created something for the whole world... Everything is social now. The world is a different place with Facebook," he said. Facebook and its stockholders are selling about 20% of the company's common stock in the IPO. By way of comparison, Groupon Inc. GRPN -6.69% sold about 6.3% of its stock in its IPO, according to Dealogic, while LinkedIn Corp. LNKD -5.65% sold 9.5%. Facebook's bigger so-called float could mean fewer extreme moves in the stock price. Facebook's IPO is "unprecedented in terms of the demand" from average investors, said Stephen Kay, a managing director at brokerage Knight Capital who works with retail brokerages. "I spoke to one of my big online brokers and at 6:05 this morning, when they allowed people to hit the button and make an order, there were hundreds of orders that were waiting," Mr. Kay said. From trading floors to Times Square, Wall Street pros and regular joes had been preparing for the moment, strategizing for the open or deciding whether?or when?to buy shares. TD Ameritrade AMTD -0.53% had 54,000 orders for Facebook shares by 11 a.m., with half the clients who requested and qualified getting an allocation, according to Steve Quirk, senior vice president of trading for the firm. Knight Capital Group, KCG +0.32% one of the biggest aggregators of U.S. retail share trading, on Friday morning saw an order from an investor willing to buy the stock at a price as high as $4,000, according to managing director Steve Kay. The order was essentially an indication the investor was willing to buy the shares at any price. ?Lynn Cowan, Steve Russolillo, Owen Fletcher, Kristen Grind and Alexandra Scaggs contributed to this article. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 18 20:46:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 May 2012 21:46:52 -0400 Subject: [Infowarrior] - US House wants DOD to propaganda Americans at home?! Message-ID: <6E3CEC88-81F3-4FBA-BCC3-FB0D19A55439@infowarrior.org> Congressmen Seek To Lift Propaganda Ban Propaganda that was supposed to target foreigners could now be aimed at Americans, reversing a longstanding policy. ?Disconcerting and dangerous,? says Shank. Amy Sly for BuzzFeed Posted May 18, 2012 4:27pm EDT http://www.buzzfeed.com/mhastings/congressmen-seek-to-lift-propaganda-ban An amendment that would legalize the use of propaganda on American audiences is being inserted into the latest defense authorization bill, BuzzFeed has learned. The amendment would ?strike the current ban on domestic dissemination? of propaganda material produced by the State Department and the Pentagon, according to the summary of the law at the House Rules Committee's official website. The tweak to the bill would essentially neutralize two previous acts?the Smith-Mundt Act of 1948 and Foreign Relations Authorization Act in 1987?that had been passed to protect U.S. audiences from our own government?s misinformation campaigns. The bi-partisan amendment is sponsored by Rep. Mark Thornberry from Texas and Rep. Adam Smith from Washington State. In a little noticed press release earlier in the week ? buried beneath the other high-profile issues in the $642 billion defense bill, including indefinite detention and a prohibition on gay marriage at military installations ? Thornberry warned that in the Internet age, the current law ?ties the hands of America?s diplomatic officials, military, and others by inhibiting our ability to effectively communicate in a credible way.? The bill's supporters say the informational material used overseas to influence foreign audiences is too good to not use at home, and that new techniques are needed to help fight Al-Qaeda, a borderless enemy whose own propaganda reaches Americans online. Critics of the bill say there are ways to keep America safe without turning the massive information operations apparatus within the federal government against American citizens. ?Clearly there are ways to modernize for the information age without wiping out the distinction between domestic and foreign audiences,? says Michael Shank, Vice President at the Institute for Economics and Peace in Washington D.C. "That Reps Adam Smith and Mac Thornberry want to roll back protections put in place by previously-serving Senators ? who, in their wisdom, ensured limits to taxpayer?funded propaganda promulgated by the US government ? is disconcerting and dangerous." ?I just don?t want to see something this significant ? whatever the pros and cons ? go through without anyone noticing,? ? says one source on the Hill, who is disturbed by the law. According to this source, the law would allow "U.S. propaganda intended to influence foreign audiences to be used on the domestic population." The new law would give sweeping powers to the State Department and Pentagon to push television, radio, newspaper, and social media onto the U.S. public. ?It removes the protection for Americans,? says a Pentagon official who is concerned about the law. ?It removes oversight from the people who want to put out this information. There are no checks and balances. No one knows if the information is accurate, partially accurate, or entirely false.? According to this official, ?senior public affairs? officers within the Department of Defense want to ?get rid? of Smith-Mundt and other restrictions because it prevents information activities designed to prop up unpopular policies?like the wars in Iraq and Afghanistan. Critics of the bill point out that there was rigorous debate when Smith Mundt passed, and the fact that this is so ?under the radar,? as the Pentagon official puts it, is troubling. The Pentagon spends some $4 billion a year to sway public opinion already, and it was recently revealed by USA Today the DoD spent $202 million on information operations in Iraq and Afghanistan last year. In an apparent retaliation to the USA Today investigation, the two reporters working on the story appear to have been targeted by Pentagon contractors, who created fake Facebook pages and Twitter accounts in an attempt to discredit them. (In fact, a second amendment to the authorization bill ? in reaction to the USA Today report ? seeks for cuts to the Pentagon?s propaganda budget overseas, while this amendment will make it easier for the propaganda to spread at home.) The evaporation of Smith-Mundt and other provisions to safeguard U.S. citizens against government propaganda campaigns is part of a larger trend within the diplomatic and military establishment. In December, the Pentagon used software to monitor the Twitter debate over Bradley Manning?s pre-trial hearing; another program being developed by the Pentagon would design software to create ?sock puppets? on social media outlets; and, last year, General William Caldwell, deployed an information operations team under his command that had been trained in psychological operations to influence visiting American politicians to Kabul. The upshot, at times, is the Department of Defense using the same tools on U.S. citizens as on a hostile, foreign, population. A U.S. Army whistleblower, Lieutenant Col. Daniel Davis, noted recently in his scathing 84-page unclassified report on Afghanistan that there remains a strong desire within the defense establishment ?to enable Public Affairs officers to influence American public opinion when they deem it necessary to "protect a key friendly center of gravity, to wit US national will," he wrote, quoting a well-regarded general. The defense bill passed the House Friday afternoon. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat May 19 09:48:03 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 19 May 2012 10:48:03 -0400 Subject: [Infowarrior] - Anti-Piracy Outfits Launch Attack on BitTorrent Protocol Message-ID: <2F78636E-8A15-438A-BA79-8D3304A64AFC@infowarrior.org> Anti-Piracy Outfits Launch Attack on BitTorrent Protocol ? Ernesto ? May 19, 2012 http://torrentfreak.com/anti-piracy-outfits-launch-attack-on-bittorrent-protocol-120519/ In recent weeks alarm bells sounded at Poland?s Computer Emergency Response Team when it was discovered that an unknown entity is sending massive amounts of forged data packets and posing a threat to BitTorrent users worldwide. A detailed analysis reveals that anti-piracy outfits may be initiating these attacks to prevent movies from being downloaded. According to security experts, the legality of these attacks is doubtful. According to the Computer Emergency Response Team (CERT) in Poland, BitTorrent?s uTP protocol is under attack. The security experts have observed a massive spike in activity compared to 2011, originating from centralized locations in Russia, Canada, China, Australia and the USA. The CERT group operates a system that scans for online threats and the attack on BitTorrent triggered several of their honeypot sensors. These attack sources send data packages that appear to be legitimate, but the IP-addresses they send are forged. The security researchers, who say these poisoning attacks are happening on a massive scale, observe that they are targeted at specific BitTorrent swarms sharing Russian movie releases. One of the likely explanations for these poisoning attacks is that anti-piracy outfits are utilizing them to ?protect? their clients? movies. For example, these outfits could overload BitTorrent swarms with corrupt data or ?disconnect? messages while masquerading as legitimate downloaders. This is exactly what the Microsoft funded startup Pirate Pay appears to be doing although other companies may also use similar methods. A company called ICM is currently listed as ?protecting? the Russian film that was the subject of the attacks identified by CERT. The security researchers don?t make any conclusive claims about the origins of the attacks, but they do note that anti-piracy groups are a possible source. ?At least one interest group that would benefit from uTP poisoning is easy to point at: multimedia companies and their subcontractors. Conduction of this kind of campaign by these institutions wouldn?t be precedent. It?s also possible that generated traffic is used for BitTorrent network mapping and data gathering for later use in other projects,? CERT comments. Perhaps of even more interest, CERT also notes that the poisoning attack, or anomaly as they call it, may very well breach cybersecurity law. ?[The attacks] produce visible disruption in IT systems and large amounts of our false-positive high-level alerts is a good proof. In terms of Polish law, European Convention on Cybercrime and U.S. Codes (and probably many other sources of domestic law) legality of process producing the anomaly is questionable,? the security experts note. In other words, the techniques these anti-piracy outfits appear to be using to prevent people from sharing copyrighted movies could be illegal. If that is the case then the movie companies who hire these anti-piracy outfits may be complicit in cybersecurity crimes. That would be a problem. TorrentFreak contacted the CEO of the Microsoft-funded Pirate Pay for a comment on the legality of his service, but we are yet to receive a reply. More details about the specifics of the attacks are available on the CERT website. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 20 09:21:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 May 2012 10:21:05 -0400 Subject: [Infowarrior] - UK surveillance program could expose private lives Message-ID: May 18, 4:52 PM EDT UK surveillance program could expose private lives RAPHAEL SATTER Associated Press http://hosted.ap.org/dynamic/stories/E/EU_BRITAIN_MASS_SURVEILLANCE?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2012-05-18-16-52-15 LONDON (AP) -- British officials have given their word: "We won't read your emails." But experts say the government's proposed new surveillance program will gather so much data that spooks won't have to read your messages to guess what you're up to. The U.K. Home Office stresses it won't be reading the content of every Britons' communications, saying the data it seeks "is NOT the content of any communication." It is, however, looking for information about who's sending the message and to whom, where it's sent from and other details, including a message's length and its format. The proposal, unveiled last week as part of the government's annual legislative program, is just a draft bill, so it could be modified or scrapped. But if passed in its current form, it would put a huge amount of personal data at the government's disposal, which it could use to deduce a startling amount about Britons' private lives - from sleep patterns to driving habits or even infidelity. "We're really entering a whole new phase of analysis based on the data that we can collect," said Gerald Kane, an information systems expert at Boston College. "There is quite a lot you can learn." The ocean of information is hard to fathom. Britons generate 4 billion hours of voice calls and 130 billion text messages annually, according to industry figures. In 2008, the BBC put the annual number of U.K.-linked emails at around 1 trillion. Then there are instant messaging services run by companies such as BlackBerry, Internet telephone services such as Skype, chat rooms, and in-game services like those used by World of Warcraft. Communications service providers, who would log all that back-and-forth, believe the government's program would force them to process petabytes (1 quadrillion bytes) of information every day. It's a mind-boggling amount of data, on the scale of every book, movie and piece of music ever released. So even without opening emails, how much can British spooks learn about who's sending them? THEY'LL SEE THE RED FLAGS Did you know how fast you were going? Your phone does. If you sent a text from London before stepping behind the wheel, and a second one from a service station outside Manchester three hours later, authorities could infer that you broke the speed limit to cover the roughly 200 miles that separate the two. Crunching location data and communications patterns gives a remarkably rich view of people's lives - and their misadventures. Ken Altshuler, of the American Academy of Matrimonial Lawyers, raves about the benefits smartphones and social media have brought to savvy divorce attorneys. Lawyers don't need sophisticated data mining software to spot evidence of infidelity or hints of hidden wealth when they review phone records or text traffic, he said. "One name, one phone number that's not on our client's radar, and our curiosity is piqued," he said. The more the communication - a late-night text sent to a work colleague, an unexplained international phone call - is out of character, "the more of a red flag we see." THEY'LL KNOW WHEN YOU'RE SLEEPING The ebb and flow of electronic communication -that call to your mother just before bed, that early-morning email to your boss saying you'll be late - frames our waking lives. "You can figure somebody's sleep patterns, their weekly pattern of work," said Tony Jebara, a Columbia University expert on artificial intelligence. In 2006, he helped found New York-based Sense Networks, which crunches phone data to do just that. Jebara said that calls made from the same location from 9 to 5 are a good indication of where a person works; the frequency of email traffic to or from a person's work account is a good hint of his or her work ethic; dramatic changes to a person's electronic routine might suggest a promotion - or a layoff. "You can quickly figure out when somebody lost their job," Jebara said, adding: "Credit card companies have been interested in that for a while." THEY'LL KNOW WHO'S THE BOSS Drill down, and communication can reveal remarkably rich information. For example, does office worker A answer office worker B's missives within minutes of the message being sent? Does B often leave colleagues' emails unanswered for hours on end? If so, B probably stands for "boss." That's an example of what Jebara's Columbia colleagues call "automated social hierarchy detection," a technique that can infer who gives the orders, who's respected and who's ignored based purely on whose emails get answered and how quickly. In 2007, they analyzed traffic from the Enron Corporation's email archive to correctly guess the seniority of several top-level managers. Intelligence agencies may not need such tools to untangle corporate flowcharts, but identifying ringleaders becomes more important when tracking a suspected terrorist cell. "If you piece together the chain of influence, then you can find the central authority," he said. "You can figure that out without looking at the content." THEY'LL KNOW WHO YOU'RE TALKING TO Seeing how networks of people communicate isn't just about finding your boss. It's about figuring out who your friends are. Programs already exist to determine the density of communications - something that can identify close groups of friends or family without even knowing who's who. If one user is identified as suspicious, then users closest to him or her might get a second look as well. "Let's say we find out somebody in the U.K. is a terrorist," said Kane. "You know exactly who he talks to on almost every channel, so BOOM you know his 10 closest contacts. Knowing that information not only allows you to go to his house, but allows you to go to their houses as well." A SNOOPER'S CHARTER? Detective work at the stroke of a key is clearly attractive to spy agencies. British officialdom has been pushing for a mass surveillance program for years. But civil libertarians are perturbed, branding the proposal a "snooper's charter." Kane says the surveillance regime has to be seen in the context of social networks such as Facebook and LinkedIn, where hundreds of millions of people are constantly volunteering information about themselves, their friends, their family and their colleagues. "There's no sense in getting all Big Brother-ish," he said. "The bottom line is that we're all leaving digital trails, everywhere, all the time. The whole concept of privacy is shifting daily." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun May 20 19:02:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 May 2012 20:02:28 -0400 Subject: [Infowarrior] - Nasdaq's Facebook Problem Message-ID: http://online.wsj.com/article/SB10001424052702303610504577416530447015656.html May 20, 2012, 7:44 p.m. ET Nasdaq's Facebook Problem Exchange Says Glitches Affected Millions of Shares; IPO System to Be Redesigned By JENNY STRASBURG, JACOB BUNGE and GINA CHON The Nasdaq Stock Market said on Sunday it bungled Facebook Inc.'s FB +0.61% initial public offering, acknowledging that technology problems affected trading in millions of shares. The trading glitches, coupled with underwhelming investor appetite for Facebook shares on Friday, fueled doubts about Wall Street's ability to handle hot IPOs. "This was not our finest hour," said Nasdaq OMX Group Chief Executive Robert Greifeld. The main problem, he said, was a malfunction in the trading-system's design for processing order cancellations. Extensive testing Nasdaq had performed ahead of the deal failed to unearth the problem, he said. Nasdaq delayed the start of trading in Facebook by 30 minutes on Friday as it raced to fix the glitch. More than 200 million shares changed hands in the first hour of trading, and more than 570 million during a day that traders say was marked by unease and confusion. The deal's underwriters worked to keep the stock from slipping below its $38 offering price. Shares closed just 23 cents higher?far short of the kind of first-day pop that signals a healthy offering. Friday's technical problems left investors large and small with orders processed improperly, if at all. Some say they lost money and want compensation from Nasdaq. Eric Noll, Nasdaq's executive vice president for transaction services, said the company is "rebuilding the entire book" to determine which investors should be compensated due to Nasdaq's system errors. Nasdaq's plan to repay investors would require approval of the Securities and Exchange Commission, exchange executives said. Nasdaq had competed fiercely with rival NYSE Euronext NYX +0.33% for the chance to list the deal. Nasdaq's board conferred Saturday about the problems. Officials said the company is planning to redesign its IPO systems. Nevertheless, Nasdaq's Mr. Greifeld said the offering, which raised some $16 billion, was "very successful." A Facebook spokesman declined to comment. The offering raised a host of questions about how Wall Street delivers on one of its most-basic functions?raising capital for young companies. It was the second technical snafu on a public offering in recent months for a major stock exchange touting sophisticated electronic-trading systems. In March, BATS Global Markets botched its IPO on its own exchange. BATS blamed a software glitch. "These markets are so fast, and they have so much scale. You turn it over to machines at light speed, and nobody can react," said David Weild IV, a former Nasdaq vice chairman and now an adviser on market structure and stock offerings at Grant Thornton LLP. "This isn't good for trust." Facebook's lackluster debut also focused attention on whether the company and its lead underwriter, Morgan Stanley, MS -0.82% were too optimistic about demand for shares as they raised the price and expanded the number for sale last week. Such a double-punch move is rare with IPOs because of fears it can dampen demand. "They squeezed all the juice out of it," said one person involved in the deal. Ultimately, the offering price was set at $38. Some people familiar with the matter said the fact that the opening trades were at around $42 showed the price was justified. After the problems began on Friday, Morgan Stanley, which led a group of 11 Wall Street banks, stepped in to buoy the share price, according to people familiar with the matter. In its role as the deal's so-called stabilization agent, Morgan Stanley could continue to support the shares through a pool known as an overallotment. But people familiar with the matter say the bank has no plans to use its own capital to prop up the shares in the days ahead. Nasdaq's Mr. Greifeld was at Facebook's Menlo Park, Calif., headquarters on Friday morning, where Mr. Zuckerberg rang Nasdaq's opening bell. In an interview that morning, Mr. Greifeld told the Journal that Nasdaq was "well prepared" for the start of trading. But around that time, things already were starting to go wrong. Nasdaq was accepting orders before trading began. But in some instances, if an investor then tried to cancel an order or change the price or size, Nasdaq didn't acknowledge the requests, confusing some traders, traders said. Around 11 a.m., Nasdaq indicated there would be a five-minute delay in the deal, not abnormal for an IPO. When 11:05 came and went without the opening or further detail on when it would happen, anxiety spread. Some traders say they jumped onto the open line Nasdaq had set up for communications during the deal. But traders said they received only intermittent promises of an update to come soon. Nasdaq officials said Sunday that they confronted a problem they hadn't anticipated in test runs. They said trading volume in Facebook wasn't more than anticipated. But because of the size of the Facebook IPO and the level of investor interest, the process of matching up buy and sell orders to pinpoint the price of the first trade took slightly longer than normal?five milliseconds instead of three, according to Mr. Greifeld. Meanwhile, Nasdaq's systems were hit with a wave of electronic messages to cancel trades or adjust orders for Facebook stock, according to people involved with the trading. Because the process of matching the first trade in Facebook shares was taking slightly longer than usual, some of those cancellation messages interfered with the process and caused it to reset. That created a loop, and Nasdaq officials worked for about 20 minutes to override the process and set the stock to open at 11:30 a.m. As many as 30 million shares worth of trading were affected by the glitch, Mr. Greifeld said. Brokers and traders who placed orders during that period didn't know the status of those transactions until 1:50 p.m., when Nasdaq sent out confirmations of trading done in the IPO. The troubles left some investors licking wounds. Some said they had put in orders to sell shares early in the day, but those orders didn't go through. By the time they discovered that in the afternoon, the share price had fallen, so they were able to sell only at the lower price. Other traders and investors said that because they didn't have confirmations of their earlier buy orders from Nasdaq, they weren't able to sell those shares until after 1:50 p.m. when Nasdaq released the fills into the market. On Saturday, one day after the deal, Facebook founder and Chief Executive Mark Zuckerberg married longtime girlfriend Priscilla Chan at his Palo Alto home. ?Ryan Dezember, Lynn Cowan and Shayndi Raice contributed to this article. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 21 09:09:19 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 May 2012 10:09:19 -0400 Subject: [Infowarrior] - Facebook? Faceplant! Message-ID: <339C949F-DA3E-442C-87AF-CF1BF2ABCFAA@infowarrior.org> Facebook Shares Fall Below IPO Offering Price CNBC.com | 21 May 2012 | 09:47 AM ET http://www.cnbc.com/id/47503280 Facebook shares fell more than 13 percent, falling below its $38 price of its initial public offering, in the social network's second day of trading as a public company. Meanwhile, the NASDAQ exchange continued to defend itself regarding the IPO's delay on Friday. The company's shares last traded down more than 13 percent. The stock had previously closed 0.6 percent higher on Friday. Investors and technology industry watchers are closely tracking the Menlo Park, Calif., company's shares. The world's largest social network was one of the most anticipated initial public stock offerings ever, and now serves as a bellwether for other social media companies. Facebook's market debut Friday suffered some hiccups, with trading on the Nasdaq delayed for a half hour and issues with traders' orders. The stock closed Friday just 23 cents above where it priced Thursday night, when many investors had hoped for a big first-day pop. Facebook shares fell below the offer price Monday before the market's open. It was unclear at that time whether underwriters such as Morgan Stanley would step in to help stabilize the stock. In a release, NASDAQ explained why the start of Facebook's trading was delayed on Friday. The company's CEO shed further light on the delay in an interview on Sunday with CNBC's Maria Bartiromo. "After the calculation of the FB IPO Cross was completed, but before printing the opening trade, additional order modifications were received by the system, changing the auction order book," the release said. To factor in the new book state, the system then recalculated the offer's auction. This caused further delay. "Again, changes were received before the IPO cross could print the opening trade, which resulted in additional re-calculations," NASDAQ said. "This condition persisted, resulting in further delay of the opening print." -AP contributed to this report. ? 2012 CNBC.com URL: http://www.cnbc.com/id/47503280/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 21 13:19:06 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 May 2012 14:19:06 -0400 Subject: [Infowarrior] - =?windows-1252?q?=91Father_of_the_Internet=92_war?= =?windows-1252?q?ns_Web_freedom_is_under_attack?= Message-ID: <5DF2FF1F-F3B2-4540-88E7-56015C3DD20B@infowarrior.org> (I agree 100% with Vint on this. --rick) ?Father of the Internet? warns Web freedom is under attack By Andrew Feinberg - 05/21/12 11:07 AM ET http://thehill.com/blogs/hillicon-valley/technology/228561-father-of-the-internet-warns-web-freedom-is-under-attack ?Father of the Internet? Vint Cerf on Monday warned that Internet freedom is under threat from governments around the world, including the United States. Cerf, a computer scientist who was instrumental in the Internet?s creation, now employed by Google as its "Internet evangelist," said officials in the United States, United Kingdom and Europe are using intellectual property and cybersecurity issues "as an excuse for constraining what we can and can't do on the 'net.? "Political structures ? are often scared by the possibility that the general public might figure out that they don't want them in power," he said. He sounded the alarm about the International Telecommunications Union (ITU), arguing the group is poised to assume the role of global Internet cop. ?There is strong indication that the Internet will enter the picture [for the ITU]," Cerf said at the Freedom to Connect conference. Cerf said the ITU is likely to try and lock in mandatory intellectual property protections as a backdoor for easy Web surveillance. Even good-faith efforts at Internet policymaking should be viewed with skepticism, Cerf said, because balancing freedom and security "isn't something that government alone is going to figure out." He criticized the Cybersecurity and Intelligence Protection Act (CISPA), legislation passed by the House to encourage companies to share information about cyber threats with the government, because it lacks "adequate constraints" on how the information is used. But Cerf said he has the "optimistic belief" that attempts by hostile governments to restrict access will be circumvented by resourceful engineers around the world. "If someone stops me from communicating, I'll find a way around it," he said. Cerf also urged vigilante groups such as Anonymous to stop using cyberattacks as a means of activism, saying the hackings are counterproductive. "I don't think lawlessness is our friend," he said. Ultimately, there is a legitimate role for law enforcement on the Web, he said, adding that "it would be bad for us as a community to say ? that all the good things outweigh the bad." "That's not a credible position to take," he said. Cerf said activists and regulators alike harm themselves by using terms like "cybercrime" because they suggest that "every bad thing that happens on the Internet is a crime." "Some are just bugs," Cerf said, while suggesting a better goal for policymakers should be "cybersafety." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 21 14:04:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 May 2012 15:04:52 -0400 Subject: [Infowarrior] - SCOTUS Refuses To Hear Tenenbaum Case Message-ID: <368BB2DA-571A-4F98-AEC8-B5294B3D5D56@infowarrior.org> Supreme Court Refuses To Hear Tenenbaum Case; Allows Charade To Continue from the onwards-and-onwards dept http://www.techdirt.com/articles/20120521/10240619002/supreme-court-refuses-to-hear-tenenbaum-case-allows-charade-to-continue.shtml As we expected, the Supreme Court has refused to hear the appeal by Joel Tenenbaum's lawyers to jump straight to the Constitutional questions concerning the ridiculous statutory damages awards for sharing a couple dozen songs. While reports are claiming that the Supreme Court has "upheld the $675,000" damages award, that's slightly misleading. At this point, the court simply refused to hear the appeal. As we pointed out in our post last week, this is really a procedural issue now. A jury had awarded $675,000 and Judge Nancy Gertner reduced the award based on Constitutional reasoning, rather than going through the remittitur process (allowing the record labels to request a new trial). The Appeals court rejected this saying that judges are supposed to avoid the constitutional questions if there's another way. So, all this really means at this point is that the process is going to get extended (which certainly works in the RIAA's favor). It seems likely that the judge will now use the remittitur process to lower the award, and the RIAA will (once again) choose to have the case heard again. Eventually, it might be able to make its way up the appeals chain again. Or, Tenenbaum could decide that too much of his life is being wasted on this and just settle (which is what the RIAA is hoping for). So, today's refusal to hear the appeal isn't as big a deal as some are making it out to be, but it sure sucks for the guy who's at the center of this. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 21 16:32:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 May 2012 17:32:02 -0400 Subject: [Infowarrior] - Nmap 6 Released Message-ID: <8DB13750-D725-4639-A45E-A6B51A6DD249@infowarrior.org> Nmap 6 Released May 21, 2012?The Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner version 6.00 from http://nmap.org/. It is the product of almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009. Nmap 6 includes a more powerful Nmap Scripting Engine, 289 new scripts, better web scanning, full IPv6 support, the Nping packet prober, faster scans, and much more! We recommend that all current users upgrade. http://nmap.org/6/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 21 17:46:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 May 2012 18:46:46 -0400 Subject: [Infowarrior] - Privacy: The Future of Fast Food Message-ID: <2E00BB2B-00E6-44BE-B0B5-BBEA9F3ABC40@infowarrior.org> Dystopic but certainly possible. -- rick The Future of Fast Food (video) http://www.aclu.org/pizza/images/screen.swf --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 07:42:17 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 08:42:17 -0400 Subject: [Infowarrior] - Private supply ship, SpaceX Dragon, launches Message-ID: <8C4FF607-A3C9-4FDD-87AF-962AAF75B21D@infowarrior.org> Private supply ship, SpaceX Dragon, rockets toward space station, opens new era of spaceflight By Associated Press, Updated: Tuesday, May 22, 7:02 AM http://www.washingtonpost.com/national/health-science/private-rocket-maker-tries-again-to-launch-eager-to-begin-1st-private-space-station-delivery/2012/05/22/gIQACDhIhU_print.html CAPE CANAVERAL, Fla. ? A first-of-its-kind commercial supply ship rocketed toward the International Space Station following a successful liftoff early Tuesday, opening a new era of dollar-driven spaceflight. The SpaceX company made history as its Falcon 9 rocket rose from its seaside launch pad and pierced the pre-dawn sky, aiming for a rendezvous in a few days with the space station. The unmanned rocket carried into orbit a capsule named Dragon that is packed with 1,000 pounds of space station provisions. It is the first time a private company has launched a vessel to the space station. Before, that was something only major governments had done. ?Falcon flew perfectly!!? SpaceX?s billionaire founder, Elon Musk, said via Twitter. ?Dragon in orbit ... Feels like a giant weight just came off my back.? Musk later told reporters: ?I feel very lucky ... For us, it?s like winning the Super Bowl.? This time, the Falcon?s nine engines kept firing all the way through liftoff. On Saturday, flight computers aborted the launch with a half-second remaining in the countdown; a bad engine valve was replaced. The White House quickly offered congratulations. ?Every launch into space is a thrilling event, but this one is especially exciting,? said John Holdren, President Barack Obama?s chief science adviser. ?This expanded role for the private sector will free up more of NASA?s resources to do what NASA does best ? tackle the most demanding technological challenges in space, including those of human space flight beyond low Earth orbit.? Flight controllers applauded when the Dragon reached orbit nine minutes into the flight, then embraced one another once the solar panels on the spacecraft popped open. Many of the SpaceX controllers wore untucked T-shirts and jeans or even shorts, a stark contrast to NASA?s old suit-and-tie shuttle crowd. The hopes of SpaceX employees were riding on that rocket, Musk noted, and everyone felt ?tremendous elation.? So did NASA. The space agency is banking on the switch from government to commercial cargo providers in the U.S., now that the shuttles no longer are flying. Astronauts could begin taking commercial rides to the space station in three to five years, if all goes well. ?The significance of this day cannot be overstated,? said a beaming NASA Administrator Charles Bolden. ?It?s a great day for America. It?s actually a great day for the world because there are people who thought that we had gone away, and today says, ?No, we?re not going away at all.?? The real test comes Thursday when the Dragon reaches the vicinity of the space station. It will undergo practice maneuvers from more than a mile out. If all goes well, the docking will occur Friday. Musk will preside over the operation from the company?s Mission Control in Hawthorne, Calif., where he monitored the liftoff. The space station was zooming over the North Atlantic, just east of Newfoundland, when the Falcon took flight. NASA is looking to the private sector to take over orbital trips in this post-shuttle period and several U.S. companies are vying for the opportunity. The goal is to get American astronauts launching again from U.S. soil ? creating jobs at home and halting the outsourcing, as Bolden put it. Until their retirement last summer to museums, NASA?s shuttles provided the bulk of space station equipment and even the occasional crew member. American astronauts are riding Russian rockets to orbit until SpaceX or one of its competitors takes over the job. Russia also is making periodic cargo hauls, along with Europe and Japan. Musk, a co-creator of PayPal, founded SpaceX a decade ago. He?s poured millions of his own money into the company, and NASA has contributed $381 million as seed money. In all, the company has spent more than $1 billion on the effort. Hundreds of SpaceX and NASA guests poured into the launching area in the early morning hours Tuesday, eager to see firsthand the start of this new commercial era. The company had a single second to get its rocket flying, and that?s all it needed. Everyone, it seemed, was rooting for a successful flight ? even Musk?s rivals. ?The shuttle may be retired, but the American dream of space exploration is alive and well,? said Mark Sirangelo, chairman of Sierra Nevada Corp.?s space systems, which is developing a mini-shuttle to carry space station crews in another few years. The six space station astronauts were especially enthusiastic. The crew beamed down a picture on the eve of the launch, showing the two who will use a robot arm to snare the Dragon. In December 2010, SpaceX became the first private company to launch a spacecraft into orbit and retrieve it. That test flight of a Dragon capsule paved the way for this mission, which also is meant to culminate with a splashdown of the capsule in the Pacific. This newest capsule is supposed to remain at the space station for a week before bringing back experiments and equipment. None of the other types of current cargo ships can return safely; they burn up on the way down. SpaceX and NASA officials stress this is a demonstration flight and that even if something goes wrong, much can be learned. Two more Dragon supply missions are planned this year, regardless of what happens during this week?s rendezvous. While acknowledging the difficult course ahead in the next few days, Musk and NASA officials savored Tuesday?s triumph. ?I would really count today as a success, no matter what happens the rest of the mission,? Musk said. Musk, 40, is the chief executive officer and chief designer for SpaceX. He also runs Tesla Motors, his electric car company. Hitching a ride into space, aboard the discarded second stage of the rocket, were the ashes of more than 300 people, including Mercury astronaut Gordon Cooper and ?Star Trek? actor James Doohan, who played Scotty. It?s a redo flight for a paying customer, Houston-based Celestis Inc. The Falcon 1 that carried the first batch of their ashes failed in 2008. ___ Online: SpaceX: http://www.spacex.com NASA: http://www.nasa.gov/offices/c3po/home/ Celestis Inc.: http://www.celestis.com/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 07:43:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 08:43:02 -0400 Subject: [Infowarrior] - U.S. lets China bypass Wall Street for Treasury orders Message-ID: Buried deep in the article is the real reason for this setup -- minimising the amount of public information about how much China is buying from us (and when) given our screwed up financial situation here in the States. I guess Treasury figures if/when China sells on the open market people will already know how screwed up things are anyway so secrecy on the outflows isn't as important as it is on the inflows. No different than how the Fed keeps its lending secret to banks for 2 years, so nobody knows how bad things really are until it's too late. -- rick Exclusive: U.S. lets China bypass Wall Street for Treasury orders By Emily Flitter | Reuters ? 3 hrs ago http://news.yahoo.com/exclusive-u-lets-china-bypass-wall-street-treasury-184217069--sector.html NEW YORK (Reuters) - China can now bypass Wall Street when buying U.S. government debt and go straight to the U.S. Treasury, in what is the Treasury's first-ever direct relationship with a foreign government, according to documents viewed by Reuters. The relationship means the People's Bank of China buys U.S. debt using a different method than any other central bank in the world. The other central banks, including the Bank of Japan, which has a large appetite for Treasuries, place orders for U.S. debt with major Wall Street banks designated by the government as primary dealers. Those dealers then bid on their behalf at Treasury auctions. China, which holds $1.17 trillion in U.S. Treasuries, still buys some Treasuries through primary dealers, but since June 2011, that route hasn't been necessary. The documents viewed by Reuters show the U.S. Treasury Department has given the People's Bank of China a direct computer link to its auction system, which the Chinese first used to buy two-year notes in late June 2011. China can now participate in auctions without placing bids through primary dealers. If it wants to sell, however, it still has to go through the market. The change was not announced publicly or in any message to primary dealers. "Direct bidding is open to a wide range of investors, but as a matter of general policy we do not comment on individual bidders," said Matt Anderson, a Treasury Department spokesman. While there is been no prohibition on foreign government entities bidding directly, the Treasury's accommodation of China is unique. The Treasury's sales of U.S. debt to China have become part of a politically charged public debate about China's role as the largest exporter to the United States and also the country's largest creditor. The privilege may help China obtain U.S. debt for a better price by keeping Wall Street's knowledge of its orders to a minimum. Primary dealers are not allowed to charge customers money to bid on their behalf at Treasury auctions, so China isn't saving money by cutting out commission fees. Instead, China is preserving the value of specific information about its bidding habits. By bidding directly, China prevents Wall Street banks from trying to exploit its huge presence in a given auction by driving up the price. It is one of several courtesies provided to a buyer in a class by itself in terms of purchasing power. Although the Japanese, for example, own about $1.1 trillion of Treasuries, their purchasing has been less centralized. Buying by Japan is scattered among institutions, including pension funds, large Japanese banks and the Bank of Japan, without a single entity dominating. Granting China a direct bidding link is not the first time Treasury has gone to great lengths to keep its largest client happy. In 2009, when Treasury officials found China was using special deals with primary dealers to conceal its U.S. debt purchases, the Treasury changed a rule to outlaw those deals, Reuters reported last June. But at the same time it relaxed a reporting requirement to make the Chinese more comfortable with the amended rule. Another feature of the U.S.-China business relationship is discretion: The Treasury tried to keep its motivation for the 2009 rule change under wraps, Reuters reported. Documents dealing with China's new status as a direct bidder again demonstrate the Treasury's desire for secrecy -- in terms of Wall Street and its new direct bidding customer. To safeguard against hackers, Treasury officials upgraded the system that allows China to access the bidding process. Then they discussed ways to deflect questions from Wall Street traders that would arise once the auction results began revealing the undeniable presence of a foreign direct bidder. "Most hold the view that foreign accounts only submit 'indirect bids' through primary dealers. This will likely cause significant chatter on the street and many questions will likely come our way," wrote one government official in an email viewed by Reuters. In the email, the official suggested providing basic, general answers to questions about who can bid in Treasury actions. "For questions more extensive or probing in nature, I think it prudent to direct them to the or Treasury public relations area," the official wrote. The granting to China of direct bidder status may be controversial because some government officials are concerned that China has gained too much leverage over the United States through its large Treasury holdings. For example, economist Brad Setser, who is a member of the National Economic Council and has also served on the National Security Council, has argued China's large Treasury holdings pose a national security threat. Writing for the Council on Foreign Relations in 2009, Setser posited that China's massive U.S. debt holdings gave it power over U.S. policy via the threat of a swift, large sale of U.S. debt that could send the market into turmoil and drive up interest rates. But Treasury officials have long maintained that U.S. debt sales to China are kept separate from politics in a business relationship that benefits both countries. The Chinese use Treasuries to house the dollars they receive from selling goods to the United States, while the U.S. government is happy to see such strong demand for its debt because it keeps interest rates low. A spokesman for the Chinese embassy in Washington did not respond to calls and emails seeking comment. The United States has, however, displayed increasing anxiety about China as a cybersecurity threat. The change Treasury officials made to their direct bidding system before allowing access to China was to limit access to the system to a specially designed private network connection controlled by the Treasury. China is among the most sensitive topics for bankers and government officials who court the country as a financial client because of its size and importance, and none would agree to comment on the record for this story. A former debt management official at the Treasury who did not want to be identified said that as China's experience in the U.S. Treasury market has deepened over time, Chinese officials may have felt more comfortable taking the reins in the management of their holdings. Their request to bid directly, in his view, came from a confidence that their money managers could buy U.S. debt more efficiently on their own than through Wall Street banks, which can often drive up the price of Treasuries at an auction if they know how much large clients are willing to pay. Such a practice that is not specifically illegal, though most traders would deem it unethical. Evidence of China's growing sophistication as a money manager in the U.S. markets is clear in its expansion of operations in New York. Its money management arm, the State Administration for Foreign Exchange (commonly called SAFE), has an office in Midtown Manhattan and a seasoned chief investment officer -- former Pacific Investment Management Co derivatives head Changhong Zhu -- in Beijing. A woman who answered the phone at SAFE's New York office said no one in the office was authorized to talk to the media. (Editing by Martin Howell and Steve Orlofsky) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 12:17:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 13:17:54 -0400 Subject: [Infowarrior] - Twitter hands your data to the highest bidder, but not to you Message-ID: <4E6152B6-9D6F-4E9A-B928-8ED6BF104A39@infowarrior.org> Twitter hands your data to the highest bidder, but not to you Ivor Tossell | Columnist profile | E-mail From Tuesday's Globe and Mail http://www.theglobeandmail.com/news/technology/digital-culture/ivor-tossell/twitter-hands-your-data-to-the-highest-bidder-but-not-to-you/article2439680/print/ Published Tuesday, May. 22, 2012 8:33AM EDT Last updated Tuesday, May. 22, 2012 10:56AM EDT It is not easy to remember all the things you've said in life. There never seem to be enough neurons to go around, and besides, people say altogether too many things. But there's always been comfort in the fact that, if a lifetime of statements has floated out of our heads and into the ether, the ether has forgotten about them too. Unless you're on Twitter. The mushrooming social network ? which people use as a group chat room, a forum for ideas and a personal notepad ? hides users' histories of statements from them. Now, it's working on better access to your history ? just not for you. Twitter has licensed third-party companies to mine its giant archive of tweets. The first among them, DataSift, specializes in filtering and packaging huge swaths of data that market-research companies can analyze. Now, there's nothing unethical about Twitter selling access to an archive of statements that users freely made in public: Twitter is playing by the terms it laid down for users when they signed up. But there's a catch. Unlike Facebook, whose Timeline lets users see everything they've posted, Twitter utterances vanish down the memory hole in a matter of weeks. The company is giving big corporate spenders access to writing that users created, but can't even see themselves. And while it might hew to the letter of its contract with users, it represents a grimly ironic breach of faith. In fairness to Twitter, providing easy-to-use access to trillions of tweets isn't the simplest task. Casual users can quickly find themselves sitting on a pile of 1,000 or 2,000 tweets. More dedicated users can end up with archives of tens of thousands of tweets. On the whole, in March, the company said that users were pumping out one billion tweets a week. Twitter archives every one of them. Every public tweet ever made can be individually accessed, if, and only if, you know its address. But this is hidden treasure without a map ? each tweet is buried under an essentially random, unguessable URL. Various search websites, like Top.sy and Google itself, index some of these tweets, but they are frequently selective or incomplete. The company has also given the U.S. Library of Congress access to its archives, and even it has reported to be wrestling with how to manage it all, and is planning to limit access to accredited researchers. Twitter's vast, real-time flow of data is enormously valuable ? and Twitter, of course, needs revenue. The company says it can't keep up with the demand, and so it licensed DataSift and another firm, Gnip, to use its data for the sole purpose of analytics. (Twitter says that protected or private messages will not be publicized. This is a good thing, since any release of private conversations would lead to the spontaneous termination of millions of careers, let loose an armada of libel suits, and tie up the human-rights tribunals for several years.) DataSift is just part of a chain: The data it sorts and packages can then be bought by analytics firms like NetBase, who distill it into consumer insights for brands like Nike. By applying filters and language analysis, companies can get an instant picture of how consumers feel about products, be it a global computer launch, or a neighbourhood frozen-yogurt franchise opening. DataSift's CEO, Rob Bailey, told me that this kind of real-time scanning could give companies a heads-up to breaking news before the media reports it, giving them a head start before the markets react. The company also offers Twitter data as a source of political research and insight. The ?historics? feature ? which opens up a vault of archival data going back to 2010, will launch within the next month. This kind of access isn't cheap. Subscriptions can run thousands of dollars a month, though pay-as-you-go options are available. Here's the irony: Twitter's users walked into this line of publishing on the premise that the data would be public. Now, having pumped the service full of data, that data has effectively been made private, accessible only to those with a corporate analytics budget. Inequal access to information creates an imbalance of power. This is especially important to those who posted publicly with the expectation that they'd be able to see, control and prune their postings later on. Remember that in many parts of the world, political research isn't just policy-testing and mud-slinging; it's a matter of life and limb for oppositions, activists and dissidents. A Twitter feed can paint a very detailed portrait of someone's life, their activities and associations, even if no individual tweet is particularly revealing. Now, Twitter users have two options: Submit their histories for corporate or political analysis, or delete them and lose everything. By locking users out of their own data, Twitter has managed a rare feat: making Facebook look good. Beyond Timeline, Facebook provides a ?Download Your Information? tool, which will give you a copy of everything you've fed into the system. A similar tool from Twitter would be a great start. Otherwise, it will have achieved a worst-of-both-worlds scenario: Tweets are kept private from their authors, but made public to those who can pay. A fair deal? Forget it. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 12:19:20 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 13:19:20 -0400 Subject: [Infowarrior] - Senate Dems propose increase in TSA grope fees Message-ID: Senate Dems back increase in air travel fee to close funding shortfall at TSA By Erik Wasson - 05/22/12 12:33 PM ET http://thehill.com/blogs/on-the-money/appropriations/228835-senate-moves-forward-with-increased-airline-passenger-fees#.T7vGjswN384.twitter The Senate Appropriations Committee on Tuesday moved forward with legislation to increase airline passenger security fees, beating back a GOP attempt to keep them at current levels. The 2013 Homeland Security appropriations bill would increase one-way fees for passengers from $2.50 to $5 in order to close a shortfall at the Transportation Security Administration. Sen. Mary Landrieu (D-La.) said the $350 million in funding would otherwise come from taxpayers and argued it is better to stick passengers who rely on TSA with the bill. Sen. Kay Bailey Hutchison (R-Texas) and Sen. Dan Coats (R-Ind.) sponsored an amendment to strip out the fee increase and offset the loss of revenue with cuts to state and local grants, emergency food and shelter funding, and to cut $89 million in funding for a new highway interchange leading to the Homeland Security?s new headquarters in southeast Washington, D.C. Hutchison noted that the Senate had decided not to increase the fees in the recent Federal Aviation Administration (FAA) reauthorization bill. That amendment was defeated on a 15 to 15 vote. Sen. Ben Nelson (D-Neb.) joined Republicans in supporting the measure to strip out the fee increase. Hutchinson joined Sens. Ron Johnson (R-Wis.) and Jerry Moran (R-Kan.) in voting against the DHS bill as a whole. Johnson and Moran have been voting against non-defense 2013 appropriations bills because they support the House GOP position that the spending caps in last August?s debt ceiling deal need to be lowered. The other Republicans on the Senate Appropriations Committee have all voted to support the August debt ceiling deal levels. The committee on Tuesday also approved the 2013 Military Construction and Veterans Affairs spending bill, traditionally the least controversial of all 12 annual spending bills. The vote was 30 to 0. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 12:23:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 13:23:37 -0400 Subject: [Infowarrior] - Congressional Staffers Still Can't Come To Terms With What Happened Over SOPA Message-ID: Congressional Staffers Still Can't Come To Terms With What Happened Over SOPA from the time-to-learn dept In a short article about a panel of Congressional staffers at the NCTA show, they basically admitted that any new "anti-piracy" legislation may be tough to pass -- with one staffer saying that the SOPA protests "poisoned the well." However, perhaps more interesting were the comments from Stephanie Moore, the "Democrat's chief counsel on the House Judiciary Committee" who apparently still refuses to believe that the public actually spoke out against the bill of their own free will: ?What happened was a misinformation campaign,? said Moore. ?People were basically misled into contacting Congressmen with claims that were extraordinary. There was some genuine concern, but as for it being a genuine home grown grassroots up-from-the-streets opposition, I beg to differ on that.? ...I always find this line of reasoning quite extraordinary. If you look at the history of copyright law -- especially over the past 40 years or so, it's been one "misinformation campaign" after another by RIAA and MPAA lobbyists.... < - > http://www.techdirt.com/articles/20120521/17273019008/congressional-staffers-still-cant-come-to-terms-with-what-happened-over-sopa.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 22 18:50:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 May 2012 19:50:48 -0400 Subject: [Infowarrior] - IBM Outlaws Siri, Worried She Has Loose Lips Message-ID: IBM Outlaws Siri, Worried She Has Loose Lips ? By Robert McMillan ? Email Author ? May 22, 2012 | ? 7:01 pm | ? Categories: Security, Software as a Service http://www.wired.com/wiredenterprise/2012/05/ibm-bans-siri/ If you work for IBM, you can bring your iPhone to work, but forget about using the phone?s voice-activated digital assistant. Siri isn?t welcome on Big Blue?s networks. The reason? Siri ships everything you say to her to a big data center in Maiden, North Carolina. And the story of what really happens to all of your Siri-launched searches, email messages, and inappropriate jokes is a bit of a black box. IBM CIO Jeanette Horan told MIT Technology review this week that her company has banned Siri outright because, according to the magazine, ?The company worries that the spoken queries might be stored somewhere.? It turns out that Horan is right to worry. In fact, Apple?s iPhone Software License Agreement spells this out: ?When you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text,? Apple says. Siri collects a bunch of other information ? names of people from your address book and other unspecified user data, all to help Siri do a better job. How long does Apple store all of this stuff, and who gets a look at it? Well, the company doesn?t actually say. Again, from the user agreement: ?By using Siri or Dictation, you agree and consent to Apple?s and its subsidiaries? and agents? transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and other Apple products and services.? Because some of the data that Siri collects can be very personal, the American Civil Liberties Union put out a warning about Siri just a couple of months ago. Privacy was always a big concern for Siri?s developers, says Edward Wrenbeck, the lead developer of the original Siri iPhone app, which was eventually acquired by Apple. And for corporate users, there even more potential pitfalls. ?Just having it known that you?re at a certain customer?s location might be in violation of a Non Disclosure Agreement,? he says. But he agrees that many of the issues raised by Apple?s Siri data handling are similar to those that other Internet companies face. ?I really don?t think it?s something to worry about,? he says. ?People are already doing things on these mobile devices. Maybe Siri makes their life a little bit easier, but it?s not exactly opening up a new avenue that wasn?t there before.? But other companies have been pressured by privacy groups over the way they store customer data. Google, for example, has come under fire in the past for the way it handles a massive database of user search data. But IBM doesn?t ban Google. Neither Apple nor IBM could be reached for comment Tuesday, but there are a couple of important differences between Siri and Google that may have IBM worried: For one, Siri can be used to write emails or text messages. So, in theory, Apple could be storing confidential IBM messages. Another difference: After being dogged by privacy advocates, Google now anonymizes search results ? making them difficult, if not impossible to trace back to an individual user ? after nine months. Maybe if Apple agreed to do something like that, Siri would be welcome over in Armonk, New York. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 07:15:11 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 08:15:11 -0400 Subject: [Infowarrior] - More Facebook IPO fallout Message-ID: <47BFA426-0C66-4D6D-890B-A3AB48AA361C@infowarrior.org> EXCLUSIVE: Here's The Inside Story Of What Happened On The Facebook IPO Henry Blodget | May 22, 2012, 5:30 PM | 132,879 | 120 And now for some more bombshell news about the Facebook IPO... Earlier, we reported that the analysts at Facebook's IPO underwriters had cut their estimates for the company in the middle of the IPO roadshow, a highly unusual and negative event. What we didn't know was why. Now we know. The analysts cut their estimates because a Facebook executive who knew the business was weak told them to. Put differently, the company basically pre-announced that its second quarter would fall short of analysts' estimates. But it only told the underwriter analysts about this. The information about the estimate cut was then verbally conveyed to sophisticated institutional investors who were considering buying Facebook stock, but not to smaller investors. The estimate cut appears to have influenced the investment decisions of at least some institutional investors, dampening their appetite for Facebook stock, and crucially, affecting the price at which they were willing to buy Facebook stock. As I described earlier, at best, this "selective disclosure" of the estimate cut is grossly unfair to investors who bought Facebook stock on the IPO (or at any time since) and didn't know about it. At worst, it's a violation of securities laws..... < - BIG SNIP - > http://www.businessinsider.com/exclusive-heres-the-inside-story-of-what-happened-on-the-facebook-ipo-2012-5 From rforno at infowarrior.org Wed May 23 07:15:28 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 08:15:28 -0400 Subject: [Infowarrior] - The numbers on the Facebook earnings revisions Message-ID: <7F709037-F484-4C81-A8B5-2B849B4B2AB4@infowarrior.org> The numbers on the Facebook earnings revisions By Poornima Gupta and Alexei Oreskovic http://www.reuters.com/article/2012/05/23/facebook-estimates-idUSL1E8GN0FT20120523 SAN FRANCISCO | Tue May 22, 2012 11:11pm EDT May 22 (Reuters) - Four of Facebook's major underwriters -- Morgan Stanley, Goldman Sachs, JPMorgan and Bank of America -- reduced their financial estimates for the soon-to-be-public company following the release of a revised prospectus on May 9 that noted the negative impact of mobile users on Facebook's business. While Facebook did not provide any specifics in its amended S-1 filing, the four underwriters reduced their earnings and revenue estimates for both the second quarter of 2012 and the full year within the next two days, according to sources. The new estimates highlighted a continued slowdown in Facebook's growth, with the banks forecasting 30.4 percent year-on-year 2012 revenue growth on average, instead of the 36.7 percent growth previously expected. In 2011, Facebook's revenue grew 87.9 percent year-on-year to $3.71 billion. The new numbers were relayed to big investors through phone calls and conference calls, according to investors. Bank of America held a conference call on May 10 with analyst Justin Post, where the underwriter revealed the lowered estimates. Here are the detailed figures from the four banks, according to one of the investors who received the new numbers. Lowered full year revenue estimate for 2012 Morgan Stanley -- $4.854 bln (new)from $5.036 bln (old) Bank of America -- $4.815 bln (new) from $5.040 bln (old) JPMorgan -- $4.839 bln (new) from $5.044 bln (old) Goldman Sachs -- $4.852 bln (new) from $5.169 bln (old) Lowered estimates for second-quarter 2012 Morgan Stanley -- $1.111 bln (new) from $1.175 bln (old) Bank of America -- $1.100 bln (new) from $1.166 bln (old) JPMorgan -- $1.096 bln (new) from $1.182 bln (old) Goldman Sachs -- $1.125 bln (new) from $ 1.207 bln (old) Lowered 2013 Earnings per share estimate Morgan Stanley -- 83 cents (new) from 88 cents Bank of America -- 64 cents (new) from 66 cents JPMorgan -- 66 cents (new) from 70 cents Goldman Sachs -- 63 cents (new) from 68 cents --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 07:58:48 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 08:58:48 -0400 Subject: [Infowarrior] - =?windows-1252?q?Senate_panel_votes_to_extend_gov?= =?windows-1252?q?ernment=92s_broader_surveillance_authority?= Message-ID: <6CB5822B-8453-43CF-B2B7-52027FB18A56@infowarrior.org> Senate panel votes to extend government?s broader surveillance authority By Ellen Nakashima, Published: May 22 http://www.washingtonpost.com/world/national-security/senate-panel-votes-to-extend-governments-broader-surveillance-authority/2012/05/22/gIQAneHPjU_print.html A key Senate panel voted Tuesday to extend a contested 2008 provision of foreign intelligence surveillance law that is set to expire at year?s end. The vote is the first step toward what the Obama administration hopes will be a speedy renewal of an expanded authority under the Foreign Intelligence Surveillance Act to monitor the U.S. e-mails and phone calls of overseas targets in an effort to prevent international terrorist attacks on the country. Director of National Intelligence James R. Clapper Jr. called the move by the Senate Select Committee on Intelligence ?important? to the effort to ensure that authorities can identify terrorist operatives and thwart plots. Extending the provision is the intelligence community?s top legislative priority this year. It is unclear, however, how quickly the full Congress will act to reauthorize the provision in the FISA Amendments Act of 2008, as the law is known. The committee?s vote was to extend it through June 2017. The measure in question enables authorities to collect electronic communications in the United States without a specific warrant for each person as long as a surveillance court signs off on the targeting procedures as ?reasonably designed? to ensure that those targeted are outside the United States. Sens. Ron Wyden (D-Ore.) and Mark Udall (D-Colo.) opposed the extension on civil liberties grounds. Wyden, concerned that the provision allows innocent Americans? e-mails and phone calls to be monitored without a warrant, has asked the administration to disclose how many Americans have had their communications monitored under the law. ?We have not gotten any clear answer on that,? said Jennifer Hoelzer, a Wyden spokeswoman. ?Before the Senate passes any long-term extension, we need to know how many law-abiding Americans are having their communications reviewed with these authorities.? The American Civil Liberties Union has filed a lawsuit challenging the 2008 law, arguing that it allows dragnet surveillance that could pick up Americans? communications. But many current and former administration officials disagree, saying any collection of communications by Americans would be incidental and subject to procedures to shield their identities. The ACLU is urging public hearings and more disclosure about the information the government is collecting before Congress votes on reauthorization. In a joint statement, committee Chairman Dianne Feinstein (D-Calif.) and ranking Republican Saxby Chambliss (Ga.) said the law?s provisions have provided necessary intelligence to fight terrorism and understand adversaries? intentions around the world. ?These authorities cannot be allowed to expire, and we urge quick action by the Senate and the House,? they said. For the most part, lawmakers have shown little desire to reopen the contentious debate of 2006-08, in which civil liberties advocates decried what they saw as a government sanction of wiretapping Americans without a court order, while proponents warned that failure to grant the government broader authorities could lead to another major terrorist attack on U.S. soil. The law that passed at the time also established that targeting Americans overseas requires a warrant. The committee?s vote Tuesday extended that provision until mid-2017. Left unchanged is the requirement for a court order to target Americans in the United States, which was mandated by the Foreign Intelligence Act of 1978, the law amended in 2008. ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 11:00:45 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 12:00:45 -0400 Subject: [Infowarrior] - Rickroll Meme Destroyed By Copyright Takedown Message-ID: <7FD16018-70F2-43B7-B927-108901114540@infowarrior.org> Rickroll Meme Destroyed By Copyright Takedown ? enigmax ? May 23, 2012 http://torrentfreak.com/rickroll-meme-destroyed-by-copyright-takedown-120523/ It?s possibly one of the most popular ever memes in the history of the Internet but today it lies in tatters. The Rickroll phenomenon, whereby people are promised one thing but given ?Never Gonna Give You Up? by Rick Astley instead, has been ended by a copyright takedown request by AVG Technologies. It?s a brave move ? Rickrolling was invented by 4chan and who knows how they?re going to react. Anyone who has spent much time online, especially on Internet message boards of any kind, will be aware of Rickrolling. It?s an incredibly simple concept. The meme is based on a bait and switch, whereby someone posts a hyperlink which allegedly provides content relevant to the current discussion, but in fact leads to the 1987 Rick Astley song ?Never Gonna Give You Up? instead. People who follow these links and end up viewing the song/video are said to have been ?Rickrolled? and over the years millions of people have been fooled into doing so. However, those falling into the trap today are being met with something not nearly as entertaining and, if it?s even possible, something that is even more annoying. Due to a copyright complaint, the original Rickroll video has been removed from YouTube. Taking down a five-year-old video with tens of millions of views is strange enough, but it is far from clear why AVG Technologies ? the people behind AVG Anti-Virus ? would want to do so at all. Hopefully there has been some terrible mistake and everything will be sorted out soon. If not, the consequences could be unpredictable. The Rickroll meme started life on the notorious 4chan message board in 2007 and developed into a worldwide sensation from there, and as we all know that particular community is not known for its patience, nor lack of creativity when it comes to revenge tactics. This is not the first time that the Rickroll video has been removed though. It was removed by YouTube in 2010 but reinstated shortly afterwards. TorrentFreak contacted both AVG and Google-owned YouTube for comment and we?ll post their statements here when they arrive. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 11:01:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 12:01:59 -0400 Subject: [Infowarrior] - WH issues new USG Digital Strategy Memo Message-ID: <07DD12BF-4EE8-4135-9464-4046014C3A77@infowarrior.org> Presidential Memorandum -- Building a 21st Century Digital Government MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES SUBJECT: Building a 21st Century Digital Government http://www.whitehouse.gov/the-press-office/2012/05/23/presidential-memorandum-building-21st-century-digital-government The innovative use of technology is fundamentally transforming how the American people do business and live their daily lives. Exponential increases in computing power, the rise of high-speed networks, and the growing mobile revolution have put the Internet at our fingertips, encouraging innovations that are giving rise to new industries and reshaping existing ones. Innovators in the private sector and the Federal Government have used these technological advances to fundamentally change how they serve their customers. However, it is time for the Federal Government to do more. For far too long, the American people have been forced to navigate a labyrinth of information across different Government programs in order to find the services they need. In addition, at a time when Americans increasingly pay bills and buy tickets on mobile devices, Government services often are not optimized for smartphones or tablets, assuming the services are even available online. On April 27, 2011, I issued Executive Order 13571 (Streamlining Service Delivery and Improving Customer Service), requiring executive departments and agencies (agencies) to, among other things, identify ways to use innovative technologies to streamline their delivery of services to lower costs, decrease service delivery times, and improve the customer experience. As the next step toward modernizing the way Government works, I charged my Federal Chief Information Officer (CIO) with developing a comprehensive Government-wide strategy to build a 21st century digital Government that delivers better digital services to the American people. Today, the CIO is releasing that strategy, entitled "Digital Government: Building a 21st Century Platform to Better Serve the American People" (Strategy), which provides agencies with a 12-month roadmap that focuses on several priority areas. The Strategy will enable more efficient and coordinated digital service delivery by requiring agencies to establish specific, measurable goals for delivering better digital services; encouraging agencies to deliver information in new ways that fully utilize the power and potential of mobile and web-based technologies; ensuring the safe and secure delivery and use of digital services to protect information and privacy; requiring agencies to establish central online resources for outside developers and to adopt new standards for making applicable Government information open and machine-readable by default; aggregating agencies' online resource pages for developers in a centralized catalogue on www.Data.gov; and requiring agencies to use web performance analytics and customer satisfaction measurement tools on all ".gov" websites. Ultimately, this Strategy will ensure that agencies use emerging technologies to serve the public as effectively as possible. As a Government, and as a trusted provider of services, we must never forget who our customers are -- the American people. In order to ensure that agencies make the best use of emerging technologies in serving the public, I hereby direct each agency to take the following actions: (1) implement the requirements of the Strategy within 12 months of the date of this memorandum and comply with the timeframes for specific actions specified therein; and (2) within 90 days of the date of this memorandum, create a page on its website, located at www.[agency].gov/digitalstrategy, to publicly report progress in meeting the requirements of the Strategy in a machine-readable format. This memorandum shall be implemented consistent with applicable law and subject to the availability of appropriations, and with appropriate protections for privacy and civil liberties. The Director of the Office of Management and Budget is authorized and directed to publish this memorandum in the Federal Register. BARACK OBAMA --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 13:53:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 14:53:02 -0400 Subject: [Infowarrior] - Introducing the Hot New Social Network, PhoneBook Message-ID: Borowitz Does It Again: Introducing PhoneBook From Andy Borowitz http://www.zerohedge.com/news/borowitz-does-it-again-introducing-phonebook Introducing the Hot New Social Network, PhoneBook SILICON VALLEY (The Borowitz Report) ? A new social network is about to alter the playing field of the social media world, and it?s called PhoneBook. According to its creators, who invented the network in their dorm room at Berkeley, PhoneBook is the game-changer that will leave Facebook, Twitter and even the much anticipated Google Buzz in a cloud of dust. ?With PhoneBook, you have a book that has a list of all your friends in the city, plus everyone else who lives there,? says Danny Fruber, one of PhoneBook?s creators. ?When you want to chat with a friend, you look them up in PhoneBook, and find their unique PhoneBook number,? Fruber explains. ?Then you enter that number into your phone and it connects you directly to them.? Another breakout utility of PhoneBook allows the user to arrange face-to-face meetings with his or her friends at restaurants, bars, and other ?places,? as Fruber calls them. ?You will be sitting right across from your friend and seeing them in 3-D,? he said. ?It?s like Skype, only without the headset.? PhoneBook will enable friends to play many games as well, such as charades, cards, and a game Fruber believes will be a breakout: Farm. ?In Farm, you have an actual farm where you raise real crops and livestock,? he says. ?It?s hard work, but it?s more fun than Mafia, where you actually get killed.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 13:55:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 14:55:01 -0400 Subject: [Infowarrior] - [attrition] rant: Vulnerability Research Labs - Most Worthless Advisories Award, 2012 Message-ID: <7FDEB627-6969-48A4-AED6-F1FD88315DBE@infowarrior.org> http://attrition.org/security/rants/vulnerability-lab/ Wed May 23 01:24:30 CDT 2012 By Jericho Vulnerability research advisories come in all shapes and styles. Some companies release brief summaries with no technical details as part of their responsible disclosure policy. Some security researchers will release incredibly detailed reports full of technical details and all of the information one could need regarding the issue. In at least one case, we find the weirdest combination of lengthy advisories that offer up the least amount of information possible. The following advisory from Vulnerability Research Labs (vulnerability-lab.com) is not necessarily the worst, but it is indicative of their advisories. The most troubling part is that the group obviously spends a lot of time writing them, but it doesn't appear they spend much time actually researching or reading their own advisories. Oh, and they also don't understand how text advisories and HTML works. [...] http://attrition.org/security/rants/vulnerability-lab/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 14:18:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 15:18:26 -0400 Subject: [Infowarrior] - Google Wins Patent Verdict In Oracle Trial Message-ID: <8C3F162D-7A6E-4C6E-8A87-50471FBDCAAB@infowarrior.org> May 23, 2012, 2:46 p.m. ET UPDATE: Google Wins Patent Verdict In Oracle Trial By John Letzing Of DOW JONES NEWSWIRES http://online.wsj.com/article/BT-CO-20120523-714737.html SAN FRANCISCO (Dow Jones)--A federal jury said Wednesday that Google Inc. (GOOG) didn't infringe Oracle Corp. (ORCL) patents that protect Oracle's Java technology, handing Google an incremental victory in the companies' ongoing trial. Oracle sued Google in August 2010, alleging that Google's Android mobile phone software infringes patents and copyrights that protect Java. Oracle had obtained Java just months earlier, when it purchased Java developer Sun Microsystems. The verdict delivered Wednesday marks the end of the second, patent phase of the trial, with a third phase yet to come that will determine whatever damages Google may owe. The first part of the trial, which had covered Oracle's claims that Google infringed copyrights that protect Java, ended with a mixed verdict. While that verdict clearly found that Google infringed on a relatively small portion of Java code protected by copyright, Oracle has indicated it will pursue a significant amount of related damages. Oracle, of Redwood Shores, Calif., had originally asserted a handful of patents have been infringed in its complaint, though the number was cut down to two by the time the trial began in San Francisco last month. "Today's jury verdict that Android does not infringe Oracle's patents was a victory not just for Google but the entire Android ecosystem," a Google spokesman said in a statement. An Oracle spokeswoman said in a statement, "Oracle presented overwhelming evidence at trial that Google knew it would fragment and damage Java. We plan to continue to defend and uphold Java's core write once run anywhere principle and ensure it is protected." The trial between Silicon Valley giants has drawn widespread attention, as a prime example of the current wave of litigation between tech firms related to intellectual property disputes. Google has complained publicly that rivals such as Oracle have sought to undercut Android with frivolous patent litigation. Android, which is provided for free to device makers, has grown to become the most popular smartphone software platform in the world. -By John Letzing, Dow Jones Newswires; 415-765-8230; john.letzing at dowjones.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 14:20:21 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 15:20:21 -0400 Subject: [Infowarrior] - Diablo 3 sets new record for PC games sales Message-ID: <80CF76CA-48E1-4E77-90C7-6BF4F56B7C69@infowarrior.org> Diablo 3 sets new record for PC games sales By Brian Crecente | TheVerge.com, Updated: Wednesday, May 23, 2:23 PM http://www.washingtonpost.com/business/technology/diablo-3-becomes-fasting-selling-pc-game-in-history/2012/05/23/gJQARSOvkU_print.html In the first 24 hours of its release Diablo 3 sold more than 3.5 million copies, Blizzard announced this morning. The pace sets a new record for PC games sales, it said. And that number doesn?t include the 1.2 million people who received the game after signing up for the World of Warcraft annual pass promotion. As of this week, 6.3 million people are playing Diablo 3. None of these numbers include the game?s successes in Internet gaming rooms. In Korea, for instance, more than 39 percent of gamers are playing the game. ?We?re definitely thrilled that so many people around the world were excited to pick up their copy of Diablo 3 and jump in the moment it went live,? said Mike Morhaime, CEO and cofounder of Blizzard Entertainment. ?We also regret that our preparations were not enough to ensure everyone had a seamless experience when they did so. I want to reaffirm our commitment to make sure the millions of Diablo 3 players out there have a great experience with the game moving forward, and I also want to thank them for their ongoing support.? Not surprising considering the numbers, both Amazon and GameStop said the game was one of their biggest PC game launches ever. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 16:58:02 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 17:58:02 -0400 Subject: [Infowarrior] - Groups Concerned Over Arming Of Domestic Drones Message-ID: <2A320CAA-4584-48CE-A657-54212275069A@infowarrior.org> Groups Concerned Over Arming Of Domestic Drones May 23, 2012 1:18 PM http://washington.cbslocal.com/2012/05/23/groups-concerned-over-arming-of-domestic-drones/ A quadrocopter drone equipped with a camera stands on display at the Zeiss stand on the first day of the CeBIT 2012 technology trade fair on March 6, 2012 in Hanover, Germany. (credit: Sean Gallup/Getty Images) WASHINGTON (CBSDC) ? With the use of domestic drones increasing, concern has not just come up over privacy issues, but also over the potential use of lethal force by the unmanned aircraft. Drones have been used overseas to target and kill high-level terror leaders and are also being used along the U.S.-Mexico border in the battle against illegal immigration. But now, these drones are starting to be used domestically at an increasing rate. The Federal Aviation Administration has allowed several police departments to use drones across the U.S. They are controlled from a remote location and use infrared sensors and high-resolution cameras. Chief Deputy Randy McDaniel of the Montgomery County Sheriff?s Office in Texas told The Daily that his department is considering using rubber bullets and tear gas on its drone. ?Those are things that law enforcement utilizes day in and day out and in certain situations it might be advantageous to have this type of system on the UAV (unmanned aerial vehicle),? McDaniel told The Daily. The use of potential force from drones has raised the ire of the American Civil Liberties Union. ?It?s simply not appropriate to use any of force, lethal or non-lethal, on a drone,? Catherine Crump, staff attorney for the ACLU, told CBSDC. Crump feels one of the biggest problems with the use of drones is the remote location where they are operated from. ?When the officer is on the scene, they have full access to info about what has transpired there,? Crump explained to CBSDC. ?An officer at a remote location far away does not have the same level of access.? The ACLU is also worried about potential drones malfunctioning and falling from the sky, adding that they are keeping a close eye on the use of these unmanned aircraft by police departments. ?We don?t need a situation where Americans feel there is in an invisible eye in the sky,? Jay Stanley, senior policy analyst at ACLU, told CBSDC. Joshua Foust, fellow at the American Security Project, feels domestic drones should not be armed. ?I think from a legal perspective, there is nothing problematic about floating a drone over a city,? Foust told CBSDC. ?In terms of getting armed drones, I would be very nervous about that happening right now.? McDaniel says that his community should not be worried about the department using a drone. ?We?ve never gone into surveillance for sake of surveillance unless there is criminal activity afoot,? McDaniel told The Daily. ?Just to see what you?re doing in your backyard pool ? we don?t care.? But the concern for the ACLU is just too great that an American?s constitutional rights will be trampled with the use of drones. ?The prospect of people out in public being Tased or targeted by force by flying drones where no officers is physically present on the scene,? Crump says, ?raises the prospect of unconstitutional force being used on individuals.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 16:58:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 17:58:22 -0400 Subject: [Infowarrior] - Fwd: Lamar Smith gets billboard right outside his San Antonio office References: <3FC3CCC0-8A80-4767-A1D1-F381985763BE@gizmopartners.com> Message-ID: <4101CBA1-C5F5-4EB3-A6AE-F9C32EA4A8D2@infowarrior.org> Begin forwarded message: > From: Chris > > http://fightforthefuture.org/billboard > > SOPA sponsor Lamar Smith came close to destroying the Internet we love (it took the largest online protest in history to stop him). So we thought it would be awesome if the internet sent Lamar a message, in the form of a billboard right outside his Texas office. > > Your donations funded *two* billboards in less than two days, which ruled. Thanks! Plus, our friends atBreadpig made t-shirts to support our new project, the Internet Defense League. You can buy one here. > > This is an election year, and we've got a lot planned. Right now we're scrambling to organize Senate constituent meetings to stop CISPA / Lieberman-Collins. The Internet Defense League is gearing up to build the network that stopped SOPA into an ongoing force for good. We'll be taking aim at the US "6-strikes" regime. And even bigger things are in the works for the November election. > > Check out our past work, and if you're impressed, make a generous donation. We're a small team and we've had a huge impact so far. Your support will go a long way. > > P.S. We'd love to see photos of people who took part in the blackout standing in front of the billboard. Send them to team at fightforthefuture.org :) > > (The first is as close to his San Antonio office as we could get: Loop 410, 500 ft. east of Nacogdoches. And the second is on Lamar Blvd. in Austin between 12th St and 15th St --his Austin office doesn't have any billboards nearby.) > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 23 17:55:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 May 2012 18:55:37 -0400 Subject: [Infowarrior] - Hackers Impersonate Web Billing Firm's Staff To Spill 500, 000 Users' Passwords And Credit Cards References: <4FBD67CB.40605@inetassoc.com> Message-ID: <60F27CEC-63AA-487F-AC3F-194EDAE6323C@infowarrior.org> Begin forwarded message: > From: Duane > > http://www.forbes.com/sites/andygreenberg/2012/05/22/hackers-impersonate-web-billing-firms-staff-to-spill-500000-users-passwords-and-credit-cards/ > > Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards > Andy Greenberg, Forbes Staff > 5/22/2012 @ 11:26AM > > > British Web billing firm WHMCS is reeling from an attack that spilled its user accounts, deleted reams of data, temporarily took its site offline, and hijacked its Twitter feed?all seemingly the result of a smooth-talking hacker con. > > A WHMCS spokesperson wrote in a statement Tuesday morning that hackers had successfully impersonated him to fool the company?s Web host into giving them access to the company?s account details. ?This means that there was no actual hacking of our server,? the spokesperson wrote. ?They were ultimately given the access details.? > > The intruders, a hacktivist group that calls itself UGNazi, ultimately leaked a 1.7 gigabyte trove of data from the British web hosting firm that includes 500,000 users accounts according to the UK tech news site the Register, including some number of credit card details. The company wrote in an earlier statement that the hackers accessed both users? passwords and their payment details, and that both sets of data were encrypted, though company warned that the credit cards may nonetheless be at risk, and that users should change their passwords. > > The stolen data was posted with little explanation to Pastebin, though the UGNazi hackers wrote in the firm?s own Twitter feed that it targeted WHMCS because the firm had provided billing to scam sites. ?Many websites use WHMCS for scams,? reads a tweet in the firm?s own feed. ?You ignored our warnings. We spoke louder. We are watching; and will continue to be watching.? > > A few hours earlier, UGNazi apparently took down the website of pizza company Papa John?s with a denial of service attack, complaining that the company ?took 2 hours longer than expected to deliver my food.? The group claims credit for previous attacks on Visa, MGM and CIA.gov. > > WHMCS has said it has changed its web hosting setup and reported the attack to the FBI. As of Tuesday, however, the company?s twitter feed was still controlled by the hackers, who tweeted, ?We laugh at your security.? > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 06:39:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 07:39:30 -0400 Subject: [Infowarrior] - What's behind the NY bills to ban anonymous online comments Message-ID: <99C3B115-CB79-4E7A-9358-4AD0A029BD9D@infowarrior.org> What's behind the NY bills to ban anonymous online comments commentary Let's take a closer look at proposed legislation in New York that would eradicate anonymous online speech. Whose interests are being served? by Violet Blue May 24, 2012 4:00 AM PDT In New York state, legislators in both chambers have proposed bills that would force Web sites to police the identities of anonymous commenters. Under the proposed Internet Protection Act (S06779), when anyone complains about an anonymous (or pseudonymous) comment, the Web site must make the commenter attach their "real name" to the comment or the anonymous comment would by law have to be removed. That's right: if someone doesn't like your comment the Web site will be legally bound to make you reveal your identity. The accused commenter will also be required to verify that his or her "IP address, legal name and home address are accurate." Since most Web sites don't have the resources or time to police comments in such an overreaching manner, the Internet Protection Act, if passed, will most likely result in the mass deletion of comments for any reason -- or none at all. New York Web sites might just save themselves trouble by adopting a "real names" policy, similar to Google Plus and Facebook. The identity of those complaining will not need to be verified as "real." Republican Assemblyman Jim Conte says his legislation will address the problem of "mean-spirited and baseless political attacks." Conte, who is the proud author of the Internet Protection Act, also says his legislation will stop "anonymous criticism of local businesses" and will stop "cyberbullies by forcing them to reveal their identity." Commenters in various forums are saying this is a free speech issue, plan and simple. But how would not being able to post anonymously violate First Amendment protections? The First Amendment implications of the Internet Protection Act could range from silencing speech to determining whether or not commenters have free speech protections -- or whether entering into a contract with a Web site (its use) means giving up one's constitutional rights. < -- > http://news.cnet.com/8301-1023_3-57439715-93/whats-behind-the-ny-bills-to-ban-anonymous-online-comments/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 07:55:30 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 08:55:30 -0400 Subject: [Infowarrior] - Clinton: U.S. hacked Yemeni al Qaeda websites Message-ID: <60EF0B88-C46E-43DC-9B76-5476FF497CDA@infowarrior.org> First time in ages I've seen US admitting to "hacking" something. I'm also wondering if that's a mis-statement that it was cyber folks from State doing the "hacking" themselves or if it was done at the request of State by OGEs....after all, she was speaking at SOCOM. --rick Clinton: U.S. hacked Yemeni al Qaeda websites CBSNews.com/Associated Press, 23 May 2012 http://www.cbsnews.com/8301-201_162-57440574/clinton-u.s-hacked-yemeni-al-qaeda-websites/ TAMPA, Florida - The State Department has launched a different sort of raid against al Qaeda - hacking into al Qaeda websites in Yemen. In a rare public admission of the covert cyber war against extremists, Secretary of State Hillary Rodham Clinton says cyber experts based at the State Department hacked Yemeni tribal websites, replacing al Qaeda propaganda that bragged about killing Americans. "Within 48 hours, our team plastered the same sites with altered versions of the ads that showed the toll al Qaeda attacks have taken on the Yemeni people," Clinton said Wednesday. In response, "Extremists are publicly venting their frustration and asking supporters not to believe everything they read on the Internet," she said. Clinton described the cyber effort as part of a larger, multipronged attack on terrorism that goes beyond attacks like the Navy SEAL raid that killed Osama bin Laden to include the propaganda battle, and the longer, slower campaign of diplomats working alongside special operations troops to shore up local governments and economies and train local forces. Clinton was speaking alongside Adm. Bill McRaven, head of the U.S. Special Operations Command, at a conference of hundreds of U.S. and international special operations commanders - the two senior leaders sending a tacit message to their sometimes warring tribes of troops and diplomats that they have to get along. Al Qaeda in the Arabian Peninsula vows to United States "war between us is not over" Yemen is considered both a model and a test case of that effort. U.S. diplomats have been working to stabilize the fledgling government of President Abed Rabbo Mansour Hadi, who replaced ousted Yemeni strongman Ali Abdullah Saleh. Saleh stepped down in February as part of a U.S.-backed power-transfer deal brokered by Gulf Arab countries aimed at ending political unrest in the country after a yearlong uprising. Hadi has faced the twin challenges of Saleh loyalists refusing to relinquish their government and military posts, and of al Qaeda attacks in the south, where the group has established a large safe haven from which to attack Yemeni troops. The White House responded by issuing an executive order last week threatening sanctions against individuals who challenge Hadi's government. It also dispatched a new batch of special operations forces to train Yemen's army to help withstand al Qaeda attacks that have killed hundreds of Yemeni troops. Yemen's al Qaeda in the Arabian Peninsula, is considered one of al Qaeda's most dangerous offshoots. Yemen was the launching pad for three foiled al Qaeda attacks on U.S. targets: the Christmas 2009 attempt to down an American airliner over Detroit with an underwear bomb and the sending of printer cartridges packed with explosives to Chicago-area synagogues in 2010. In the past month the CIA thwarted yet another plot by AQAP to destroy a U.S.-bound airliner using a bomb which could have been undetectable by conventional airport scanners. Clinton says the cyber attack was launched by an interagency group of specialists, including diplomats, special operators and intelligence analysts, housed at the State Department. Called the Center for Strategic Counterterrorism Communications, its experts patrol the Internet and social media to counter al Qaeda's attempts to recruit new followers. "Together, they will work to pre-empt, discredit and outmaneuver extremist propaganda," Clinton said. Offensive attacks on extremist sites are generally attributed to the Pentagon's U.S. Cyber Command, though seldom acknowledged publicly. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 08:12:37 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 09:12:37 -0400 Subject: [Infowarrior] - Yahoo Manages to Leak Private Security Key With New Chrome Extension Message-ID: Yahoo Manages to Leak Private Security Key With New Chrome Extension http://gizmodo.com/5912935/yahoo-manages-to-leak-private-security-key-with-new-chrome-extension Yahoo has just released its Axis extension?a visual search tool that links across desktop and mobile devices?but sadly, there's a hitch. During the release, Yahoo managed to leak a private security key in its Chrome version, that could allow anyone to create malicious plugins masquerading as official software. Oops. The Register reports that Nik Cubrilovic revealed the mistake on his blog, explaining that users should not install the extension "until the issue is clarified". Hidden amongst the Chrome source code of the of the Axis extension is a private, unencrypted certificate, which allows Yahoo to sign the app, in the process proving it genuine. But it shouldn't be visible to users. Because it is, there's nothing stopping people from copying it and including it in malicious software, which could trick Google into thinking it was legitimate. Fortunately, Yahoo has since posted a replacement version of the extension without the problem. Still, Yahoo: don't you think it's time you got a grip? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 08:14:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 09:14:50 -0400 Subject: [Infowarrior] - Some big firms got Facebook warning Message-ID: <8CEDC988-B3C8-45D3-9385-4D6D71840C58@infowarrior.org> Some big firms got Facebook warning ? by: GINA CHON ? From: The Wall Street Journal ? May 24, 2012 5:13PM http://www.theaustralian.com.au/business/wall-street-journal/some-big-firms-got-facebook-warning/story-fnay3ubk-1226366000196 CAPITAL Research & Management wanted to buy into the Facebook initial public offering. But days before the IPO, an underwriting bank on the deal warned the big investment firm about Facebook's dimming revenue prospects. The Los Angeles firm, armed with information from a May 11 "roadshow" meeting with underwriters and Facebook, along with similar estimates of its own, slashed the number of shares it intended to buy. The night before trading began, a Capital Research manager told a banker at Morgan Stanley, the lead underwriter, that the deal's pricing was "ridiculous," according to a person familiar with the situation. Some Capital Research fund managers didn't buy into the IPO at all, say people familiar with the matter. Jennifer Kohne received no such warning. The 52-year-old retired medical-device salesperson in St. Louis bought 3,000 Facebook shares at $42 through an online brokerage and now sits on losses of $30,000 based on Wednesday's closing price of $32. "We don't get the information that these institutional fund managers are getting," she says. "We're at a disadvantage." Wall Street firms, for their part, say they give certain information to big clients because the clients pay for this type of data. It is typical in an IPO for analysts or sales staff to give certain information to clients, they added. But that usually doesn't apply to small investors. At any other time, such "selective disclosure" violates federal securities law, which requires companies and Wall Street firms to publicly disseminate any information that could move share prices. Securities law prevents analysts at banks that underwrite large IPOs from issuing research reports to the public until 40 days after the shares begin trading. Some securities lawyers urge that new rules be put in place to prevent this uneven information flow. "Analysts should not be giving opinions about the IPO at the same time their firms are acting as underwriters. They should not be giving information that's not in the prospectus to favoured clients," says securities lawyer Jacob Zamansky, who represents investors in securities cases. He isn't involved in any Facebook cases. Facebook declined to comment. In a statement, Morgan Stanley said it "followed the same procedures for the Facebook offering that it follows for all IPOs. These procedures are in compliance with all applicable regulations." The Facebook IPO was supposed to be a highlight for the social-media company, lead underwriter Morgan Stanley and the Nasdaq Stock Market. Instead, the lacklustre deal - Facebook shares have dropped nearly 16 per cent since Friday's launch, though they rose 3.2 per cent on Wednesday - has illustrated that pockets of the financial world remain firmly stacked in favour of the market's biggest players. The fallout has been quick. State and securities-industry regulators are investigating whether there was anything improper in the investor communications. On Wednesday, some Facebook investors filed suit in Manhattan federal court, alleging that the company and its underwriters failed to properly disclose changes to analysts' forecasts made at the underwriting banks. And a Senate banking panel will examine issues in the Facebook IPO process. Morgan Stanley said it may adjust prices for trades made during the IPO. The bank said it was reviewing orders by retail brokerage clients on a trade-by-trade basis and will make adjustments if clients paid too much, according to people familiar with the situation. In a memo sent Wednesday to the nearly 17,200 financial advisers of its Morgan Stanley Smith Barney retail brokerage joint venture, the firm said it expects to make "a number" of price adjustments. The orders in question occurred in Facebook's debut Friday, which was marred by trading glitches by the Nasdaq Stock Market that delayed the start of trading in the social-networking company by 30 minutes. Clients at Morgan Stanley and other brokerages also were left with orders that were processed improperly. Besides the glitches, a number of investors are angry that Facebook raised the IPO price to $38 a share, even amid declining forecasts for its revenue. The lead underwriters, which include Morgan Stanley, Goldman Sachs Group Inc and JP Morgan Chase set the best price based on demand they saw for the shares last Thursday night when the price was set, say people familiar with the matter. Goldman and JP Morgan had limited sway in the Facebook IPO, people familiar with the matter said. Morgan Stanley, Goldman and JP Morgan declined to comment. In this case, some of the demand was coming from what on Wall Street is sometimes called the "dumb money": individual investors looking for a piece of a company that many use every day to connect with friends and others. In low-profile IPOs, 10 per cent to 15 per cent of shares typically are allocated to individuals. In this case, individuals received roughly 25 per cent of the IPO - big for such a high-profile deal. Three days into its roadshow - where Facebook executives and Wall Street underwriters discussed the deal with prospective investors - Facebook released a revised regulatory document about the offering. The document acknowledged user growth for its mobile site hadn't led to an increase in the company's ad revenue. Facebook said in the filing that the trend of user growth outpacing ads continued into the second quarter. It warned that as more people use Facebook on mobile phones rather than computers, that trend "may negatively affect" results. The revised documents were made available to all investors and written up in media reports. After filing the updated IPO document, a Facebook executive individually called 21 sell-side research analysts to discuss the contents, as is standard practice, according to people familiar with the matter. Analysts were allowed to ask questions, and following the calls, a majority of them revised their estimates on revenue and earnings, the people said. Morgan Stanley and the other underwriters sprang into action. In the middle of the roadshow, the banks informed key clients - including large hedge funds, mutual funds and wealthy individuals - of the declining revenue prospects at Facebook. It was a significant red flag. The Wall Street firms prepared talking points for their salespeople outlining downward revisions on Facebook revenue for the second quarter and full year, people familiar with the matter said. The salespeople scrambled to make as many calls as possible to key clients, reading out the new numbers. Morgan Stanley said in a statement that a "significant number" of analysts in the IPO syndicate reduced their "earnings views" after Facebook's regulatory disclosure. It said the revised views "were taken into account in the pricing of the IPO." In any case, the tension was building. In a row of desks on the 4th floor of Morgan Stanley's Times Square headquarters, officials on the company's "syndicate" desk worked the phones, assessing demand from investors to "build a book" - lining up potential buyers to help determine at what price to offer the IPO. Nearby, Morgan Stanley bankers talked with the other investment banks co-managing the deal. As lead manager, Morgan Stanley basically "ran" the books; that is, it helps to decide how many shares are allotted to its clients and how many are to be sold to each underwriter. Fidelity Investments was among big clients that were told by analysts or bank sales staff of the declining Facebook financial picture, people familiar with the matter say. The nation's third-largest mutual fund firm expressed frustration to Morgan Stanley about Facebook valuations based on the dimming prospects for the company, the people say. A Fidelity spokesman declined to comment. Roger Duvendack was one of the many individual investors who were in the dark from his broker. He says he bought 2,000 Facebook shares at 11:30 a.m. on Friday at $42.97 a share, and put his shares up for sale at $45 at 11:33 a.m. As he saw the shares move down, Mr. Duvendack altered his sale price to $44. After Facebook hit $38 a share that morning, he bought 2,000 more shares at $38.69 just before noon on Friday. He then made several attempts to sell between $41 to $41.40 a share. But because of Nasdaq's technical glitches, he says, his orders couldn't be executed. On Tuesday, a senior Nasdaq OMX Group Inc. executive told customers that the exchange would have put the brakes on Facebook's IPO had it known the extent of the technical problems that plagued its systems that day. Mr Duvendack called his broker, Fidelity, and was told he was having problems because of technical issues at Nasdaq. Eventually on Monday, he says he sold his shares at a loss of nearly $18,000. A Fidelity spokesman said the company is working with regulators and Nasdaq on behalf of customers who experienced problems. A senior Nasdaq executive told brokers Tuesday that Nasdaq executives "regret sincerely what happened on Friday," and said that Nasdaq can't assess individual retail customers' losses but is working with brokers that are seeking compensation for those retail clients. - Jenny Strasburg, Anupreeta Das, Susan Pulliam and Aaron Lucchetti contributed to this article --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 08:36:08 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 09:36:08 -0400 Subject: [Infowarrior] - Correction: State Dept 'hacking' Message-ID: <4016FD93-C5A6-4587-8DCE-D6F4E2B26980@infowarrior.org> I have been told by trusted sources that "the State Department?s strategic communications team bought some modified ads and put them up on the tribal websites. There was no hacking involved and it seems entirely within State?s authorities." Still, somebody clearly mis-spoke and/or mis-reported things. 'Hacking' implies something totally different. -- rick From rforno at infowarrior.org Thu May 24 10:07:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 11:07:13 -0400 Subject: [Infowarrior] - Steve Coll: Leaving Facebookistan Message-ID: <5E937158-B9D5-47E3-9B3F-D2B551E7FDA4@infowarrior.org> May 24, 2012 Leaving Facebookistan Posted by Steve Coll http://www.newyorker.com/online/blogs/comment/2012/05/leaving-facebookistan.html I established a Facebook account in 2008. My motivation was ignoble: I wanted to distribute my journalism more widely. I have acquired since then just over four thousand ?friends??in Afghanistan, Pakistan, India, the Middle East, and of course, closer to home. I have discovered the appeal of Facebook?s community?for example, the extraordinary emotional support that swells in virtual space when people come together online around a friend?s illness or life celebrations. Through its bedrock appeals to friendship, community, public identity, and activism?and its commercial exploitation of these values?Facebook is an unprecedented synthesis of corporate and public spaces. The corporation?s social contract with users is ambitious, yet neither its governance system nor its young ruler seem trustworthy. Then came this month?s initial public offering of stock?a chaotic and revealing event?which promises to put the whole enterprise under even greater pressure. There are many reasons to be skeptical about Facebook?s I.P.O., which raised $16 billion for the company. For investors, as my colleague John Cassidy has pointed out, the company?s founders and early investors are likely to do better with this much-hyped event than individual investors. The offering itself was as visible a disaster as a lead underwriting bank (in this case, Morgan Stanley) has turned in for some time: Facebook shares have fallen by more than ten per cent; there were trading screwups by Nasdaq; and lawsuits and regulatory investigations into whether Morgan and Facebook properly shared information with investors have already started. This launch-pad explosion is also one more reason to be wary of what my colleague James Surowiecki has analyzed: Facebook?s two-tiered corporate-governance system, which ensures that founder Mark Zuckerberg retains firm control, and can?t be easily challenged by dissident shareholders, even if he steers badly off course, as highly self-confident men in their late twenties sometimes do. Those are reasons for investors to be doubtful; at least as worrying is what the I.P.O.-palooza signals about Facebook?s sovereignty over citizens, here and abroad. Facebook has become a public square of global importance. By the end of the summer, it may have more than a billion users, or about fifteen per cent of the world?s population. Some of these people are restive and see Facebook as a substitute public space for speech and dissent that their own authoritarian regimes don?t provide. Facebook users have already helped to foment revolution in some places (Egypt and Tunisia) and are still trying, at great cost, to overthrow one of the Middle East?s most brutal regimes. Within the United States, Facebook is a venue for all sorts of issue and political campaigns. And yet, on the site, as a practical matter, what speech is permitted or banned is determined largely by Facebook?s terms of service. The terms function as a corporate constitution binding users to the provider?s conception of what speech is acceptable. My colleague at the New America Foundation, Rebecca MacKinnnon, in her recent book ?Consent of the Networked,? calls this realm ?Facebookistan.? Once Facebook users sign on and accept the terms of service, their postings are subordinate to the corporation?s rules, for as long as they choose to stay. In a place like Syria, the Facebook rules users encounter are much more permissive than local laws; in the United States, that is not so clear. You might expect dense legalese, but the terms? language is clear and soaring, echoing the tones of constitutional documents. Some of the declaratory sentences lay out the commitments by Facebook?s royal ?We.? Others describe the obligations of the subject ?You.? The terms are organized into sections, like articles. One entitled ?Safety? seems to self-consciously echo the Ten Commandments: ?You will not bully, intimidate, or harass any user?. You will not post content that: is hateful, threatening or pornographic; incites violence; or contains nudity or graphic or gratuitous violence.? And there is this hint of Facebook?s expansive authority: ?You will not encourage or facilitate any violations of this Statement.? The terms obfuscate Facebook?s business strategies in such simple language that the deception?the sense of what is being left out?is almost poetic: ?Sometimes we get data from our advertising partners, customers, and other third parties that helps us (or them) deliver ads, understand online activity, and generally make Facebook better.? Facebook has made jarring mistakes as its leaders have learned what it means to run a profit-motivated political and public forum. In 2009, for example, the corporation exposed Iranian dissidents to danger by unilaterally changing privacy rules that allowed the Iranian authorities to see the identities of activists? online friends. The error was corrected quickly, but in general, Facebook has encouraged its users to accept greater and greater losses of privacy. Zuckerberg believes the world will be better off if it adopts ?radical transparency,? as the journalist David Kirkpatrick put it in his book, ?The Facebook Effect.? Zuckerberg?s business model requires the trust and loyalty of his users so that he can make money from their participation, yet he must simultaneously stretch that trust by driving the site to maximize profits, including by selling users? personal information. The I.P.O. last week will exacerbate this tension: Facebook?s huge valuation now puts pressure on the company?s strategists to increase its revenue-per-user. That means more ads, more data mining, and more creative thinking about new ways to commercialize the personal, cultural, political, and even revolutionary activity of users. There is something vaguely dystopian about oppressed peoples in Syria or Iran seeking dignity and liberation inside a corporate sovereign that is, for its part, creating great wealth for its founders and asserting control over its users. Facebook is hardly the only corporation managing these sorts of dilemmas?Google is a target of investigations seeking greater information about how it manages customer information it collects, about which it has sometimes been opaque, and it too has broken trust with users. Facebook points out that it has been responsive to revolts and protests from within. Zuckerberg proudly told Kirkpatrick that he revelled in the ways Facebook?s users had forced him to become more democratic: ?History tells us that systems are most fairly governed when there is an open and transparent dialogue between the people who make decisions and those who are affected by them. We believe history will one day show that this principle holds true for companies as well.? That is a laudable conception. Yet for now, at least, Facebook concedes to its users only when it judges that it is in the corporation?s interest to do so; what user votes and consultations there may be are purely advisory. As MacKinnon observes, this system suggests the political control strategies of the Chinese Communist Party: periodic campaigns of state-managed openness and managed local democracy. While talking to varied audiences recently about my new book (warning: marketing ahead), ?Private Empire: ExxonMobil and American Power,? I have been reminded how uneasy Americans from of all ideological orientations are about corporate power and sovereignty these days. They believe in capitalism and market efficiencies, to be sure, but they fear heavily concentrated private power, especially where it encroaches on their economic and personal choices. They ask, ?What should we do?? Perhaps it starts with exercising citizenship. I have decided to exercise mine?in Facebookistan, that is. This seems the right time to leave such a crowded and volatile public square. It takes a while to find it, but if you are a Facebook user, there is a small settings button entitled ?deactivate account.? If you click, Facebook displays the faces of people ?who will miss you.? If you are determined nonetheless to depart, and scroll further down, you are required to choose a ?reason for leaving? before you are permitted to go. Unfortunately, ?inadequate citizen rule? or ?doubts about corporate governance? are not among the choices. From the available list, I went with ?I don?t feel safe on Facebook.? Farewell, Facebook friends. May you enjoy everywhere the full rights of free citizens. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 12:47:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 13:47:39 -0400 Subject: [Infowarrior] - Vint Cerf elected ACM President Message-ID: <7DC4000D-E157-4555-ABC1-9ADCFED679B8@infowarrior.org> New Officers Pledge to Leverage Online Environment and Expand International Initiatives The Association for Computing Machinery Advancing Computing as a Science & Profession Contact: Virginia Gold 212-626-0505 vgold at acm.org http://www.acm.org/press-room/news-releases/2012/acm-officers-2012 NEW YORK, May 24, 2012 ? The Association for Computing Machinery (ACM) today announced the election of Vinton G. Cerf as president for a two-year term beginning July 1. Cerf, who is Chief Internet Evangelist at Google Inc., said his vision as president is to take advantage of the global networking infrastructure to invite open dialog with ACM's worldwide membership. He also noted the need to increase the accessibility and utility of ACM?s burgeoning online content, which includes its publications and conferences. Currently, Cerf serves as General Chair of the ACM Turing Centenary Celebration, to be held June 15-16 in San Francisco, CA. Also elected to two-year terms were Vice President Alexander L. Wolf of Imperial College London, UK, and Secretary-Treasurer Vicki L. Hanson of the University of Dundee, Scotland. In addition, Members-at-Large elected to four-year terms include Eric Allman, chief science officer for Sendmail Inc.; Ricardo Baeza-Yates, Yahoo! vice president of Research for Europe and Latin America; Radia Perlman, director of Network Technology at Intel; Mary Lou Soffa, professor and chair of the University of Virginia Computer Science Department; and Eugene H. Spafford, professor at Purdue University and executive director of the Purdue Center for Education and Research in Information Assurance and Security (CERIAS), and chair of the ACM US Public Policy Council. The new officers elected by ACM professional members represent the more than 100,000 computing professionals and students who comprise ACM's international membership. They pledged to continue ACM's international growth with the expansion of regional councils to developing countries, and to strengthen ACM's influence in shaping the computing profession as a source of innovation and advances that benefit society. Cerf indicated his interest in assisting ACM Chapters and Special Interest Groups to serve as conduits for two-way flows of information, education, training and expertise. He also cited the need to introduce options for reducing the cost of access and adding search capability to ACM's online offerings, including audio, video, and text transcripts of presentations. These advances, he noted, would extend their usefulness during and after events have occurred. Cerf is the co-designer of the TCP/IP protocols and the architecture of the Internet. Before joining Google Inc., he was senior vice president of Technology Strategy and of Architecture and Technology for MCI. He also served as vice president of the Corporation for National Research Initiatives (CNRI) and as principal scientist at the U.S. Department of Defense Advanced Research Projects Agency (DARPA). His prior experience includes assistant professor of computer science and electrical engineering at Stanford University, and distinguished visiting scientist at NASA's Jet Propulsion Laboratory (JPL). He was also a member of the U.S. Presidential Information Technology Advisory Committee (PITAC). Among honors received for this work are the U.S. National Medal of Technology, the ACM A.M. Turing Award, and the Presidential Medal of Freedom. Prior to his election as ACM president, he was a member-at-large on the ACM Council. Alexander Wolf, who holds a Chair in Computing at Imperial College London, has helped to shape ACM?s role in advancing the educators, practitioners, researchers and students at the core of computing. He is known for seminal contributions to software architecture and deployment, as well as automated process discovery, an area related to the business intelligence field. He was formerly Secretary-Treasurer of ACM, and serves on the editorial board of the Research Highlights section of Communications of the ACM. He also served as chair of the ACM SIG Governing Board. He was instrumental in nurturing the formation of conferences and Special Interest Groups that represent new areas of computing, helping ACM members enhance computing?s role in driving innovation. Named an ACM Fellow, Wolf is a Chartered Fellow of the British Computer Society and holds a UK Royal Society-Wolfson Research Merit Award. He currently serves on the ACM Europe Council, and chairs the ACM Software System Award Committee. Vicki L. Hanson is Professor of Inclusive Technologies at the University of Dundee, and Research Staff Member Emeritus at IBM Research. She works on issues of inclusion for older and disabled people with research on accessible and usable technology for diverse populations. While at the IBM Research Division, she founded and managed the Accessibility Research group. She is also a past chair of ACM's Special Interest Group on Accessible Computing (SIGACCESS), and the founder and co-editor-in-chief of ACM Transactions on Accessible Computing. She is a member of the Research Councils UK (RCUK), which coordinates and funds research on all areas of science and engineering as well as the arts and humanities. She is a member of the UK Computing Research Committee, a Fellow of the British Computer Society, and an ACM Fellow. A recipient of the ACM CHI (Special Interest Group on Computer Human Interaction) Social Impact Award, she holds a Royal Society Wolfson Merit Award, which benefits outstanding scientists. About ACM ACM, the Association for Computing Machinery www.acm.org, is the world?s largest educational and scientific computing society, uniting computing educators, researchers and professionals to inspire dialogue, share resources and address the field?s challenges. ACM strengthens the computing profession?s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking. # # # --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 13:32:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 14:32:54 -0400 Subject: [Infowarrior] - Cyberpunk identification Message-ID: Scary how much of the tech is now integrated into our daily lives. :) A 20-year-old photo spread from pioneering cyberculture zine Mondo 2000 asks the musical question: "R U a cyberpunk?" Bruce Sterling, who was, in fact, a cyberpunk, answers: "Since 20 years have passed, contemporary people will fail to realize that this was a comical self-parody." https://secure.flickr.com/photos/brucesterling/7241543684/sizes/l/in/photostream/ (source: http://www.boingboing.net/) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 13:42:31 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 14:42:31 -0400 Subject: [Infowarrior] - Olympics Can't Handle An Official Parody Twitter Account, So Twitter Takes It Down Message-ID: Olympics Can't Handle An Official Parody Twitter Account, So Twitter Takes It Down from the the-official-department-of-the-2012-london-olympics dept We've discussed a number of times how ridiculously over-aggressive the Olympics can be when it comes to anything close to an IP issue -- even to the point where it gets host cities to agree to pass exceptional IP laws that only apply to issues that the Olympics chooses. The Olympics are especially concerned with any non-sponsor brand even being seen. That means that non-sponsor brands, even if they're the brand of a toilet, will get "taped over." So you can guess at just how insanely over aggressive the Olympics can be to anyone who comes near its own marks. And that results in situations like the one where the London Olympics complained about a parody Twitter account, billed as the "official protesters of the London 2012 Olympic Games." This is obviously a joke. It's a parody on the fact that the Olympics seems to find an "official" sponsor of everything, so why not mock it using parody, which is widely seen as protected speech. But, not here. Apparently after the Games complained to Twitter, Twitter suspended the entire account and said it needs to no longer rely on trademarks, like the Olympics' logo. Except, that defeats the whole purpose. How can you parody something when you're not even allowed to show what it is that you're parodying? Twitter is good on a bunch of issues, but on this one, it looks like it may have rushed ahead and shut down an account too quickly. http://www.techdirt.com/articles/20120524/03442719059/olympics-cant-handle-official-parody-twitter-account-so-twitter-takes-it-down.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 19:06:39 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 20:06:39 -0400 Subject: [Infowarrior] - Google Lifts The Veil On Copyright Takedowns Message-ID: <8FA0E442-D889-44B5-B411-B1402B18DB6D@infowarrior.org> Google Lifts The Veil On Copyright Takedowns: Reveals Detailed Data On Who Requests Link Removals from the data-data-data dept As part of Google's ongoing Transparency Report efforts, today the company has released a whole new section on copyright takedowns, containing a huge amount of information on the many takedown requests Google receives. It focuses specifically on the takedowns for search links, but I wouldn't be surprised to see them add other areas later. As you may recall, we were among those who were victimized by a bogus takedown, and a key post about SOPA that we had written was missing from Google search for about a month. The new transparency platform lets you dig in and see quite a few details about exactly who is issuing takedowns and what they're removing from search. It's using data since last July (when Google set up an organized web-form, so the data is consistent). It may be a bit surprising, but at the top of the list? Microsoft, who has apparently taken down over 2.5 million URLs from Google's search results. Most of the the others in the top 10 aren't too surprising. There's NBC Universal at number two. The RIAA at number three (representing all its member companies). BPI at number five. Universal Music at number seven. Sony Music at number eight. Warner Music doesn't clock in until number 12. < - > http://www.techdirt.com/articles/20120523/17520119054/google-lifts-veil-copyright-takedowns-reveals-detailed-data-who-requests-link-removals.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 24 19:09:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 May 2012 20:09:34 -0400 Subject: [Infowarrior] - Apparently The USTR Thinks 'Unprecedented Transparency' Means Hiding TPP Details From 98% Of Congress Message-ID: <93CCD81E-18AB-4577-A929-ECFAE92B676E@infowarrior.org> Apparently The USTR Thinks 'Unprecedented Transparency' Means Hiding TPP Details From 98% Of Congress from the that's-mighty-opaque-transparency dept http://www.techdirt.com/articles/20120524/04051519060/apparently-ustr-thinks-unprecedented-transparency-means-hiding-tpp-details-98-congress.shtml We just wrote about the new bill proposed by Senator Wyden after discovering that the USTR refused to share the TPP with the staff director of the Senate Finance Committee's Subcommittee on International Trade, Customs and Global Competitiveness -- who, officially, is supposed to have oversight on trade negotiations. However, the USTR (apparently with the support of the administration) has gone rogue, and is effectively hiding all the details of what it's negotiating on from Congress. While Ron Kirk likes to continually talk up how many meetings USTR has held (behind closed doors) with Congress, he conveniently ignores the fact that he is still keeping the US's negotiating position away from Congress. Reading through the specifics of Wyden's speech, you begin to realize that the USTR and the Administration appear to have interpreted the law that creates the Congressional Oversight Group (COG) to mean that the USTR no longer has to share information with anyone in Congress (as it has claimed in the past), but that it only has to share TPP negotiating documents with the members of Congress who are on the Congressional Oversight Group. That's around 12 members. Out of 535 members of Congress between Senators and Representatives (in the House). In other words, despite the fact that Congress has clear oversight concerning international trade negotiations, and despite the fact that the Congressional Oversight Group was set up specifically to increase oversight of the USTR, the administration has decided that it really means it can keep its negotiating position from about 98% of Congress. This is part of why Wyden seems so reasonably concerned. The USTR is taking the creation of COG, and basically flipping it on its head. The whole purpose of COG was to increase transparency. And yet, the USTR continues to effectively ignore it, while pretending that it only has to share TPP info with a tiny fraction of Congress, leaving the rest in the dark until it's too late. That's insane. How is the Senate supposed to have oversight if the USTR's own interpretation of the law means that it can effectively reject any effort to oversee it? It's incredible that the USTR seems to be claiming significant powers that it simply does not have -- and even more obnoxious and intellectually dishonest for it to then claim that it's offering "unprecedented transparency." I'm sure that the USTR is holding the meetings with Congress that it claims, but until Ron Kirk learns that transparency means revealing what you're doing, not just listening to what others say, the USTR is not being even the slightest bit "transparent." Instead, it's abusing the process at the expense of the American public. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 06:21:10 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 07:21:10 -0400 Subject: [Infowarrior] - Cerf OpEd: Keep the Internet Open Message-ID: <7E94DB03-7494-4B25-B02F-7337BE35AB8A@infowarrior.org> OP-ED CONTRIBUTOR Keep the Internet Open Daniel Haskett By VINTON CERF Published: May 24, 2012 http://www.nytimes.com/2012/05/25/opinion/keep-the-internet-open.html?_r=2 The Internet stands at a crossroads. Built from the bottom up, powered by the people, it has become a powerful economic engine and a positive social force. But its success has generated a worrying backlash. Around the world, repressive regimes are putting in place or proposing measures that restrict free expression and affect fundamental rights. The number of governments that censor Internet content has grown to 40 today from about four in 2002. And this number is still growing, threatening to take away the Internet as you and I have known it. Some of these steps are in reaction to the various harms that can be and are being propagated through the network. Like almost every major infrastructure, the Internet can be abused and its users harmed. We must, however, take great care that the cure for these ills does not do more harm than good. The benefits of the open and accessible Internet are nearly incalculable and their loss would wreak significant social and economic damage. Against this background, a new front in the battle for the Internet is opening at the International Telecommunications Union, a United Nations organization that counts 193 countries as its members. It is conducting a review of the international agreements governing telecommunications and aims to expand its regulatory authority to the Internet at a summit scheduled for December in Dubai. Such a move holds potentially profound ? and I believe potentially hazardous ? implications for the future of the Internet and all of its users. At present, the I.T.U. focuses on telecommunication networks and on radio frequency allocations rather than the Internet per se. Some members are aiming to expand the agency?s treaty scope to include Internet regulation. Each of the 193 members gets a vote, no matter its record on fundamental rights ? and a simple majority suffices to effect change. Negotiations are held largely among governments, with very limited access for civil society or other observers. When I helped to develop the open standards that computers use to communicate with one another across the Net, I hoped for but could not predict how it would blossom and how much human ingenuity it would unleash. What secret sauce powered its success? The Net prospered precisely because governments ? for the most part ? allowed the Internet to grow organically, with civil society, academia, private sector and voluntary standards bodies collaborating on development, operation and governance. In contrast, the I.T.U. creates significant barriers to civil society participation. A specialized agency of the United Nations, it grew out of the International Telegraph Union, which was established in 1865. The treaty governing the agency, last amended in 1988, established practices that left the Internet largely unaffected. While many governments are committed to maintaining flexible regimes for fast-moving Internet technologies, some others have been quite explicit about their desire to put a single U.N. or other intergovernmental body in control of the Net. Last June, then-Prime Minister Vladimir Putin stated the goal of Russia and its allies as ?establishing international control over the Internet? through the I.T.U. And in September 2011, China, Russia, Tajikistan and Uzbekistan submitted a proposal for an ?International Code of Conduct for Information Security? to the U.N. General Assembly, with the goal of establishing government-led ?international norms and rules standardizing the behavior of countries concerning information and cyberspace.? Word of a few other proposals from inside the I.T.U. have surfaced. Several authoritarian regimes reportedly would ban anonymity from the Web, which would make it easier to find and arrest dissidents. Others have suggested moving the privately run system that manages domain names and Internet addresses to the United Nations. Such proposals raise the prospect of policies that enable government controls but greatly diminish the ?permissionless innovation? that underlies extraordinary Internet-based economic growth to say nothing of trampling human rights. Some countries have expressed sympathy for these proposals. They are concerned about the outsized role they perceive that the United States plays in the direction and development of Internet policy. Some believe the status quo favors the interests of large, global Internet companies. Others believe the I.T.U. can help speed Internet access in the developing world. The decisions taken in Dubai in December have the potential to put government handcuffs on the Net. To prevent that ? and keep the Internet open and free for the next generations ? we need to prevent a fundamental shift in how the Internet is governed. I encourage you to take action now: Insist that the debate about Internet governance be transparent and open to all stakeholders. Vinton Cerf is Google?s chief Internet evangelist. He is widely recognized as one of the ?fathers of the Internet,? sharing this title with the American computer scientist Bob Kahn. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 06:40:54 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 07:40:54 -0400 Subject: [Infowarrior] - Jay Leno, NBC, and Copylaundering Message-ID: <4EC62077-C824-4DF0-B863-AE91F481DD09@infowarrior.org> Copylaundering: Jay Leno Airs Campaign Video From YouTube, NBC Claims Ownership Of Original from the what-a-neat-little-trick dept This is easily one of the best responses to copyfraud I've ever read. Sure, Jay Leno is a pretty easy target for a roast, but musician Brian Kamerer does a brilliant job of taking him to task over a bogus YouTube takedown. I strongly suggest reading the whole thing, but here's the short version of what happened. A few years ago, Brian helped a friend, who was running for mayor, create an intentionally silly campaign jingle and commercial, which they uploaded to YouTube. Two years later, they heard from another friend that the video had appeared on the Jay Leno Show as part of a segment about local campaign commercials. They just got a kick out of it, and moved on?until now, another three years later. Brian discovered that the YouTube video had been taken down on a copyright claim... by NBC (most likely as the result of a ContentID match as NBC uploaded old episodes into the system). So Leno mines the internet for material to air on his show?without permission or even the courtesy of letting them know?and then, years later, the network claims ownership of that material and accuses the actual creators and copyright holders of infringement. Brian is unimpressed, to say the least?and even supplies a script for how he imagines things went down: < - > http://www.techdirt.com/articles/20120524/14064719069/copylaundering-jay-leno-airs-campaign-video-youtube-nbc-claims-ownership-original.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 06:43:22 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 07:43:22 -0400 Subject: [Infowarrior] - FBI quietly forms secretive Net-surveillance unit Message-ID: FBI quietly forms secretive Net-surveillance unit CNET has learned that the FBI has formed a Domestic Communications Assistance Center, which is tasked with developing new electronic surveillance technologies, including intercepting Internet, wireless, and VoIP communications. by Declan McCullagh May 22, 2012 11:44 PM PDT http://news.cnet.com/8301-1009_3-57439734-83/fbi-quietly-forms-secretive-net-surveillance-unit/ The FBI has recently formed a secretive surveillance unit with an ambitious goal: to invent technology that will let police more readily eavesdrop on Internet and wireless communications. The establishment of the Quantico, Va.-based unit, which is also staffed by agents from the U.S. Marshals Service and the Drug Enforcement Agency, is a response to technological developments that FBI officials believe outpace law enforcement's ability to listen in on private communications. While the FBI has been tight-lipped about the creation of its Domestic Communications Assistance Center, or DCAC -- it declined to respond to requests made two days ago about who's running it, for instance -- CNET has pieced together information about its operations through interviews and a review of internal government documents. DCAC's mandate is broad, covering everything from trying to intercept and decode Skype conversations to building custom wiretap hardware or analyzing the gigabytes of data that a wireless provider or social network might turn over in response to a court order. It's also designed to serve as a kind of surveillance help desk for state, local, and other federal police. The center represents the technological component of the bureau's "Going Dark" Internet wiretapping push, which was allocated $54 million by a Senate committee last month. The legal component is no less important: as CNET reported on May 4, the FBI wants Internet companies not to oppose a proposed law that would require social-networks and providers of VoIP, instant messaging, and Web e-mail to build in backdoors for government surveillance. During an appearance last year on Capitol Hill, then-FBI general counsel Valerie Caproni referred in passing, without elaboration, to "individually tailored" surveillance solutions and "very sophisticated criminals." Caproni said that new laws targeting social networks and voice over Internet Protocol conversations were required because "individually tailored solutions have to be the exception and not the rule." Caproni was referring to the DCAC's charge of creating customized surveillance technologies aimed at a specific individual or company, according to a person familiar with the FBI's efforts in this area. An FBI job announcement for the DCAC that had an application deadline of May 2 provides additional details. It asks applicants to list their experience with "electronic surveillance standards" including PacketCable (used in cable modems); QChat (used in push-to-talk mobile phones); and T1.678 (VoIP communications). One required skill for the position, which pays up to $136,771 a year, is evaluating "electronic surveillance solutions" for "emerging" technologies. "We would expect that capabilities like CIPAV would be an example" of what the DCAC will create, says Steve Bock, president of Colorado-based Subsentio, referring to the FBI's remotely-installed spyware that it has used to identify extortionists, database-deleting hackers, child molesters, and hitmen. Bock, whose company helps companies comply with the 1994 Communications Assistance for Law Enforcement Act (CALEA) and has consulted for the Justice Department, says he anticipates "that Internet and wireless will be two key focus areas" for the DCAC. VoIP will be a third, he says. For its part, the FBI responded to queries this week with a statement about the center, which it also refers to as the National Domestic Communications Assistance Center (even Caproni has used both names interchangeably), saying: "The NDCAC will have the functionality to leverage the research and development efforts of federal, state, and local law enforcement with respect to electronic surveillance capabilities and facilitate the sharing of technology among law enforcement agencies. Technical personnel from other federal, state, and local law enforcement agencies will be able to obtain advice and guidance if they have difficulty in attempting to implement lawful electronic surveillance court orders. It is important to point out that the NDCAC will not be responsible for the actual execution of any electronic surveillance court orders and will not have any direct operational or investigative role in investigations. It will provide the technical knowledge and referrals in response to law enforcement's requests for technical assistance." Here's the full text of the FBI's statement in a Google+ post. One person familiar with the FBI's procedures told CNET that the DCAC is in the process of being launched but is not yet operational. A public Justice Department document, however, refers to the DCAC as "recently established." "They're doing the best they can to avoid being transparent" The FBI has disclosed little information about the DCAC, and what has been previously made public about the center was primarily through budget requests sent to congressional committees. The DCAC doesn't even have a Web page. "The big question for me is why there isn't more transparency about what's going on?" asks Jennifer Lynch, a staff attorney at the Electronic Frontier Foundation, a civil liberties group in San Francisco. "We should know more about the program and what the FBI is doing. Which carriers they're working with -- which carriers they're having problems with. They're doing the best they can to avoid being transparent." The DCAC concept dates back at least four years. FBI director Robert Mueller was briefed on it in early 2008, internal FBI documents show. In January 2008, Charles Smith, a supervisory special agent and section chief in the FBI's Operational Technology Division, sent e-mail to other division officials asking for proposals for the DCAC's budget. When it comes to developing new surveillance technologies, Quantico is the U.S. government's equivalent of a Silicon Valley incubator. In addition to housing the FBI's Operational Technological Division, which boasts of developing the "latest and greatest investigative technologies to catch terrorists and criminals" and took the lead in creating the DCAC, it's also home to the FBI's Engineering Research Facility, the DEA's Office of Investigative Technology, and the U.S. Marshals' Technical Operations Group. In 2008, Wired.com reported that the FBI has "direct, high-speed access to a major wireless carrier's systems" through a high-speed DS-3 link to Quantico. The Senate appropriations committee said in a report last month that, for electronic surveillance capabilities, it authorizes "$54,178,000, which is equal to both the request and the fiscal year 2012 enacted level. These funds will support the Domestic Communications Assistance Center, providing for increased coordination regarding lawful electronic surveillance amongst the law enforcement community and with the communications industry." (It's unclear whether all of those funds will go to the DCAC.) In trying to convince Congress to spend taxpayers' dollars on the DCAC, the FBI has received help from local law enforcement agencies that like the idea of electronic surveillance aid. A Justice Department funding request for the 2013 fiscal year predicts DCAC will "facilitate the sharing of solutions and know-how among federal, state, and local law enforcement agencies" and will be welcomed by telecommunications companies who "prefer to standardize and centralize electronic surveillance." A 2010 resolution from the International Association of Chiefs of Police -- a reliable FBI ally on these topics -- requests that "Congress and the White House support the National Domestic Communications Assistance Center Business Plan." The FBI has also had help from the Drug Enforcement Administration, which last year requested $1.5 million to fund eight additional DCAC positions. DEA administrator Michele Leonhart has said (PDF) the funds will go to "develop these new electronic surveillance capabilities." The DEA did not respond to CNET's request for comment. An intriguing hint of where the DCAC might collaborate with the National Security Agency appeared in author James Bamford's article in the April issue of Wired magazine. Bamford said, citing an unidentified senior NSA official, that the agency has "made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems" -- an obstacle that law enforcement has encountered in investigations. Eventually, the FBI may be forced to lift the cloak of secrecy that has surrounded the DCAC's creation. On May 2, a House of Representatives committee directed the bureau to disclose "participation by other agencies and the accomplishments of the center to date" three months after the legislation is enacted. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 07:54:44 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 08:54:44 -0400 Subject: [Infowarrior] - =?windows-1252?q?Kaspersky_frustrated_by_Apple=92?= =?windows-1252?q?s_iOS_AV_ban?= Message-ID: <33DD01D7-4A55-45CE-B669-54CAB652C206@infowarrior.org> Eugene Kaspersky frustrated by Apple?s iOS AV ban By Simon Sharwood, APAC Editor Posted in Security, 22nd May 2012 06:32 GMT http://www.theregister.co.uk/2012/05/22/kaspersky_ios_antivirus/ Eugene Kaspersky is ?a little bit disappointed ? Apple won?t let us? develop antivirus software for iOS devices, as he feels it is only a matter of time before criminals target the operating system. ?We as a security company are not able to develop true endpoint security for iOS,? Kaspersky told The Register in Sydney today. ?That will mean disaster for Apple,? he opined, as malware will inevitably strike iOS in the future. Kaspersky says the infection vector won?t be iOS itself, which he said is ?by design is more secure? than other operating systems. He therefore rates it ?almost impossible to develop malware which does not use vulnerabilities. The only way is to inject it into the source code of legal software. It will take place in a marketplace and then there will be millions or tens of millions of devices.? Criminals have, to date, ignored this route because Kaspersky says ?it is more complicated? than other attacks. ?They are happy with Windows computers. Now they are happy with Mac. They are happy with Android. It is much more difficult to infect iOS but it is possible and when it happens it will be the worst-case scenario because there will be no protection. The Apple SDK won?t let us do it.? The result of an attack on iOS, he feels, will be declining market share for Apple and a concomitant boost for Android, a platform he admits is less secure but which at least offers developers the chance to develop security software. A severe attack, Kaspersky argues, therefore has the potential to highlight the problems of a closed ecosystem and damage Apple permanently. The Russian has even put his money where his mouth is on the issue, betting with friends that Android will achieve 80% market share by 2015, in part thanks to security issues on other platforms. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 11:49:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 12:49:23 -0400 Subject: [Infowarrior] - Did Hollywood Not Use Available DMCA Tools Just To Pretend It Needed SOPA? Message-ID: <5F43655B-604F-4B86-A8C8-FBE44FB26F23@infowarrior.org> Did Hollywood Not Use Available DMCA Tools Just To Pretend It Needed SOPA? from the transparency's-a-bitch dept http://www.techdirt.com/articles/20120525/04473019075/did-hollywood-not-use-available-dmca-tools-just-to-pretend-it-needed-sopa.shtml The more you dig into Google's new copyright transparency reports the more eye-catching info you find. Julian Sanchez, for example, has noticed the rather interesting timing of massive explosions in Hollywood studios using Google's DMCA takedown system for search... in correlation with key elements of the fight to get SOPA passed. For example, there's a really big spike in DMCA takedowns for search the week of November 14th. Hmmm... what happened that week? Oh, that's right: the House Judiciary Committee hearings about SOPA, where part of the "evidence" for why SOPA was needed was the MPAA's anti-piracy boss Michael O'Leary insisting that doing Google searches on certain movies led you to links to pages where you could download unauthorized copies. He was wrong, actually -- as our own tests showed, they took you to legal versions. But isn't it interesting to see that, for example, the very first search takedown that Lionsgate sent to Google happened on November 15th? Similarly, it's interesting to see that right after the SOPA blackouts made it clear that SOPA was going to die... there's another new "burst" of takedown filings. Twentieth Century Fox appears not to have used the system at all until January 30th of this year -- or a week or so after SOPA was officially declared dead. How about Paramount Pictures, one of the more vocal supporters of SOPA? It filed just one search takedown prior to the whole SOPA debate. But about a month after SOPA was declared dead, suddenly Paramount started using the tool. NBC Universal certainly had been a regular user of the system all along -- but right after SOPA died, its usage clearly trended upwards -- whereas prior to that, its usage looked pretty flat. In other words, you could certainly make a reasonable case that the studios went to Congress to complain about how they couldn't get rid of search results they don't like from Google... when they hadn't even tried to use the tools available which appear to do the job they wanted. There certainly may be other factors, but it's possible that the studios had been holding back on using the tools as a way of providing extra "evidence" of a problem that had to be addressed by law. Again, as Sanchez points out: "How about before you break the Internet, you try USING THE F***ING TOOLS YOU ALREADY HAVE?" A reasonable question, but don't expect a reasonable answer. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 12:18:12 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 13:18:12 -0400 Subject: [Infowarrior] - Station grabs SpaceX Dragon ship Message-ID: <34507767-40A1-4422-A8C0-BFE0DD01E33A@infowarrior.org> 25 May 2012 Last updated at 12:04 ET Station grabs SpaceX Dragon ship http://www.bbc.co.uk/news/science-environment-18195772?print=true By Jonathan Amos Science correspondent, BBC News The California SpaceX company has seen its unmanned Dragon cargo ship attach successfully to the International Space Station (ISS). Astronauts onboard the platform used its robotic arm to grasp the vehicle and attach it to a berthing port. Dragon is the first commercial vessel to visit the space station. It is also the first American ship to go to the orbiting laboratory since the US space agency (Nasa) retired its shuttles last year. US astronaut Don Petit was inside the ISS at the controls of the Canadarm2. He reached out with the robotic appendage and grabbed the Dragon capsule at 13:56 GMT (14:56 BST). "Houston, looks like we got us a Dragon by the tail," he radioed to Nasa mission control in Texas. The capture was met by applause from controllers, at the Nasa centre and at the SpaceX HQ in Hawthorne, California, where Dragon's flight is also being overseen. Just under two hours later, Petit used the arm to position the Dragon under the ISS's Harmony connecting node. A good seal was confirmed at 16:02 GMT (17:02 BST). The ISS crew will go inside the ship on Saturday to unload its stores. The attachment of Dragon to the platform marks a significant milestone in the history of human spaceflight. Traditionally, this field of endeavour has been the preserve of government-owned and operated vehicles. But the US space agency (Nasa) is is looking to save money that it can then re-invest in some of its other programmes far beyond Earth, at asteroids and at Mars. It believes this can be achieved by contracting out the more routine tasks in low-Earth orbit to the private sector. To that end, it is providing seed funding of approximately $800m to SpaceX and another company, Orbital Sciences Corporation, to help them develop new rocket and cargo vehicles. Orbital's rocket is called Antares, and its freighter is known as Cygnus. The pair should go into space together for the first time before the end of the year. Once these companies have proved the performance of their systems, they will start to receive lucrative ISS re-supply payments. For SpaceX, its contract is valued at $1.6bn (?1bn) and calls for a minimum of 12 Dragon cargo missions to the ISS. But freight is just the start. The ferrying of crews to and from the ISS will be the next service Nasa buys in. SpaceX wants this business as well, and is developing the safety and life-support equipment that would allow Dragon to double up as an astronaut taxi. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri May 25 13:29:38 2012 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 May 2012 14:29:38 -0400 Subject: [Infowarrior] - Facebook worst IPO flop of the decade, Bloomberg says Message-ID: As a friend just commented, "I can hear Nelson Muntz going "HA-HA!" :) --rick Facebook worst IPO flop of the decade, Bloomberg says A 13 percent drop in the social network's shares over its first five days of trading cinches its status, the news service reports. < - > http://news.cnet.com/8301-1023_3-57441687-93/facebook-worst-ipo-flop-of-the-decade-bloomberg-says/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat May 26 09:33:07 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 26 May 2012 10:33:07 -0400 Subject: [Infowarrior] - House to examine plan for United Nations to regulate the Internet Message-ID: <21578E55-52B8-4E3B-91EB-07E6581D2765@infowarrior.org> House to examine plan for United Nations to regulate the Internet By Brendan Sasso - 05/26/12 08:10 AM ET http://thehill.com/blogs/hillicon-valley/technology/229653-house-to-examine-plan-to-let-un-regulate-internet House lawmakers will consider an international proposal next week to give the United Nations more control over the Internet. The proposal is backed by China, Russia, Brazil, India and other UN members, and would give the UN?s International Telecommunication Union (ITU) more control over the governance of the Internet. It?s an unpopular idea with lawmakers on both sides of the aisle in Congress, and officials with the Obama administration have also criticized it. ?We're quite concerned,? Larry Strickling, the head of the Commerce Department's National Telecommunications and Information Administration, said n an interview with The Hill earlier this year. He said the measure would expose the Internet to ?top-down regulation where's it's really the governments that are at the table but the rest of the stakeholders aren't.? At a hearing earlier this month, Sen. Marco Rubio (R-Fla.) also criticized the proposal. He said China and Russia are "not exactly bastions of internet freedom." "Any place that bans certain terms from search should not be a leader in international Internet regulatory frameworks," he said, adding that he will keep a close eye on the process. Yet the proposal could come up for a vote at a UN conference in Dubai in December. Next week?s hearing is expected to bring more attention in the U.S. to the measure, which would give the UN more control over cybersecurity, data privacy, technical standards and the Web?s address system. It would also allow foreign government-owned Internet providers to charge extra for international traffic and allow for more price controls. The House Energy and Commerce subcommittee on Communications and Technology will hold the hearing and hear testimony from Robert McDowell, a Republican commissioner on the Federal Communications Commission (FCC); David Gross, a former State Department official; and Sally Shipman Wentworth, the senior manager of public policy for the nonprofit Internet Society. The Internet is currently governed under a ?multi-stakeholder? approach that gives power to a host of nonprofits, rather than governments. Strickling said that system brings more ideas and flexibility to Internet policymaking. ?We lose that when we turn this over to a group of just governments,? Strickling said. In an op-ed earlier this year in The Wall Street Journal, McDowell warned that ?a top-down, centralized, international regulatory overlay is antithetical to the architecture of the Net.? ?Productivity, rising living standards and the spread of freedom everywhere, but especially in the developing world, would grind to a halt as engineering and business decisions become politically paralyzed within a global regulatory body,? McDowell wrote. He said some governments feel excluded from Internet policymaking and want more control over the process. ?And let's face it, strong-arm regimes are threatened by popular outcries for political freedom that are empowered by unfettered Internet connectivity,? McDowell wrote. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat May 26 09:42:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 26 May 2012 10:42:51 -0400 Subject: [Infowarrior] - Flashing headlights is your Constitutionally protected right Message-ID: (Now if only it was legal to "jam" automated cameras. If I'm going to be pulled over, I want a cop to know the context of the situation, not some buck-an-hour drone at XeroxACS who uses a checklist to place the burden of proof on you to prove your innocence. -- rick) Flashing headlights is your Constitutionally protected right http://reviews.cnet.com/8301-13746_7-57441855-48/flashing-headlights-is-your-constitutionally-protected-right/ by Liane Yvkoff May 25, 2012 5:34 PM PDT Flashing your high beams to communicate with other drivers was ruled Constitutionally protected speech. No good deed goes unpunished, as they say. A man who tried to warn others of a speed trap by flashing his vehicle's headlights at motorists was ticketed by police. But a Florida judge ruled this week that flashing headlights is free speech protected by the First Amendment, according to an article in the Orlando Sentinel. Ryan Kintner was ticketed last year for warning motorists of a speed trap waiting for them down the road. The Lake Mary, Fla., resident was at home when he noticed a police officer with a radar gun near his house, and decided to help out unsuspecting motorists by parking farther up the street from the officer and flashing his lights at oncoming traffic to warn drivers. The police officer instead ticketed Kintner, citing a law that prohibits the flashing of aftermarket emergency lights. However, Kintner fought the ticket, and brought a lawsuit against the Seminole County Sheriff's office to stop them from using this law to "silence" motorists. He argued that the officers are misapplying that law, which is intended to prevent motorists from installing aftermarket emergency lights and impersonating emergency vehicles. A judge sort of agreed with him last year and granted a partial ruling in Kintner's favor stating that Florida law does not prohibit motorists from using their lights from communicating with other motorists, reported an earlier Orlando Sentinel article. In fact, it's common motoring practice to use high beams to inform other motorists that they've forgotten to turn on their headlights or that a traffic light has changed. And everyone has seen movies where drivers camped out in cars use their headlights to let their partners know the coast is clear, right? This latest decision that signaling with headlights is Constitutionally protected free speech should protect movie plots and road Samaritans going forward. It should also put an end to Florida police writing tickets based on the emergency-vehicle lights law. Police hiding in speed traps will either need to get stealthier or find another way to avoid being outed. A broader suit filed by Kintner's attorney against the Florida Highway Patrol on behalf of another driver ticketed in a similar situation is still pending. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon May 28 15:25:26 2012 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 28 May 2012 16:25:26 -0400 Subject: [Infowarrior] - Fwd: Powerful "Flame" cyber weapon found in Iran References: <7EB33041E473EC4B8C08A7CA087AC8720281C3AD@0015-its-exmb12.us.saic.com> Message-ID: <6622EA46-BF72-4B55-97C1-8D9C797B0617@infowarrior.org> c/o MM Begin forwarded message: > Powerful "Flame" cyber weapon found in Iran > Reuters ? 1 hour 8 minutes ago > http://finance.yahoo.com/news/powerful-flame-cyber-weapon-found-135931201.html > > By Jim Finkle > > BOSTON (Reuters) - Security experts discovered a highly complex computer virus in Iran and the Middle East that they believe was deployed at least five years ago to engage in state-sponsored espionage. > > Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that claimed responsibility for discovering the virus. > > Kaspersky researchers said they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it. > > Iran has accused the United States and Isreal of deploying Stuxnet. > > Cyber security experts said the discovery provides new evidence to the public to show what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years. > > "This is one of many, many campaigns that happen all the time and never make it into the public domain," said Alexander Klimburg, a cyber security expert at the Austrian Institute for International Affairs. > > A cyber security agency in Iran said on its website on Monday that Flame bore a "close relation" to Stuxnet, the notorious computer worm that attacked that country's nuclear program in 2010 and is the first publicly known example of a cyber weapon. > > Iran's National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran have said were responsible for massive data losses on some Iranian computer systems. > > Kaspersky Lab said it discovered Flame after a U.N. telecommunications agency asked it to analyze data on malicious software across the Middle East in search of the data-wiping virus reported by Iran. > > STUXNET CONNECTION > > Experts at Kaspersky Lab and Hungary's Laboratory of Cryptography and System Security who have spent weeks studying Flame said they have yet to find any evidence that it can attack infrastructure, delete data or inflict other physical damage. > > Yet they said they are in the early stages of their investigations and that they may discover other purposes beyond data theft. It took researchers months to determine the key mysteries behind Stuxnet, including the purpose of modules used to attack a uranium enrichment facility at Natanz, Iran. > > "Their initial research suggest that this was probably written by the authors of Stuxnet for covert intelligence collection," said John Bumgarner, a cyber warfare expert with the non-profit U.S. Cyber Consequences Unit think tank. > > Flame appears poised to go down in history as the third major cyber weapon uncovered after Stuxnet and its data-stealing cousin Duqu, named after the Star Wars villain. > > The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky. It gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu. > > Their research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria. > > The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg. > > GATHERING DATA > > Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats. > > Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading. > > That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, Schouwenberg said. > > He said that a nation state would have the capability to build such a sophisticated tool, but declined to comment on which countries might do so. > > The question of who built flame is sure to become a hot topic in the security community as well as the diplomatic world. > > There is some controversy over who was behind Stuxnet and Duqu. > > Some experts suspect the United States and Israel, a view that was laid out in a January 2011 New York Times report that said it came from a joint program begun around 2004 to undermine what they say are Iran's efforts to build a bomb. That article said the program was originally authorized by U.S. President George W. Bush, and then accelerated by his successor, Barack Obama. > > A U.S. Defense Department spokesman, David Oten, declined to comment on Flame on Monday, saying it may take "some time" because of the U.S. Memorial Day holiday. > > The CIA, the State Department, the National Security Agency, and the U.S. Cyber Command declined to comment. > > Hungarian researcher Boldizsar Bencsath, whose Laboratory of Cryptography and Systems Security first discovered Duqu, said his analysis shows that Flame may have been active for at least five years and perhaps eight years or more. > > "The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now," Mohan Koo, managing director of British-based Dtex Systems cyber security company. > > (Additional reporting by Jim Wolf in Washington, Daniel Fineran in Dubai and William Maclean in London; editing by Edward Tobin, Ron Popeski and Mohammad Zargham) > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Tue May 29 06:03:53 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 07:03:53 -0400 Subject: [Infowarrior] - Oz government pushes ahead with data retention plans Message-ID: Ozlog: Government pushes ahead with data retention plans The federal government is continuing to explore data retention by ISPs ? Stephanie McDonald (Computerworld) ? 28 May, 2012 09:29 http://www.computerworld.com.au/article/425847/ozlog_government_pushes_ahead_data_retention_plans/ The federal government is pushing ahead with reforms that could see consumers' information kept on file for up to two years by internet service providers (ISPs). This could include the data retention of personal internet browsing information which intelligence agencies could access in the event of criminal activities by individuals or organisations. Attorney-general Nicola Roxon told 774 ABC Melbourne last week that she has referred the matter to the joint intelligence committee, as well as other reforms to four pieces of legislation: the Telecommunications (Interception and Access) Act 1979; the Telecommunications Act 1997; the Australian Security Intelligence Organisation Act 1979; and the Intelligence Services Act 2001. [ Stay connected with the latest on networks and the NBN in Computerworld's Networking newsletter ] While she said the government is still considering whether to pursue the data retention reforms, she admitted police and intelligence agencies would like to see them go ahead ?so that if someone then comes to the notice of security agencies or the police, that you'd be able to go back in certain circumstances to pull out that information?. ?Now obviously that is quite an ambitious and contentious proposal.? Roxon said a parliamentary committee on the topic would allow the public to be involved in the discussion, with the government to decide whether to pursue the reforms based on the committee?s findings. Kim Heitman, secretary of Electronic Frontiers Australia, told Computerworld Australia that while the public will have a chance to comment on the reforms, the rest of the talks will be held secretly. ?The government ruthlessly uses the [freedom of information] FOI exemptions and confidentiality agreements to lock the public out of discussions on security, copyright infringement or new privacy laws. This pervasive secrecy on internet matters is a government failure and the genesis of bad legislation,? he said. Heitman believes the reforms would be ?lazy law enforcement? and said collecting and storing every mouse click and download of every user for two years would culminate in a staggering amount of data. ?While the hasty grab for this data by law enforcement agencies is bad ? experience shows that these powers will be abused and officials corrupted - the availability of this honey-pot to identity thieves, malicious and criminal intrusion or careless release of sensitive personal information is a statistical certainty,? he said. ?Crooks and terrorists will just use encryption or secure services to provide nothing but meaningless data - it's Mr or Mrs Average whose lives could be turned upside down by data breaches or bureaucratic spying.? Heitman also pointed out it would be expensive for internet service providers to implement and maintain data retention at this level as it needs to be properly stored and possibly backed-up and duplicated. The law could also extend from not only to computers but also to smartphones and tablets, he said. While Roxon said the government will assess how much the initiative would cost and what impact it would have on privacy issues, Heitman believes the costs will ultimately be passed onto consumers as an ?added [insult] to a privacy injury?. Roxon announced the review into national security legislation 4 May this year, asking the Parliamentary Joint Committee on Intelligence and Security to consider security reforms through public hearings. The proposed reforms are in response to telcos deleting data on a more regular basis. The Parliamentary Joint Committee on Intelligence and Security will report to the government later this year. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 06:08:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 07:08:14 -0400 Subject: [Infowarrior] - Wikileaks Launches Social Network for Supporters Message-ID: <0BCFD496-C96F-445A-B682-C4CFE6E43D12@infowarrior.org> Wikileaks Launches Social Network for Supporters 6:00 AM - May 29, 2012 by Jane McEntegart - source: FoWL http://www.tomshardware.com/news/Wikileaks-FoWL-WL-Friends-Social-Network-Facebook,15720.html#xtor=RSS-181 A place to support Wikileaks and connect with people that share your beliefs. Wikileaks has launched its own social network for supporters of the whistle-blowing site to connect and get to know each other. Dubbed Friends of Wikileaks, or FoWL, the site automatically connects users with like-minded individuals in an attempt to provide people with the useful connections they need to take action. "Since its inception, many small groups have sprung up in support of WikiLeaks. They have been forming without much global cohesion, and only a fraction of the people who support WikiLeaks have found a way to come together to engage in the practical defence of the organisation," reads the FoWL manifesto. "FoWL will connect these individuals, groups and organisations so that they may find synergies, and work together in an efficient and productive manner. We want all existing WikiLeaks support organisations to remain fully autonomous and independent and continue the work they are doing, but at the same time interconnect and work together for various common goals." FoWL isn't like your everyday social network, either. Instead of choosing and adding friends, FoWL will select your contacts for you. When joining, you'll provide your email address, the area you live in, your contact details (can be hidden or visible to your friends), languages you speak, and a little about yourself and why you're joining the site. FoWL will then connect you with 12 people in your chosen languages. Six of these will be from your area and the other six from around the world. If you choose to delete one of them from your contact list (if they're too quiet or "lazy," for example), you'll be connected with another. On Sunday, Wikileaks was busy using its Twitter page to broadcast the reasons why FoWL is better than social networking giant Facebook. Reason number four stated that FoWL keeps users data "so encrypted, not even the system admins can decrypt it." This was followed by reason five, which stated that FoWL "uses military grade cryptography and the best industry standards" to protect user data. FoWL is now open to sign ups, but the site warns new users that 'for some time, nothing else will happen. "We need the network to be of a certain size before we can start introducing you to candidate friends," FoWL explains. "Registering now will allow you to be a part of the network before the beta stage network gets full. As soon as we are ready to give you some candidate friends we will let you know." Check out FoWL for yourself at www.WLFriends.org. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 06:15:46 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 07:15:46 -0400 Subject: [Infowarrior] - (Stupid) Online Words DHS Doesn't Like Message-ID: <191D0B03-B305-423F-A071-274F82E1DF78@infowarrior.org> Revealed: Hundreds of words to avoid using online if you don't want the government spying on you (and they include 'pork', 'cloud' and 'Mexico') ? Department of Homeland Security forced to release list following freedom of information request ? Agency insists it only looks for evidence of genuine threats to the U.S. and not for signs of general dissent < - > http://www.dailymail.co.uk/news/article-2150281/REVEALED-Hundreds-words-avoid-using-online-dont-want-government-spying-you.html?ICO=most_read_module --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 06:31:59 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 07:31:59 -0400 Subject: [Infowarrior] - Fwd: The Cyber-Tootsie Roll Effect (Or Please Stop Calling Every Cyber Something An Attack) References: <7EB33041E473EC4B8C08A7CA087AC8720281C3B3@0015-its-exmb12.us.saic.com> Message-ID: c/o MM Begin forwarded message: > May 28, 2012 > The Cyber-Tootsie Roll Effect (Or Please Stop Calling Every Cyber Something An Attack) > Filed under: General Homeland Security ? by Arnold Bogis on May 28, 2012 > http://www.hlswatch.com/2012/05/28/the-cyber-tootsie-roll-effect-or-please-stop-calling-every-cyber-something-an-attack/ > Imagine for a moment that you got your wallet stolen. > > It could be from your back pocket in a crowd or your bag hanging on a chair in a busy restaurant. > > Now, if the police caught the individual responsible, would they be charged with assault? Almost certainly not (assuming that you did not notice the initial theft because it was surreptitious). You (or the victim) would most likely feel assaulted, offended and distraught about the invasion of privacy and security. Yet the authorities would not consider your ?feelings,? instead moving forward to deal with the specifics of the situation as they pertain to existing law. > > Seems reasonable. Right? A pick pocket, if caught, shouldn?t be charged with assault. > > Moving over to the cyber realm, is it me or is every possible type of incident beginning to be described as a ?cyber attack!? And if you label every problem a nail, then a hammer is always the answer. > > A few weeks ago Paul Rosenzweig of the blog Lawfare shared a list of ??Significant Cyber Attacks? on Federal systems since 2004? that he states is from sources on Capitol Hill. I do not know Mr. Rosenzweig but he seems to be a sophisticated observer and analyst of cyber-related topics, so I am not claiming that everywhere he looks, everything he sees looks like a cyber attack to him. That this list originated in some Congressional office is the disturbing part. Just a few examples of incidents included in this list of ?attacks? (the full list can be found the Lawfare blog post): > > USDA DC headquarters ? June 2006 ? The Department of Agriculture was subject to a cyber attack where the names, social security numbers, and photographs of 26,000 employees were stolen. http://www.msnbc.msn.com/id/31000126/ns/technology_and_science-security/t/cyber-attacks-continue-grow/ > Website breach ? December 2009 ? Department accidentally leaked Personally Identifiable Information and Social Security Numbers on website and didn?t notify employees for 7 weeks. http://www.washingtonpost.com/wp-dyn/content/article/2010/01/26/AR2010012603509.html?hpid=news-col-blog > Commerce Secretary ? December 2007 ? Spying software was found on the devices of then Commerce Secretary following a trip to China with the Joint Commission on Commerce and Trade. http://www.nationaljournal.com/magazine/china-s-cyber-militia-20080531 > F-35 development ? February 2012 ? It was announced that delays and high costs for the development of fighter plane F-35 stemmed from responding to cyber attacks that stole classified information discussing the technology. http://defensetech.org/2012/02/06/did-chinese-espionage-lead-to-f-35-delays/ > Non-Classified IP Router Network ? August 2006 ? A senior Air Force Officer announced that, ?China has downloaded 10 to 20 terabytes of data from the NIPRNet.?http://gcn.com/articles/2006/08/17/red-storm-rising.aspx > August 2006 ? Computers containing personal info of grant reviewers were stolen.http://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Report_20061231.pdf > May 2010 ? Lost CD contained info of 7,500 employees.http://fcw.com/articles/2010/06/16/interior-loses-cd-with-personal-data-for-7500-federal-employees.aspx > We have theft, we have espionage, and we have negligence. Could some of these turn out to reveal vulnerabilities leading to extortion or attacks at a later date? Certainly. Do these and other similar examples from the full list represent potential risks to our national security? Perhaps. But do they represent attacks? No. > > To be sure, there are attacks included on the list. As well as cases of espionage that are frightening. But you don?t guard against pick pockets in the same manner as you do muggers or attackers wishing to inflict bodily harm. > > When you do in the cyber realm, you may end up in a ?go time? mode similar to Security Debrief?s L. Vance Taylor: > > These attacks aren?t coming because of any real or perceived lack of cyber security protocols in the private sector. The attacks are coming because we allow countries like China to use cyber space to lie to us, steal from us, cheat us and even physically harm us without consequences or repercussions. It has to end. > > If Congress wants to do something productive to address cyber security, it should work (along with the Administration) to establish deterrents that will make countries like China think twice before taking our lunch. Two such deterrents could include: > > 1. Banning businesses that are headquartered in countries that hack into our CIKR networks from competing on projects in the U.S. sectors where American networks have been compromised or attacked. > 2. Instituting economic sanctions (equaling up to 10 times the costs of the financial implications of a given cyber attack) on any foreign country attacking America or her industries. > In short, Congress should stop legislating the private sector as a means to giving the nation the illusion that it?s doing something about cyber security. Instead, it should do something to prevent future attacks and actually bring perpetrating countries to justice. > > Mr. Taylor was describing his theory of response to attacks such as the recent targeting of the natural gas industry. Yet in seeing a tootsie roll, uh, I mean cyber attack originating in China (or Russia or any other country not counted as ?allies?) in every event he suggests a tough sounding stance of deterrence that doesn?t take into account reality. > > 1. Not every cyber incident is an attack. > 2. Not every cyber incident, even those that are attacks, can be accurately attributed. We may suspect an attack came from Chinese computers, but can?t prove it. Or perhaps we think it?s Russian hackers, but actually a group in Indonesia routed the attack through Russia. > 3. Not every cyber incident comes from a state of concern. China and Russia are often singled out, and Iran has gotten attention in recent weeks, yet there are hackers in almost every country. What if per #2 U.S. hackers attempt to shut down a piece of critical infrastructure but make it appear to be an attack from China? And it is also an uncomfortable truth that allies spy on each other?the French have long been suspected of state-sponsored industrial espionage and does anyone remember Jonathan Pollard? > 4. What if other states adopt similar cyber policies? Should U.S.-based hackers be discovered attempting to infiltrate an Indian government agency?s networks, what should the Indians do in response? What if confidential industrial information was stolen, should they sanction U.S. companies through whose networks the attack took place without their knowledge? > It is also a fact that not only do hackers live in the United States, but our government is suspected of producing cyber weapons and maybe even (shhhhhh?..) undertaking a little cyber espionage: > > Researchers have identified a sophisticated new computer virus 20 times the size of Stuxnet, the malicious software that disabled centrifuges in an Iranian nuclear plant. But unlike Stuxnet, the new malware appears to be used solely for espionage. > > Variously dubbed Flame, Skywiper and Flamer, the new virus is the largest and possibly most complex piece of malware ever discovered, which suggests it is state-sponsored, researchers said. > > As with Stuxnet, the creator of Flame remains a mystery, though some analysts say they suspect Israel and the United States, given the virus?s sophistication, among other things. > > Some researchers say that certain characteristics common to Stuxnet and Flame suggest that whoever ordered up Stuxnet is also behind Flame. > > The cyber realm is complicated. There exist no simple answers to complex issues. Unfortunately this world is not full of tootsie rolls, but instead reads like a John Le Carre novel. > > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Tue May 29 06:49:45 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 07:49:45 -0400 Subject: [Infowarrior] - This Rock Could Spy on You for Decades Message-ID: <7C6F2CB6-85CD-4A31-BF4D-DDCD1B2EE3B3@infowarrior.org> (Igloo White 2.0? --rick) This Rock Could Spy on You for Decades http://gizmodo.com/5913868/this-rock-could-spy-on-you-for-decades America is supposed to wind down its war in Afghanistan by 2014. But U.S. forces may continue to track Afghans for years after the conflict is officially done. Palm-sized sensors, developed for the American military, will remain littered across the Afghan countryside - detecting anyone who moves nearby and reporting their locations back to a remote headquarters. Some of these surveillance tools could be buried in the ground, all-but-unnoticeable by passersby. Others might be disguised as rocks, with wafer-sized, solar-rechargeable batteries that could enable the sensors' operation for perhaps as long as two decades, if their makers are to be believed. Traditionally, when armies clash, they leave behind a horrific legacy: leftover mines which can blow civilians apart long after the shooting war is over. These "unattended ground sensors," or UGSs, won't do that kind of damage. But they could give the Pentagon an enduring ability to monitor a one-time battlefield long, long after regular American forces are supposed to have returned home. "Were going to leave behind a lot of special operators in Afghanistan. And they need the kind of capability that's easy to put out so they can monitor a village without a lot of overt U.S.-made material on pathways and roadways," says Matt Plyburn, an executive at Lockheed Martin, the world's largest defense contractor. The U.S. military has used unattended ground sensors in one form or another since 1966, when American forces dropped acoustic monitors on the Ho Chi Minh trail. Tens of thousands of UGSs have been emplaced around Afghanistan and Iraq, forming electronic perimeters around combat outposts and keeping tabs on remote locations. It's a way to monitor the largest possible area with the smallest number of troops. "You use them to cover up your dead space - the areas you're concerned about but can't cover with other ISR [intelligence surveillance and reconnaissance] assets," says Lt. Col. Matt Russell, an Army program manager overseeing the deployment of unattended sensors. But earlier UGSs - even ones of the recent past - were relatively large and clunky, prone to false alarms, and had lifespans measurable in days or weeks. "What we found in the field was significant under-usage," Russell tells Danger Room. Plans to incorporate them into every combat brigade fizzled as the Army's proposed $200 billion revamp, Future Combat Systems, went south. The new models are dramatically smaller and consume far less power, enabling them to operate for months - maybe even years - at a time with only the slimmest chance of being detected. Lockheed calls them "field and forget" systems for "persistent surveillance." And they won't just be used overseas. U.S. Customs and Border Patrol today employs more than 7,500 UGSs on the Mexican border to spot illegal migrants. Defense contractors believe one of the biggest markets for the next generation of the sensors will be here at home. "They could be used for border security or even around corporate headquarters," Plyburn tells Danger Room. In early 2011, commanders in Afghanistan issued an "urgent operational needs statement" for better sensors. In response, the Army shipped a new line of about 1,500 "expendable" UGSs to the warzone. The size of a few stacked hockey pucks with a four-inch antenna, these sensors are easily hidden, and can "pick up wheels or footprints" for up to three months at a time, Russell says. It's a perfect surveillance tool for the remote valleys of eastern Afghanistan. Soon, when one of the sensors picks up a signal, it'll queue a spy blimp to focus in on the spot. "That's a capability coming to a theater near you soon," he adds. Even more sophisticated are the UGSs being tested northeast of Norfolk, Virginia, at a Lockheed proving ground. Arrays of up to 50 palm-sized acoustic and seismic sensors form a mesh network. When one sensor detects a person or a vehicle passing by, it uses unlicensed radio frequency bands to pass an alert from one node to the next. The alert finally hits a communications gateway, which a signal via satellite, tactical radio network, or Wi-Fi to a command and control center. That signal can tip off additional - or it can send a Twitter-like message to an intelligence officer's phone or tablet. When they're not picking up signals or passing along messages, the sensors are all-but-shut-down, barely consuming any power. That allows them to last for weeks, buried underground. Or the sensors can be encased in hollow "rocks" equipped with miniature solar panels. A quick recharge from the sun will allow the sensor to "get through the night anywhere on Earth that U.S. forces operate," says Plyburn. Plyburn claims that the sensor's battery, about the size of a postage stamp, has been able to go through 80,000 recharges, compared to a few hundred cycles for a typical lithium-ion battery. Even if he's off by a factor of 10, the sensor's battery could keep the machine operational for nearly twenty-two years. Russell is skeptical of these assertions of longevity. "I'm sure there are a lot of claims by contractors," he says. "My experience is: the longer the lifespan, the bigger the battery." Nor does Lockheed currently have a contract with Defense Department to mass-produce the sensors. But Plyburn says there has been interest around the armed forces, especially since the system is relatively cheap. Plyburn says each sensor could cost as little as $1,000 each - practically expendable for a military paying $80,000 for a single guided artillery round. Lockheed isn't the only company claiming that its sensors can operate for years on end. U.S. Special Operations Command has handed out at least $12 million in UGS contracts to tiny Camgian Microsystems, based out of Starksville, Mississippi. Company CEO Gary Butler, who spent years developing ultra-low power integrated circuits for Darpa, was awarded in March a patent for such a next-gen unattended sensor suite. Rather than relaying alerts from node to node, each of Butler's sensors is designed to send signals directly to a satellite - speeding up notifications, and cutting down on power consumed. Rather than a simple acoustic or seismic detector, the sensor relies a steerable, phased-array radar and moving-target indicator algorithms. That could give it a much greater ability to detect people and vehicles on the run. High-powered solar cells provide will enable up to "500,000 recharge cycles" could give the sensor a "10-20 year life," according to the patent. Butler won't say how U.S. special operators are using his research, if at all. But when I ask him about the possibility of leaving UGS networks behind after American troops have officially left, Butler calls that "plausible. Very Plausible." Camgian's patent claims that the sensor's ease-of-use and small size means it "is easily emplaced in difficult areas, using airborne assets such as Unmanned Aerial Vehicles." Edward Carapezza, who has been overseeing UGS research for more than two decades, says drones are already dropping unattended sensors into hostile locations. "In certain areas, we certainly are using unmanned vehicles and unattended sensors together," says Carapezza, who now works at the defense contractor General Atomics. He declined to name where these operations were being conducted. He simply gave the rationale for the missions. "Instead of sending patrols of our guys in, we send in drones and unattended sensors - dropping arrays, locating bad guys, and then putting weapons on target." The "MicroObserver" UGS from defense contractor Textron has been in the field since 2008. The U.S. Army is currently using the sensors in Afghanistan. "Another customer - we're not allowed to say who or where - used it as part of a comprehensive border security program in a Middle Eastern country," says Patty Shafer, a Textron executive. Textron's seismic sensors come in two varieties. The smaller, three inch-long model, weighing 1.4 pounds, will last about a month. The bigger system, a 4.4 pound spike, can be buried in the ground and gather intelligence for more than two years. It can detect and characterize people from 100 meters away, and vehicles from three times that distance, Shafer says. A conformal antenna allows it to communicate with a gateway five kilometers away. Northrop Grumman employs a family of sensors for its Scorpion surveillance network. "Seismic sensors work well detecting vehicles on bumpy roads, but lose range as the road becomes smoother, or the vehicle lighter. Typically, magnetic sensors sense only large vehicles at fairly short distances. The range of acoustic sensors depends upon environmental conditions such as humidity and surroundings. Most sense engine exhaust noise or other periodic pulse trains and measure the period to determine numbers of cylinders and classify the source," explains a Northrop presentation to an academic conference on unattended sensors. The Army has purchased over a thousand of the original versions, with an average of four sensors, each. The vast majority have been sent to Iraq and Afghanistan. Another 20 Scorpion II systems were recently bought by the Army Research Lab. The sensors can today spot people from 800 meters away, and vehicles from 2,100 meters. The sensors' batteries wear out after a month. These might have been eye-popping results, not long ago. But the U.S. military now has plans to keep its network of tiny, hidden spies going for much longer than that. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 07:14:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 08:14:05 -0400 Subject: [Infowarrior] - How did everyone miss Flame? Message-ID: <5659CA73-39BE-45BD-92DE-90AAD9F21552@infowarrior.org> How did everyone miss Flame? Michael Lee, ZDNet.com.au on May 29th, 2012 (4 hours ago) http://www.zdnet.com.au/how-did-everyone-miss-flame_print-339338742.htm The most "complex malware ever found" ? Flame ? has taken the information security world by surprise. Given that it is said to have been around for years, how did everyone miss it? Several security research firms, including Symantec, Kaspersky and McAfee have been hard at work analysing a specific piece of malware in the past few days after the Iranian Computer Emergency Response Team posted an alert about malicious code designed to steal and exfiltrate information from infected computers back to a network of at least 10 command and control servers. However, as Budapest University's Laboratory of Cryptography and System Security (CrySyS) reported in its analysis of the malware, it "may have been active for as long as five to eight years". CrySyS also reported that the malware's footprint is massive ? some 20MB ? in stark contrast to traditional malware, which attempts to keep as low a profile as possible to avoid detection. Furthermore, the malware also appears to regularly send out information to command and control servers, which should have raised the concerns of a discerning network administrator. But despite these apparent red flags, the Flame war didn't heat up until just recently. Stratsec manager for threat research and analysis Sergei Shevchenko told ZDNet Australia that it was possible that Flame had not been in the wild as long as initially reported. CrySyS' five-to-eight-year estimate relies on anecdotal evidence submitted by the Webroot community in 2007. "The samples in those firstly reported cases happened to share the same filenames as Flame's own components, and could either have belonged to Flame family, or not ... could have been detected under different threat names and by different products, or not," Shevchenko said. Kaspersky, McAfee and Symantec all believe that Flame has been around for two years, after detecting some of its components running back to 2010. So the issue wasn't necessarily that antivirus products weren't detecting Flame, but rather that they just didn't know what they were looking at until now. Yet, Pure Hacking CTO Ty Miller believed it was simply a case of malware authors being a step ahead of antivirus companies. "Malware detection is a tricky industry, as the hackers and the antivirus companies are both constantly racing for better bypass and detection techniques, respectively. Unfortunately, antivirus companies are behind the eight ball since it is easier to bypass known security controls, than it is to detect unknown threats," Miller said. A well-trained network administrator could have been expected to detect the regular communications sent from the infected machines using intrusion detection/prevention systems (IPS/IDS). However, Miller notes there is a chicken-and-egg situation whereby IPS signatures are often only created once the malware is known. In addition, Flame's creators appear to have taken precautionary measures against network forensics. Flame uses SSL encryption, similar to that used to secure communications during online banking. "The malicious network traffic is transferred over SSL and SSH tunnels, which are generally encrypted from end to end. This means that network-based intrusion prevention systems would not be able to detect rogue activities," Miller said. Shevchenko agreed, stating that even if the traffic seemed odd, it would be impossible to decrypt without the right key to determine what was going on. "Without knowing what algorithm the traffic is encrypted with and what keys were used to encrypt it, no security solution would be able to classify such traffic as malicious, without increasing the risk of false positive detections that may potentially block legitimate traffic," he said. CrySiS' report also revealed that more than 50 domain names and over 15 distinct IP addresses were cycled to reduce and suspicious trends in activity that might be picked up by a network administrator. Flame's larger file size didn't raise any flags; in fact, Kaspersky Labs security researcher Alexander Gostev noted that its large size was precisely why it wasn't discovered for so long ? it simply didn't fit the profile. Shevchenko said that the larger size of the malware points to a set of careless malware authors ? who prefer to use high-level languages ? or professional programmers that prefer to use third-party components and libraries that had evolved over time into highly reliable time-tested tools. "This complacency might be explained with the fact the recently [hired] professional developers simply continued to work the way they used to ... developing lower-level components might sound like a nightmare idea to them," he said. URL:http://www.zdnet.com.au/how-did-everyone-miss-flame-339338742.htm --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 07:15:55 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 08:15:55 -0400 Subject: [Infowarrior] - Pirate Bay Ready For Perpetual IP-Address Whac-A-Mole Message-ID: Pirate Bay Ready For Perpetual IP-Address Whac-A-Mole ? Ernesto ? May 28, 2012 http://torrentfreak.com/pirate-bay-ready-for-perpetual-ip-address-whac-a-mole-120528/ Last week The Pirate Bay added a new IP-address which allows users to circumvent the many court-ordered blockades against the site. While this proved to be quite effective, the Hollywood backed anti-piracy group BREIN has already been to court to demand a block against this new address. But that won?t deter The Pirate Bay, who say they are fully prepared for an extended game of whac-a-mole using the hundreds of IP addresses they have available. The Pirate Bay is arguably the most censored website on the Internet. Courts all around the world have ordered Internet providers to block subscriber access to the torrent site, and the end is still not in sight. Within a few days, a new deadline for five UK and five Dutch Internet providers passes. This means that millions more will be unable to access The Pirate Bay, at least, that is the plan. Last week The Pirate Bay team responded to the blockades by adding a new IP-address. The new location was setup to make it easier for people to start their own dedicated proxy sites, but it also allows blocked Pirate Bay visitors to gain access to the site. Instead of the normal address they simply go to 194.71.107.80, bypassing the court order ? for the time being at least. The new IP-address represents a new thorn in the side of Dutch anti-piracy group BREIN, who quickly asked ISPs to censor that too. Unfortunately for them the providers refused to do so, so the group had to go to court once again last week to get the added IP-address blocked as well. Right before the weekend BREIN succeeded with the court ordering an ex-parte injunction for the new address. However, according to comments coming out of The Pirate Bay, this could just be the start of an extended game of whac-a-mole. ?Let me get the next IP-address lined up,? a Pirate Bay insider told TorrentFreak. ?We have hundreds, so let?s see many times they will respond,? he added. We were told that if the new IP-address is blocked again, they will simply add a new one. This means that BREIN would have to file for another ex-parte injunction, a process that may repeat itself hundreds of times. The Pirate Bay insider did emphasize that the new IP wasn?t meant for people to bypass the blocks directly, but to make it easier and more safe to create proxy sites. In this regard, it is irrelevant whether the IP-address is blocked or not. However, it?s well known that The Pirate Bay isn?t averse to a little dueling with anti-piracy outfits, so they?re going to play along. ?Now that I know it?s annoying to BREIN, of course we?ll add more IPs. Every time they get an order, we?ll add a new one, for the next year or so,? TorrentFreak was told. The result is an almost endless IP-address whac-a-mole. The Pirate Bay blockades are a good example of how hard it is to completely get a website offline. Even if all Pirate Bay domains and IP-addresses are blocked there are plenty of other ways to access the torrent site, including hundreds of proxy sites. At the same time, the blockades make The Pirate Bay front page news. As we?ve seen before, this can result in a healthy traffic boost for the deviant torrent site. That begs the question of whether these censorship attempts aren?t doing more ?harm? than ?good? for copyright holders. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 07:48:56 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 08:48:56 -0400 Subject: [Infowarrior] - =?windows-1252?q?Secret_=91Kill_List=92_Proves_a_?= =?windows-1252?q?Test_of_Obama=92s_Principles_and_Will?= Message-ID: <05742571-809C-4511-86B3-7A9EE18CC14B@infowarrior.org> Very long article that doesn't say much of what we didn't know, but there are a few interesting snippets that should give people pause. Secret ?Kill List? Proves a Test of Obama?s Principles and Will http://www.nytimes.com/2012/05/29/world/obamas-leadership-in-war-on-al-qaeda.html?_r=2&hp&pagewanted=print --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 08:18:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 09:18:40 -0400 Subject: [Infowarrior] - =?windows-1252?q?OT=3A_A_Peek_at_Pentagon_Pork=3A?= =?windows-1252?q?_A_Taxpayers=92_Guide?= Message-ID: <1EE223FB-BF2F-4DFE-AD55-E01639F3D7CF@infowarrior.org> (NB: Winslow Wheeler is a voice of fiscal reason and a long-time critic / reformer of the DOD procurement process. -- rick) A Peek at Pentagon Pork: A Taxpayers? Guide http://battleland.blogs.time.com/2012/05/29/a-peek-at-pentagon-pork-a-taxpayers-guide/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 08:22:00 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 09:22:00 -0400 Subject: [Infowarrior] - =?windows-1252?q?5_things_the_TSA_doesn=92t_want_?= =?windows-1252?q?you_to_see?= Message-ID: <9886CA7A-2F02-4E69-88E2-EDAEFBA035C2@infowarrior.org> c/o DS 5 things the TSA doesn?t want you to see http://www.elliott.org/blog/5-things-the-tsa-doesnt-want-you-to-see/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 12:29:03 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 13:29:03 -0400 Subject: [Infowarrior] - DMCA Idiocy, Part....ohwhocares Message-ID: <7F0D4FC7-79F7-4E30-BF85-3B1BF29FBB14@infowarrior.org> Fox Issues DMCA Takedown To Google Over SF Chronicle Article... Claiming It Was The Movie 'Chronicle' http://www.techdirt.com/articles/20120525/01520819073/fox-issues-dmca-takedown-to-google-over-sf-chronicle-article-claiming-it-was-movie-chronicle.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue May 29 14:11:42 2012 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 May 2012 15:11:42 -0400 Subject: [Infowarrior] - Fwd: WikiLeaks under threat: Assange extradition judgement tomorrow References: Message-ID: Begin forwarded message: > From: Wikileaks Press Office > Date: May 29, 2012 3:08:48 PM EDT > > PRESS RELEASE > > State of play of attacks against WikiLeaks to date > Tuesday May 29, 2012 20:30 GMT > > ----------------------- > Summary > ----------------------- > > US GOVERNMENT ATTACK ON WIKILEAKS > > * WikiLeaks is under attack. The United States is seeking to charge Julian > Assange - a journalist and publisher - with espionage. > > * The US Grand Jury reportedly possesses a sealed indictment, which could be > used to extradite Assange to the United States. > > * Secret subpoenas have been served on ISPs and online services for the private > data of WikiLeaks staff and supporters. > > * Special task-forces have been setup by various various US intelligence > agencies, including the Pentagon, CIA, FBI, and the US State Department. > > * Associates of WikiLeaks have been detained and interrogated at US and UK > airports, their equipment confiscated, and attempts have been made to turn them > into informants. > > * If the indictment is unsealed upon Assange's extradition to Sweden he faces > further removal from Sweden to the United States. > > * Meanwhile, an unprecedented extralegal denial of service by Visa and > Mastercard has cut off funding to WikiLeaks, almost shutting down WikiLeaks' > publishing activity. > > > THREAT OF EXTRADITION > > * If the extradition to Sweden is quashed in the outcome of the court > judgement, he faces extradition from the United Kingdom. > > * Both Swedish and UK governments have been coordinating with the US, taking > steps to facilitate a US extradition request in either eventuality. Assange > cannot take steps to avoid either risk. For 539 days he has been detained > without charge in the UK under house arrest. > > * Under US pressure the Australian government has relaxed its own extradition > law, smoothing any possible extradition from Assange's home country. The > Gillard government has also amended legislation to give Australian intelligence > agencies powers of surveillance over WikiLeaks supporters. > > > ----------------------- > Full Brief > ----------------------- > > WikiLeaks is under serious threat. The US, UK, Swedish and Australian > governments are engaging in a coordinated effort to extradite its > editor-in-chief Julian Assange to the United States, to face espionage charges > for journalistic activities. > > GRAND JURY > > For twenty-one months a Grand Jury sitting in the Washington DC area has been > meeting on a monthly basis, seeking to prosecute Julian Assange for espionage. > href="www.guardian.co.uk/media/2011/may/11/us-opens-wikileaks-grand-jury-hearing">[Read > More] > > No judge or defense counsel is present at these proceedings. According to the > global intelligence firm Stratfor, a sealed indictment against Assange was > issued 18 months ago, in January 2011. href="http://ccrjustice.org/newsroom/press-releases/ccr-condemns-reported-sealed-indictment-against-wikileaks-founder-julian-assange">[Read > More] href="http://wikileaks.org/gifiles/docs/375123_fw-ct-assange-manning-link-not-key-to-wikileaks-case-.html">[Source] > > In connection with the case, individuals have been legally compelled to give > evidence to the Grand Jury. href="http://www.salon.com/2011/04/27/wikileaks_26/">[Read More] > > Google, Twitter, and other internet service providers have been issued secret > court orders to divulge private information about WikiLeaks staff, volunteers > and supporters. href="http://online.wsj.com/article/SB10001424052970203476804576613284007315072.html">[Read > More] > > Friends and supporters of WikiLeaks have been detained, searched and > interrogated at airports, and attempts have been made to turn them into > informants. href="http://www.democracynow.org/2012/4/20/we_do_not_live_in_a">[Read > More] > > Please consult Alexa O'Brien's href="http://www.alexaobrien.com/timeline_us_versus_manning_assange_wikileaks.html#20100822-pentagon-rape-epidemic">timeline > of US vs. Manning, Assange, WikiLeaks and the Press for comprehensive > information on the Grand Jury and associated matters. > > AUSTRALIAN COMPLICITY > > Australia quietly changed its extradition law three months ago. An amendment > passed in February makes it possible for someone to be extradited for minor > offenses. This amendment weakens the security of all Australians, and > facilitates Assange's extradition from his home country, despite popular > support for him there. There was no media reportage on the passage of this > amendment. href="http://castancentre.com/2012/03/07/extradition-and-mutual-assistance-changes-slip-in-under-the-radar/">[Read > More] > > Declassified Australian diplomatic cables reveal that Australian diplomats have > raised no concerns over the possible extradition of Julian Assange to the > United States. The Australian government asks only that it be forewarned, so as > to coordinate a media response. href="http://www.theage.com.au/national/authorities-still-gunning-for-assange-cables-show-20120527-1zd2x.html">[Read > More] href="http://www.theage.com.au/national/australia-did-not-object-to-us-pursuit-of-assange-20111202-1obg4.html">[Supplementary] > > The Australian government also passed the 'WikiLeaks Amendment' in July 2011, > broadening the powers of Australia's ASIO intelligence agency to spy on > Australian citizens and anyone associated with WikiLeaks. href="http://www.crikey.com.au/2011/07/05/asio-gets-its-new-powers-and-no-one-will-tell-us-">[Read > More] > > At the behest of the US government, Prime Minister Julia Gillard instigated a > federal investigation into whether criminal charges could be brought against > Assange. Before it had been concluded that Assange has broken no laws, Gillard > had already publicly called Assange's actions ?illegal? and stated that his > passport may be cancelled. href="http://www.theage.com.au/national/asio-eye-on-wikileaks-20110522-1eyyt.html">[Read > More] href="http://news.smh.com.au/breaking-news-national/australia-to-help-us-over-assange-20101204-18k3w.html">[Supplementary] > > The Australian government has repeatedly delayed, censored and blocked Freedom > of Information (FOI) requests for material that would reveal its internal legal > deliberations over Assange's extradition to the US and has refused to answer > parliamentary questions about the extent of its co-operation. href="http://www.crikey.com.au/2012/04/18/julian-assange-freedom-of-information-requests/">[Read > More] href="http://greensmps.org.au/content/media-releases/new-leaks-show-our-freedom-information-system-broken-greens">[Supplementary] > > > It has given only cursory assistance regarding a highly irregular and > politicized Swedish extradition request for Julian Assange under the European > Arrest Warrant (EAW) system. href="http://www.abc.net.au/unleashed/42368.html">[Read More] href="http://www.smh.com.au/national/wikileaks-founder-abandoned-by-government-20111107-1n3wj.html">[Supplementary] > > Please see SwedenVersusAssange's href="http://www.swedenversusassange.com/Australia.html">Australia page for > more comprehensive information on Australian complicity. > > UK COMPLICITY > > Assange has been detained under house arrest without charge for 539 days. If > his May 30 Supreme Court challenge is successful, he is at risk of extradition > to the US under the terms of a one-sided UK/US extradition treaty. href="http://www.bbc.co.uk/news/uk-politics-17553860">[Read More] > > Long-promised reform of the UK's extradition arrangements continue to be > delayed, and this is despite the findings of two Parliamentary Select > Committees that reform is urgent. href="http://www.publications.parliament.uk/pa/jt201012/jtselect/jtrights/156/15611.htm">[See > ?5] > > The US government is directly involved. A February FOI request revealed the > involvement of Attorney General Eric Holder and other US officials in the Baker > Review on UK extradition reform. The UK government has refused to publish the > evidence on which the Baker Review based its findings. Other FOI requests > specific to Julian Assange have been denied. href="http://www.scribd.com/doc/81571864/Feb12FOICase20979Reply">[Read > More] > > US Ambassador Louis Susman confirmed that the US would wait to see ?how > things work out in the British courts." href="https://www.youtube.com/watch?v=TdbiAI3dQ0Y">[Watch] Mr Susman has > been granted extraordinary access to directly address the UK Parliament and its > Select Committees, arguing that reform of the UK/US extradition treaty is > unnecessary. href=http://www.telegraph.co.uk/news/politics/8928388/Extradition-rules-under-strain-as-MPs-prepare-for-historic-vote.html">[Read > More] > > SWEDISH COMPLICITY > > On 8 December 2010 the Independent newspaper in the UK cited ?diplomatic > sources? confirming informal talks between Sweden and the US about > extraditing Julian Assange. href="http://www.independent.co.uk/news/uk/crime/assange-could-face-espionage-trial-in-us-2154107.html">[Read > More] > > The US/Sweden bilateral treaty has a ?temporary surrender? clause which can > be used for onward transfer to the US, circumventing the safeguards of a formal > extradition. href="http://www.swedenversusassange.com/US-Extradition.html#TR">[Read > More] > > Sweden was condemned by the UN Committee Against Torture in 2005 for its role > in the extraordinary rendition of refugees to CIA black sites. href="http://www1.umn.edu/humanrts/cat/decisions/233-2003.html">[Read More] > Sweden has not refused a US request for extradition since 2000. href="http://translate.google.com/translate?u=http%3A%2F%2Fwww.svd.se%2Fnyheter%2Finrikes%2Fassange-sverige-har-inte-motsatt-sig-usa_6715051.svd">[Read > More] > > The Swedish Prime Minister's chief political adviser is Karl Rove, infamous for > coordinating smear campaigns while he was George Bush's adviser. href="http://www.huffingtonpost.com/andrew-kreig/rove-suspected-in-swedish_b_798737.html">[Read > More] Rove is an old associate of Swedish Foreign Minister Carl Bildt, who > was revealed as a US informant in a 2007 State Department cable published by > WikiLeaks. href="http://www.rollingstone.com/politics/news/julian-assange-the-rolling-stone-interview-20120118">[Read > More] > > Senior Swedish political figures have made false and/or misleading public > statements highly prejudicial to a fair trial for Julian Assange. These include > href="http://www.swedenversusassange.com/Political-Interference.html#SE">Prime > Minister Reinfeldt, Swedish href="https://carlbildt.wordpress.com/2012/02/22/smutskastningskampanj/">Foreign > Minister Carl Bildt, Sweden's ">Prosecutor-General > Anders Perklev, investigating prosecutor href="http://www.swedenversusassange.com/Prosecution.html#QUES">Marianne Ny > and href="http://news.yahoo.com/swedish-minister-assange-turn-yourself-20110210-074505-863.html">Justice > Minister Beatrice Ask. > > Justice Minister Ask href="https://secure.flickr.com/photos/embassyofswedenwashingtondc/6936320891/in/set-72157629105012894/">visited > US Attorney General Eric Holder in Washington on 27 February 2012 but no > statements outlining what was discussed have been issued. > > IRREGULARITIES IN THE SWEDISH CASE > > There are numerous concerns regarding the merits and lawfulness of the Swedish > case against Assange, including: > > ? the two complainants to the case went to the police for advice about HIV > tests. They did not wish to file a complaint. One complainant has stated she > felt ?railroaded? by police. On hearing that police were seeking Julian > Assange for rape, she became upset and did not sign her statement; > > ? there have been unlawful and prejudicial disclosures to the media by police > and the prosecution regarding the investigation. These have generated over 4 > million websearch results linking 'Assange' and 'rape', irreparably harming his > reputation and diminishing public support for WikiLeaks; > > ? after reviewing the police file, Senior Prosecutor Eva Finne found the rape > allegation to be false: ?I consider there are no grounds for suspecting he > has committed rape?; > > ? there have been breaches of police procedures in the investigation of the > allegations, in particular: complainant witness statements were not recorded > and were later revised; > > ? the failure to disclose details of the allegations and the evidence in > English; > > ? the apparent failure of the Prosecutor to consider exculpatory evidence, > and the withholding of exculpatory evidence from the defense and the UK courts; > > ? the disproportionate behavior of the Prosecutor Marianne Ny in refusing > voluntary offers for co-operation and refusing to make use of the normal > methods of Mutual Legal Assistance for interviewing Assange ? insisting > instead on an international warrant which unduly restricts his liberty. The EAW > and a public Interpol Red Notice were issued two days prior to WikiLeaks' > Cablegate publication; > > ? the pre-trial detention conditions ? incommunicado in solitary > confinement ? sought by the Prosecutor prior to any decision whether to > prosecute, and their lack of a time limit; and > > ? the prospect of a secret trial, which is customary under Swedish law. > > Please consult SwedenVersusAssange's "Prosecution page for comprehensive > information on the irregularities in the Swedish case. href="http://www.swedenversusassange.com/Prosecution.html">[Click Here] > > Under the EAW system UK courts are unable to take any of the above into > account. Julian Assange has not been charged with any crime. The Swedish > extradition is for questioning as part of the preliminary investigation. > Neither the UK Extradition Act 2003 nor the EU Framework Directive intended > EAWs to be used in this manner. Julian Assange's extradition under such > circumstances will set dangerous precedents affecting basic justice across > Europe, whereby extradition is possible from the UK without charge, without > evidence, at the behest of any prosecutor anywhere in Europe and without proper > judicial oversight. > > > FURTHER AGGRESSION AGAINST WIKILEAKS > > Other related acts of aggression against WikiLeaks include: > > ? Leading active US politicians have called for the extrajudicial > assassination of Julian Assange, including by drone strike. US senators have > labelled our editor-in-chief a ?high-tech terrorist? and ?enemy > combatant? engaged in ?cyber warfare?. href="http://www.telegraph.co.uk/news/worldnews/wikileaks/8172916/WikiLeaks-guilty-parties-should-face-death-penalty.html">[Read > More] > > ? The setting up of a 120-strong US Pentagon team dedicated to ?taking > action? against WikiLeaks ahead of WikiLeaks' release of the Iraq War Logs > and Cablegate. Similar publicly declared FBI, CIA and US State Department Task > Forces are also still in operation. href="http://www.washingtonpost.com/wp-dyn/content/article/2010/12/21/AR2010122104599.html?hpid=topnews&sid=ST2010122105304">[Read > More] > > ? Requests from US government figures that American banking corporations > Visa, Mastercard, Paypal, Western Union and Bank of America impose an illegal > financial blockade against the organization, blocking the ability of members of > the public to make donations, thereby shutting off 95% of WikiLeaks' funding. > In December 2010 Paypal also froze 60,000 euros of WikiLeaks donations held by > the Wau Holland charitable foundation. Two days later Swiss bank PostFinance > froze Julian Assange's account, containing 31,000 euros, used for WikiLeaks > Staff Defence Funds. The WikiLeaks blockade has been condemned by both the UN > High Commissioner for Human Rights and the UN Rapporteur for Freedom of Opinion > and Expression. In July 2011 WikiLeaks lodged a complaint about the financial > blockade with the European Commission for infringement of EU Anti-Trust laws. > We are still awaiting an answer, due by August 2012. href="http://www.wikileaks.org/Banking-Blockade.html">[Read More] > > ? The US government has also pressured internet providers to cease services > to WikiLeaks.org. On 1 December 2010 Amazon removed WikiLeaks from their > storage servers, and on 2 December the DNS service pointing to the > Wikileaks.org domain was disrupted. href="http://www.guardian.co.uk/media/blog/2010/dec/03/wikileaks-knocked-off-net-dns-everydns">[Read > More] > > ? WikiLeaks' volunteers and associates have endured constant harassment, > being detained at US border points, having their electronic devices seized and > secret so-called 2703(d) orders issued for their Twitter records. The latter > only came to light when Twitter challenged the injunction against letting > individuals know their records were being turned over to federal authorities. > It is not yet known how many other internet service providers received similar > 2703(d) orders relating to WikiLeaks ? so far, only Google and ISP Sonic.net > have been confirmed. href="http://news.cnet.com/8301-31921_3-20117919-281/justice-department-ramps-up-wikileaks-e-mail-probe/">[Read > More] [See Also] --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 08:24:40 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 09:24:40 -0400 Subject: [Infowarrior] - =?windows-1252?q?=93Militants=94=3A__Media_propag?= =?windows-1252?q?anda?= Message-ID: <4040B239-36E5-4BFE-ADDE-649D121FAF19@infowarrior.org> TUESDAY, MAY 29, 2012 4:32 AM UTC ?Militants?: media propaganda BY GLENN GREENWALD To avoid counting civilian deaths, Obama re-defined "militant" to mean "all military-age males in a strike zone" http://www.salon.com/2012/05/29/militants_media_propaganda/singleton/ Virtually every time the U.S. fires a missile from a drone and ends the lives of Muslims, American media outlets dutifully trumpet in headlines that the dead were ?militants? ? even though those media outlets literally do not have the slightest idea of who was actually killed. They simply cite always-unnamed ?officials? claiming that the dead were ?militants.? It?s the most obvious and inexcusable form of rank propaganda: media outlets continuously propagating a vital claim without having the slightest idea if it?s true. This practice continues even though key Obama officials have been caught lying, a term used advisedly, about how many civilians they?re killing. I?ve written and said many times before that in American media discourse, the definition of ?militant? is any human being whose life is extinguished when an American missile or bomb detonates (that term was even used when Anwar Awlaki?s 16-year-old American son, Abdulrahman, was killed by a U.S. drone in Yemen two weeks after a drone killed his father, even though nobody claims the teenager was anything but completely innocent: ?Another U.S. Drone Strike Kills Militants in Yemen?). This morning, the New York Times has a very lengthy and detailed article about President Obama?s counter-Terrorism policies based on interviews with ?three dozen of his current and former advisers.? I?m writing separately about the numerous revelations contained in that article, but want specifically to highlight this one vital passage about how the Obama administration determines who is a ?militant.? The article explains that Obama?s rhetorical emphasis on avoiding civilian deaths ?did not significantly change? the drone program, because Obama himself simply expanded the definition of a ?militant? to ensure that it includes virtually everyone killed by his drone strikes. Just read this remarkable passage: Mr. Obama embraced a disputed method for counting civilian casualties that did little to box him in. It in effect counts all military-age males in a strike zone as combatants, according to several administration officials, unless there is explicit intelligence posthumously proving them innocent. Counterterrorism officials insist this approach is one of simple logic: people in an area of known terrorist activity, or found with a top Qaeda operative, are probably up to no good. ?Al Qaeda is an insular, paranoid organization ? innocent neighbors don?t hitchhike rides in the back of trucks headed for the border with guns and bombs,? said one official, who requested anonymity to speak about what is still a classified program. This counting method may partly explain the official claims of extraordinarily low collateral deaths. In a speech last year Mr. Brennan, Mr. Obama?s trusted adviser, said that not a single noncombatant had been killed in a year of strikes. And in a recent interview, a senior administration official said that the number of civilians killed in drone strikes in Pakistan under Mr. Obama was in the ?single digits? ? and that independent counts of scores or hundreds of civilian deaths unwittingly draw on false propaganda claims by militants. But in interviews, three former senior intelligence officials expressed disbelief that the number could be so low. The C.I.A. accounting has so troubled some administration officials outside the agency that they have brought their concerns to the White House. One called it ?guilt by association? that has led to ?deceptive? estimates of civilian casualties. ?It bothers me when they say there were seven guys, so they must all be militants,? the official said. ?They count the corpses and they?re not really sure who they are.? For the moment, leave the ethical issues to the side that arise from viewing ?all military-age males in a strike zone as combatants?; that?s nothing less than sociopathic, a term I use advisedly, but I discuss that in the separate, longer piece I?ve written. For now, consider what this means for American media outlets. Any of them which use the term ?militants? to describe those killed by U.S. strikes are knowingly disseminating a false and misleading term of propaganda. By ?militant,? the Obama administration literally means nothing more than: any military-age male whom we kill, even when we know nothing else about them. They have no idea whether the person killed is really a militant: if they?re male and of a certain age they just call them one in order to whitewash their behavior and propagandize the citizenry (unless conclusive evidence somehow later emerges proving their innocence). What kind of self-respecting media outlet would be party to this practice? Here?s the New York Times documenting that this is what the term ?militant? means when used by government officials. Any media outlet that continues using it while knowing this is explicitly choosing to be an instrument for state propaganda ? not that that?s anything new, but this makes this clearer than it?s ever been. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 11:09:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 12:09:23 -0400 Subject: [Infowarrior] - The Cyberwar Hoax Message-ID: <04D6499C-C407-45D7-B96C-29F5BDDC8051@infowarrior.org> The Cyberwar Hoax Franz-Stefan Gady Foreign Policy, Military Analyst and World Affairs Commentator Posted: 05/29/2012 10:53 am http://www.huffingtonpost.com/franzstefan-gady/the-cyberwar-hoax_b_1549927.html "Cyberwar is coming!"announced two RAND Corporations analysts in 1993, yet to date, there is a wide controversy surrounding the existence of cyberwar. Opinions among policy makers, IT experts and the military differ widely with some referring to the threat as a looming "Cyber Pearl Harbor," while others simply state that "cyberwar will not take place." The United States military views cyberspace as crucial to military operations as air, land, sea, and space. This current ambiguity is impending policy development and leads to confusion among governments about the true cyber threat. As a report by the EastWest Institute on "Rendering the Geneva and Hague Conventions for Cyberspace" states, "It is possible that the binary peace versus war paradigm is too simple for the complexities of the Internet Age." The report recommends the development of "a third, 'other than-war' mode" to clarify how to use existing policy instruments and more importantly, the applicability of international law. Scattering the metaphor of war regarding cyberspace dilutes and extenuates the true nature of warfare. As an inscription in the Swedish Army Museum in Stockholm reads, "This is -- after all -- what this museum is about: killing and maiming, or at least threatening to do so." Among the many definitions of war, cyberwar often (not always) fails to meet two of the most basic aspects of how we understand war; war must be lethal and political. To gain clarity in this discussion, I propose a system of categorizing cyber attacks based on two simple criteria: impact and intent. Any act in cyberspace can be assessed through the prisms of this II Model. Assessing various high profile actions in cyberspace such as the infamous Stuxnet attacks, it becomes fairly clear that the war metaphor fails to apply to these occurrences. While the intent of Stuxnet may have had a political component (e.g., forcing the Iranian regime to return to the negotiation table), the lethal component was missing. Even if lives were lost in these attacks, the principle aim was sabotage, an "accepted" act in the international arena and a form of political warfare, not war and death in itself. If the II Model is applied rigorously, it becomes clear that most cyber attacks in the political sphere (the core criteria for any discussion of organized violence towards a clear political objective) should be categorized as sabotage, espionage, and subversion -- all actions short of war and generally not constituting a "casus belli" in international law. As such, cyberwar, is merely an extension of already existing forms of political warfare -- a metaphor that may have led to the nascent "cyberwar" metaphor. Political warfare's ultimate goal, however, is to alter an opponent's actions without using military power. Many pundits argue that cyberwar is different because of the strategic impact and the immense power an individual can yield with just a few keystrokes. Above all, they lament the omnipresent power of cyber weaponry to strike anywhere and at any time; however, this is historically nothing new. During the Seven Years War, the Austrian Army introduced irregular forces, the famous "Grenzer" (borderers), recruited from the Austrian provinces adjacent to the Ottoman Empire, where for centuries the Ottomans and Croatians fought small skirmishes, raided each other's lands and destroyed crops while the Austrian Empire was officially at peace with the Ottomans. When Austria introduced this concept into the rigid understanding of Western European Warfare, the outcry by orthodox commanders, such as Frederick II, was immense and led to confusion: Was this warfare or was it not? The Grenzers unintentionally had a strategic impact on the war since the Prussians simply lacked a military doctrine on how to deal with these acts of sabotage and plundering. The Grenzers principle aim was not lethal but like some cyber attacks today, could have indirect lethal consequences (e.g., a starving population). Also, like today's cyber attacks, once unleashed, the Grenzers were hard to contain. Last, the aims of the Grenzers were not political but only to plunder. Again we are confronted with the dilemma of failing to properly categorize actions in cyberspace because of our own rigid understanding of war. It is finally time to jettison the concept of war in the context of cyberspace, and the II Model may be a good starting point. When the model is applied, cyberwar fails to meet the most basic criteria of war, but then again, metaphors have their own life. Lest we end up with Bertold Brecht's old, mocking phrase, "imagine there is a (cyber)war, but nobody shows up for it!" we must establish new criteria now. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 11:13:01 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 12:13:01 -0400 Subject: [Infowarrior] - What Fearmongers Get Wrong About Cyberwarfare Message-ID: <1055587E-87DE-4B06-A6F5-F6F22CAF8B8A@infowarrior.org> (c/o ferg) What Fearmongers Get Wrong About Cyberwarfare Cyberweapons aren?t easy or cheap to procure?and they could even promote peace. ? By ? Evgeny Morozov, ? New America Foundation May 29, 2012 | http://www.newamerica.net/publications/articles/2012/what_fearmongers_get_wrong_about_cyberwarfare_67970 Should we worry about cyberwarfare? Judging by excessively dramatic headlines in the media, very much so. Cyberwarfare, the argument goes, might make wars easier to start and thus more likely. Why so? First, cyberwarfare is asymmetric; being cheap and destructive, it may nudge weaker states to conflicts with stronger states?the kinds of conflicts that would have been avoided in the past. Second, since cyberattacks are notoriously difficult to trace, actors may not fear swift retaliation and behave more aggressively than usual. Third, as it's hard to defend against cyberattacks, most rational states would prefer to attack first. Finally, since cyberweapons are surrounded by secrecy and uncertainty, arms control agreements are hard to implement. More cyberwarfare, in other words, means more wars. Not so fast, cautions a new and extremely provocative article by Princeton doctoral candidate Adam Liff in the Journal of Strategic Studies. According to Liff, to assume that cyberwarfare has an inherent logic?a teleology?that would always result in more conflict is short-sighted. Furthermore, it fails to consider the subtleties of both military strategy and power relations. Instead of basing our cyber policy on outlandish scenarios from second-rate films, we have to remember that those who would deploy cyberweapons have real agendas and real interests?and would have to pay real costs if something goes awry. Given today's geopolitical situation, Liff sees no reason for the doom-and-gloom fearmongering of leading ambassadors of the cyber-industrial complex, most notoriously Richard Clarke and his best-selling 2010 book Cyberwar. Liff even spells out several scenarios where cyberwarfare would actually decrease armed conflict. That's right: The advent of cyberweapons may eventually promote world peace. Hippies of the world unite?and learn how to mount cyberattacks! Cyberwarfare may seem asymmetrical, but it's a myth that advanced cyberweapons are cheap and easily available. Developing them requires a lot of resources, time, and operational secrecy. Weak actors are not really capable of mounting protracted attacks that could cripple the infrastructure of well-defended systems. But even if they were, they would probably choose not to engage in cyberwarfare. Offensive cyberattacks by weaker states make sense only if they can back up their digital might with conventional weapons. Otherwise, they might get wiped out by the conventional military response of the stronger state. This explains why Somalia or Tajikistan is not likely to wage cyberwarfare against the United States anytime soon; whatever damage they might cause through cyberattacks would be quickly responded to with conventional weapons. Nor would states engaged in cyberwarfare necessarily know about the actual consequences of their own cyberattacks. Even advanced actors like the United States may have no idea about the probability of success of such attacks. The risk of self-inflicted damage is high, and cyberattacks might inadvertently push some otherwise lucrative assets (like an enemy's banking infrastructure) off the table. Such uncertainty may be the best deterrent of all. As Liff points out, it's facile to think that rational actors would prefer to exploit one another?s cyber-vulnerabilities and engage in a costly cyberwar if they can find other, cheaper ways of settling their conflict. Here the availability of cyberweapons, whatever their actual destructive potential, might actually allow weaker states to get better bargains from their stronger adversaries, perhaps even avoiding conflict. Likewise, we shouldn't forget that wars are primarily about coercion?and it's hard to coerce other actors without claiming responsibility for the damage caused to their property. Yes, cyberattacks may be hard to trace?but any government that uses them in expectation of getting other governments to act in accordance with its wishes would want to claim such attacks as its own. (The reason why Russia didn't claim responsibility for the cyberattacks in Estonia in 2007 and Georgia in 2008 is because those attacks were mostly inconsequential; an act of mere hacktivism in the former case and a sideshow to the kinetic war on the ground in the latter.) Terrorists may be more keen on anonymity, but the reality is that in the decade since 9/11, no terrorist group has had much success causing serious disruption of the civilian or military infrastructure. For a group like al-Qaida, the costs of getting it right are too high, particularly because it's not guaranteed that such a cyber-terror campaign would be as spectacular as detonating a bomb in a busy public square. In addition to countering the recent moral panic about the threat of cyberwarfare, Liff tells a broader story about the dangers of assuming that technologies (including weapons) have essential and inalienable properties that would have the same coherent?and yet revolutionary?effect wherever they were used. Liff doesn't believe cyberwafare to be revolutionary?and he adroitly argues that the net effect of cyberwarfare on the likelihood of conflict depends on the nature of the actors involved, their relative bargaining strength, and how much credible information they have about each other. Notes Liff, In most cases [cyberwarfare] is unlikely to significantly increase the expected utility of war between actors that would otherwise not fight. Furthermore, a cyberwarfare capability may paradoxically be most useful as a deterrent against conventionally superior adversaries in certain circumstances, thus reducing the likelihood of war. Liff points out that earlier generations of military analysts were as quick to proclaim that strategic bombing and the atomic bomb were ?absolute weapons? that were bound to revolutionize military strategy. It's undeniable that both air power and the atomic bomb have had a profound effect on the nature of military conflict; however, their inherent logic (e.g. the idea that aerial warfare admits no defense, only offense) has been greatly mitigated by the political, social, and economic constraints and considerations of the actors that possess them. Air power has not always neatly translated into political power. The useful lesson here is that teleological accounts of technological change rarely offer sharp analytical insights. All too often they result in confused thinking and poor policy. Yet such teleological thinking about technology still rules the day. Just as it's fashionable to think that cyberwarfare is inherently bad for international security and world peace, it's equally fashionable to think that social media are inherently bad for dictators or that online filters are inherently bad for serendipity and public debate. The real world, of course, is never that pliable and neat. It eschews such half-baked teleological theorizing and makes technologies take on the roles and functions that no one expects them to take. Whatever inherent logic cyberweapons, social media, or online filters might possess, such logic inevitably mutates once these tools find their way into whatever political, social, or cultural regime guides their use in practice. This is how cyberweapons end up promoting peace, social media end up strengthening totalitarianism, and online filters end up improving information discovery. We may not always be able to predict such effects in advance, but the longer we stick to teleological explanations, the lower are the odds we will ever develop better frames for technological analysis and decision-making. Copyright 2012, Slate --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 11:38:09 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 12:38:09 -0400 Subject: [Infowarrior] - CEO: SOPA/CISPA needed because someone parodied me Message-ID: Why does that famous Ace Ventura quote come to mind: "Lewww-----Seehhhaaaaar!" CEO Says SOPA & CISPA Are Needed Because A Disgruntled Customer Once Set Up A Parody Site To Mock Him from the seriously? dept The Washington Post is running a rather bizarre op-ed piece from a guy who runs an "internet marketing"/SEO business in which he argues that we need SOPA and CISPA because someone once set up a parody page mocking his business -- something that this guy, Kenneth Wisnefski claims is "an attack": .... < snip > http://www.techdirt.com/articles/20120529/10472819115/ceo-says-sopa-cispa-are-needed-because-disgruntled-customer-once-set-up-parody-site-to-mock-him.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 11:39:34 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 12:39:34 -0400 Subject: [Infowarrior] - Microsoft forbids class actions in new Windows licence Message-ID: Microsoft forbids class actions in new Windows licence By Gavin Clarke ? Get more from this author Posted in Business, 29th May 2012 18:01 GMT http://www.theregister.co.uk/2012/05/29/no_microsoft_class_actions/ Microsoft will make it harder for customers to club together with lawyers to file lawsuits against its products. The company is rolling out new End User License Agreements (EULAs) that forbid punters from joining class-action proceedings. Assistant general counsel Tim Fielden announced the tweak here and said the changes will come into effect as Microsoft releases major hardware or software updates. The first big product to include the altered licence will be Windows 8: a release candidate is expected in June before it ships for PCs and tablets in late summer or the autumn. Under the new licence, US consumers upset with Microsoft's products must pursue the company through a small-claims court or to arbitration. Where an arbitrator suggests damages greater than any settlement proposed by Microsoft, the company will pay whichever is largest: the higher damages or $1,000 for ?most products and services?. Microsoft will also pay double the claimant?s fees. Microsoft has already updated the Xbox Live EULA to rule out class-action suits. Fielden said of the new policy: ?This means customer complaints will be resolved promptly, and in those cases where the arbitrator agrees with the customer?s position, the customer will receive generous compensation, and receive it quickly.? The change was shuffled out the door on the Friday before the long Memorial Day holiday weekend in the US. Microsoft is capitalising on a 2011 US Supreme Court ruling that upheld a company's right to include a clause in a contract that prohibits customers from suing as part of a class action. The case had been brought against AT&T. Class-action suits in US law are supposed to help individuals stand up to large companies, spreading the risk and costs of an action. Specialist attorneys are brought in to fight such cases. When individuals each bring the same action against a firm, attorneys will lobby the presiding judge to grant the case class-action status. Microsoft has been on the sharp end of a number of such suits. Recent examples include the debacle over Microsoft allegedly misleading buyers by authorising PC makers to label computers as Vista ?capable? when they could only run basic editions of the operating system. Redmond has also been accused of misleading consumers by calling Windows Genuine Advantage (WGA) a critical security update when plaintiffs called it spyware. ? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 14:56:23 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 15:56:23 -0400 Subject: [Infowarrior] - NZ Judge Won't Rubberstamp Kim Dotcom Extradition; Orders US To Share Evidence Message-ID: <7F71B016-8A4B-433B-986F-18FBC5CD645B@infowarrior.org> New Zealand Judge Won't Rubberstamp Kim Dotcom Extradition; Orders US To Share Evidence from the not-so-easy dept Once again, it appears that the US prosecution of Kim Dotcom and the other Megaupload folks suggests that US federal prosecutors have been acting like they have a slam dunk case, whereas every time anyone digs into the details, all of the important infrastructure is missing. The latest is that the US seemed to assume that as long as they kept going on and on about the "mega conspiracy" and the "money laundering" involved (even if that "laundering" appeared to be normal payments to service providers), that New Zealand would rubber stamp the extradition request without reviewing any of the evidence. No such luck. < - > http://www.techdirt.com/articles/20120529/18175419119/new-zealand-judge-wont-rubberstamp-kim-dotcom-extradition-orders-us-to-share-evidence.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 15:49:07 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 16:49:07 -0400 Subject: [Infowarrior] - Apple's Crystal Prison and the Future of Open Platforms Message-ID: Apple's Crystal Prison and the Future of Open Platforms Two weeks ago, Steve Wozniak made a public call for Apple to open its platforms for those who wish to tinker, tweak and innovate with their internals. EFF supports Wozniak's position: while Apple's products have many virtues, they are marred by an ugly set of restrictions on what users and programmers can do with them. This is most especially true of iOS, though other Apple products sometimes suffer in the same way. In this article we will delve into the kinds of restrictions that Apple, phone companies, and Microsoft have been imposing on mobile computers; the excuses these companies make when they impose these restrictions; the dangers this is creating for open innovation; why Apple in particular should lead the way in fixing this mess. We also propose a bill of rights that need to be secured for people who are purchasing smartphones and other pocket computers. Apple's recent products, especially their mobile iOS devices, are like beautiful crystal prisons, with a wide range of restrictions imposed by the OS, the hardware, and Apple's contracts with carriers as well as contracts with developers. Only users who can hack or "jailbreak" their devices can escape these limitations. < - > https://www.eff.org/deeplinks/2012/05/apples-crystal-prison-and-future-open-platforms#gatekeeper-update --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 21:05:52 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 22:05:52 -0400 Subject: [Infowarrior] - With Plan X, Pentagon seeks to spread U.S. military might to cyberspace Message-ID: With Plan X, Pentagon seeks to spread U.S. military might to cyberspace By Ellen Nakashima, Updated: Wednesday, May 30, 2:00 PM http://www.washingtonpost.com/world/national-security/with-plan-x-pentagon-seeks-to-spread-us-military-might-to-cyberspace/2012/05/30/gJQAEca71U_print.html The Pentagon is turning to the private sector, universities and even computer game companies as part of an ambitious effort to develop technologies to improve its cyberwarfare capabilities, launch effective attacks and withstand the likely retaliation. The previously unreported effort, which its authors have dubbed Plan X, marks a new phase in the nation?s fledgling military operations in cyberspace, which have focused more on protecting the Defense Department?s own computer systems than on disrupting or destroying those of enemies. Plan X is a project of the Defense Advanced Research Projects Agency, a Pentagon agency that focuses on experimental efforts and has a key role in harnessing computing power to help the military wage war more effectively. ?If they can do it, it?s a really big deal,? said Herbert S. Lin, a cybersecurity expert with the National Research Council of the National Academies. ?If they achieve it, they?re talking about being able to dominate the digital battlefield just like they do the traditional battlefield.? Cyberwarfare conjures images of smoking servers, downed electrical systems and exploding industrial plants, but military officials say cyberweapons are unlikely to be used on their own. Instead, they would support conventional attacks, by blinding an enemy to an impending airstrike, for example, or disabling a foe?s communications system during battle. The five-year, $110 million research program will begin seeking proposals this summer. Among the goals will be the creation of an advanced map that details the entirety of cyberspace ? a global domain that includestens of billions of computers and other devices ? and updates itself continuously. Such a map would help commanders identify targets and disable them using computer code delivered through the Internet or other means. Another goal is the creation of a new, robust operating system capable of launching attacks and surviving counterattacks. Officials say this would be the cyberspace equivalent of an armored tank; they compare existing computer operating systems to sport-utility vehicles ? well suited to peaceful highways but too vulnerable to work on battlefields. The architects of Plan X also hope to develop systems that could give commanders the ability to carry out speed-of-light attacks and counterattacks using preplanned scenarios that do not involve human operators manually typing in code ? a process considered much too slow. Officials compare this to flying an airplane on autopilot along predetermined routes. It makes sense ?to take this on right now,? said Richard M. George, a former National Security Agency cyberdefense official. ?Other countries are preparing for a cyberwar. If we?re not pushing the envelope in cyber, somebody else will.? A digital battlefield The shift in focus is significant, said officials from the Pentagon agency, known by the acronym DARPA. Cyber-operations are rooted in the shadowy world of intelligence gathering and electronic spying organizations such as the NSA. Unlike espionage, military cyberattacks would be aimed at achieving a physical effect ? disrupting or shutting down a computer, for example ? and probably would be carried out by U.S. Cyber Command, the organization that was launched in 2010 next to the NSA at Fort Meade. ?Because the origins of cyberattack have been in the intelligence community, there?s a tendency to believe that simply doing more of what they?re doing will get us what we need,? said Kaigham J. Gabriel, acting director of DARPA. ?That?s not the way we see it. There?s a different speed, scale and range of capabilities that you need. No matter how much red you buy, it?s not orange.? Plan X is part of a larger DARPA effort begun several years ago to create breakthrough offensive and defensive cyber capabilities. With a cyber budget of $1.54 billion from 2013 to 2017, the agency will focus increasingly on cyber-offense to meet military needs, officials say. DARPA?s research is designed to foster long-shot successes. In addition to helping create the Internet, the agency?s work gave rise to stealth jet technology and portable global-positioning devices. ?Even if 90 percent of their ideas don?t pan out,? said Martin Libicki, a cyberwar expert at Rand Corp., ?the 10 percent that are worthwhile more than pay back the difference.? A digital battlefield map, as DARPA envisions it, would plot nodes on the Internet, drawing from a variety of sources and changing as cyberspace changes. ?In a split microsecond you could have a completely different flow of information and set of nodes,? Gabriel said. ?The challenge and the opportunity is to create a capability where you?re always getting a rapid, high-order look of what the Internet looks like ? of what the cyberspace looks like at any one point in time.? The ideal map would show network connections, analyze how much capacity a particular route has for carrying a cyberweapon and suggest alternative routes according to traffic flows, among other things. The goal would be a visual representation of cyberspace that could help commanders make decisions on what to attack and how, while also seeing any attacks coming from an enemy. Achieving this will require an enormous amount of upfront intelligence work, experts say. Michael V. Hayden, a former NSA director and a former CIA director, said he can imagine a map with red dots representing enemy computers and blue dots representing American ones. When the enemy upgrades his operating system, the red dots would blink yellow, meaning the target is out of reach until cyber operators can determine what the new operating system is. ?I can picture that,? Hayden said. ?But this really is bigger than all outdoors.? Complicated controls Plan X also envisions the development of technology that enables a commander to plan, launch and control cyberattacks. A commander wanting to hit a computer that controls a target ? a strategically important drawbridge in enemy territory, for example ? should be able to predict and quantify battle damage while considering the timing or other constraints on a possible attack, said Dan Roelker, Plan X program manager. Cyberwar experts worry about unintended consequences of attacks that might damage the flow of electricity to civilian homes or hospitals. A targeting system also should allow operators to stop a strike or reroute it before it damages systems that are not targeted ? a fail-safe mechanism that experts say would be very difficult to engineer. DARPA will not prescribe what should be represented on the digital map. Some experts say they would expect to see power and transportation systems that support military objectives. Daniel Kuehl, an information warfare professor at National Defense University?s iCollege, said the Air Force built its history around attacks on infrastructure ? in Korea, Vietnam, Serbia and Iraq. ?In all of those conflicts,? he said, ?we went after the other side?s electricity with bombs.? Today, he said, cyberweapons could be more humane than pulverizing power grids with bombs. If a cyberwarrior can disrupt a computer system controlling an enemy?s electric power, the system theoretically can also be turned back on, minimizing impact on civilians. But retired Gen. James E. Cartwright, who as vice chairman of the Joint Chiefs of Staff until August had pushed to develop military cyber-offensive capabilities, said the military is focused less on power grids than on ?tanks and planes and ships and anything that carries a weapon.? ?The goal is not the single beautiful target that ends the war in one shot. That doesn?t exist,? said Cartwright, who is now with the Center for Strategic and International Studies. ?The military needs more of a brute-force approach that allows it to get at a thousand targets as quickly as possible. ? ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed May 30 22:22:50 2012 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 May 2012 23:22:50 -0400 Subject: [Infowarrior] - WH Announces Virus/Botnet Program Message-ID: White House Unveils Initiative to Fight Computer Viruses By Eric Engleman - May 30, 2012 http://www.bloomberg.com/news/print/2012-05-30/white-house-to-unveil-initiative-to-fight-computer-viruse.html Internet-service providers and financial-services companies would share data about networks of infected computers known as botnets under a pilot program announced today by the Obama administration. The White House also unveiled a voluntary set of principles developed by an industry group to prevent and detect botnets and a consumer-education campaign about the computer viruses. Botnets are networks of infected computers that can be used for malicious purposes, such as stealing information, generating spam or flooding corporate or government systems with unwanted traffic that can cripple websites. To build a botnet, hackers send out programs, often disguised as links or hidden in e-mail attachments, that infect a computer when opened. ?The issue of botnets is larger than any one industry or country,? Howard Schmidt, the White House cybersecurity coordinator, said in an e-mailed statement. ?This is why partnership is so important.? More than 5 million systems worldwide were infected with botnets between January and March of 2012, Michael DeCesare, co- president of McAfee Inc., a security software unit of Intel Corp. (INTC), said at a White House event on botnets today led by Schmidt. Voluntary Principles Schmidt, who is preparing to step down from his post, was joined at the event by Homeland Security Secretary Janet Napolitano and Federal Communications Commission Chairman Julius Genachowski. The Homeland Security and Commerce departments in September sought comments on a voluntary industry program, saying that botnets have emerged as an increasing threat during the past several years. The voluntary principles announced today include coordinating across sectors and confronting the problem globally. They were developed by the Industry Botnet Group, comprising trade groups including the Business Software Alliance and TechAmerica. A financial-services Information Sharing and Analysis Center established in 1999 is developing the botnet pilot and will announce details in the next month, Bill Nelson, the center?s president, said in an interview. He declined to name pilot participants. The center, which works with the U.S. Treasury and Homeland Security, has more than 4,000 members, including top banks and credit-card companies, he said. Cybersecurity Legislation President Barack Obama?s administration opposed a bill passed by the U.S. House of Representatives last month that encourages the government and companies to voluntarily share information on cyber threats, saying the measure doesn?t do enough to protect the nation?s critical systems and would erode privacy safeguards for consumer information. The push for cybersecurity legislation has intensified following attacks last year on companies including New York- based Citigroup Inc. (C), the third-largest U.S. bank by assets, and Bethesda, Maryland-based Lockheed Martin Corp. (LMT), the world?s largest defense company. The White House supports a bill sponsored by Senator Joe Lieberman, a Connecticut independent, that would put the Department of Homeland Security in charge of regulating cybersecurity of the nation?s vital systems such as power grids and transportation networks. Napolitano at the White House event today said she?s hopeful the Lieberman bill will move to the Senate floor in the next month or so. The House bill is H.R. 3523. The Lieberman bill is S. 2105. To contact the reporter on this story: Eric Engleman in Washington at eengleman1 at bloomberg.net. To contact the editor responsible for this story: Bernie Kohn at bkohn2 at bloomberg.net. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 06:15:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 07:15:36 -0400 Subject: [Infowarrior] - Schneier: The Vulnerabilities Market and the Future of Security Message-ID: 5/30/2012 @ 12:43PM The Vulnerabilities Market and the Future of Security Bruce Schneier, Contributor http://www.forbes.com/sites/bruceschneier/2012/05/30/the-vulnerabilities-market-and-the-future-of-security/ Recently, there have been several articles about the new market in zero-day exploits: new and unpatched computer vulnerabilities. It?s not just software companies, who sometimes pay bounties to researchers who alert them of security vulnerabilities so they can fix them. And it?s not only criminal organizations, who pay for vulnerabilities they can exploit. Now there are governments, and companies who sell to governments, who buy vulnerabilities with the intent of keeping them secret so they can exploit them. This market is larger than most people realize, and it?s becoming even larger. Forbes recently published a price list for zero-day exploits, along with the story of a hacker who received $250K from ?a U.S. government contractor? (At first I didn?t believe the story or the price list, but I have been convinced that they both are true.) Forbes published a profile of a company called Vupen, whose business is selling zero-day exploits. Other companies doing this range from startups like Netragard and Endgame to large defense contractors like Northrop Grumman, General Dynamics, and Raytheon. This is very different than in 2007, when researcher Charlie Miller wrote about his attempts to sell zero-day exploits; and a 2010 survey implied that there wasn?t much money in selling zero days. The market has matured substantially in the past few years. This new market perturbs the economics of finding security vulnerabilities. And it does so to the detriment of us all. I?ve long argued that the process of finding vulnerabilities in software system increases overall security. This is because the economics of vulnerability hunting favored disclosure. As long as the principal gain from finding a vulnerability was notoriety, publicly disclosing vulnerabilities was the only obvious path. In fact, it took years for our industry to move from a norm of full-disclosure ? announcing the vulnerability publicly and damn the consequences ? to something called ?responsible disclosure?: giving the software vendor a head start in fixing the vulnerability. Changing economics is what made the change stick: instead of just hacker notoriety, a successful vulnerability finder could land some lucrative consulting gigs, and being a responsible security researcher helped. But regardless of the motivations, a disclosed vulnerability is one that ? at least in most cases ? is patched. And a patched vulnerability makes us all more secure. This is why the new market for vulnerabilities is so dangerous; it results in vulnerabilities remaining secret and unpatched. That it?s even more lucrative than the public vulnerabilities market means that more hackers will choose this path. And unlike the previous reward of notoriety and consulting gigs, it gives software programmers within a company the incentive to deliberately create vulnerabilities in the products they?re working on ? and then secretly sell them to some government agency. No commercial vendors perform the level of code review that would be necessary to detect, and prove mal-intent for, this kind of sabotage. Even more importantly, the new market for security vulnerabilities results in a variety of government agencies around the world that have a strong interest in those vulnerabilities remaining unpatched. These range from law-enforcement agencies (like the FBI and the German police who are trying to build targeted Internet surveillance tools, to intelligence agencies like the NSA who are trying to build mass Internet surveillance tools, to military organizations who are trying to build cyber-weapons. All of these agencies have long had to wrestle with the choice of whether to use newly discovered vulnerabilities to protect or to attack. Inside the NSA, this was traditionally known as the ?equities issue,? and the debate was between the COMSEC (communications security) side of the NSA and the SIGINT (signals intelligence) side. If they found a flaw in a popular cryptographic algorithm, they could either use that knowledge to fix the algorithm and make everyone?s communications more secure, or they could exploit the flaw to eavesdrop on others ? while at the same time allowing even the people they wanted to protect to remain vulnerable. This debate raged through the decades inside the NSA. From what I?ve heard, by 2000, the COMSEC side had largely won, but things flipped completely around after 9/11. The whole point of disclosing security vulnerabilities is to put pressure on vendors to release more secure software. It?s not just that they patch the vulnerabilities that are made public ? the fear of bad press makes them implement more secure software development processes. It?s another economic process; the cost of designing software securely in the first place is less than the cost of the bad press after a vulnerability is announced plus the cost of writing and deploying the patch. I?d be the first to admit that this isn?t perfect ? there?s a lot of very poorly written software still out there ? but it?s the best incentive we have. We?ve always expected the NSA, and those like them, to keep the vulnerabilities they discover secret. We have been counting on the public community to find and publicize vulnerabilities, forcing vendors to fix them. With the rise of these new pressures to keep zero-day exploits secret, and to sell them for exploitation, there will be even less incentive on software vendors to ensure the security of their products. As the incentive for hackers to keep their vulnerabilities secret grows, the incentive for vendors to build secure software shrinks. As a recent EFF essay put it, this is ?security for the 1%.? And it makes the rest of us less safe. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 06:20:36 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 07:20:36 -0400 Subject: [Infowarrior] - Congress to look at future of Internet control Message-ID: <632A01A8-A24E-455F-A218-8180D8D34115@infowarrior.org> Congress to look at future of Internet control By Jasmin Melvin WASHINGTON | Wed May 30, 2012 4:19pm EDT http://www.reuters.com/article/2012/05/30/net-us-internet-governance-congress-idUSBRE84T1EC20120530 (Reuters) - U.S. lawmakers will delve on Thursday into an international debate on whether to hand more control of the Internet to the United Nations, a move many fear would turn it into a political bargaining chip for censorship and global taxes on Web companies. U.S. government officials are gearing up for a December meeting in Dubai where delegations from 193 countries will discuss whether the UN should have more say over how the Internet is organized and controlled. Critics say that, under such a regime, each nation regardless of size has one vote, which could give China, Russia, Iran, Saudi Arabia and other countries greater ability to isolate their populations and silence political dissidents. "What proponents of Internet freedom do or don't do between now and then will determine the fate of the Net, affect global economic growth and determine whether political liberty can proliferate," Robert McDowell, a Republican commissioner on the Federal Communications Commission, said in testimony prepared for Thursday's hearing. A House Energy and Commerce subcommittee is holding the hearing in what will be one of the highest-profile airings so far in the United States on the coming debate at the World Conference on International Telecommunications (WCIT) in December. The U.S. government is trying to drum up support, both domestically and internationally, to preserve a decentralized Internet. Obama administration officials held a closed-door meeting a few weeks ago at the White House with representatives from U.S. companies such as Comcast Corp and advocacy groups such as the international nonprofit Internet Society to build solidarity. "This is one of those circumstances where I think it's fair to say there's absolute unanimity. I don't believe you'd find any dissent at all to the view that we would like to keep the Internet free of inter-governmental controls," said a State Department official, who was not authorized to speak on-the-record about the discussions. The Internet is currently policed loosely, with technical bodies such as the Internet Engineering Task Force, the Internet Corporation for Assigned Names and Numbers and the World Wide Web Consortium largely dictating its infrastructure and management. The United States holds significant sway with those bodies. When the delegations gather in Dubai, they will renegotiate a UN treaty last revisited in 1988 and debate whether to consolidate control over the Internet with the UN's International Telecommunications Union (ITU). The ITU is used to set communications standards, such as deciding when technologies can be labeled 4G and approving a standard for a universal telephone charger. For many countries, it seems a natural progression for the ITU, formerly the International Telegraph Union in the 1800s, to morph into the International Internet Union in the 21st century. But for countries such as the United States the move is seen as dangerous. The United States fears that authoritarian regimes will campaign for their initiatives by promising to back proposals from developing countries that would like to see tariffs on content-heavy Internet companies such as Google Inc and Facebook Inc. "The votes of governments would be traded for considerations that have nothing to do with the Internet. That political horse trading is the hallmark of inter-governmental bodies," said Steve DelBianco, executive director of NetChoice, a coalition whose members include AOL Inc, eBay Inc, Facebook, Oracle Corp, VeriSign Inc and Yahoo Inc. DIPLOMACY The House panel said in a memo released on Tuesday that there is bipartisan agreement that the United States should stand firm in opposing any treaty provisions at the WCIT that would give the UN substantial control of the Internet. "Pending international proposals to regulate the Internet could jeopardize not only its vibrancy, but also the economic and social benefits it brings to the world," the memo said. The hearing will include testimony from Ambassador Philip Verveer, the deputy assistant secretary of state who will negotiate with other nations at the WCIT and help represent the United States in Dubai. Vinton Cerf, regarded as one of the fathers of the Internet and now vice president and chief Internet evangelist at Google, and David Gross, the State Department's former ambassador for international telecom policy and now a partner at Wiley Rein, will also testify. Gross, who is appearing on behalf of an industry coalition that includes Google, Microsoft Corp and News Corp, said in his prepared testimony that this is not the first attempt to centralize control over the Internet, pointing to UN talks in 2003 and 2005. He said the United States must take a diplomatic approach that does not unnecessarily attack the UN's telecommunications authority, but instead concentrates on countries seeking to impose government mandates on the Internet through the UN. Gross called for a strong coalition between the United States and like-minded countries. "This has been done before and it must be done again," he added. (Reporting By Jasmin Melvin; additional reporting by Claire Davenport in Brussels; editing by Andre Grenon) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 06:30:16 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 07:30:16 -0400 Subject: [Infowarrior] - Iran releases Flame Removal Tool Message-ID: <79401B59-F707-4DDF-A4DD-B9A42EFDF977@infowarrior.org> Maher center released a Flame removal tool Maher center, the national computer emergence response center for Iran, released a tool and a manual procedure for detecting and removing the Flamer infection. Flame Removal Tool http://www.certcc.ir/index.php?name=news&file=article&sid=1901 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 06:31:51 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 07:31:51 -0400 Subject: [Infowarrior] - Oops! Now You Can Track the Tweets Politicians Tried to Delete Message-ID: The Atlantic Home Thursday, May 31, 2012 http://www.theatlantic.com/technology/archive/2012/05/oops-now-you-can-track-the-tweets-politicians-tried-to-delete/257853/?google_editors_picks=true Oops! Now You Can Track the Tweets Politicians Tried to Delete By Megan Garber May 30 2012, 3:15 PM ET 10 Remember that time John McCain mocked "Vlad" Putin? So does the Internet. Half an hour after posting his message, however, Fincher deleted it -- thus depriving the world not only of an opportunity for comparative textual analysis, but also for conversational interaction with a politician. Post, think better of it, delete. That might have been the end of things. A small insight into a politician (or, at least, into the staffer of a politician) lost to history. Until now, that is. Today, the transparency-minded folks over at the Sunlight Foundation are releasing a new service: Politwoops, which exists solely to resurface deleted tweets from politicians' accounts. The project follows the official Twitter feeds of, among others, President Obama, members of Congress, and presidential candidates; when a pol has a deleted a tweet, Politwoops records the deletion and archives the message. It also records, helpfully, the time of deletion and the amount of time elapsed between posting and deletion. Think Tweleted, only politics-focused and operational. The Politwoops team has been compiling a database of deleted tweets for six months now -- so, though today marks the service's official launch, Politwoops has already recorded over 3,000 deleted tweets for your schadenfreudistic enjoyment. These include: Senator John McCain mocking the tears of Vladimir Putin after the latter's re-election; Newt Gingrich's campaign account tweeting, Dole-like, in the third person; and Representative Jeff Miller tweeting a link to a Facebook poll asking, "Was Obama born in the United States?" The deleted tweets vary from the embarrassing-and-humanizing to the horrifically awkward ... but, either way, they add another layer of accountability to the churning machine of political communications. While we probably did not need another reminder that politicians make mistakes, there's a certain power in seeing the deleted tweets collected into this odd archive of political anti-matter. And there's a power as well, of course, in the pols knowing that archive exists. There's also, most importantly, an informational element to the service. While it is hugely instructive to know that a politician or staffer has deleted a given tweet ... it could be even more instructive to figure out why a given tweet was deleted. The reasons for some deletions -- typos, pocket tweets, hacked accounts -- are obvious. Some, however, are less so. Why did Tom Graves delete his tweet about his date night with his wife? Why did Kathy Hochul delete hers about a day spent at a cancer institute? What revelations lurk behind all these thought-better-of messages? Politwoops could be a gold mine for reporters and for anyone else with an interest in keeping officials accountable. There will always be follow the money; now there's follow the tweet. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 06:38:14 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 07:38:14 -0400 Subject: [Infowarrior] - FDA Decision: HFCS is not "corn sugar" Message-ID: <6EB4E06A-BEF9-42CD-A29D-1DDE69E75AE8@infowarrior.org> Good to hear! -- rick Corn Syrup Makers Denied Use of Term ?Corn Sugar? in Ads By Alex Wayne - May 31, 2012 http://www.bloomberg.com/news/print/2012-05-31/corn-syrup-makers-denied-use-of-term-corn-sugar-in-ads.html Archer Daniels Midland Co. (ADM), Cargill Inc. and other makers of high-fructose corn syrup can?t call their product ?corn sugar? in advertisements, U.S. regulators said. ?Use of the term ?sugar? to describe HFCS, a product that is a syrup, would not accurately identify or describe the basic nature of the food or its characterizing properties,? Michael Landa, director of the Food and Drug Administration?s Center for Food Safety and Applied Nutrition, said in a letter denying the industry?s petition. Regulations permit use of the term ?sugar? only to describe ?solid, dried and crystallized? foods, he said. The Corn Refiners Association, which represents syrup producers, asked the FDA in September 2010 to approve ?corn sugar? as a term for corn syrup. U.S. Sugar Corp. and other sugar processors sued the corn-syrup makers in federal court to stop an ad campaign saying ?your body can?t tell the difference? between granular sugar, or sucrose, and corn syrup. The FDA in its letter yesterday denied the industry?s petition on ?narrow, technical grounds,? Audrae Erickson, the president of the Corn Refiners Association, said in a statement. ?They did not address or question the overwhelming scientific evidence that high fructose corn syrup is a form of sugar and is nutritionally the same as other sugars.? Members of the Corn Refiners Association include Decatur, Illinois-based ADM and closely held Cargill, based in Minneapolis. ?The FDA?s ruling represents a victory for American consumers,? Dan Callister, an attorney for the plaintiffs in the lawsuit against the syrup makers, said in a statement. ?It reaffirms what most consumer advocates, health experts and policy officials have been saying all along: only sugar is sugar.? To contact the reporter on this story: Alex Wayne in Washington at awayne3 at bloomberg.net To contact the editor responsible for this story: Reg Gale at rgale5 at bloomberg.net --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 07:10:05 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 08:10:05 -0400 Subject: [Infowarrior] - Fwd: Dulles airport hologram is first test for U.S. airport References: <4FC75EF7.9040108@inetassoc.com> Message-ID: <43BAAC0E-32B6-48D3-BBE7-F4DF5BF05AD1@infowarrior.org> Begin forwarded message: > From: Duane > > http://washingtonexaminer.com/local/transportation/2012/05/dulles-airport-hologram-first-test-us-airport/670771 > > Dulles airport hologram is first test for U.S. airport > May 30, 2012 -- 6:00 PM > Liz Essley > Examiner Staff Writer > > Washington Dulles International Airport has a new greeter to meet international visitors. > > Her name is Paige. And she isn't real. > > Paige is a life-size, 3-D, surround-sound hologram that welcomes travelers to the airport's international terminal. The first such hologram in a U.S. airport tells travelers how to get through customs, helping people sort out what papers they need and where they need to be in hopes of eliminating the bottlenecks that often develop there, airport officials said. > > Paige can't respond to travelers' questions, but an upgraded version of the hologram now in the works will be more interactive, said representatives from Tensator, the company that made Paige. > > "It is very, very cool," said Dennis Hazell, the associate executive staff coordinator for the airport who arranged Paige's installation. "It is just kind of another level of providing a customer experience. ... This kind of 3-D image really gives it a personal feel. It actually looks like a real person." > > "Virtual assistants" like Paige are already at work in airports in London, Frankfurt, Germany, Edinburgh, Scotland, and Dubai, United Arab Emirates. Paige is the first airport hologram in the United States, though the Port Authority of New York and New Jersey plans to test holograms in LaGuardia, John F. Kennedy International and Newark Liberty International airports in July. The Duane Reade flagship drugstore in New York City has a holographic greeter, as do Walmart stores in the United Kingdom. > > "It's a trend," said Ilona Mohacsi, a spokeswoman for Tensator. "The time has come for this technology. Folks are focused on their smartphones, checking email -- they're doing all these things with their heads down, so it's almost necessary to have this next-gen signage." > > Paige is on a three-month trial at Dulles while airport administrators gauge her usefulness. If she's a success, officials say, they'll start paying for her and may install others. Tensator and airport officials would not provide price estimates for Paige. Mohacsi said each hologram is custom-priced. But each hologram being installed in New York airports will cost $60,000 to rent and $250,000 to buy, according to media reports. > > Hazell envisions holograms helping out at Dulles' security checkpoints or the waiting area for the train that takes travelers to concourses. > > "No one really knows what the future holds, but certainly this is a different type of outreach, because it's something unusual," Hazell said. "Judging by the customers' reactions, I think they would call her fascinating, unusual, kind of cool." > --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 08:26:41 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 09:26:41 -0400 Subject: [Infowarrior] - Cyberthreats turn into megabucks for defense companies Message-ID: <28D7EDDF-DFB2-40E9-ACEC-B7BADB52411B@infowarrior.org> Cyberthreats turn into megabucks for defense companies By: Tony Romm and Jennifer Martinez May 30, 2012 12:42 AM EDT http://dyn.politico.com/printstory.cfm?uuid=19D82B51-3A23-4671-B9BB-D54EC1217354 As Congress boosts spending on cybersecurity and mulls over new data safety requirements on private industry, some companies stand to get rich. Lockheed Martin, Boeing, Northrop Grumman and other defense and tech companies have been lobbying Capitol Hill about the growing cyberthreats to national security and corporate America, but they also make millions of dollars each year selling a variety of cybersecurity programs, tools and solutions to government and business. Some lawmakers say the legislative push has spawned a ?cyber-industrial complex.? ?I believe these bills will encourage the development of an industry that profits from fear and whose currency is Americans? private data,? said Sen. Ron Wyden (D-Ore.), speaking on the Senate floor last week in opposition to pending cybersecurity legislation. ?These bills create a cyber-industrial complex that has an interest in preserving the problem to which it is the solution.? The online threats of the digital age ? stolen state secrets, hacked personal computers and more ? may pose serious, real and novel challenges to the federal government and private sector alike. But the reaction to those threats has been far more old school: Companies in several different industries are aggressively playing the legislative lobbying game as part of their larger market strategy. And it?s paying off in millions of dollars of federal contracts alone. Lockheed Martin earlier this month won a key contract to assist with the Pentagon?s Cyber Crime Center for more than $400 million. In March, Northrop Grumman landed a $189 million cybersecurity contract to strengthen cyberprotections across the Department of Defense and the intelligence community over three years. Meanwhile, Booz Allen Hamilton last year was awarded a cybercontract with the Navy that stands to bring in $189.4 million over five years. In the past few months, Congress has hit the gas pedal on efforts to set down new security rules that could govern critical infrastructure maintained by private industry, like power plants and water systems, as well as federal computer systems. Lawmakers are also weighing the ways in which industry and the federal government can more easily share classified and unclassified information about emerging threats ahead of a crippling attack. It isn?t clear what shape ? if any ? a cybersecurity reform law may take. But the uncertainty is in part driving companies to throw considerable resources at their Washington operations, hoping to shape a final measure in a way that benefits their businesses while avoiding costly mandates and strict new regulations. Utilities are engaging members of Congress on the security requirements that could fall on so-called critical infrastructure, while tech companies like Google, Microsoft, Intel and Amazon are mostly plugged into the debate over information shared about cyberthreats. Even Facebook is an ardent supporter of the Cyber Intelligence Sharing and Protection Act, the controversial House information-sharing bill. They all have a stake and represent different sides in the debate, as potential subjects of any new regulation. But a prominent group lobbying lawmakers is contracting companies and others that work in defense and infrastructure. And some of those players would very likely be called on to work with the federal government and other entities on improving the security of computer systems. Federal lobbying disclosures show a number of companies ? including Raytheon, Lockheed Martin and Boeing ? are devoting some of their big Beltway resources to talking up regulators about cybersecurity funding for the Defense and Homeland Security departments. Those agencies? appropriations bills touch on a number of elements that matter to the companies but they also contain key funds for cyber and IT programs. And each company boasts growing, billion-dollar businesses in the areas of information technology and system security, and services a number of federal clients. Deltek, a government consulting firm, predicted at the end of last year that federal spending on cybercontracts could surge, from roughly $9.2 billion to $14 billion from fiscal years 2011 to 2016. A spokeswoman for Lockheed Martin said the company ?is supportive of overall cybersecurity legislation and has been particularly supportive of CISPA due to the fact that information sharing is critical to improved security for our nation.? The representative declined further comment. Boeing was not available to comment on its work, and Raytheon declined to comment on its lobbying activities. Northrop Grumman also did not comment. There?s a clear business rationale for this sort of power play: Computer attacks on federal systems are on the rise, with attacks on government data in particular up 650 percent over the past five years, a Government Accountability Office report found in 2011. At the same time, federal cybersecurity spending is one of the few budget areas expected to see increases over the next few years. The Obama administration hoped to boost DHS cybersecurity spending by more than $300 million in 2013, bringing it to more than $769 million, and both the House and Senate appropriation committees are in line to deliver an amount close to that mark. The Pentagon, meanwhile, is requesting bumping 2013 funding to $3.4 billion for the U.S. Cyber Command, which coordinates cyberdefenses for the U.S. and its allies. Cybercom funding is forecast to total $18 billion from 2013 to 2017. Those trends have galvanized the market for cybersecurity services, even as the federal government aims to slash IT spending in the coming years. John Slye, Deltek?s senior principal research analyst, said companies are looking ?where there?s opportunity to sustain themselves? ? and that area could be cybersecurity. Others are taking their message directly to lawmakers and their staffs. Symantec, the security software firm, plans to hold a briefing in the coming days on Capitol Hill, where it will tout its new report on an uptick in cybersecurity threats while highlighting the work the company does to block bad code, phishing attacks and more. The company is a critical provider of cybersecurity services to federal and enterprise users and it has testified on the Hill in support of some information-sharing legislation. The company hasn?t weighed in individually on the Senate bills. It is a member of the Information Technology Industry Council, however, which made favorable statements on both of the upper chamber?s measures. Symantec did not respond to requests for comment on this story. Certainly, ?the cyber-industrial complex? didn?t emerge overnight. As tracked in a 2011 report by Jerry Brito and Tate Watkins, both at the Mercatus Center at the George Mason University School of Law, the community has been particularly active over the past two years. That?s especially evident in the case of Booz Allen Hamilton. While it may not devote millions to lobbying, the firm does have Mike McConnell, the former director of national intelligence under President George W. Bush, on its leadership team. Booz Allen Hamilton last year announced it was awarded a contract to support the Space and Naval Warfare Systems Center Pacific with cyberscience, research, engineering and technology integration. The contract has a value of $71.5 million over two years and a potential value of $189.4 million over five years. ?With thousands of experienced cyberprofessionals, Booz Allen Hamilton continues to provide integrated, multidisciplinary solutions to the complex challenge that is cybersecurity,? said Bob Noonan, senior vice president of Booz Allen Hamilton, in the company?s news release. Booz Allen Hamilton did not respond to a request for comment. The possibility of new regulation or funding allocated to federal cybersecurity initiatives could only create more potential profits. New mandates on federal computer systems could translate into a new interest in purchasing contracts on cybersecurity and IT, for example. And any effort to facilitate information sharing could lead to a rush to build the infrastructure that allows for data to be circulated on a secure basis. Some cybersecurity experts say the influence of industry is overstated, given the serious threats to computer systems today. ?You can?t escape the implication of self-interest? of companies that are lobbying both for and against stepped-up cybersecurity rules, said Jim Lewis, a cybersecurity specialist at the Center for Strategic and International Studies. But, he added, ?there is a real threat. How much more evidence do we want?? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu May 31 13:59:13 2012 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 May 2012 14:59:13 -0400 Subject: [Infowarrior] - 'Super-powerful' Flame worm actually boring BLOATWARE Message-ID: <1E91DEFF-D6DD-4B28-A98D-D34929D14D41@infowarrior.org> Original URL: http://www.theregister.co.uk/2012/05/31/flame_hype_analysis/ 'Super-powerful' Flame worm actually boring BLOATWARE More Jabba the Hutt than lean Windows killing machine By John Leyden Posted in Malware, 31st May 2012 15:32 GMT Analysis Flame may be big in size but it's nothing like the supposedly devastating cyberwarfare mega-weapon early reports of the malware suggested. The cyber-espionage toolkit ? reckoned to have been in circulation for at least two years and possibly much longer ? created a fire-storm of publicity after Iranian authorities published a stark warning about the virus on Monday. On the same day, antivirus experts at Kaspersky Labs and Hungarian security researchers at the Laboratory of Cryptography and System Security (CrySyS), who had been independently working on analysing the same malware, published their own preliminary analyses. The Kaspersky experts had been called in by the International Telecommunication Union, which wanted to crack the riddle of a mystery Trojan outbreak that was wiping data off compromised machines in the Middle East. Flame, which comes with a complex variety of libraries and swappable modules, weighs in at a monster (arguably bloated) 20MB. That's about 40 times larger than Stuxnet, a heavyweight itself by malware standards. But size is far less important than how many systems it has infected and what damage it causes. Who's on the hit-list? Estimates from Kaspersky (here [1]) suggest Flame has only infected 1,000 Windows-powered computers almost exclusively across the Middle East in countries including Iran, Israel and Syria, though it has been found as far down as Sudan in north Africa. Compromised targets include governmental organisations, educational institutions and home users. Circumstantial evidence suggests that the data-stealing malware infected systems at Iran's main oil export terminal on Kharg Island in the Persian Gulf last month, prompting a decision to disconnect systems [2] there. Flame may also have infected the computers of high-ranking officials, causing a "massive" data loss, unconfirmed reports suggest. Iranian authorities, who claim to have developed an antidote to Flame [3], are pointing the finger of blame towards Israel, suggesting the encryption scheme used by the worm is characteristic of those built by Israeli malware writers. The encryption link is tenuous at best. Nonetheless the Iranian angle adds intrigue, especially in light of the Kharg Island infection. Yet a sober look at the malware suggests its spread is modest and its actions on compromised systems are standard fare for modern viruses, contrary to reports earlier this week. Game changer? Maybe not Rather than redefining cyberwar and cyberespionage, as Kasperky researchers initially claimed amid Iranian warnings [4] that the malware was "a close relation to the Stuxnet and Duqu targeted attacks", Flame is bloated and overhyped, according to rival security vendors. Flame is a precise attack toolkit rather than a general-purpose cyber-weapon [5], the argument goes. It hasn't spread very far and might well be restricted to systems administrators of Middle East governments. "While it really doesn't do anything we haven't seen before in other malware attacks ? what?s really interesting is that it weaves multiple techniques together and dynamically applies them based on the capabilities of the infected system," Patrik Runald of Websense explains. "Also, Flame has been operating under the radar for at least two years, which counter-intuitively may partially be attributed to its large size." My dad's botnet is bigger than yours By comparison to the 1,000-or-so systems hit by Flame, the Flashback Trojan infected 600,000 Mac OS X computers earlier this year and created the first botnet on Apple machines in the process. The DNSChanger Trojan, linked to click-fraud and scareware scams, compromised four million Windows machines prior to a takedown operation in March. The infamous Conficker worm hit upwards of 9 million systems, forcing the disconnection of systems at Greater Manchester Police for three days while also causing disruption at a hospital and the local council, and even managed to infiltrate the Houses of Parliament. A run of Windows worms ? Sasser, Nimda and Code Red ? caused network congestion and comparable disruption when they appeared in separate incidents between 1999 and 2004. Viruses that spread by email attachments ? such as the Love Bug, SoBig and Anna Kournikova nasties ? brought mail servers and inboxes to their knees. Banking Trojans created using the ZeuS or SpyEye toolkits have resulted in massive losses to banks and small businesses while infecting hundreds of thousands of systems. Flame, on the other hand, has only infected hundreds of PCs. The malware is clearly designed for information-gathering and espionage but, again contrary to early reports, it isn't doing anything much out of the ordinary from a technical perspective. Spy craft The malware infects computers running Microsoft's operating system, and stealthily installs itself before stealing information, logging keystrokes, sniffing network traffic and capturing screenshots. It can also surreptitiously turn on microphones to record audio conversations, and then uploads all of this data to remote command-and-control servers. Flame is built with many interlinked modules and is capable of handling a complex mix of remote instructions. Dozens of pieces of malware or malware frameworks infecting millions of PCs bundle similar capabilities. Slurps info from Bluetooth kit When Bluetooth hardware is available, Flame collects information about discoverable devices near the infected machine. Only the Bluetooth activity in this list is in any way remarkable, says PandaLabs. Another curious and somewhat innovative feature of the malware is its ability to turn its worm-like spreading functionality on and off. "Even though it is a worm, its spreading mechanisms are disabled. It looks like whoever is behind it can activate that feature when needed," explains [6] Luis Corrons, technical director of PandaLabs. The malware also bundles clean-up routines designed to purge it from systems that have been compromised. "There seems to be a module named 'browse32' that's designed to search for all evidence of compromise (eg, malware components, screenshots, stolen data, breadcrumbs, etc) and carefully remove them," Gunter Ollmann, VP of Research at Damballa explains [7]. "While many malware families employ a clean-up capability to hide the initial infection, few include the capability of removing all evidence on the host (beyond trashing the entire computer). This, to my mind, is more reflective of a tool set designed for human interactive control ? ie, for targeted attacks." If Stuxnet was the Ali of malware, then Flame is a Sumo wrestler Several Flame files claim to be Microsoft Windows components, but none are signed with a valid private key ? unlike the signed files used by Duqu and Stuxnet, the previous stars of cyber-espionage. Stuxnet targeted industrial control systems and was designed for sabotage. Duqu, like Flame, was geared towards industrial espionage. However the similarities stop there. Stuxnet and Duqu were built from the same building blocks, whereas Flame used a completely different architecture. A lot was made of the modular design of Flame but this isn't new either. Chris Wysopal (AKA Weld Pond), a former member of Boston-area hacking collective L0pht and who later founded the application security firm VeraCode, noted with some disdain that the Back Orifice 2000 hacker tool included modular functionality when it came out 12 years ago. The creators of the malware remain unknown, but the development effort involved means it must have involved a larger dedicated team. Flame is not designed to steal money from compromised bank accounts or some other profitable scam, which would appear to rule out cybercrooks. It's certainly not the work of hobbyists and unlikely to be the work of hacktivists, who tend to favour extracting data via website compromises and by running denial-of-service attacks. Hacktivists tend to favour much simpler tools rather the Sumo-sized, complex threats like Flame, anyway. The nature and location of targets as well as the complexity of the threat leaves intelligence agencies or military contractors as the most likely creators of the cyberattack tool. Very spooky software Hungarian security researchers at CrySyS reckon that Flame was "developed by a government or nation state with significant budget and effort", the one point on which there's general agreement. The security firm reckons a military sub-contractor was likely to have carried out the work than a intelligence agency. To support this theory, it cites job adverts by Northrop Grumman for a software engineer to work on offensive cyberspace missions. Lots of other defence contractors, including Lockheed Martin and Raytheon, have positions for this type of project, F-Secure adds. By contrast the best theory about the creation of Stuxnet was that it was created by Unit 8200 ? the Israeli Defence Force's Intelligence Corps unit ? possibly with US assistance, and tested against similar centrifuges at Dimona. A show-reel screened during the retirement of Gabi Ashkenazi, former IDF Chief of Staff, cited Stuxnet as an operational success, The Daily Telegraph reports [8]. The Stuxnet code can be read to include references to various significant dates such as the date in 1979 when Habib Elghanian, a Persian Jew, was executed in Tehran. The Stuxnet malware contains a string called MYRTUS, which might correspond to Queen Esther, a figure from the apocryhal Book of Esther who informs the Persian King Xerxes, her husband, of a plot against the Jews, prompting a royal authorisation for reprisals. Esther was born Hadassah, which means Myrtle tree in Hebrew. This is nice fodder for conspiracy theories, but it's much more likely that MYRTUS is a misspelling of "My RTUs" ? a management feature of SCADA industrial control systems. Flame is best described as a cyber-espionage toolkit that establishes a backdoor, and spreads via infected USB devices and local networks ? under the control of its unknown masters. The initial mode of infection likely involved planting the malware in a machine using an infected USB drive, then allowing it to spread within a targeted network, but no further. Cyber-espionage attacks of the type commonly blamed on China tend to involve spoofed emails with booby-trapped documents. Western agents, by contrast, seem to prefer avoiding email as a delivery mechanism, instead relying on infected memory sticks to spread viruses. Components of Flame include units named Bunny, Frog, Munch and BeetleJuice - a different naming scheme [9] stripped of the mythical and political significance that might be attached to naming schemes used in Stuxnet, for example. It's all hyperbollox The spread of Flame has largely been confined to one corner of the globe, but this sort of geographical targeting but this isn't out of the ordinary, according to Rik Ferguson of Trend Micro. "Espionage attacks aimed at specific geographies or industries are nothing new; look at LuckyCat, IXESHE or any of the hundreds of others recently," Ferguson writes [10]. "Modular architecture for malware has been around for many years, with developers offering custom written modules to customer specification for tools such as ZeuS or SpyEye. Carberp is another great example of modular information stealing Trojan. "In fact a recent variant of SpyEye was found to use local hardware such as camera and microphones to record the victim, just like Flamer and just like the DarkComet RAT. "Malicious distribution infrastructures such as the Smoke Malware Loader promise sequential loading of executables and geo-targeting (among many other things). Key-logging is of course nothing new and neither is performing capture of network traffic or exfiltrating stolen information. Complexity of code is also nothing new: have a look at TDL4, consider Conficker?s rapid adoption of MD6 or its domain generation tactics." Ferguson concludes that stripped of the hype, Flame is reduced to a "big (up to 20MB) chunk of code, that?s unique in malware terms certainly, but not impressive in and of itself". Flame's one unique claim to fame, according to Ferguson, is that it uses the Lua programming language, and "that?s unique in malware terms I guess, but not something that elevates the inherent risk". While unknown in the field of virus creation, Lua is widely used elsewhere, most notably by computer game-makers such as Rovio for Angry Birds. How did it slip under the radar? The stealthy spread of Flame for at least two years before it was detected has provoked some soul-searching among segments of the security vendor community. Similarly long lags preceded the detection of Stuxnet and Duqu. Wieland Alge, general manager EMEA at Barracuda Networks, commented: ?The scariest and most shocking aspect is the length of time that Flame has remained undetected. Kaspersky?s own security experts estimate that Flame has been infecting systems and stealing data for several years, possibly as long as five years." Mikko Hypponen, chief research officer F-Secure, said the extended run on Flame and Stuxnet prior to their discovery ought not to have happened and pointed to a failure by security vendors. Hypponen is breaking the party line in even suggesting this, with most vendors spinning that Flame did not spread very far and that was the reason why it escaped detection for so long. "The worst part of Flame? It has been spreading for years," Hypponen writes. "Stuxnet, Duqu and Flame are all examples of cases where we ? the antivirus industry ? have failed. All of these cases were spreading undetected for extended periods of time." Hypponen's colleague Sean Sullivan later qualified these remarks, in a blog [11] on the Flame outbreak, by saying that commercial antivirus products are not really designed to defend against targeted, state-sponsored spyware. "Commercial-based antivirus and security products are designed for and focus on protecting you from prevalent classes of in the wild threats coming from criminals, thugs and digital mobsters (and it's a constant battle)," he said. "It is not designed to protect you from the digital equivalent of Seal Team Six. So if you're the guy that finds himself in the crosshairs... you're not safe." Sullivan goes on to argue that even though the technology used by Flame was hardly innovative, its deployment was sophisticated. "Flame is a 'limited edition' spy tool with a limited scope that was used very carefully. It didn't need to evolve. Clearly there was advanced planning involved, but that doesn't necessarily make it what we would call advanced technology." James Todd, technical lead for Europe at FireEye, issued a blunter criticism against the shortcomings of antivirus software highlighted by the Flame outbreak: "The fact that Flame evaded detection for so long, and by so many different antivirus tools is deplorable, and proves that the speed at which malicious malware is developed is just steamrolling those organisations trying to keep up." Secret's out Security vendors are almost unanimous in saying that Flame poses little or no threat to anyone ? even the targeted system administrators in the Middle East ? now it has been detected. "Flame is no longer a secret and so it will therefore be abandoned... Op sec has been compromised," F-Secure's Sullivan concludes. Ollmann argues that Flame stayed under the radar because it was carefully managed, rather than because of the information security failing of its victims or the technologies they used. He explained: "It would be simple to argue that these regions aren?t known for employing cutting-edge anti-malware defences and aren?t well served with local-language versions of the most capable desktop antivirus suites, but I think the answer is a little simpler than that: the actors behind this threat have successfully managed their targets and victims ? keeping a low profile and not going for the masses or complex setups." Henry Harrison, BAE System?s technical director, said the massive fuss about Flame has deflected attention from the wider cyber-espionage danger. He argued that security firms are talking up the importance of various threats in an attempt to generate publicity for themselves and buzz about the products they sell. "Individual cases such as Flame ? and, a little while back, Shady RAT ? are heavily publicised by the security firms who investigate them, but the sad reality is that this sort of attack is not at all unusual," he said. "Targeted data-stealing attacks are a common phenomenon ? but in most cases they don't get reported. That's either because the companies affected didn't report the attacks, for fear of reputational damage, or ? most of the time ? because the attacks are so successful that the targets don't even realise that their data has been stolen. What is newsworthy here is not so much the attack, but the very fact that it has been reported." It's like analysing the blueprints for a whole city Meanwhile, back at the coal-face, antivirus analysts are attempting to figure out the internals of Flame, a process likely to take months if not years. "Full understanding of Flamer requires analysing approximately 60 embedded Lua scripts, reverse-engineer each or the sub-components, then piece it back together," Symantec explains [12]. "As an analogy, reverse-engineering Flame as opposed to standard malware is like re-creating an architectural drawing, not just for a single house, but for an entire city. "The threat is a well designed platform including, among other things, a web server, a database server, and secure shell communications. It includes a scripting interpreter which allows the attackers to easily deploy updated functionality through various scripts. These scripts are split up into 'apps' and the attackers even appear to have something equivalent to an 'app store' from where they can retrieve new apps containing malicious functionality." ? Links ? http://www.securelist.com/en/blog?weblogid=208193522 ? http://www.theregister.co.uk/2012/04/25/iran_oil_industry_malware/ ? http://www.certcc.ir/index.php?name=news&file=article&sid=1901 ? http://www.certcc.ir/index.php?name=news&file=article&sid=1894 ? https://twitter.com/danchodanchev/statuses/207569709091127296 ? http://pandalabs.pandasecurity.com/flame-new-cyber-espionage-tool/ ? http://blog.damballa.com/?p=1663 ? http://www.telegraph.co.uk/news/worldnews/middleeast/israel/8326387/Israel-video-shows-Stuxnet-as-one-of-its-successes.html ? http://www.securelist.com/en/blog/208193538/Flame_Bunny_Frog_Munch_and_BeetleJuice ? http://countermeasures.trendmicro.eu/fighting-the-flames ? http://www.f-secure.com/weblog/archives/00002372.html ? http://www.symantec.com/connect/blogs/painting-picture-w32flamer --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.