From rforno at infowarrior.org Sat Mar 1 20:38:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Mar 2014 21:38:15 -0500 Subject: [Infowarrior] - Truisms Message-ID: Truisms by Bob Lefsetz - March 1st, 2014, 3:00pm http://www.ritholtz.com/blog/2014/03/truisms/ Tumblr is for porn. Facebook is for the wannabe famous. Instagram is for those who are too lazy to write. Texting is social currency. It doesn?t matter how many likes or friends or followers you?ve got, but how many people text you and how regularly, that?s how popularity is judged today. Pinterest is inexplicable to guys. Samsung is for those who hate Apple and those too cheap to buy an iPhone (not necessarily the same thing, Apple-haters will buy the most expensive Galaxy). iPhone 4s means you?re almost at the end of your contract or you?re too cheap to upgrade. Tesla means you?re more interested in status than utility, or you never drive far from home. iPhone 5c means you think iPhones really cost a hundred bucks, not north of five hundred. Windows means you got your computer from work or you?re too cheap to buy a Mac. Argue all you want, perception is everything, and perception is reality. Hip-hop is the rock and roll of the Millennials. With a dollop of Gen-X?ers thrown in. Rock and roll is the music of the baby boomers, who believe everything they?re into should last forever, but it doesn?t, just like them. Books get a lot of publicity, but barely sell. Sure, there are exceptions, but very few. Sales are irrelevant, streams are everything, but newspapers are only trumpeting Spotify plays when all the action?s on YouTube. Albums are for the creators, no one else cares, except for a cadre of extremely vocal fans. Terrestrial radio is an advertiser-laden medium for poor people. Anybody with an income is listening to satellite or streaming from their mobile device. Baby boomers buy Japanese automobiles because they remember how bad their parents? Detroit iron was. In other words, despite all the press that GM, Ford and Chrysler are improving, boomers are sticking to Toyota and Honda, at least in California, and trends still start in California, don?t ever forget it. Binge viewing is a badge of honor. Telling everybody you stayed home to watch all the episodes of _______ garners more status than saying you went to the show, and there?s more to talk about! The Millennials want to be famous, just watch Douglas Rushkoff?s documentary ?Generation Like?. Newspapers insist on fat profit margins and head for decrepitude while online sites focus on user experience first and profits last. In other words, it?s the product, stupid! Companies are constantly fighting for awareness. Ignorance reigns. Education comes through word of mouth, which also spreads falsehoods. He who knows the most truth wins. We live in an information society, what?s in your brain is paramount. Without relationships you cannot succeed. Here today, gone tomorrow, welcome to the twenty first century. You can only combat this by constantly producing. U2 released a single during the Super Bowl, it?s already been forgotten, assuming you knew its name to begin with. No one cares if Shia LaBeouf wears a bag on his head, it?s a trumped up media story. Robin Thicke will screw everything that moves, wake up and realize his career is over and lament the loss of his wife. Alec Baldwin was right about Harvey Levin, but if you think he?s retiring from public life, you believe Kim Kardashian is all natural. That?s what Alec does, turn it on in the public eye, without this oxygen he?s dead, so he?ll be back, just like Scott Shannon, ha! (?Alec Baldwin: Good-bye, Public Life?) Just because you get press for your celebrity cook/lifestyle book, don?t think we care, you?re just another loser like us. In other words, just because you promote it, that does not mean it will sell. Bitcoin may not be forever, but digital currency is. Marc Andreesen is a borderline blowhard who is pontificating on tech better than most, pay attention to what he says. You know Twitter is in crisis when regular tweeters like Michael Moore don?t. Apple is not going to revolutionize television. Content owners won?t let them. Manhattan is losing steam as an arts center, it?s just too expensive to live there. In other words, bankers can prop up institutions, but they cannot drive them forward. Millennials are not mad that technologists are crowding them out of San Francisco as much as they are that they too are not rich. Bill Gates cannot save Microsoft. Samsung is a better me-too company. Vision is everything today. Amazon, Apple, Google, Facebook. They control the world, consolidation has taken hold, it?s the next hot topic and you don?t know it yet. People give up when no one?s paying attention, whether it be music, MySpace, Facebook, Twitter? Like hula-hoops, they?re fads, interesting for a while, then abandoned. Just because something makes money, that does not mean it does not suck. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 1 20:39:43 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Mar 2014 21:39:43 -0500 Subject: [Infowarrior] - Andressen: The Future of the News Business Message-ID: <90268094-E1E0-4FE0-AD95-53E588733DD3@infowarrior.org> The Future of the News Business: A Monumental Twitter Stream All in One Place BY MARC ANDREESSEN http://a16z.com/2014/02/25/future-of-news-business/ I am more bullish about the future of the news industry over the next 20 years than almost anyone I know. You are going to see it grow 10X to 100X from where it is today. That is my starting point for any discussion about the future of journalism. Here?s why I believe it, and how we will get there. Journalism has changed There has been a fascinating change in the traditional journalistic press over the last several years. Take corrections as an example. It used to be that corrections to printed news stories were a really big deal. There was a high bar to get a correction accepted in a newspaper or magazine. The story as printed was the permanent record. That was then. Now, even top print newspapers and magazines frequently revise stories online, sometimes dozens of times, often without tracking changes or acknowledging a change has been made. There are two ways to view this. The glass-half-full-view is that stories get better and better over time, vectoring ever closer to the truth. As a result, overall accuracy goes up over time. That is good for publications and journalists, and also good for their subjects. The glass-half-empty-view is that the quality bar for an initial post can be lower. Sloppy stories get published since they can always be corrected later, as much or as often as needed. This gets us into deterministic ?truth? versus probabilistic ?truth? territory. In other words, from: Here it is, take it or leave it, to: Here it is, subject to arbitrary ongoing revision. For better or worse (and maybe both), print journalism is converging in technique and quality towards blogs and Wikipedia. Ed Bott fully decoded this with his original NSA PRISM news stories. Given that change, and the easy slide into probabilistic ?truth,? I am very interested to see how Journalism with a capital J can maintain its reputation for truth and accuracy versus upstart blogs and Wikipedia. For Journalism ? big J ? the stakes are very high if that reputation is lost. But it may be that all journalism wins. Maybe we are entering into a new golden age of journalism, and we just haven?t recognized it yet. We can have the best of all worlds, with both accuracy rising, and stories that hew closer to truth. The news business should be run like a business The news business is a business like any business. It can and should be analyzed and run like a business. Thinking of news as a business is not only NOT bad for quality, objective journalism, but is PRO quality, objective journalism. A healthy business is the foundation for being able to build high quality products, and to do so sustainably. That includes journalism. Analyzed as a business, the news industry is going through a fundamental restructuring and transformation, for worse and for better. The main change is that news businesses from 1946-2005 were mostly monopolies and oligopolies. Now they aren?t. The monopoly/oligopoly structure of newspapers, magazines, and broadcast TV news pre-?05 meant restricted choice and overly high prices. In other words, the key to the old businesses was control of distribution, way more than anyone ever wanted to admit. That?s wonderful while it lasts, but wrenching when that control goes away. The end of monopolistic control doesn?t mean that great news businesses can?t get built in highly competitive markets. They just get built differently than before. Now, with everyone on Internet, three things are happening simultaneously: 1. Distribution is going from locked down to completely open, anyone can create and distribute. There is no monetary premium for control of distribution. 2. Formerly separate industries are colliding on the Internet. It?s newspaper vs. magazine vs. broadcast TV vs. cable TV vs. wire service. Now they all compete. Both No. 1 and No. 2 drive prices down. 3. At the same time, the market size is dramatically expanding?many more people consume news now vs. 10 or 20 years ago. Many more still will consume news in the next 10 to 20 years. Volume is being driven up, and that is a big, big deal. Right now everyone is obsessed with slumping prices, but ultimately, the most important dynamic is No. 3 ? increasing volume. Here?s why: Market size equals destiny. The big opportunity for the news industry in the next five to 10 years is to increase its market size 100x AND drop prices 10X. Become larger and much more important in the process. How to make money Some of the best news about the news business is the gigantic expansion of the addressable market, a function of the rise of the developing world plus the Internet. So how big is it? If you extrapolate from the number of smartphones globally, the total addressable market for news by 2020 is around 5 billion people worldwide. However, we all have to get more sophisticated about defining and segmenting markets. It is critical to really understand the who, where, when, and why to serve that massive market effectively. For example, many evolving markets are seeing the ?death of the middle.? The winners in these markets either offer the broadest breadth or the deepest depth. In evolving markets neither the broadest nor deepest is in trouble, but the middle market is withering. So it is logical to expect the big winners in the news business to either be the broadest or the deepest: To go maximum mass, or maximum specific. With that as a backdrop, here are eight obvious business models for news now, and in the future. This isn?t a pick one model and stick with it prospect, news businesses should mix and match as relevant. Advertising: Advertising is still central for many news businesses. But they need to get out of the ?race to bottom? dynamic of bad content, bad advertisers, and bad ads. Quality journalism businesses need to either take responsibility for their own high-quality advertisers and ads, or work with partners who do. There is no excuse for crappy network-served teeth whitening come-ons and one weird trick ads served against high quality content. Disastrous. Subscriptions: Many consumers pay money for things they value much of the time. If they?re unwilling to pay for a news product, it begs the question, are they really valuing it? Premium content: A paid tier on top of free, ad-supported content. This goes after the high-end news junkies reading the likes of Bloomberg & Reuters. It will work for more and more new outlets. Again, value equals people paying money for something. Conferences and events: Bits are increasingly abundant, and human presence is becoming scarce. So charge for that scarcity, and use bits to drive demand for human presence. Cross-media: Tina Brown was right but too early with Talk. News is a key source of material for books, TV, and film?which happen also to be growth businesses. Crowdfunding: This is a GIGANTIC opportunity especially for investigative journalism. Match people with interest in a topic to the reporters on the ground telling the stories. Click = vote = $. (Helpful hint: Start today with Crowdtilt. Easy-as-pie.) Bitcoin for micropayments: Easy to get started now (checkout Coinbase). As the consumer use of Bitcoin scales up for transactions, it becomes easy to ask for small amounts of money on a per-story or per-view basis with low or no fees. (A lot more of my thinking on the subject of Bitcoin here.) Philanthropy: Today the examples are Pro Publica and First Look Media, tomorrow the could be many more examples. There is around $300 billion per year in philanthropic activity in the U.S. alone. It?s WAY underutilized in the news business. If we look at the specific example of investigative journalism, believed to be least commercially viable type or news, you start to see how these models can play together. The so-called ?investigative journalism problem? is straightforward: How does it get funded in this new world? I have two responses. The first is that the total global expense budget of all investigative journalism is tiny ? in the neighborhood of tens of millions of dollars annually. That?s the good news, small money problems are easier to solve than big money nightmares. How we might solve this small money problem is via a combination of crowdfunding, philanthropy and subsidization by otherwise healthy news businesses. The combination should easily cover the global tab of investigative journalism, and even increase the money available. The same solution can address the ?Baghdad bureau problem.? Conflict-zone reporting of all kinds is super-important, and relative to other kinds of reporting, expensive, but again, it?s not much money in total. A last thought on business models. As my friend Jim Barksdale says, ?There are two ways to make money in business: You can unbundle, or you can bundle.? Or, rebundle. We already see the rise of new kinds of news aggregators in the wake of the great unbundling of newspapers and magazines. This is another thread to pull on. As business models get re-engineered and this brave new world of news comes to pass, there is this fear that oceans of crap will drive out quality content. I don?t think that happens. In fact, I believe the opposite will occur. On the Internet, there is no limitation to the number of outlets or voices in the news chorus. Therefore, quality can easily coexist with crap. All can thrive in their respective markets. And, the more noise, confusion, and crap ? the more there is an increase of, and corresponding need for, trusted guides, respected experts, and quality brands. Remember: Most great businesses are not big businesses. This market is plenty big enough for thousands of high-margin, small to medium-sized businesses. Growing fast with quality. People and companies that are doing it right. The following are some examples (in alphabetical order). There are many others, and I would encourage additions. Not every experiment will work, and maybe even some of these won?t work. That?s not the point. Experiments are needed for creation, and ultimately success ? especially in the news business. AnandTech: Monstrously competent technical coverage of the computing industry. Anand?s team provides unprecedented depth and detail. As a result, it wields big influence in industry. The Atlantic: Bob Cohn is taking a long-lived and respected brand, and blowing it out worldwide. The Atlantic is a daily presence now, and has a growing audience thanks to digital distribution. Buzzfeed: Jonah Peretti built the Buzzfeed fire hose with listicles. He?s leveraging that to do amazing in-depth long-form journalism. And growing like a banshee. The Guardian: The Guardian is a particularly great example of print crossing into online. Thanks to digital the Guardian brand is more global and reaches more readers than ever before. Politico: The political junkie?s favorite place on the Internet. Politico has taken over as the first thing D.C. reads every morning. It demonstrates the virtues of aggressive focus online. Search Engine Land: Danny Sullivan has created a place for all the search news, all the time. He?s leveraged all those interesting bits into live events and even lead generation. It?s a new model for a digital news business. The Verge: Josh Topolsky and his crew provide full coverage of tech industry news. It?s become a daily must-read for both in-the weeds tech folks and consumer audiences. Expect Verge and its parent Vox to be 10X larger in the next five years. Vice: From online Do?s and Don?ts, and now to the Vice media empire. Vice shifted from print to rapid growth and increasing presence via online stories and especially video. Wirecutter: A mini gadget news empire skippered by Brian Lam from various beachside locales. Lam is pioneering a new style of tech journalism, a side effect of which is great data. Wired: Scott Dadich and the Wired gang are blending print and digital with amazing breadth and depth. More than half of revenue comes from digital, and it?s growing. I?ll also highlight three personal investments of mine, all growing fast with quality: Talking Points Memo led by Josh Marshall. Henry Blodget and Business Insider. Sarah Lacy and PandoDaily. A hat tip to the new entrants from tech and their massive investment in the future of news. Jeff Bezos and his $250 million purchase of The Washington Post. Pierre Omidyar and his $250 million commitment First Look Media, and their first digital magazine The Intercept. And finally, The New York Times. It?s great to great to see The Times has evidently cracked code on the transition from print to digital after extremely hard effort. What?s holding the future of news back There are some artifacts and ideas in the journalism business that arguably are counterproductive to the growth of both quality journalism and quality businesses. It?s why some organizations are finding it so hard to move forward. An obvious one is the bloated cost structure left over from the news industry?s monopoly/oligopoly days. Nobody promised every news outfit a shiny headquarters tower, big expense accounts, and lots of secretaries! Unions and pensions are another holdover. Both were useful once, but now impose a structural rigidity in a rapidly changing environment. They make it hard to respond to a changing financial environment and to nimbler competition. The better model for incentivizing employees is sharing equity in the company. Those are the key structural issues holding some news businesses back, but there is an approach to how the news is created that also prevents progress. It?s the notion that ?objectivity? is the only model worth pursuing. The practice of gathering all sides of an issue, and keeping an editorial voice out of it is still relevant for some, but the broad journalism opportunity includes many variations of subjectivity. Pre-World War II, subjectivity was the dominant model in the news business ? lots of points of view battling it out in marketplace of ideas. As with people and opinions, there were many approaches to writing or broadcasting on the same topic. My take is that the rise of objectivity journalism post-World War II was an artifact of the new monopoly/oligopoly structures news organizations had constructed for themselves. Introducing so-called objective news coverage was necessary to ward off antitrust allegations, and ultimately, reporters embraced it. So it stuck. But the objective approach is only one way to tell stories and get at truth. Many stories don?t have ?two sides.? Indeed, presenting an event or an issue with a point of view can have even more impact, and reach an audience otherwise left out of the conversation. The good news The opportunity for leadership in the journalism business, just happens to be same leadership opportunity as in all businesses. Leaders just need to start leading. One start would be to tear down, or at least modify the ?Chinese wall? between content and the business side. No other non-monopoly industry lets product creators off the hook on how the business works. Before the journalistic purists burst a fountain pen, consider that there are intermediate points between ?holier than holy? and ?hopelessly corrupt? when it comes to editorial content. Paying attention to the business doesn?t equal warped coverage. It does equal a growing business. There are many businesses that balance incentives and conflicts all day long. Those businesses are able to hold the line on quality, and make great products. The point is, there isn?t just one way, but ought to be many ways to skin the cat in news. All of this requires abandoning the past, something that admittedly is very hard but necessary to move forward. Today?s news organizations are spending 90% of their effort and resources on playing defense. They are protecting the old artifacts and business model, rather than going on the offense and making the future. Even newspapers and other media outlets that are just now making it across the digital chasm would be much better off today if leadership had shifted resources and focus harder and sooner. Without a strong offense, and a view forward rather than back, a bad result is inevitable in the long run. The best approach is to think like a 100% owner of your company with long-term time horizon. Then you work backward to the present and see what makes sense and what remains. Versus, here is what we have now, how do we carry it forward? That is a tough exercise, and an even tougher mind shift. As we have already seen in the demise of scads of newspapers and other periodicals, not every news organization will make it. And that is OK. Further consolidation will be required. The U.S. alone has 15 full-scale national news organizations, plus more from international markets and all the online news organizations cropping up, That?s too many general news outfits. The good news is those that would survive and thrive are in control of their own destiny. The challenges and opportunities that these news businesses face can be rethought, addressed, and fixed. It?s similar to what any successful business goes through. The guidelines and the characteristics for winning are the same. It requires the following. Vision: The difference between vision and hallucination is others can see vision. It is critical to articulate a bright future with clarity that everyone can see. Scrappiness: Tough challenges call for resourcefulness and pragmatism. You need to stay close to the ground, wallowing in every detail and all over any opportunity that arises. Experimentation: You may not have all the right answers up front, but running many experiments changes the battle for the right way forward from arguments to tests. You get data, which leads to correctness and ultimately finding the right answers. Adaptability: Ask yourself, would you rather be right or successful? That needs to be top of mind at all times because times change and we change. You want strong views weakly held. Focus: Once you gain clarity from experiments and adaptation, then it?s time to focus on a small number of ultra-clear goals. When those are defined then it?s all-hands-on-deck. Deferral of gratification: You need the stomach (and resources!) to reject near-term rewards for enduring success. In journalism this means refusing to participate in the race to the bottom. An entrepreneurial mindset: This is true both for new companies and existing companies. It?s a bit of a mantra. We own the company. We make the business. We control our future. It?s on us. Remember, I am very bullish on the future of the news business. But as Tommy Lasorda said: ?Nobody said this fucking job would be all that fucking easy.? But while hard, it can be done, and it is worth doing. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 3 09:43:13 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Mar 2014 10:43:13 -0500 Subject: [Infowarrior] - Keurig Will Use DRM In New Coffee Maker To Lock Out Refill Market Message-ID: <58B64E33-5DAB-4324-9796-A273255210E7@infowarrior.org> (Unreal.....I'm flashing back to printers and inkjet cartridges here. But it makes me glad I never went along w/the K-Cup craze to begin with anyway. --rick) Keurig Will Use DRM In New Coffee Maker To Lock Out Refill Market http://www.techdirt.com/articles/20140227/06521826371/keurig-will-use-drm-new-coffee-maker-to-lock-out-refill-market.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 3 12:31:58 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Mar 2014 13:31:58 -0500 Subject: [Infowarrior] - Cops: Commercial NDA trumps informing a judge during trial Message-ID: Florida Cops? Secret Weapon: Warrantless Cell Phone Tracking Police in Florida have offered a startling excuse for having used a controversial ?stingray? cell phone tracking gadget 200 times without ever telling a judge: the device?s manufacturer made them sign a non-disclosure agreement that they say prevented them from telling the courts. < -- > http://www.wired.com/threatlevel/2014/03/stingray/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 3 19:52:48 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Mar 2014 20:52:48 -0500 Subject: [Infowarrior] - OT: Stages Of Winter Rage Message-ID: <9EE16A47-D498-4184-9744-F9039307B6AB@infowarrior.org> Stages Of Winter Rage March 03, 201411:54 AM http://www.npr.org/blogs/monkeysee/2014/03/03/285269215/stages-of-winter-rage [The following is a purely speculative, hypothetical story of winter. It corresponds to no actual meteorological data.] October 20: Eeeeeeee! Snow in the forecast! Eeeeeeee! October 21: I saw flakes! Here's an Instagram of flakes out my window! You can't really see them, but they're there, I promise! Flakes! November 3: There are tiny bits of snow landing on my windshield, and it is the most charming thing I've ever seen in my life. Snow is the best. Snow is fairy dust for grown-ups. Snow is the universe hugging me. November 14: I looked out my window this morning and there was a coating of snow on the ground, and it's so pretty that I didn't even mind having to brush it off my car. Snow is so beautiful. Here's a selfie of me pointing to a tree with snow on it. It melted by noon. :( November 20: Snow, yaaaay! I went outside and the neighbor's dog was running around in it and I almost died of happiness because snow is absolutely the best and happiest thing. November 30: Well, my trip back from Thanksgiving was a little dicey with the coating of slush on the streets, but the turkey was delicious! December 10: A little too much winter in my winter wonderland this morning. Had to reschedule my doctor's appointment and almost slipped getting from my door to the car. Be careful out there! December 19: Flight delayed for de-icing. Cab late. Sigh. December 25: WHITE CHRISTMAS WOOOOOOOO! December 26: Sheesh, I wanted a white Christmas, but that didn't require nine inches of snow. December 27: Wow, enough already. Sore back from shoveling. Made a snowman, though! Here's his picture! January 5: Froze my nose hairs, which is a first. WTF? January 10: Uh, I think I just killed my car driving over a pothole the size of a bathtub. Stop fluctuating, temperatures. January 19: Fell and practically killed myself on the sidewalk this morning after a zillionth of an inch of freezing rain. My knee is going to be the size of a bowling ball. January 24: Have you ever seen what a half-inch of ice looks like on a windshield? It looks like [REDACTED] you, winter. February 8: Everything is closed. I was supposed to have people over tonight, and nobody can come because there's a foot of snow coming and it's eight degrees and it's not supposed to get warmer until at least Friday. February 12: Hey, Target, maybe learn how to clear your parking lot, or at least fill up HALF your spaces ENTIRELY with snow instead of ALL your spaces HALFWAY with snow and also WHY DON'T YOU SELL GLOVES AFTER JANUARY WHEN IT'S 15 DEGREES OUTSIDE? February 25: I should really buy good snow boots for next year. March 3: Winter is a man-eating hell-demon sent by the forces of evil to break my spirit and my coccyx. It should [REDACTED] die already and [REDACTED] it if it doesn't because winter is full of [REDACTED] and [REDACTED] winter forever. ?.. October 14: Snow in the forecast! Eeeeeeeeee! --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 3 20:11:22 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Mar 2014 21:11:22 -0500 Subject: [Infowarrior] - Hill draws criticism over NSA oversight Message-ID: <8F718699-B4A8-4589-9F62-6F86703A060D@infowarrior.org> Hill draws criticism over NSA oversight By: Darren Samuelsohn March 2, 2014 10:14 PM EST http://dyn.politico.com/printstory.cfm?uuid=CAE12F47-7FE3-4DD6-B326-078FD2656371 Splashing America?s surveillance secrets on the front pages of newspapers for nearly nine months has created an array of scapegoats, from Edward Snowden to the NSA and President Barack Obama. Now the blame is also spreading to Congress. Cries of lax Capitol Hill oversight are piling up as Snowden-inspired stories continue to explode in the media, casting doubt on whether the legislative watchdogs can be trusted to oversee national security agencies that they?ve long defended. Intelligence Committee leaders from the House and Senate insist they?ve done their due diligence but acknowledge that lawmakers can glean only as much information as the president and his team will share. And even then, anything of such a highly classified nature can?t be legally disclosed anyway. Still, a ?trust us? promise from the lawmakers with the highest of high-security clearances isn?t satisfying critics. Among Snowden?s stated reasons for leaking stolen documents to select members of the press: Senate Intelligence Committee Chairwoman Dianne Feinstein, for asking ?softball questions? of national security officials during public hearings. ?The system failed comprehensively,? the former National Security Agency contractor told The Washington Post in December. ?For 10 years, there?s been so much mystery about it,? Sen. Chuck Grassley of Iowa, the top Republican on the Judiciary Committee, said in an interview. ?Our government, and maybe I?m at fault too, because we don?t do enough oversight, but there?s a lot more that could have been made public.? ?If there had been more information out there, there would have been less suspicion and not all these questions being raised,? he added. Many members of Congress have revolted out of frustration that the Obama administration and their fellow lawmakers haven?t done enough to address concerns about overreach in U.S. surveillance programs. Sen. Rand Paul (R-Ky.) sued the president. The House last summer came within a dozen votes of passing legislation to curb the NSA?s powers. And turf be damned, multiple House and Senate panels that share jurisdiction over intelligence and national security issues are forging ahead with their own inquiries. Sen. John McCain (R-Ariz.) is even pushing a resolution to create a new Senate investigative panel that can dig in on all the surveillance issues already under the purview of the Intelligence committees. The existing panels, he said, can?t be trusted to do their job. ?Clearly, they?ve been co-opted. There?s no doubt about that,? McCain told POLITICO. It?s a classic Washington story in which Congress and national security agencies end up in lock step, with lawmakers seen as serving more like cheerleaders than watchdogs. Four decades ago, then-Senate Armed Services Committee Chairman John Stennis (D-Miss.) was widely quoted telling the CIA?s leaders he didn?t want to know what they were doing. Responding to media reports after Watergate that the intelligence agencies had overstepped their bounds, Congress created the House and Senate Intelligence committees. It also imposed term limits on the new panels? members out of concern that lawmakers would get too cozy with the agencies they were charged with overseeing. While the Senate got rid of its term limits in 2004 ? the counterargument prevailed that too much turnover meant the panel kept losing valuable expertise ? some of the members now serving there say the temptation remains to protect the intelligence agencies. The inherent inclination to give the spy world the benefit of the doubt in the name of national security was amplified exponentially after the horror of Sept. 11. ?What happens when you get on the committee, right away the intelligence community sweeps in and basically starts the process of trying to kind of say, ?Well, these are tough issues.? And, in effect, only one point of view gets conveyed,? Sen. Ron Wyden (D-Ore.), a longtime Intelligence Committee member and NSA critic, said in an interview. ?It?s our job to do vigorous oversight and not just get caught up in the culture that makes you, in effect, something more like an ambassador than a vigorous overseer.? ?You can get caught up in that world. There?s a certain glamour to it I think for a lot of elected officials,? explained freshman Sen. Martin Heinrich (D-N.M.), one of the Intelligence Committee?s newest members. At a recent hearing, Heinrich saw firsthand how difficult public oversight can be while pressing CIA Director John Brennan on his agency?s interrogation and detention programs. When Brennan replied that he?d rather answer in a private session, Feinstein cut off her fellow Democrat?s line of questioning. ?I?d only say we view our roles somewhat differently,? Heinrich later said of Feinstein during an interview. Tensions over the quality of Hill oversight are also in the open between Feinstein and Senate Judiciary Committee Chairman Patrick Leahy, the Vermont Democrat who has held several public hearings dedicated to the government?s surveillance programs since the first Snowden stories appeared last June. Feinstein, so far, has presided over one open session specific to the issue, though the topic has come up in other hearings, too. In a recent interview with Vermont Public Radio, Leahy took a not-so-subtle jab at Feinstein by noting it was his panel that had challenged the NSA?s claim that the telephone bulk collection metadata program had prevented more than 50 terrorist attacks. ?It was like pulling teeth; it took me five hearings to get all this information out. And also it made it very clear to me that a lot of committees had not done as much work as they should, and I will continue to do them in the Judiciary Committee,? Leahy said. He also noted that investigating the intelligence agencies was ?one of the reasons I stayed as chair of the Judiciary Committee? rather than use his seniority to claim the gavel of the powerful Appropriations Committee. But intelligence officials are quick to remind critics just how much scrutiny they face, ticking off oversight from the White House, Justice Department, federal judges and lawmakers. ?The NSA is the most heavily regulated industry in the world,? George Ellard, the NSA inspector general, said during a recent event at the Georgetown University Law Center. House and Senate leaders from the Intelligence committees say their critics have it wrong. Oversight is intense but often cloaked because the material is classified. Many of the complaints come from people who really just disagree with the programs that the NSA, CIA and others are using to keep Americans safe. ?I don?t know if I can say exactly what I think of that theory as it might not be fit for print. That is so off the mark,? House Intelligence Committee Chairman Mike Rogers (R-Mich.) said when asked about charges that his panel had been AWOL. He noted that his review of what the government has been doing found ?nothing illegal, nothing untoward, no rogue agency.? ?Not liking it is different than not overseeing it,? Rogers added. ?Huge difference. And I take exception to those that say there was not proper oversight.? Rogers said his panel is still looking for ways to be more public in its oversight role, but that?s not easy when America?s enemies are watching, too. ?Transparency cannot be on the front page of the newspaper. That?s not transparency. That?s a catastrophic loss of classified information at that point,? he said. ?The transparency part is they can?t do these activities without coming to elected representatives in the U.S. Congress and having these debates for approval and policy review and funding. That all happened.? In a statement to POLITICO, Feinstein defended her committee?s efforts by highlighting its recent launch of a bipartisan review into all intelligence collection programs, including the telephone bulk collection and spying on U.S. allies. Her panel has held more than 60 hearings this session ? at least five have been open ? and regularly looks into budgets, covert action programs and intelligence collection and analysis. ?I take my responsibility to conduct thorough oversight of the intelligence community very seriously, and I believe the committee performs that function well,? Feinstein said. ?It is the nature of intelligence oversight that, if done well, much of it is never known publicly.? Several Intelligence committee members said they are not too friendly with national security agencies. ?I?ve been on the intelligence committee for 15, 20 years now. I don?t feel at all co-opted,? said Sen. Carl Levin (D-Mich.), who holds an ex-officio slot on the panel as chairman of the Armed Services Committee. Levin blamed intelligence agencies for putting up so many fights, noting a three-year battle with the CIA to make public the panel?s investigation on torture. ?I?ve seen a lot of frustration with a lack of response from the intelligence community,? he said. Rep. Jeff Miller (R-Fla.) recalled lawmakers? spirited back-and-forth with Brennan, Director of National Intelligence James Clapper and FBI Director James Comey during a recent House Intelligence Committee hearing. ?You can see tension very clearly between the intelligence community directors and this committee,? he said. ?This is a very independent committee.? The House panel?s private hearings ? there have been more than 30 this Congress, compared with about 10 open or partially open sessions ? are where some of the real work gets done, said Rep. Mike Conaway (R-Texas). ?When there?s no cameras, you get a much different analysis of what?s going on,? he said. ?The conversation is better. It?s not nearly as stilted.? Rep. Mike Pompeo (R-Kan.) said he?s been trying to improve his oversight skills by taking a crash course on intelligence issues since he joined the panel in early 2013, holding about five meetings a week with experts in the field. ?Nobody has anything approaching what we have,? Pompeo said, citing both Congress and the special federal court that oversees the intelligence agencies. ?You can absolutely make the case that while there?s no perfection here either, it?s the best [system] devised by humankind for a way to provide oversight on a country?s incredibly important intelligence operations.? But Pompeo also said he has witnessed shortcomings, including lawmakers who don?t serve on the Intelligence Committee and don?t heed offers to attend classified briefings. ?My observation has been you have too many members of Congress who don?t want to spend time on this. I think that?s most unfortunate,? he said. Rep. Jan Schakowsky (D-Ill.), who joined the House Intelligence panel at then-Speaker Nancy Pelosi?s request in 2007, called it a ?really, really challenging assignment? to conduct adequate oversight in part because she has no personal staffer to consult with the proper security clearance. In the Senate, each Intelligence Committee member has at least one staffer in his or her personal office with adequate security clearance. But in the House, panel members must rely on committee aides who first answer to Rogers and ranking member Dutch Ruppersberger (D-Md.). ?We have fine staff. But they don?t report to me,? Schakowsky said. ?So we?re part-timers. I?ve got a lot of other priorities to deal with. You could definitely spend full time doing intelligence.? Geoffrey Stone, a University of Chicago law professor who served on a White House-charted task force that studied the government?s surveillance programs, said in an interview that he?s heard from several House Intelligence Committee members frustrated with the quality of information they get from the national security agencies. In some instances, Stone said the members told him that his panel knew more than they did. ?That was bizarre. But I think part of it is we were very aggressive, and also we had [former Deputy CIA Director] Mike Morell and [former White House counterterrorism adviser] Richard Clarke, who knew what questions to ask that I wouldn?t know.? Stone said he?s not surprised that Intelligence Committee leaders like Rogers and Feinstein would get defensive with their work. ?It?s hard to say, ?Oh, we were wrong.? Just given human nature, it?s not surprising that they?ve circled their wagons,? he said. ?But it?s unfortunate because I really do think this is an instance in which I don?t think they asked all the right questions.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 06:20:26 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 07:20:26 -0500 Subject: [Infowarrior] - RSA Tried To Get TrustyCon Booted Message-ID: <1E9B49C9-C9E1-4C0F-B263-1097B51AB49A@infowarrior.org> RSA Tried To Get TrustyCon Booted http://www.techdirt.com/articles/20140228/16231726394/rsa-tried-to-get-trustycon-booted.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 06:22:06 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 07:22:06 -0500 Subject: [Infowarrior] - UK PM's anti-porn advisor arrested for....take a guess Message-ID: http://www.independent.co.uk/news/uk/crime/senior-tory-adviser-patrick-rock-arrested-on-child-pornography-allegations-9166837.html Senior Tory adviser Patrick Rock arrested on child abuse images allegations A senior adviser to David Cameron was arrested on child abuse images allegations, Downing Street said tonight. Patrick Rock, who had been involved in drawing up proposals for internet porn filters, resigned after being questioned by police. Officers from the National Crime Agency examined Downing Street?s computer systems and offices used by Mr Rock, 62. He was an been adviser to the Conservative party for 30 years and got to know Mr Cameron in the mid-1990s when they were both worked for Michael Howard when he was Home Secretary. The Prime Minister brought him into Downing Street in 2011 to work in the Number 10 policy unit. He took responsibility for home affairs issues and was among officials who were involved in drawing up controls against internet images of child abuse. A Downing Street spokesman said: ?On the evening of February 12, Downing Street was first made aware of a potential offence relating to child abuse imagery. It was immediately referred to the National Crime Agency. http://www.independent.co.uk/news/uk/crime/senior-tory-adviser-patrick-rock-arrested-on-child-pornography-allegations-9166837.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 06:32:02 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 07:32:02 -0500 Subject: [Infowarrior] - Facebook 'in talks to buy drone satellite firm' Message-ID: <46792897-5E2C-497A-8388-E751508D7E58@infowarrior.org> Facebook 'in talks to buy drone satellite firm' Social network said to be in talks with Titan Aerospace in order to bring internet connectivity to people in the developing world http://www.theguardian.com/technology/2014/mar/04/facebook-talks-drone-satellite-firm-internet --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 10:26:02 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 11:26:02 -0500 Subject: [Infowarrior] - Dish, Disney implement three-day Autohop ban Message-ID: <73EF7693-99A9-49E4-A1BA-E7A08EE3940C@infowarrior.org> Dish, Disney strike deal; implement three-day Autohop ban updated 09:25 pm EST, Mon March 3, 2014 http://www.electronista.com/articles/14/03/03/channel.skipping.feature.disabled.for.72.hours.after.initial.broadcast/ Channel-skipping feature disabled for 72 hours after initial broadcast The Walt Disney Company and Dish Network Corporation today announced a long-term distribution agreement that will provide Dish customers with access to Disney-owned programming. The distribution agreement grants Dish rights to content from the ABC-owned broadcast stations, ABC Family, Disney Channel, ESPN and ESPN2, as part of an Internet delivered, IP-based multichannel offering -- but with a catch for the consumer. Under the terms of the deal, users must wait three days before being able to skip commercials on new programming saved by the Hopper DVR. Dish will make available Disney Junior, Fusion, ESPN Goal Line, ESPN Buzzer Beater, as well as Longhorn Network and the upcoming SEC ESPN Network upon its launch. In addition, Dish, ESPN and ESPN Deportes customers will have access to the live and video-on-demand channel ESPN3. As part of the agreement, Dish will launch ESPNEWS, ESPNU, Disney Channel and ABC Family in high definition. ESPN Classic will be reintroduced as a video-on-demand channel. The agreement will result in dismissal of all pending litigation between the two companies, including disputes over PrimeTime Anytime and AutoHop. The deal also provides an undisclosed structure for other advertising models as the market evolves, including dynamic ad insertion, advertising on mobile devices and extended advertising measurement periods. The companies also renewed carriage agreement for ABC's eight wholly-owned local stations, including WABC-TV in New York City, KABC-TV in Los Angeles, WLS-TV in Chicago, WPVI-TV in Philadelphia, KGO-TV in San Francisco, WTVD-TV in Raleigh-Durham, KTRK-TV in Houston, and KFSN-TV in Fresno. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 13:51:52 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 14:51:52 -0500 Subject: [Infowarrior] - Edward Snowden to speak at South by Southwest Message-ID: <7731205E-CC92-42E5-ABB2-AB4BA5FEAE46@infowarrior.org> Edward Snowden to speak at South by Southwest The NSA leaker, who is living in exile, will appear by teleconference on Monday during the interactive portion of the annual Texas festival. He joins fellow wanted man Julian Assange, who is also speaking remotely at SXSW Interactive. http://news.cnet.com/8301-1009_3-57619889-83/edward-snowden-to-speak-at-south-by-southwest/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 15:51:32 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 16:51:32 -0500 Subject: [Infowarrior] - How NIST Develops Cryptographic Standards Message-ID: <89B2B5BA-30F9-4FB2-B62A-C4442FA2CA6A@infowarrior.org> (via Schneier blog: https://www.schneier.com/blog/archives/2014/03/how_nist_develo.html) This document gives a good overview of how NIST develops cryptographic standards and guidelines. It's still in draft, and comments are appreciated. Given that NIST has been tainted by the NSA's actions to subvert cryptographic standards and protocols, more transparency in this process is appreciated. I think NIST is doing a fine job and that it's not shilling for the NSA, but it needs to do more to convince the world of that. NIST Draft: http://csrc.nist.gov/publications/drafts/nistir-7977/nistir_7977_draft.pdf --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 4 21:01:42 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Mar 2014 22:01:42 -0500 Subject: [Infowarrior] - NSA chief criticises media and suggests UK was right to detain David Miranda Message-ID: <40732154-9706-4346-8171-566CC27B3973@infowarrior.org> NSA chief criticises media and suggests UK was right to detain David Miranda Keith Alexander says revelations have caused ?grave damage? and claims officials are making ?headway? on ?media leaks? ? Spencer Ackerman in Washington ? theguardian.com, Tuesday 4 March 2014 15.32 EST http://www.theguardian.com/world/2014/mar/04/nsa-chief-keith-alexander-david-miranda The outgoing director of the National Security Agency lashed out at media organizations reporting on Edward Snowden?s surveillance revelations, suggesting that British authorities were right to detain David Miranda on terrorism charges and that reporters lack the ability to properly analyze the NSA?s broad surveillance powers. General Keith Alexander, who has furiously denounced the Snowden revelations, said at a Tuesday cybersecurity panel that unspecified ?headway? on what he termed ?media leaks? was forthcoming in the next several weeks, possibly to include ?media leaks legislation.? In perhaps his most expansive remarks to date since Miranda ? the partner of former Guardian journalist Glenn Greenwald ? was detained for nine hours at Heathrow airport last summer, Alexander noted that a panel of UK judges found Miranda?s detention to be legal. ?Recently, what came out with the justices in the United Kingdom ? they looked at what happened on Miranda and other things, and they said it?s interesting: journalists have no standing when it comes to national security issues. They don?t know how to weigh the fact of what they?re giving out and saying, is it in the nation?s interest to divulge this,? Alexander said. ?And I just put that on the table because that?s a key issue that we as a nation [are] going to face. My personal opinion: these leaks have caused grave, significant and irreversible damage to our nation and to our allies. It will take us years to recover,? he said. Miranda was held for the maximum amount of time allowable under schedule 7 of the UK?s Terrorism Act 2000. The Guardian paid for Miranda?s trip from his Rio de Janeiro home to Berlin, during which he met with filmmaker Laura Poitras, one of the recipients of Snowden?s leaks. Miranda carried with him encrypted files that included thousands of classified UK surveillance documents that came from Snowden, in order to facilitate journalism about the source material. Although the statute cited to detain Miranda concerns terrorism ? with which UK officials have never suspected Miranda of involvement ? a panel of three UK judges last month quashed a legal challenge to his detention. Lord Justice Laws, a member of the panel, found that the objective of Miranda?s detention ?was not only legitimate but very pressing,? a decision criticized by press-freedom advocates in the UK and beyond. Alexander said he would be at the White House on Tuesday to discuss proposed changes to the NSA?s mass collection of US phone records, less than a week after he seemed to soften his opposition to the NSA acquiring only metadata related to terrorism. The general, who is due to retire in the next several weeks, said that the furore over Snowden?s surveillance revelations ? which he referred to only as ?media leaks? ? was complicating his ability to get congressional support for a bill that would permit the NSA and the military Cyber Command he also helms to secretly communicate with private entities like banks about online data intrusions and attacks. ?We?ve got to handle media leaks first,? Alexander said. ?I think we are going to make headway over the next few weeks on media leaks. I am an optimist. I think if we make the right steps on the media leaks legislation, then cyber legislation will be a lot easier,? Alexander said. The specific legislation to which Alexander referred was unclear. Angela Canterbury, the policy director for the Project on Government Oversight, a watchdog group, said she was unaware of any such bill. Neither was Steve Aftergood, an intelligence policy analyst at the Federation of American Scientists. The NSA?s public affairs office did not immediately respond to a request for comment. Alexander has previously mused about ?stopping? journalism related to the Snowden revelations. ?We ought to come up with a way of stopping it. I don?t know how to do that. That?s more of the courts and the policymakers but, from my perspective, it?s wrong to allow this to go on,? he told an official Defense Department blog in October. While Attorney General Eric Holder said last year that he had no plans to pursue charges against Greenwald, pro-NSA officials have recently taken to using loaded legal language when referring to the journalists reporting on the Snowden documents. James Clapper, the director of national intelligence, called on Snowden and unnamed ?accomplices? to return the surveillance documents cache during congressional testimony in January. The chairman of the House intelligence committee, Mike Rogers of Michigan, called Greenwald a ?thief? last month. Like other NSA officials and their allies over the past several months, Alexander has become more visible to the public, part of the NSA?s push to regain control of the public narrative as the Obama administration and members of Congress debate the future scope of the NSA?s powers. In an October interview with the New York Times, Alexander said: ?I do feel it?s important to have a public, transparent discussion on cyber so that the American people know what?s going on.? But staff at Georgetown University, which sponsored the Tuesday cybersecurity forum, took the microphone away from a Guardian reporter who attempted to ask Alexander if the NSA had missed the signs of Russia?s invasion and occupation of Ukraine, which appeared to take Obama administration policymakers by surprise. Although the event was open to reporters, journalists were abruptly told following the NSA director?s remarks that they were not permitted to ask questions of Alexander, who did not field the Ukraine question. Following the event, security staff closed a stairwell gate on journalists who attempted to ask Alexander questions on his way out. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 5 05:44:13 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Mar 2014 06:44:13 -0500 Subject: [Infowarrior] - CIA Accused Of Spying On Senate Intelligence Committee Staffers Message-ID: CIA Accused Of Spying On Senate Intelligence Committee Staffers from the biting-the-hand-that-oversees-you dept While at times, it's appeared that the Senate Intelligence Committee, led by Dianne Feinstein, serves more to prop up the intelligence community than to handle oversight, it has actually clashed quite a bit with the CIA. We've discussed a few times how the Committee has been pushing to release a supposedly devastating 6,000 page report about the CIA's torture program, which cost taxpayers an equally astounding $40 million to produce. However, the CIA has been fighting hard to block the release of the report, arguing that it misrepresents the CIA's actions. However, things are getting even more bizarre, as the NY Times is reporting that the CIA is now accused of spying on the Intelligence Committee and its staffers in its attempt to keep that report from being released. The details are still a little cloudy, but in December, Senator Mark Udall revealed that the Senate Intelligence Committee had come across an internal CIA study that apparently corroborated the information that is in the big Senate report -- and which directly contradicted claims by the CIA to the Committee about how the report was inaccurate -- suggesting that, on top of everything else, the CIA lied to the Intelligence Committee. Udall quizzed CIA boss John Brennan about that internal report. And according to the NY Times, it appears that CIA folks freaked out that the Intelligence Committee somehow got access to that internal study, and responded the way the CIA knows best: by starting to spy on Intelligence Committee staffers:.... < - > http://www.techdirt.com/articles/20140305/00445926435/cia-accused-spying-senate-intelligence-committee-staffers.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 5 20:22:12 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Mar 2014 21:22:12 -0500 Subject: [Infowarrior] - American RT anchor quits on-air over Putin coverage Message-ID: <8CB08E2F-36EA-4309-900E-2DFF7EF4719D@infowarrior.org> (video @ the article link) Anchor for Russian TV says she's quitting in protest of Putin coverage http://www.latimes.com/world/worldnow/la-fg-wn-russia-today-anchor-quits-20140305,0,2912362.story An American journalist said she was quitting a Russian-backed TV station in an on-air protest Wednesday. By Matt Pearce March 5, 2014, 5:59 p.m. An American journalist said she was quitting a Russian-backed TV station in an on-air protest Wednesday, telling viewers "I cannot be part of a network funded by the Russian government, that whitewashes the actions of [President Vladimir] Putin." Liz Wahl, an anchor for the English-language network RT, made her announcement after criticism that RT, also known as Russia Today, had taken a sympathetic stance on the Russian intervention in Ukraine's Crimean peninsula. A day earlier, RT journalist Abby Martin made on-air remarks critical of the Russian government's actions in Crimea, telling viewers, "What Russia did was wrong." Wahl prefaced her resignation Wednesday by citing Martin's remarks, adding, "Indeed, as a reporter on this network, I face many ethical and moral challenges, especially me personally.... My grandparents came here as refugees during the Hungarian revolution, ironically to escape the Soviet forces." After telling viewers that the network "whitewashes" the actions of Russian President Vladimir Putin, Wahl said, "I'm proud to be an American and believe in disseminating the truth, and that is why, after this newscast, I am resigning." Wahl and a representative for RT did not immediately respond to The Times' requests for comment. RT's American channel broadcasts from Washington, D.C., according to the network's website. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 6 09:33:31 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Mar 2014 10:33:31 -0500 Subject: [Infowarrior] - Alzheimer's deaths much more common than realized: study Message-ID: <9F09F78C-2226-4645-AEAD-C511FDBEDB22@infowarrior.org> Alzheimer's deaths much more common than realized: study http://news.yahoo.com/alzheimers-deaths-much-more-common-realized-study-211045904.html;_ylt=AwrBEiKzkxdTTUcA44TQtDMD By Kathryn Doyle 17 hours ago NEW YORK (Reuters Health) - Nearly half a million elderly Americans likely died from Alzheimer's disease in 2010, a figure almost six times higher than previous estimates of annual deaths, according to a new study released on Wednesday. The Centers for Disease Control and Prevention has estimated that approximately 5 million people are living with Alzheimer's disease in the United States, and that 83,000 die from the condition each year. "Many people do not realize that Alzheimer's is a fatal disease," said lead author Bryan D. James of the Rush Alzheimer's Disease Center in Chicago. "Alzheimer's disease starts in the part of your brain that controls your memory and thinking, but over years it spreads to the parts of your brain that control more basic functions such as breathing and swallowing," he told Reuters Health in an email. Current national estimates are based on death certificates, which tend to underestimate deaths from dementia, he and his colleagues write in the journal Neurology. They analyzed data from two existing studies that followed people age 65 and older, starting at a time when they did not have Alzheimer's. The participants were tracked for an average of eight years, with annual checkups and brain donation in the case of death. One study followed religious orders of nuns and priests and the other followed people in retirement communities and senior housing facilities. In all, the studies tracked 2,566 people. Over the course of the two studies, 559 participants developed Alzheimer's disease and 1,090 participants died. People diagnosed with Alzheimer's were more than three times as likely to die as those without it. The risk was more than four times as high among participants aged 75 to 84. Applying these figures to U.S. deaths in 2010, when the data in the two studies were collected, the authors estimate that about 500,000 people over age 75 died from Alzheimer's disease that year. "There's no doubt that if you have Alzheimer's disease, it increases mortality risk," said Dr. James Leverenz of the Cleveland Clinic Lou Ruvo Center for Brain Health in Ohio. But although current national estimates for Alzheimer's deaths are definitely low, he's not sure the true number is as high as the one found in this study. "The two groups are pretty highly educated," said Leverenz, who was not involved in the new research. "They were in generally a little bit better health than the general population." That means people in these studies could have been less likely to die from heart disease or other conditions, so a higher proportion might have died from Alzheimer's, he explained. One of the reasons it is so hard to estimate the number of deaths from Alzheimer's is that dementia can be the underlying reason for a number of more immediate causes of death, Leverenz said. For instance, severe dementia can lead to problems swallowing, which leads to malnutrition, which can lead to pneumonia, the study authors write. Death certificates tend to list the immediate cause of death, in this case pneumonia, and leave out dementia. "Understanding that AD may contribute to almost as many deaths as the two leading killers in America, heart disease and cancer, is an eye-opening figure that may convince the public and policy makers that AD funding should be increased," James said. In the study, participants lived an average of four years after an Alzheimer's diagnosis, but Leverenz said he has seen patients live with the condition for much longer - 10 or even 20 years for those with an earlier onset of disease. "The aging of the baby boomer population means more people living with Alzheimer's disease, which in turn means more people dying from Alzheimer's disease since no effective treatment or cure exists," James said. SOURCE: http://bit.ly/NwhhyY Neurology, online March 5, 2014. (Editing by Genevra Pittman, Michele Gershberg and Jonathan Oatis) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 6 10:00:38 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Mar 2014 11:00:38 -0500 Subject: [Infowarrior] - Army mail doesn't do Alzheimers. Message-ID: <3B63D104-BA85-4194-A918-4055ECD0EE47@infowarrior.org> Interesting todbit: the mailservers for us.army.mil determined that the article posted earlier today about the Alzheiemers study "contained unauthorized content." Wonder if they have a problem with the repeated use of the word "death" "died" or the name of the disease? *facepalm* --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 7 07:01:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Mar 2014 08:01:15 -0500 Subject: [Infowarrior] - Snowden testimony to EU Parliament Message-ID: <39BEAF4E-CDDC-46B4-87D0-57EFFCFC146E@infowarrior.org> Edward Snowden tells European Parliament how local spies aid NSA surveillance http://gigaom.com/2014/03/07/edward-snowden-gives-testimony-to-european-parliament-surveillance-inquiry/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 7 10:01:27 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Mar 2014 11:01:27 -0500 Subject: [Infowarrior] - The NSA Has An Advice Columnist. Seriously. Message-ID: <7AD93C50-E8A8-48C2-8BCF-1BB8FD95480C@infowarrior.org> The NSA Has An Advice Columnist. Seriously. https://firstlook.org/theintercept/article/2014/03/07/nsa-advice-columnist-seriously/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 8 12:33:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 8 Mar 2014 13:33:33 -0500 Subject: [Infowarrior] - FISC: NSA can't keep metadata past 5 years Message-ID: Court: NSA can't keep metadata past 5 years By JOSH GERSTEIN 3/7/14 3:08 PM EST http://www.politico.com/blogs/under-the-radar/2014/03/court-nsa-cant-keep-metadata-past-years-184737.html A judge has denied the federal government's request to allow the National Security Agency to keep telephone metadata past the current five-year maximum in order to preserve the information for use in pending lawsuits. Foreign Intelligence Surveillance Court Judge Reggie Walton said the government hadn't shown a strong enough need to keep the data, especially given the privacy concerns raised by such a move. "The amended procedures would further infringe on the privacy interests of United States persons whose telephone records were acquired in vast numbers and retained by the government to aid in national security investigations," Walton wrote in a 12-page order posted here. "The government seeks to retain these records, not for national security reasons, but because some of them may be relevant in civil litigation in which the destruction of those very same records is being requested. However, the civil plaintiffs potentially interested in preserving the...metadata have expressed no desire to acquire the records." "This Court is reluctant to take any action that could impede the proper adjudication of the identified civil suits, and understands why the government would proceed with caution in connection with records potentially relevant to those matters," Walton continued. "However, the Court cannot make the finding required to grant the motion based on the record before it." Last month, the Justice Department made the request to keep the data indefinitely. A spokesman for the department had no immediate comment Friday. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 8 12:49:00 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 8 Mar 2014 13:49:00 -0500 Subject: [Infowarrior] - Kill the Snowden interview, congressman tells SXSW Message-ID: Kill the Snowden interview, congressman tells SXSW Kansas Rep. Mike Pompeo wants organizers of South by Southwest Interactive to back out of their scheduled video conference interview of Edward Snowden. http://news.cnet.com/8301-13578_3-57620072-38/kill-the-snowden-interview-congressman-tells-sxsw/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 8 12:50:32 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 8 Mar 2014 13:50:32 -0500 Subject: [Infowarrior] - Rage against the monopolized machine: you should use products how you want Message-ID: Rage against the monopolized machine: you should use products how you want Phones we can?t unlock. Shows we can?t skip. And now coffee machines that won?t work with a competitor?s coffee? Don?t buy in ? Dan Gillmor ? theguardian.com, Thursday 6 March 2014 15.29 EST http://www.theguardian.com/commentisfree/2014/mar/06/green-mountain-coffee-maker-competition What does a popular coffee machine have in common with a DVR? You can buy one, but the manufacturer reserves the right to dictate how you use it. We?ve known for years that software is an infinitely malleable commodity. Code is a set of instructions, and they can be changed. Code evolves. Features appear, improve and disappear. This is especially true of online services, with providers modifying their offerings at will. As more and more physical goods contain more and more microprocessors and software, the boundaries we once took for granted have blurred. This is why a Keurig coffee machine from Green Mountain Coffee Roasters, a single-cup brewer, will soon refuse to work with a competitor?s coffee. It?s why Dish Network will tell customers of its ad-skipping DVR that they may no longer use that feature when watching programming from Disney. This isn?t a new phenomenon, but it?s getting worse. Hollywood has led the way, as it tries to lock down every bit of information to which it holds copyrights, even as it persuades Congress to continually extend copyright terms. Mobile phone makers continue to abuse copyright law by locking down devices to prevent customers from having more choices. Printer companies have tried to lock out third-party inkjet cartridges. Apple has engineered its mobile devices to work, in most cases, only with peripheral gear that Apple allows and, of course, that generates royalty income for the biggest technology company in the world. And so on. I?m less bothered by Green Mountain?s move, ill-advised as it is, than some others in this genre. After all, no one is forced to buy one of the company?s latest coffee-makers, which produce a single cup at a time. Even if this was the only single-cup maker ? it?s not ? there are many other (and in my opinion better) ways to brew a cup of tasty java, even if they?re slightly less convenient. And it?s not as if Green Mountain was forcing owners of existing machines into this regime. I do hope, when those brewers stop working, that their owners will make the smart choice and look elsewhere for their next one. Dish Network, on the other hand, is modifying DVRs with the company?s ?Auto Hop? feature, which, if the user requests, automatically bypass the relentless barrage of advertisements in programming from the top four networks. Needless to say, the networks absolutely loathe this feature and, you guessed it, have sued Dish in an attempt to forestall the future. One reason I?ve been a Dish customer for more than 15 years has been its willingness to take on the Copyright Cartel. I still use an older DVR that includes a feature the programmers hated just as much (but had no plausible legal case against) when it was introduced, a button that makes 30 seconds disappear; it?s by far the feature I use the most. With Auto Hop, Dish was resolute on behalf of its customers ? until Disney, owner of ABC, ESPN and other programming, offered to give Dish expanded rights, including streaming, to a variety of content. At that point, Dish sold out the people who?d bought DVRs supporting Auto Hop, by agreeing to remove one of the reasons they?d bought those devices in the first place. Auto Hop won?t totally disappear for Disney programming, according to the companies? announcement; it just won?t work for three days after the original broadcast (it works now the day after the broadcast). Yet there?s nothing preventing Dish from disabling it completely when and if Disney and other network owners offer a sufficiently rich deal. Customers were never asked if the new ways to watch Disney programs were a fair trade-off for semi-losing the Auto Hop feature. They were simply told. Again, such corporate high-handedness, while not new ? remember, Amazon removed the book, oh the irony, 1984, from customers? Kindle ebook readers ? has been relatively rare. But when software becomes part of almost everything we touch, a process that is accelerating, we can?t look at such cases as outliers and hope that most manufacturers will do the right thing. Just as the police and security agencies are racing deploy all new technologies to spy on everyone ? whether the law permits it or not ? private industry is racing to retain as much control as possible over the products and services it sells, and thereby control over us. The digital-rights management clampdown is a natural economic impulse, however bad for customers. But we have to say no, individually and collectively. Saying no starts with shopping more wisely. I?ll never buy a Keurig coffee maker, period. And Dish?s deal with Disney has almost certainly hastened the day when we go without its service entirely. But we can?t rely entirely on the market in this kind of one-size-fits-one future, in part because so many industries are trending toward monopolies or cozy oligopolies. The law needs to catch up, too. In one arena, it has. After Massachusetts voters overwhelmingly enacted a ?Right to Repair? ballot measure requiring car manufacturers to make diagnostic data available to third-party repairers, the precedent created a push for a nationwide deal among various parties. Common sense prevailed only after the law changed, but that happened because relatively deep-pocketed third-party repairers forced the issue. How do we regain control in the meantime? It?s software, remember. So we turn to the hackers. I?ve modified my Samsung mobile phone ? removing unwanted features and blocking certain kinds of data collection by app developers ? by using tools provided by people who believe customers should have the right to use devices the way they choose, not solely the way the manufacturer insists. But some tools in this genre are flatly illegal, because ?intellectual property? interests have persuaded Congress to codify control instead of freedom. If Congress still worked for the people instead of a variety of deep-pocketed special interests, it would require manufacturers to make their devices more open to modification. We?re still in the early days of this war ? and make no mistake, that?s what we face. The interests that want control over our lives and pocketbooks are wealthy and powerful. People are waking up to the threat. Now we all need to fight back. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 10 07:05:40 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Mar 2014 08:05:40 -0400 Subject: [Infowarrior] - Computer Network Exploitation vs. Computer Network Attack Message-ID: <2ED031E0-0033-4127-9D2E-FB3394797728@infowarrior.org> Computer Network Exploitation vs. Computer Network Attack Bruce Schneier Mar 6 2014, 1:25 PM ET Back when we first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, we described it in some very strong language. We called the Chinese actions cyber-attacks. We sometimes even invoked the word cyberwar, and declared that a cyber-attack was an act of war. When Edward Snowden revealed that the NSA has been doing exactly the same thing as the Chinese to computer networks around the world, we used much more moderate language to describe U.S. actions: words like espionage, or intelligence gathering, or spying. We stressed that it's a peacetime activity, and that everyone does it. The reality is somewhere in the middle, and the problem is that our intuitions are based on history. < -- big snip -- > http://www.theatlantic.com/technology/archive/2014/03/theres-no-real-difference-between-online-espionage-and-online-attack/284233/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 10 07:24:05 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Mar 2014 08:24:05 -0400 Subject: [Infowarrior] - PowerPointless Message-ID: Interesting slideshow on why PPT is the bane of classrooms (and boardrooms) ... PowerPointless http://www.slate.com/articles/life/education/2014/03/powerpoint_in_higher_education_is_ruining_teaching.html .... which is pretty much what I said over 10 years ago in my own PowerPoint Manifesto .... "The PowerPoint Manifesto" http://infowarrior.org/powerpointless.html I still think Larry Lessig gives the best lectures using PPT. After all, when you know your stuff, one word per slide is plenty. :) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 10 12:05:36 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Mar 2014 13:05:36 -0400 Subject: [Infowarrior] - Live coverage: Snowden talks NSA at SXSW Message-ID: Live coverage: Snowden talks NSA at SXSW http://www.usatoday.com/story/tech/2014/03/10/snowden-talk-sxsw/6253085/ Former National Security Agency contractor Edward Snowden will participate in a session at SXSW 2014 on Monday to discuss the controversy over government surveillance. Follow our live updates below for the latest from Snowden's talk: 1:02 p.m.: Crowd applauds as Snowden's chat concludes. Thanks for joining us. 12:59 p.m.: Snowden is asked how satisfied he is with global debate on mass surveillance. He says his ultimate goal was not to tell governments how to act. "What I wanted to do was to inform the public so they could make a decision for what we should be doing." He also notes "every society has benefited" from the disclosures. On whether he would do this again? "Absolutely, yes." 12:56 p.m.: Snowden is asked about whether there are benefits of data collection on a societal level without opening up to mass surveillance. He says the important thing is letting people know when data is collected. "Data should not be collected without peoples' knowledge or consent." 12:54 p.m.: Snowden, on his best evidence that encryption works: he says the U.S. has a huge team trying to track him and his work, and they haven't. 12:49 p.m.: Next question for Snowden is what steps can users take individually to secure themselves. Snowden suggests full disk encryption to protect devices if they're seized, network encryption and plug-ins such as NoScript. Snowden also praised the mixed routing network Tor, which he says encrypts from the user through the Internet service provider to the cloud. Soghoian also warns consumers to pay more attention to the services they use and how they use information. He also notes advantages of paying instead of using free tools. "If you want a secure service, you have pay for it." 12:43 p.m.: On encryption, Snowden says it needs to be treated less like a "black art" and more as a "basic protection." "The bottom line is that encryption does work," he adds. 12:41 p.m.: Snowden is asked whether the NSA's actions could prompt other countries to follow suit. He says it's one of the primary problems with the NSA's activity. Snowden says "if we allow the NSA to continue unrestrained, the international community will accept that as the green light" to institute similar practices. 12:38 p.m.: Snowden is asked why it's less bad for big corporations to have access to user data instead of the government. "The government has the ability to deprive you of rights," he says, noting companies can monitor data to sell products or sell information to other companies, which can be bad, but users have legal options. 12:36 p.m.: Soghoian reacting to the people that think what Snowden did was wrong: "His disclosures have improved Internet security." 12:32 p.m.: Tim Berners-Lee, the man who created the Internet, asks the first question via email, starting off by thanking Snowden for his work. He asks if he could install an accountability system, what would he do? "The key factor is accountability," says Snowden, adding that creating an oversight system is complex, and the U.S. is off to a good start, but the problem is "overseers aren't interested in oversight." He also calls out Director of National Intelligence James Clapper for lying to Congress on NSA surveillance. "We need a watchdog that watches Congress," he says. 12:26 p.m.: Snowden talks about whether mass surveillance efforts have worked so far. "They're not." He points to the Boston bombing as an example. "We're monitoring everyone's communications instead of suspects' communications." 12:23 p.m.: Snowden calls out former NSA directors Keith Alexander and Michael Hayden for harming national security, adding the U.S. needs to act more defensively on security. "It's very interesting to see officials like Keith Alexander talk about damage that's been done." 12:20 p.m.: Snowden says he's not against big businesses such as Facebook and Google collecting data, so long as they do it responsibly. "It's not that you can't collect any data," says Snowden. "You should only collect the data and hold it as long as neccessary for the nature of the business." 12:17 p.m.: Snowden says the key to having more secure communications tool is to integrate security measures that work by default. "It has to be out there. It has to happen automatically. It has to happen seamlessly." 12:14 p.m.: Sogohian talks about better end-to-end encryption, and says a lot of tools are "not very polished." He also says many of the larger companies who make communications tools aren't as secure. "Rational people choose the insecure tools ... because they are easy for people to figure out." 12:11 p.m.: On making mass surveillance more difficult, better end-to-end encryption is key, says Snowden. How can we enforce those protections in a simple, cheap and effective way for users," he says. 12:10 p.m.: Snowden says one of the key problems with mass surveillance is not only about how communications are collected but "how do you interpret them, how do you understand them." 12:09 p.m.: Snowden says governments have created an adversarial Internet, and the way to fix this is with response through new policies and better technology. Snowden says the development community "can really crack those solutions and make sure we're safe." "They're setting fire to the global internet, and you guys in the room are the global firefighters," adds Snowden. 12:02 p.m.: Ben Wizner, Snowden's legal counsel, and ACLU's Chris Sogohian are on stage to introduce Snowden, who appear via videoconference with an image of the U.S. Constitution in the background. 11:50 a.m.: For readers not in Austin for SXSW, Snowden's chat is also available via livestream. Update at 11:38 a.m. ET: We're about 25 minutes away from the start of Snowden's chat and lines are already forming. But, according to USA TODAY's Jon Swartz, reporting from SXSW, lines for a competing chat with Girls star Lena Dunham are 10 times longer than the the line for Snowden's talk. ORIGINAL STORY Snowden, whose disclosures of secret documents detailed NSA surveillance tactics, will chat about how the tech industry has been impacted and what can be done to protect citizens. Snowden will join the conference via video call from Russia, where he has sought asylum. At the open of the SXSW festival, Rep. Mike Pompeo, R-Ks., urged organizers to cancel the talk. "Rewarding Mr. Snowden's behavior in this way encourages the very lawlessness he exhibited," said Pompeo in a letter to SXSW organizers. USA TODAY will attend the session at SXSW, and will post live updates starting at 12 p.m. ET. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 10 20:59:25 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 10 Mar 2014 21:59:25 -0400 Subject: [Infowarrior] - NSA Phone-Record Destruction Halt Won by Privacy Group Message-ID: <3BA694F6-50BC-4A29-93DB-95F8D764DD86@infowarrior.org> NSA Phone-Record Destruction Halt Won by Privacy Group By Karen Gullo - Mar 10, 2014 http://www.bloomberg.com/news/print/2014-03-10/nsa-phone-record-destruction-halt-sought-by-privacy-group.html The National Security Agency was blocked by a judge from carrying out plans tomorrow to begin destroying phone records collected for surveillance after a privacy group argued they are relevant to lawsuits claiming the practice is unconstitutional. U.S. District Judge Jeffrey White in San Francisco ordered the agency today to retain the records and scheduled a hearing for March 19 on whether they can be destroyed. The NSA had planned to dispose of the records following a March 7 ruling by the U.S. Foreign Intelligence Surveillance Court in Washington. The Electronic Frontier Foundation, an Internet privacy and civil liberties group based in San Francisco, asked White for a temporary restraining order today, saying the records may be used as evidence in its lawsuits challenging NSA surveillance and are covered under preservation orders in those cases. NSA is prohibited from destroying ?any telephone metadata or ?call detail? records,? White said today. The surveillance court, in its ruling, barred the NSA from keeping the records for more than five years because the privacy rights of the people whose phone data was swept up in the agency?s database trump the need for the information in litigation. The retention of phone records has emerged as one of the most contentious issues for the government stemming from the documents leaked by former security contractor Edward Snowden. Civil liberties groups argue that such data collection violates privacy rights. Government officials say the information is needed to combat terrorism. NSA Program The records collected under an NSA program consist of ?metadata? including the numbers used to make and receive calls and their duration. They don?t include information about the content of the communications, or the names, addresses or financial information of parties, according to government filings. EFF challenged the NSA telephone surveillance in a complaint filed in July alleging that it illegally erodes the free-speech rights of religious, environmental and human-rights groups. The records are also relevant to a pending 2008 case challenging NSA surveillance, and the NSA was on notice in both cases that it should preserve evidence, Cindy Cohn, legal director at EFF, said in a filing today. Last week?s ruling by the surveillance court was in response to a government bid to waive the requirement that the records be destroyed after five years because they might prove relevant to such lawsuits. The U.S. request to hold the records indefinitely ?would further infringe on the privacy interest of the United States persons whose telephone records were acquired in vast numbers and retained by the government for five years to aid in national security investigations,? wrote U.S. District Judge Reggie Walton, who is the presiding judge of the surveillance court. ?Mistaken Belief? The March 7 FISC ruling was ?based on a mistaken belief that no preservation order existed for the material,? Cohn said. ?If the government proceeds with its planned destruction of evidence, the evidence will be gone,? Cohn said. ?This is by definition irreparable.? The EFF case is First Unitarian Church of Los Angeles v. National Security Agency, 13-cv-03287, U.S. District Court, Northern District of California (San Francisco). The FISC case is In Re Application of the Federal Bureau of Investigation for an Order Requiring the Production of Tangible Things, BR 14-01, U.S. Foreign Intelligence Surveillance Court, District of Columbia (Washington). --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 11 07:29:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Mar 2014 08:29:18 -0400 Subject: [Infowarrior] - RNC building database of O-Care's canceled policyholders Message-ID: <5F4593F8-B275-425B-967C-5B75C766FD8A@infowarrior.org> March 10, 2014, 03:38 pm RNC building database of O-Care's canceled policyholders By Jonathan Easley http://thehill.com/blogs/healthwatch/health-reform-implementation/200363-rnc-building-database-of-voters-who-had The Republican National Committee (RNC) is building a database with the names of those who received insurance cancellation notices under ObamaCare, with the hope of capturing voters who believe they?ve been negatively affected by the healthcare law. An RNC spokesman wouldn?t provide any further details on the initiative for fear of giving away the strategy, but confirmed what Chairman Reince Priebus first told The Washington Examiner over the weekend. ?Getting that information [on plan cancellations] and having good data as to who votes, who doesn't vote, voter registration, party affiliation, consumer characteristics, cross-referenced with that kind of information, I think, is important for us to have,? Priebus said. Priebus also told The Examiner that the RNC was bringing in ?top engineers? from social media giants like Facebook, LinkedIn and Yahoo to work on the project. Republicans are seeking to keep Democrats on the run from ObamaCare as the 2014 midterm election cycle heats up, and drawing attention to the president?s broken promise that 'If you like your healthcare plan you can keep it' has been a primary focus of those efforts. By some estimates, insurers sent out 5 million notices to consumers in the last year that their policies would be discontinued. Many of those didn?t meet the minimum coverage requirements under the Affordable Care Act. Still, the politics of the cancellation notices is more complex than it appears. A great deal of those cancellations went out with notices that the consumers didn?t need to take action and would automatically be enrolled in a similar plan. And not everyone who received a cancellation notice liked the policy they had previously, while still others may find that they like their new ones better. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 11 11:14:21 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Mar 2014 12:14:21 -0400 Subject: [Infowarrior] - DiFi whines against 'illegal' search of Senate computers Message-ID: But, but, but .... weren't you and other surveillance apologists on the Hill thumping your chests about how covert domestic surveillance was a GOOD thing? Funny how things change when the shoe's on the other foot, eh? That irony is not lost on us. --rick Feinstein: CIA searched Intelligence Committee computers The head of the Senate Intelligence Committee on Tuesday sharply accused the CIA of violating federal law and undermining the constitutional principle of congressional oversight as she detailed publicly for the first time how the agency secretly removed documents from computers used by her panel to investigate a controversial interrogation program. < - > http://www.washingtonpost.com/world/national-security/feinstein-cia-searched-intelligence-committee-computers/2014/03/11/982cbc2c-a923-11e3-8599-ce7295b6851c_story.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 11 14:36:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Mar 2014 15:36:14 -0400 Subject: [Infowarrior] - Snowden accuses DiFi of hypocrisy Message-ID: <4C2A6B86-2D12-4344-AAE5-93233EE8FFCB@infowarrior.org> Snowden accuses Senate intelligence chair of hypocrisy over CIA disclosures NSA whistleblower accuses Dianne Feinstein of double standards, pointing out her lack of concern about widespread surveillance of ordinary citizens ? Paul Lewis in Washington ? theguardian.com, Tuesday 11 March 2014 13.50 EDT http://www.theguardian.com/world/2014/mar/11/edward-snowden-dianne-feinstein-hypocrisy-nsa-cia The whistleblower Edward Snowden accused the chair of the Senate Intelligence Committee of double standards on Tuesday, pointing out that her outrage at evidence her staff were spied on by the CIA was not matched by concern about widespread surveillance of ordinary citizens. Snowden, the former contractor whose disclosures to journalists revealed widespread surveillance by the National Security Agency, was responding to an explosive statement by Senator Dianne Feinstein about the CIA?s attempts to undermine a congressional investigation into interrogation and detention. In a surprisingly combative statement on the Senate floor on Tuesday, Feinstein, who has been widely criticised by privacy experts for failing to hold the NSA to account, accused the CIA of conducting potentially unconstitutional and criminal searches on computers used by her staff. The remarks put the Democratic senator on a collision course with the CIA?s director, John Brennan, who strongly denied ?hacking? the committee?s computers. Feinstein described the controversy as ?a defining moment for the oversight of our intelligence community?. In a statement to NBC News, Snowden said: ?It?s clear the CIA was trying to play ?keep away? with documents relevant to an investigation by their overseers in Congress, and that?s a serious constitutional concern.? Snowden, who is in Russia on temporary asylum, added: ?But it?s equally if not more concerning that we?re seeing another ?Merkel effect,? where an elected official does not care at all that the rights of millions of ordinary citizens are violated by our spies, but suddenly it?s a scandal when a politician finds out the same thing happens to them.? Snowden?s comment referred to the German chancellor Angela Merkel, who was outraged to discover her phone calls has been monitored by the NSA. Germany has raised concerns over wider surveillance programs, but critics argue that Merkel should have gone further in condemning the NSA?s dragnet monitoring of European phone and internet communications. Feinstein, who said she was making her statement ?reluctantly?, confirmed recent reports that CIA officials had monitored computer networks used by Senate staff investigators. Going further than previously, she referred openly to recent attempts by the CIA to remove documents from the network detailing evidence of torture that would incriminate intelligence officers. She also alleged that anonymous CIA officials were effectively conducting a smear campaign in the media to discredit and ?intimidate? Senate staff by suggesting they had hacked into the agency?s computers to obtain a separate, critical internal report on the detention and interrogation program. Feinstein?s dramatic speech on the Senate floor will reignite the debate over the adequacy of congressional oversight of the intelligence community, which was first sparked by Snowden?s NSA disclosures. Documents revealed by Snowden revealed the committee had been misled in public hearings by senior intelligence officials. ?How Congress responds [to the CIA controversy] and how this is resolved will show whether the Intelligence Committee can be effective in monitoring and investigating our nation?s intelligence activities, or whether our work can be thwarted by those we oversee,? Feinstein said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 11 19:40:45 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Mar 2014 20:40:45 -0400 Subject: [Infowarrior] - =?windows-1252?q?How_a_Court_Secretly_Evolved=2C_?= =?windows-1252?q?Extending_U=2ES=2E_Spies=92_Reach?= Message-ID: How a Court Secretly Evolved, Extending U.S. Spies? Reach By CHARLIE SAVAGE and LAURA POITRAS MARCH 11, 2014 WASHINGTON ? Ten months after the Sept. 11 attacks, the nation?s surveillance court delivered a ruling that intelligence officials consider a milestone in the secret history of American spying and privacy law. Called the ?Raw Take? order ? classified docket No. 02-431 ? it weakened restrictions on sharing private information about Americans, according to documents and interviews. The administration of President George W. Bush, intent on not overlooking clues about Al Qaeda, had sought the July 22, 2002, order. It is one of several still-classified rulings by the Foreign Intelligence Surveillance Court described in documents provided by Edward J. Snowden, the former National Security Agency contractor. Previously, with narrow exceptions, an intelligence agency was permitted to disseminate information gathered from court-approved wiretaps only after deleting irrelevant private details and masking the names of innocent Americans who came into contact with a terrorism suspect. The Raw Take order significantly changed that system, documents show, allowing counterterrorism analysts at the N.S.A., the F.B.I. and the C.I.A. to share unfiltered personal information. The leaked documents that refer to the rulings, including one called the ?Large Content FISA? order and several more recent expansions of powers on sharing information, add new details to the emerging public understanding of a secret body of law that the court has developed since 2001. The files help explain how the court evolved from its original task ? approving wiretap requests ? to engaging in complex analysis of the law to justify activities like the bulk collection of data about Americans? emails and phone calls. ?These latest disclosures are important,? said Steven Aftergood, the director of the Project on Government Secrecy at the Federation of American Scientists. ?They indicate how the contours of the law secretly changed, and they represent the transformation of the Foreign Intelligence Surveillance Court into an interpreter of law and not simply an adjudicator of surveillance applications.? The Raw Take order appears to have been the first substantial demonstration of the court?s willingness after Sept. 11 to reinterpret the law to expand government powers. N.S.A. officials included it as one of three court rulings on an internal timeline of key developments in surveillance law from 1972 to 2010, deeming it a historic event alongside once-secret 2004 and 2006 rulings on bulk email and call data. < - > http://www.nytimes.com/2014/03/12/us/how-a-courts-secret-evolution-extended-spies-reach.html?hp&_r=0 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 11 20:35:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 11 Mar 2014 21:35:33 -0400 Subject: [Infowarrior] - N.S.A. Nominee Promotes Cyberwar Units Message-ID: N.S.A. Nominee Promotes Cyberwar Units By DAVID E. SANGERMARCH 11, 2014 http://www.nytimes.com/2014/03/12/world/europe/nsa-nominee-reports-cyberattacks-on-ukraine-government.html?hp WASHINGTON ? All of the major combat commands in the United States military will soon have dedicated forces to conduct cyberattacks alongside their air, naval and ground capabilities, Vice Adm. Michael S. Rogers, President Obama?s nominee to run the National Security Agency, told the Senate on Tuesday. He said the activation of the long-discussed combat units would help counter the perception around the world that the United States is ?an easier mark? for cyberattacks because it did not ?have the will to respond.? Admiral Rogers?s comments, in written answers to the Senate Armed Services Committee, amounted to one of the most detailed public descriptions of how the United States is spending billions of dollars to develop an offensive military capability to use cyberweapons. The committee must approve his simultaneous appointment as the head of United States Cyber Command, a job he will hold in addition to overseeing the N.S.A. The retiring head of the Cyber Command, Gen. Keith B. Alexander, first announced the creation of offensive and defensive teams last year. During a two-hour appearance before the committee, Admiral Rogers also confirmed that the United States had seen evidence of cyberattacks on the new government in Ukraine, but declined to say whether the United States believed the Russian government was the source of the attacks, or how much damage was done. ?I believe we see it today in the Ukraine,? he said of the reports of malware, apparently written in the Moscow time zone, that have shown up in Ukrainian government systems. ?We?ve seen it in Syria, Georgia. It increasingly is becoming a norm.? ?Clearly, cyber will be an element of almost any crisis we?re going to see in the future,? he told the senators. At another point in the hearing, Admiral Rogers said he believed that both the United States and Defense Department systems were both still vulnerable to major attacks, and would be until ?a new architecture? was in place to defend them. Admiral Rogers, currently the head of the Navy?s Fleet Cyber Command, was cautious in what he said in the hearing about the future of the N.S.A.?s domestic surveillance activities, notably its collection of the metadata ? telephone numbers and durations of calls ? for virtually every call placed in the United States. He said he was only beginning to learn about their details since Mr. Obama tapped him for one of the most powerful job combinations in Washington: head of the country?s electronic surveillance and code-breaking operations, and commander of its growing corps of cyberwarriors. But he rebuffed suggestions that the N.S.A. could track down terrorism suspects without having the telephone call data available in some form. And he sounded hesitant about the possible effects of Mr. Obama?s initiative to put that information into the hands of a third party, expressing concern that it would slow the ability to track links among potential terrorism suspects. He said the trick was to ?query the data in a way that both protects the rights of the individual but also enables us to get answers in a quick, reasonable time period.? He promised that the N.S.A.?s programs would become ?more transparent,? and said he would ?assure a sense of accountability? for the agency?s activities. As usual for a public hearing involving the likely head of one of the nation?s most secretive intelligence agencies, the most intriguing answers often involved what Admiral Rogers left unsaid, or said he was willing to discuss in greater detail in a classified session. For example, when Senator John McCain, Republican of Arizona, talked about a recent attack on the Navy?s unclassified computer systems by Iran, Admiral Rogers acknowledged the attack ? and refused to say what country was behind it. ?It was a significant penetration,? he told the committee. But the attackers ?did not opt to engage in any destructive behaviors,? he said, suggesting that Iran?s main motive was espionage. While many had expected Admiral Rogers to be grilled about the N.S.A.?s surveillance programs, he was spared that in part because he was testifying alongside Gen. Paul J. Selva of the Air Force, whom Mr. Obama nominated to command the United States Transportation Command, which moves military equipment and personnel around the world. In scenes reminiscent of the portrayal of Congress in the Netflix series ?House of Cards,? senator after senator pressed General Selva to embrace, on the record, the importance of air bases in their home districts, ahead of a possible new round of base closings. Admiral Rogers, however, engaged a subject matter that rarely gets discussed in public: how to deter attacks on the United States. He said part of the answer was using ?the newest technology to identify our attackers before and during an attack ? not just after.? Without referring directly to a secret N.S.A. program to place ?implants? on computer networks around the world, so American officials could see attacks in the making, he said in his written answer that the United States could make it clear that it knows where attacks are coming from and is prepared to retaliate. ?This is within our capacity to fix,? he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 12 06:58:50 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Mar 2014 07:58:50 -0400 Subject: [Infowarrior] - If GCHQ wants to improve national security it must fix our technology Message-ID: <49EBEF5E-8C0D-49C9-B9BB-A5C39D6886F2@infowarrior.org> If GCHQ wants to improve national security it must fix our technology Our security is better served by protecting us against online threats than it is by giving cops and spies an easier time attacking ?bad guys? ? Cory Doctorow ? theguardian.com, Tuesday 11 March 2014 12.35 EDT http://www.theguardian.com/technology/2014/mar/11/gchq-national-security-technology In a recent column, security expert Bruce Schneier proposed breaking up the NSA ? handing its offensive capabilities work to US Cyber Command and its law enforcement work to the FBI, and terminating its programme of attacking internet security. In place of this, Schneier proposed that ?instead of working to deliberately weaken security for everyone, the NSA should work to improve security for everyone.? This is a profoundly good idea for reasons that may not be obvious at first blush. People who worry about security and freedom on the internet have long struggled with the problem of communicating the urgent stakes to the wider public. We speak in jargon that?s a jumble of mixed metaphors ? viruses, malware, trojans, zero days, exploits, vulnerabilities, RATs ? that are the striated fossil remains of successive efforts to come to grips with the issue. When we do manage to make people alarmed about the stakes, we have very little comfort to offer them, because Internet security isn?t something individuals can solve. I remember well the day this all hit home for me. It was nearly exactly a year ago, and I was out on tour with my novel Homeland, which tells the story of a group of young people who come into possession of a large trove of government leaks that detail a series of illegal programmes through which supposedly democratic governments spy on people by compromising their computers. I kicked the tour off at the gorgeous, daring Seattle Public Library main branch, in a hi-tech auditorium to an audience of 21st-century dwellers in one of the technology revolution?s hotspots, home of Microsoft and Starbucks (an unsung technology story ? the coffee chain is basically an IT shop that uses technology to manage and deploy coffee around the world). I explained the book?s premise, and then talked about how this stuff works in the real world. I laid out a parade of awfuls, including a demonstrated attack that hijacked implanted defibrillators from 10 metres? distance and caused them to compromise other defibrillators that came into range, implanting an instruction to deliver lethal shocks at a certain time in the future. I talked about Cassidy Wolf, the reigning Miss Teen USA, whose computer had been taken over by a ?sextortionist? who captured nude photos of her and then threatened to release them if she didn?t perform live sex shows for him. I talked about the future of self-driving cars, smart buildings, implanted hearing aids and robotic limbs, and explained that the world is made out of computers that we put our bodies into, and that we put inside our bodies. These computers are badly secured. What?s more, governments and their intelligence agencies are actively working to undermine the security of our computers and networks. This was before the Snowden revelations, but we already knew that governments were buying ?zero-day vulnerabilities? from security researchers. These are critical bugs that can be leveraged to compromise entire systems. Until recently, the normal response to the discovery of one of these ?vulns? was to report them to the vendor so they could be repaired. But spy-agencies and law-enforcement have created a bustling marketplace for ?zero-days,? which are weaponised for the purpose of attacking the computers and networks of ?bad guys?. The incentives have shifted, and now a newly discovered bug had a good chance of remaining unpatched and live in the field because governments wanted to be able to use it to hack their enemies. Scientists formulate theories that they attempt to prove through experiments that are reviewed by peers, who attempt to spot flaws in the reasoning and methodology. Scientific theories are in a state of continuous, tumultuous improvement as old ideas are overturned in part or whole, and replaced with new ones. Security is science on meth. There is a bedrock of security that is considered relatively stable ? the mathematics of scrambling and descrambling messages ? but everything above that bedrock has all the stability of a half-set custard. That is, the best way to use those stable, well-validated algorithms is mostly up for grabs, as the complex interplay of incompatible systems, human error, legacy systems, regulations, laziness, recklessness, naivete, adversarial cunning and perverse commercial incentives all jumble together in ways that open the American retailer Target to the loss of 100m credit card numbers, and the whole internet to GCHQ spying. As Schneier says: ?Anyone can design a security system that works so well that he can?t figure out how to break it.? That is to say, your best effort at security is, by definition, only secure against people who are at least as dumb as you are. Unless you happen to be the smartest person in the world, you need to subject your security system to the kind of scrutiny that scientists use to validate their theories, and be prepared to incrementally patch and refactor things as new errors are discovered and reported. Hence: ?Security is a process, not a product? ? another useful Schneierism. This is a distinction that sets security engineering apart from other engineering disciplines. Other kinds of engineers exist in a changing world, but security?s change is of a different sort altogether. For example, structural engineering is a field under continuous improvement, and tomorrow?s structural engineers will be able to apply better techniques to their work, but no one worries that someone will invent a way of making skyscrapers collapse tomorrow through application of an easily automated, low-cost technique. The difference is that security engineering is an adversarial discipline. A structural engineer must contend with the forces of entropy and gravity, of harsh winds and rising seas. But a security engineer must contend with enemy security engineers who labour every hour of every day to find flaws in her work and use those flaws to covertly undermine it. I think there?s a good case security engineering not being ?engineering? at all. Engineers try to erect and maintain infrastructure against threats that are indifferent to them. These threats may be powerful ? floods in the Philippines, earthquakes in Haiti ? but they aren?t deliberate. The world doesn?t have a will. It doesn?t care if the earth shakes or not. But security adversaries want to break security. They lack the relentless force of physics, but exert something totally nonphysical: cunning. Security as an exercise in public health If security isn?t engineering, what is it? I think there?s a good case to be made for security as an exercise in public health. It sounds weird at first, but the parallels are fascinating and deep and instructive. Last year, when I finished that talk in Seattle, a talk about all the ways that insecure computers put us all at risk, a woman in the audience put up her hand and said, ?Well, you?ve scared the hell out of me. Now what do I do? How do I make my computers secure?? And I had to answer: ?You can?t. No one of us can. I was a systems administrator 15 years ago. That means that I?m barely qualified to plug in a WiFi router today. I can?t make my devices secure and neither can you. Not when our governments are buying up information about flaws in our computers and weaponising them as part of their crime-fighting and anti-terrorism strategies. Not when it is illegal to tell people if there are flaws in their computers, where such a disclosure might compromise someone?s anti-copying strategy. But: If I had just stood here and spent an hour telling you about water-borne parasites; if I had told you about how inadequate water-treatment would put you and everyone you love at risk of horrifying illness and terrible, painful death; if I had explained that our very civilisation was at risk because the intelligence services were pursuing a strategy of keeping information about pathogens secret so they can weaponise them, knowing that no one is working on a cure; you would not ask me ?How can I purify the water coming out of my tap??? Because when it comes to public health, individual action only gets you so far. It doesn?t matter how good your water is, if your neighbour?s water gives him cholera, there?s a good chance you?ll get cholera, too. And even if you stay healthy, you?re not going to have a very good time of it when everyone else in your country is striken and has taken to their beds. If you discovered that your government was hoarding information about water-borne parasites instead of trying to eradicate them; if you discovered that they were more interested in weaponising typhus than they were in curing it, you would demand that your government treat your water-supply with the gravitas and seriousness that it is due. The public health analogy is suprisingly apt here. The public health threat-model is in a state of continuous flux, because our well-being is under continuous, deliberate attack from pathogens for whom we are, at best, host organisms, and at worst, dinner. Evolution drives these organisms to a continuously shifting array of tactics to slide past our defenses. Public health isn?t just about pathogens, either ? its thorniest problems are about human behaviour and social policy. HIV is a blood-borne disease, but disrupting its spread requires changes to our attitudes about sex, pharmaceutical patents, drugs policy and harm minimisation. Almost everything interesting about HIV is too big to fit on a microscope slide. And so it is for security: crypto is awesome maths, but it?s just maths. Security requires good password choice, good password management, good laws about compelled crypto disclosure, transparency into corporate security practices, and, of course, an end to the governmental practice of spending $250M/year on anti-security sabotage through the NSA/GCHQ programmes Bullrun and Edgehill. Everything involves the internet But for me, the most important parallel between public health and internet security is their significance to our societal wellbeing. Everything we do today involves the internet. Everything we do tomorrow will require the internet. If you live near a nuclear power plant, fly in airplanes, ride in cars or trains, have an implanted pacemaker, keep money in the bank, or carry a phone, your safety and well-being depend on a robust, evolving, practice of network security. This is the most alarming part of the Snowden revelations: not just that spies are spying on all of us ? that they are actively sabotaging all of our technical infrastructure to ensure that they can continue to spy on us. There is no way to weaken security in a way that makes it possible to spy on ?bad guys? without making all of us vulnerable to bad guys, too. The goal of national security is totally incompatible with the tactic of weakening the nation?s information security. ?Virus? has been a term of art in the security world for decades, and with good reason. It?s a term that resonates with people, even people with only a cursory grasp of technology. As we strive to make the public and our elected representatives understand what?s at stake, let?s expand that pathogen/epidemiology metaphor. We?d never allow MI5 to suppress information on curing typhus so they could attack terrorists by infecting them with it. We need to stop allowing the NSA and GCHQ to suppress information on fixing bugs in our computers, phones, cars, houses, planes, and bodies. If GCHQ wants to improve the national security of the United Kingdom ? if the NSA want to impove the American national security ? they should be fixing our technology, not breaking it. The technology of Britons and Americans is under continuous, deadly attack from criminals, from foreign spies, and from creeps. Our security is better served by armouring us against these threats than it is by undermining security so that cops and spies have an easier time attacking ?bad guys.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 12 06:59:34 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Mar 2014 07:59:34 -0400 Subject: [Infowarrior] - Mt.Gox Hacker Demands Ransom From Exchange Users To Not Reveal Their Personal Data Message-ID: <9D1DC32F-74FC-4D46-940C-0D675CD9ED1F@infowarrior.org> Mt.Gox Hacker Demands Ransom From Exchange Users To Not Reveal Their Personal Data http://www.zerohedge.com/news/2014-03-11/isnt-it-ironic-mtgox-hacker-demands-ransom-exchange-users-not-reveal-their-personal- --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 12 07:08:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Mar 2014 08:08:37 -0400 Subject: [Infowarrior] - DHS admits cooking the books on deportion numbers Message-ID: Deportations come mostly from border, DHS chief says The Washington Times Wednesday, March 12, 2014 Homeland Security Secretary Jeh Johnson acknowledged Tuesday that his department?s deportation numbers are now mostly made up of illegal immigrants caught at the border, not just those from the interior, which means they can?t be compared one-to-one with deportations under President Bush or other prior administrations. The administration has argued it is tougher on illegal immigration than previous presidents, and immigrant-rights groups have excoriated President Obama, calling him the ?deporter-in-chief? for having kicked out nearly 2 million immigrants during his five-year tenure. But Republican critics have argued those deportation numbers are artificially inflated because more than half of those being deported were new arrivals, caught at the border by the U.S. Border Patrol. Previous administrations primarily counted only those caught in the interior of the U.S. by U.S. Immigration and Customs Enforcement. ?Under the Obama administration, more than half of those removals that were attributed to ICE are actually a result of Border Patrol arrests that wouldn?t have been counted in prior administrations,? said Rep. John Culberson, Texas Republican. ?Correct,? Mr. Johnson confirmed. That would mean that in a one-to-one comparison with the final years of the Bush administration, deportations of those same people under Mr. Obama had actually fallen, according to immigration analysts who have studied the data. < - > http://www.washingtontimes.com/news/2014/mar/12/deportations-come-mostly-from-border-dhs-chief-say/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 12 11:59:51 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Mar 2014 12:59:51 -0400 Subject: [Infowarrior] - Ruppersberger proposes replacing NSA bulk data collection with phone company alerts Message-ID: Ruppersberger proposes replacing NSA bulk data collection with phone company alerts By Ellen Nakashima http://www.washingtonpost.com/world/national-security/ruppersberger-proposes-replacing-nsa-bulk-data-collection-with-phone-company-alerts/2014/03/12/da8d57d8-a9fb-11e3-9e82-8064fcd31b5b_print.html The ranking Democratic member of the House Intelligence Committee is proposing an end to bulk collection of citizens? phone data by the National Security Agency, to be replaced by a system that includes daily continuous alerting by the phone companies of numbers suspected of terrorist activity. The concept, which Rep. C.A. Dutch Ruppersberger (D-Md.) said he is still refining, would require court review of numbers that the phone companies are asked to search against. But it would not call for a requirement that companies hold data longer than they do now. ?We need to end the bulk collection by NSA, but also preserve the important capability that the NSA needs to keep our country safe,? said Ruppersberger, whose district includes the NSA?s Fort Meade headquarters. President Obama in January called for an end to the NSA?s gathering of Americans? phone records, a program that has generated much controversy since it was revealed last June through a document leaked to the press by former NSA contractor Edward Snowden. But Obama did not specify what should replace it. Instead, he gave the attorney general and director of national intelligence until March 28 to develop options. The program, in existence since shortly after the Sept. 11, 2001 terrorist attacks, collects data on phone calls, such as numbers dialed, but not content. Ruppersberger said he hopes his concept can form the basis for a compromise that Congress, the administration and privacy advocates can accept. He said he has consulted the White House, the NSA and other agencies. And he said he has been in ?serious? negotiations with his colleague, Rep. Mike Rogers (R-Mich.), the Intelligence Committee chairman. His goal is to craft bipartisan legislation soon, he said. He said the court review would be a key element, in an effort to ?safeguard American civil liberties.? However, the standard proposed would be looser than what some other lawmakers have proposed, which is that numbers searched must be ?relevant .?.?. to an authorized investigation? and ?pertain to an agent of a foreign power.? His concept would adopt the ?reasonable articulable suspicion? standard used today by the NSA before searching numbers. In January, Obama ordered that a surveillance court approve all numbers the NSA searches as meeting that standard. Last month, The Washington Post reported that the NSA was considering an option of having the phone companies search daily against a watchlist of suspect numbers. That is in line with his concept, Ruppersberger said. Details would have to be worked out, but, he said, the idea would be to send suspect numbers, which a court has deemed to meet the standard, to all phone companies. They would search daily against this list and send back to the NSA any numbers that hit up against the list. ?If you have a terrorist who?s active, you want to have a continuous listing? of numbers, Ruppersberger said. Or the NSA could send individual numbers to the phone companies, which would run them against their databases to see if any phone calls popped up, he said. In either case, court review would be required. Key to his proposal is the absence of a data retention mandate, he said. It is unnecessary, he said, and he opposes it. The phone companies have also expressed strong opposition to such a mandate, and generally lawmakers consider it a non-starter. In any case, Ruppersberger said, ?if you look at the majority of cases? in which the phone metadata has proven of some use, ?most of those occurred within 18 months? of the data being collected. Ruppersberger is planning to make a formal announcement Thursday. He is the first of the four congressional intelligence committee leaders to come out in opposition to bulk collection. Sens. Dianne Feinstein (D-Calif.) and Saxby Chambliss (R-Ga.), the chairman and vice chairman of the Senate Intelligence Committee, have sponsored legislation to retain NSA?s ability to collect the data. Some analysts say that what Ruppersberger appears to be proposing looks very similar to existing authority under the ?pen register? provision of the Foreign Intelligence Surveillance Act. That provision enables the government to order a phone company to send back in real-time ?dialing? information, such as phone numbers, if the government can show the information sought would be ?relevant to an ongoing investigation to protect against international terrorism? or espionage. Ironically, that pen register provision was used by a judge of the Foreign Intelligence Surveillance Court in 2004 to authorize bulk collection of Internet metadata. That program, the government says, was discontinued in 2011. ?So the natural way to solve this problem is not by creating a new authority, but by taking the existing authority designed for exactly this purpose, and narrowing it so it can?t be again used for bulk collection,? said Julian Sanchez, a fellow at the CATO Institute and surveillance expert. Ruppersberger?s proposal is ?definitely a step in the right direction,? said Alex Abdo, a staff attorney with the American Civil Liberties Union, which has brought a legal challenge to the NSA program?s constitutionality. But, he said, there are other issues, such as the scale of information returned with a request on what is ?a very low standard.? It is not known how many numbers are returned on a search of a single suspected terrorist number. Then-NSA Deputy Director John C. Inglis told National Public Radio in January that in 2012, agency analysts ?looked at? a total of 6,000 phone numbers. ? The Washington Post Company --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 12 12:03:05 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 12 Mar 2014 13:03:05 -0400 Subject: [Infowarrior] - =?windows-1252?q?How_the_NSA_Plans_to_Infect_=91M?= =?windows-1252?q?illions=92_of_Computers_with_Malware?= Message-ID: <7FEC7166-0E43-4679-B890-FAC93D24F1C5@infowarrior.org> How the NSA Plans to Infect ?Millions? of Computers with Malware https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 07:01:45 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 08:01:45 -0400 Subject: [Infowarrior] - Surveillance companies pushing zero-day exploits Message-ID: Exploiting privacy: Surveillance companies pushing zero-day exploits Matthew Rice on: 11-Mar-2014 https://www.privacyinternational.org/blog/exploiting-privacy-surveillance-companies-pushing-zero-day-exploits Private surveillance companies selling some of the most intrusive surveillance systems available today are in the business of purchasing security vulnerabilities of widely-used software, and bundling it together with their own intrusion products to provide their customers unprecedented access to a target?s computer and phone. It's been known for some time that governments, usually at a pricey sum, purchase such exploits, known as zero- and one-day exploits, from security researchers to use for surveillance and espionage. While the focus has been on governments directly purchasing these exploits, it is equally important to highlight private surveillance firms role in the market of exploit sales. In recent months, in the wake of new controls being agreed upon on the export of specific surveillance technologies, the debate around the sale and use of zero-day exploits has grown. Despite claims that new export controls have been introduced regulating the sale, zero-days remain uncontrolled. The terms zero- and one-day exploits refer to the amount of time that a technology company has known about vulnerabilities in their system that could be exploited for an attack. Zero-day exploits are holes within a program that the company is not aware of, meaning that the vulnerability can be taken advantage of for a long period of time without the company's knowledge. For instance, zero-day exploits have been observed to remain unnoticed and unpatched for up to 10 months. A one-day exploit refers to a company only having just been made aware of the hole but it remains unpatched. The sale of software flaws makes up a lucrative market, which can often land computer researchers prestige and money. When these vulnerabilities are identified, the knowledge traditionally has been sold to either the software company (in order to patch the hole) or governments (to better secure their systems, or exploit the hole as part of an attack). Security research is of course needed and legitimate, and strengthens the products we use every day. However, with this latest development around on how zero-days are being used, it is important to look at how the surveillance market is integrating them into their products. We will look at documents detailing publicly for the first time a surveillance company's marketing strategy of acquiring the vulnerabilities from researchers, to be solely used to deliver their own product onto a target's computer, and selling the portal and the malware as a package to governments. Surveillance companies and zero-day exploits In Gamma Group's brochure advertising its FinFly Exploit Portal we see the company offering governments "access to a large library of 0-day and 1-Day Exploits for popular software like Microsoft Office, Internet Explorer, Adobe Acrobat Reader and many more" solely for the use of deploying its own surveillance technologies. By using the FinFly Exploit Portal, governments can deliver sophisticated intrusion technology, such as FinSpy, onto a target's computer. While it's been previously advertised that Gamma use fake software updates from some of the world's leading technology companies to deliver FinSpy onto a target's computer, the exploit portal puts even more power in the hands of government by offering more choices for deployment. Astonishingly, FinFly Exploit Portal guarantees users four viable exploits for some of the most-used software products in the world, such as Microsoft's Internet Explorer and Adobe's Acrobat programme. The exploits Gamma sells takes advantage of vulnerabilities in internet browsers, file readers and other applications to deliver its product Finspy. Capitalising on the trust that users place in providers like Microsoft and Apple, malicious software delivered through the vulnerability could present itself as an update to iTunes, a .pdf file that could be of interest to you, or even a web page. All of this is a smokescreen, using the brands and services you identify with to lure you towards opening up your system. Similarly to Gamma, Italian surveillance company Hacking Team also appear to provide zero-day exploits. Their 'Remote Control System' displays a lot of the same characteristics of Gamma?s product range, including intrusion onto a device and the harvesting of information. According to documents in the Surveillance Industry Index, contributed by Omega Research, Hacking Team appear to offer a zero-day exploit library to help with the installation of the Remote Control System onto a person?s device. Hacking Team have previously been involved in the targeting of Moroccan activists and Ethiopian journalists, and have been used in Azerbaijan, Egypt, Ethiopia, Kazakhstan, Malaysia, Nigeria, Oman, Saudi Arabia, Sudan, Turkey and Uzbekistan, amongst others. VUPEN Surveillance companies aren't the only ones selling access zero-day exploits. VUPEN security, a French-based company, sells exploits that enable surveillance companies to break the security features of a device, and provides access to "undisclosed vulnerabilities discovered in-house by VUPEN security researchers". VUPEN works in a similar capacity to Gamma's Exploit Portal: money is paid to gain access to a secure portal where exploits are provided. VUPEN's database operates a user-friendly subscription service, just like the paywall behind LexisNexis and JSTOR. Except instead of news and academic articles, VUPEN provides vulnerabilities to some of the world's largest tech companies' products. On the third page of a marketing brochure, VUPEN offers access to its "Threat Protection Program" for major corporations to be notified of any vulnerabilities discovered in their system. On page two, VUPEN advertises its "Exploits for Law Enforcement Agencies", where those same vulnerabilities are sold to law enforcement and intelligence agencies for use in their work. Two different approaches, one goal: making money for VUPEN. In terms of whom VUPEN sells to, we have seen recently that the United States had purchased access to VUPEN?s exploit library. And there are some requirements to becoming a member to the exclusive VUPEN club: ? the customer must be an Intelligence or Law Enforcement Agency; ? they must sign a Non-Disclosure Agreement; and ? they must be a member of NATO, ANZUS or ASEAN. However, the policy doesn?t seem to hold much water, as Citizen Lab appeared to discover VUPEN exploits being used to target a prominent blogger in the United Arab Emirates, who don't meet VUPEN's own purchaser requirements. VUPEN were in Dubai last week for ISS World Middle East, a trade show for surveillance companies bringing them together with clients from across the Middle East. VUPEN's CEO gave a training seminar on "Zero-Day Exploits for IT intrusion (Computers & Mobiles)", teaching law enforcement agencies how their products can be used so that they can have access to computer and mobile devices. Exploitative Practices Exploits are supremely valuable to security researchers, law enforcement agencies, governments in general, and surveillance companies. They have completely legitimate purposes and the research related to their development, especially vulnerability research, should be encouraged. However, the possibility for abuse has lead to increasing calls for some kind of regulation into the industry that goes beyond mere self-regulation by the industry itself. These are difficult policy decisions; the factors and issues to be weighed are complex and challenging. It is indeed difficult to envisage a realistic form of regulation that can achieve the right balance. Privacy International firmly believes that export controls on exploits at the moment are not an appropriate response. Understanding the current exploit market is key to informing this debate. Knowing who the developers are, who the customers are, how they are traded, and how they are used, is critical. This famously secretive industry needs to be exposed - a lack of transparency is bad news in any commercial sector. If self-regulation is indeed the only appropriate response to this burgeoing industry, then this transparency becomes essential. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 07:03:51 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 08:03:51 -0400 Subject: [Infowarrior] - Twitter is the New CNN Message-ID: <8F2232D4-2EE3-492B-B800-24FF037EC598@infowarrior.org> Twitter is the New CNN ? Joshua M Brown ? March 12th, 2014 http://www.thereformedbroker.com/2014/03/12/twitter-is-the-new-cnn/ As Operation Desert Shield became Operation Desert Storm in 1991, the world tuned in to the action on CNN ? they turned the channel on and left it on until the war was won. It was the fledgling 24-hour news network?s big moment ? no one was yet convinced that all-day, non-stop news was a thing we needed ? and CNN really ran with the ball. For the next two decades, CNN was the go-to place anytime something big was going down around the world. Wars, natural disasters, the death of a celebrity, highlights from big sporting events, political elections, nationally followed murder trials and more. It became almost instinctual ? something?s happening, you turn on CNN. Twitter?s filled that role now, fairly completely. It?s faster than CNN plus it encompasses CNN journalists (as well as those of every other network around the world). It?s unedited but eventually gets things right. It?s going to have pictures and video first, plus eyewitness accounts that TV producers simply can?t unearth in time. Unlike CNN, Twitter also delivers instant reactions from our friends, from news professionals, from celebrities, from our favorite smartasses and, not to be outdone, from ourselves. You name the event ? Boston bombing, GOP debate, Olympic ceremonies, Grammys and Oscars, Super Bowl, starlet meltdown, high speed chase, a big athlete gets traded, a storm hits, a season finale shocks us, etc. Twitter is where we all go for the event. The surge in messaging happens and so does an uptick in engagement. The Twitter stream literally comes alive in real-time in a way that CNN?s screen never could. We may have the TV on in the background, but we?re all on our tablets and phones, scrolling Twitter, when the big thing happens. It?s up to Twitter to really get out there and make this case to advertisers. They own the big events and should be commanding the lion?s share of ads during them, not ceding that ground to the networks just because that?s traditionally what?s happened. Some of these events are planned well ahead of time (awards shows) and some are spontaneous (terror attacks, earthquakes). Media buyers need to keep this in mind and Twitter?s salespeople need to get this across without over-promising that every week will bring some kind of major moment like Sully landing a plane in the Hudson River or Rupert Murdoch taking a pie in the face. The spontaneous events that send us reaching for our Twitter streams cannot be foreseen ? but surely Twitter?s dominance of them now can be foreseen and it has to be worth a ton of money. As for CNN, I?m not sure how they can ever get their ownership of these moments back. Having anchors reading Twitter into the camera on a 15 minute delay probably isn?t going to do the trick. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 13:31:45 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 14:31:45 -0400 Subject: [Infowarrior] - America's $1 Trillion National Security Budget Message-ID: <3B61476A-1249-49FB-A558-18EBCFC958D9@infowarrior.org> America's $1 Trillion National Security Budget Winslow T. Wheeler http://www.pogo.org/our-work/straus-military-reform-project/defense-budget/2014/americas-one-trillion-national-security-budget.html The Pentagon's current leadership and most on the House and Senate Armed Services Committees in Congress describe President Obama's 2015 defense budget request as painfully austere, if not dangerously inadequate. The defense trade press is full of statements from generals, admirals and the other politicians from both political parties that there is not nearly enough money available to buy adequate amounts of new hardware, maintain current pay and benefits or provide even low amounts of training and equipment maintenance. As a result, they are looking for ways to relieve the Pentagon from its penury. Scarcity of money is not their problem. Pentagon costs, taken together with other known national security expenses for 2015, will exceed $1 Trillion. How can that be? The trade press is full of statements about the Pentagon's $495.6 billion budget and how low that is. There is much more than $495.6 billion in the budget for the Pentagon, and there are piles of national security spending outside the Pentagon-all of it as elemental for national security as any new aircraft and ships and the morale and well-being of our troops. The table below details what a careful observer will find in President Obama's 2015 budget presentation materials. The amounts for the Pentagon are well above the advertised $495.6 billion, and there are several non-Pentagon accounts that are clearly relevant. The relevant data for 2014 is also presented for comparison, and the notations in the "Comments" column help explain the data. < -- > To repeat, the problem is not scarcity of money. The problem is how it is being spent. We are getting very little defense--training, maintenance, hardware, and troops--for a gigantic amount of money. By virtue of how they characterize $1 trillion dollars as penury, our national security leaders in the Pentagon and Congress are clearly incapable of dealing with the problem. Our equipment is outrageously expensive and yet too much of it is a step backwards in effectiveness. Since the mid-1990s Congress has bulldozed money into across-the-board pay raises, double pensions for many military retirees, significantly increased benefits for the survivors of World War Two veterans and much else that has much more to do with placating constituencies than addressing 21st century security problems. In addition, the Pentagon's civilian and military leadership has bloated itself to historically unprecedented levels of overhead. Worse yet, none of them have even bothered to fundamentally understand the dimension of the problems because, under their tutelage, the Pentagon remains unaudited and un-auditable, which will remain the case even after it meets its decades overdue, and embarrassingly modest, financial management goals-which by the way, it will do no time soon. One more time: the problem is not scarcity of money. http://www.pogo.org/our-work/straus-military-reform-project/defense-budget/2014/americas-one-trillion-national-security-budget.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 13:38:08 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 14:38:08 -0400 Subject: [Infowarrior] - Hollywood's Piracy Fears Turn Potentially Useful Product Into A $4, 000 Brick Message-ID: "That's copyright protection for you. All the promise in the world negated by fearful Hollywood execs who see pirates hiding under every new technological advance." Hollywood's Piracy Fears Turn Potentially Useful Product Into A $4,000 Brick http://crooksandliars.com/2014/03/hollywoods-piracy-fears-turn-potentially --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 13:38:13 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 14:38:13 -0400 Subject: [Infowarrior] - =?windows-1252?q?U=2ES=2E_Military_Given_Secret_?= =?windows-1252?q?=93Execute_Order=94_on_Cyber_Operations?= Message-ID: <4B35E0B8-DC9C-411D-802E-D22AE1CC1061@infowarrior.org> U.S. Military Given Secret ?Execute Order? on Cyber Operations http://blogs.fas.org/secrecy/2014/03/execute-order/ Last June, the Chairman of the Joint Chiefs of Staff issued a classified ?execute order? to authorize and initiate a military operation. The nature, scope and duration of the military operation could not immediately be determined ? even the title of the order is classified ? but it evidently pertains to the conduct of military cyberspace activities. The existence of the previously undisclosed execute order was revealed last week in a new Air Force Instruction. ?Classified processes governing C2 [command and control] of AF [Air Force] offensive and defensive cyberspace operations conducted by AF Cyber Mission Forces are addressed in a classified CJCS [Chairman, Joint Chiefs of Staff] Execute Order (title classified) issued on 21 Jun 13,? said Air Force Instruction 10-1701, entitled ?Command and Control (C2) for Cyberspace Operations,? dated 5 March 2014. An execute order goes beyond planning or preparation for conflict, and represents the commencement of a military operation. The formal definition of an execute order (or EXORD) is ?an order issued by the Chairman of the Joint Chiefs of Staff, at the direction of the Secretary of Defense, to implement a decision by the President to initiate military operations,? according to the official Department of Defense Dictionary of Military and Associated Terms (JP 1-02). ?Execution begins when the President decides to use a military option to resolve a crisis,? according to Joint Publication 5-0 on Joint Operation Planning. ?Only the President or SecDef can authorize the CJCS to issue an execute order (EXORD). ?Execution continues until the operation is terminated or the mission is accomplished.? ?The CJCS-published EXORD defines the unnamed day on which operations commence or are scheduled to commence (D-day) and the specific time an operation begins (H-hour) and directs execution of the OPORD [operation order].? ?The CJCS?s EXORD is a record communication that authorizes execution of the COA [course of action] approved by the President or SecDef and detailed in the supported commander?s OPORD,? explained JP 5-0. In response to questions from the Senate Armed Services Committee, Vice Adm. Michael S. Rogers, the nominee for Commander, US Cyber Command (and Director, NSA), said that ?Geographic combatant commanders already have authority to direct and execute certain Defensive Cyberspace Operations (DCO) within their own networks.? Judging from the new Air Force Instruction, however, the June 2013 execute order extends to offensive cyberspace operations as well. All or most execute orders naturally start out as classified documents. But sooner or later, they are declassified. A March 2011 execute order for Libya Contingency Operations can be seen here. A January 1991 execute order for Operation Desert Storm, incongruously signed ?Warm Regards, Colin Powell,? is here. A rare reference to another currently classified execute order appeared in a paper published in Joint Force Quarterly (issue 69, April 2013, p. 53): ?In compliance with the guidelines outlined in the Global Response Force Execute Order, JCSE [Joint Communications Support Element] maintains an alert-postured force that can deploy and have its communications packages fully operational within hours of notification for an emerging requirement.? That execute order dates from September 2012, and is classified Secret. The Senate Armed Services Committee asked Adm. Rogers whether there was a need for greater transparency concerning ?the nature of cyber warfare, and the balance between offensive and defensive capabilities.? Adm. Rogers replied: ?I believe the recent disclosures of a large portion of our intelligence and military operational history may provide us with [an] opportunity to engage both the American public and our international partners in discussion of the balance of offense and defense, the nature of cyber warfare, norms of accepted and unacceptable behavior in cyberspace, and so forth.? ?As cyberspace matures as a warfighting domain, I believe our classification policies will also evolve to support growing domestic and international partnerships and relationships,? Adm. Rogers wrote. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 13:38:17 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 14:38:17 -0400 Subject: [Infowarrior] - =?windows-1252?q?Foreign_Officials_In_the_Dark_Ab?= =?windows-1252?q?out_Their_Own_Spy_Agencies=92_Cooperation_with_NSA?= Message-ID: <0B5774E7-6326-4250-9DFB-F0438C9C9035@infowarrior.org> Foreign Officials In the Dark About Their Own Spy Agencies? Cooperation with NSA https://firstlook.org/theintercept/article/2014/03/13/nsa-elected-officials-foreign-countries-unaware-countries-cooperation-us/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 13:39:50 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 14:39:50 -0400 Subject: [Infowarrior] - Rep Rogers again says IC oversight is just great Message-ID: Rep. Rogers Insists CIA Oversight Is Great... Just As We Learn CIA Hid Thousands Of Documents From Congress http://www.techdirt.com/articles/20140313/07235426560/rep-rogers-insists-cia-oversight-is-great-just-as-we-learn-cia-hid-thousands-documents-congress.shtml Since the Senate spying scandal story came out last week, and then went into overdrive this week with Dianne Feinstein's public statement on the details, her counterpart in the House, Rep. Mike Rogers (a staunch defender of the intelligence community) had remained mostly quiet. He finally did an interview in which he actually admits that if the CIA broke the law, "that would be a pretty horrific situation and would destroy that legislative-CIA relationship." Relationship? Then there's this nugget, where he suggests that the CIA isn't out of control and Congressional oversight is working great: "We shouldn't taint the whole agency. The agency is well-overseen, lots of oversight, and they're doing some really incredible work to protect the United States of America." Well-overseen? Lots of oversight? Right. So, soon after he does this interview, McClatchy releases a story about how the CIA (with support from the White House) has been withholding thousands of documents from the Senate Intelligence Committee who is investigating the CIA's torture program. This is in relation to the report that created this scandal, the supposedly scathing report that condemns the CIA for going even further in torturing people than previously reported and revealing that the torture produced no useful intelligence. And that's without knowing what's in these other documents. < -- > http://www.techdirt.com/articles/20140313/07235426560/rep-rogers-insists-cia-oversight-is-great-just-as-we-learn-cia-hid-thousands-documents-congress.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 13 20:31:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 13 Mar 2014 21:31:41 -0400 Subject: [Infowarrior] - OT: Friday funnies, a day early Message-ID: <74E0B5A2-F8CC-4D1C-8328-99E72A063C34@infowarrior.org> Yes, I am a Josh Brown fan. And agree w/many of his observations/comments on the markets, investing, and life. Not to mention his sense of snark..... Why did the stock market sell off today? ? Joshua M Brown ? March 13th, 2014 http://www.thereformedbroker.com/2014/03/13/why-did-the-stock-market-sell-off-today/ Wall Street Journal: Tensions in Ukraine and the Crimean peninsula Yahoo Finance: Russians Fox Business: Obamacare CNBC: It didn?t sell off at all, it was actually a reverse rally Forbes: Taxes are too high Huffington Post: Taxes are too low Fox News: Gay marriage Motley Fool: Sign up here to find out! Bloomberg TV: The opposite of whatever CNBC said. Quartz: Chinese shadow-banks FT Alphaville: Chinese derivatives Washington Times: Fallout from explosive Benghazi revelations StockTwits: Here?s a chart USA Today: Let?s take a poll DealBook: lack of M&A Zero Hedge: Better question, why would it have gone up? MSNBC: I?m not sure I?m comfortable with the term ?stock market? per se? Business Insider: Ten reasons, actually (view as single page?) Financial Times: Please take a moment to register and accept cookies MarketWatch: 1929 The Reformed Broker: More sellers than buyers Buzzfeed Business: It?s like that time on Party of Five when Charlie was giving Julia the silent treatment? Reuters: HFT Barron?s: Valuations got ahead of themselves Investors Business Daily: drop in momentum. And record deficits. History Channel: Ancient Aliens --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 14 14:35:12 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Mar 2014 15:35:12 -0400 Subject: [Infowarrior] - Sen. Rockefeller Wants ICANN To Block '.Sucks' TLDs Message-ID: <2BFA8E3A-B1B9-4AC6-9497-C0299A93ABC6@infowarrior.org> (I think they forgot to put the word 'clueless' in front of 'legislator'. --rick) Sen. Rockefeller Wants ICANN To Block '.Sucks' TLDs from the a-sanitized-internet...-for-the-corporations dept Another legislator has weighed in on governing the internet. This time, it's not so much for "the children" as it is for the poor, oppressed corporations of the world. < -- > http://www.techdirt.com/articles/20140312/15033126557/sen-rockefeller-wants-icann-to-block-sucks-tlds.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 14 18:03:56 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Mar 2014 19:03:56 -0400 Subject: [Infowarrior] - US to relinquish Internet control Message-ID: <3C47E5CA-A029-4D5F-9286-DE47FAC7CF8E@infowarrior.org> (c/o JH) US to relinquish Internet control By Kate Tummarello http://thehill.com/blogs/hillicon-valley/technology/200889-us-to-relinquish-internet-control The U.S. government on Friday announced it is taking steps to relinquish control over the backbone of the Internet. The Department of Commerce announced it is beginning a process to transfer control over the technical system that operates the Internet's domain name system, which ensures that Internet users can get to the websites they're looking for. Currently, the National Telecommunications and Information Administration -- an agency with Commerce -- oversees that technical system, named the Internet Assigned Numbers Authority (IANA). Historically, it has contracted the operation of IANA out to the Internet Corporation for Assigned Names and Number (ICANN) on a biennial basis. The current contract is set to expire in September of 2015. ICANN -- which contains an advisory board comprised of government representatives -- also manages the system for naming domains, ensuring that each web address is registered to only one person. "NTIA is asking ICANN to convene global stakeholders to develop a proposal to transition the current role played by NTIA," NTIA Administrator Larry Strickling said during a press call Friday. Strickling said any proposal "must have broad community support" and must be based on a multistakeholder approach to Internet governance. "It must maintain the openness of the Internet," he said. "We will not accept a proposal ...with a government led or an intergovermental solution." According to an NTIA official, the U.S. agency will continue overseeing IANA until the contract expires in 2015. At that point, the agency hopes to be able to transfer stewardship, the official said. Some lawmakers and members of the tech industry have expressed concern that relinquishing control of IANA will open up the Internet to threats from other governments that seek to censor it. While the U.S. can participate in the domain name system through ICANN's Government Advisory Council, its oversight role of IANA was the only direct link between the U.S. government and the critical Internet infrastructure. Critics of ICANN have said that increased globalization of the domain name system could decrease the influence of the U.S. as one of the most vocal proponents of Internet freedom. Fadi Chehade, the CEO of ICANN, said during the call that his organization will bring stakeholders together to discuss a transition process for IANA during ICANN's upcoming meeting in Singapore later this month. "All stakeholders deserve a voice in the management and government of this global resource as equal partners," he said. "We thank the U.S. government for its stewardship, for its guidance, over the years, and we thank them today for trusting the global community to replace their stewardship." An NTIA official denied that the agency's move was in reaction to revelations about U.S. government surveillance programs over the last year which have sparked international criticism of America's role in Internet governance. Chehade and Strickling both pointed to the original plans for IANA. "The U.S. government and Internet stakeholders envisioned that the U.S. role in the IANA functions would be temporary," Strickling said. In a statement, Verizon applauded the Commerce agency's move to relinquish control over the technical system. "A successful transition in the stewardship of these important functions to the global multi-stakeholder community would be a timely and positive step in the evolution of Internet governance," Craig Silliman, senior vice president of public policy, said. "Given the importance of the IANA functions to the stability and correct functioning of the Internet, it will be essential that a plan that preserves the security, stability, and seamless nature of the Internet be developed through a comprehensive multi-stakeholder process prior to the transition." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 14 18:18:45 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Mar 2014 19:18:45 -0400 Subject: [Infowarrior] - ICANN statement on Internet governance transition Message-ID: <163E457D-3BE7-4A04-99E6-465599EFB2A1@infowarrior.org> Administrator of Domain Name System Launches Global Multistakeholder Accountability Process Press Briefing Scheduled with Board Chair and CEO 14 March 2014 http://www.icann.org/en/news/press/releases/release-14mar14-en Los Angeles, California? The Internet Corporation for Assigned Names and Numbers (ICANN) today launched a process to transition the role of the United States Government relating to the Internet's unique identifiers system. ICANN's announcement comes on the heels of an historic announcement today by the U.S. Government stating that it is ready to transfer its stewardship of the important Internet technical functions to the global Internet community. The U.S. Government's current responsibilities to be transitioned include the procedural role of administering changes to the Domain Name System's (DNS) to the authoritative root zone file - the database containing the lists of names and addresses of all top-level domains ? as well as serving as the historic steward of the unique identifiers registries for Domain names, IP addresses, and protocol parameters. In doing so, the U.S. recognized ICANN's maturation in becoming an effective multistakeholder organization and requested that ICANN convene the global community to develop the transition process from of the U.S. stewardship to a global community consensus-driven mechanism. "We are inviting governments, the private sector, civil society, and other Internet organizations from the whole world to join us in developing this transition process," said Fadi Chehad?, ICANN's President and CEO. "All stakeholders deserve a voice in the management and governance of this global resource as equal partners." Independent of the U.S. transition, the roles of the Internet technical organizations, including ICANN's role as administrator of the Internet's unique identifier system, remain unchanged. The Internet's Unique Identifier functions are not apparent to most Internet users, but they play a critical role in maintaining a single, global, unified and interoperable Internet. "Even though ICANN will continue to perform these vital technical functions, the U.S. has long envisioned the day when stewardship over them would be transitioned to the global community," said Dr. Stephen D. Crocker, ICANN's Board Chair. "In other words, we have all long known the destination. Now it is up to our global stakeholder community to determine the best route to get us there." "The global multistakeholder process is defined by inclusion, and it will take some time to make sure that we obtain all of the necessary inputs," said Chehad?. "By the time the current contract with the U.S. Government expires in September 2015, we will have a defined and clear process for global multistakeholder stewardship of ICANN's performance of these technical functions." The first community-wide dialogue about the development of the transitional process will begin March 23-27 during ICANN's 49th Public Meeting, in Singapore. All global stakeholders are welcome to participate in person or remotely. ## To see more about the IANA Functions survey go here: http://www.icann.org/en/news/press/releases/release-15jan14-en Press Briefing Note: Because of the historic nature of this announcement, ICANN Board Chair Dr. Stephen D. Crocker and ICANN CEO Fadi Chehad? will make themselves available to answer journalists' questions during a 1-hour press briefing. Details are: Date/Time: Friday, 14 March 2014 at 11PM UTC / 7PM U.S. EDT Telephone Access Numbers: International access numbers may be obtained here - www.adigo.com/icann. Once you have reached the conferencing center, dial 25594#. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 14 19:22:16 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Mar 2014 20:22:16 -0400 Subject: [Infowarrior] - Cyber Command headed toward unified command status Message-ID: <86EE3454-5389-40B1-974E-356BE51B8FC1@infowarrior.org> Cyber Command headed toward unified command status Friday - 3/14/2014, 4:00am EDT By Jared Serbu http://www.federalnewsradio.com/398/3581197/CYBERCOM-goes-to-unified-command-status Four years after its inception, the time has come to elevate U.S. Cyber Command to the status of a full unified combatant command, its outgoing chief said Wednesday. Gen. Keith Alexander, the commander of Cyber Command and the director of the National Security Agency, said the growth of CYBERCOM since 2010, including the development of its cyber mission teams, shows it has now reached a level of maturity that he called a "tipping point." Alexander, who has led the command since its inception and will retire within the next few months, said it's likely that within the next year, DoD will extract CYBERCOM from its parent command, U.S. Strategic Command, and turn it into a unified command all its own. "Why a unified command? Command and control, directly from the President and the Secretary [of Defense], directly to that commander," Alexander told the House Armed Services Committee. "In cyberspace, that speed is going to be absolutely important. And I think as we add more teams and more complexity, STRATCOM's ability to actually play in this will continue to go down." Obama nominated Adm. Mike Rogers, the Navy's commander of the U.S. Fleet Cyber Command, to replace Alexander. Rogers testified before the Senate Armed Services Committee Tuesday for his nomination hearing. Turning CYBERCOM into the nation's 10th combatant command always has been one option as the White House and DoD considered the longer-term vision for the organization. But when it was first created as a sub-unified command of STRATCOM four years ago, Defense leaders wanted to take a slower start while they decided on a permanent structure. The options included making it into a more traditional combatant command organized in a similar fashion to Strategic Command itself, or giving it specialized authorities, similar to those held by Special Operations Command. "We believe that the SOCOM model is where you need to go," Alexander said. "That gives us the training and some of the acquisition authorities ,specifically over the cyber lane. So it's SOCOM- like." Not a favored approach yet Another option the department had been considering over the past several years was to place all of the military's cyber forces in a separate, newly-created military service, based on the military's understanding that cyber is its own domain of warfare in the modern era. But Alexander said a new cyber service is not DoD's favored approach at the moment. "I think for at least the next several years, we need to have an integrated cyber capability that goes into the services," he said. "I think that in places like Iraq, if we were to embed cyber capabilities at the brigade level, which we will need to do, you need to have service participation in that, not a separate service with external people coming in, but an embedded, organic capability to that brigade itself. But they need to be trained to a standard. So it's analogous to the way the cryptologic system works. We have cryptologists who go down to brigades who are trained to a certain level. We have them in the air and we have them at sea. All of them are trained together, and they act as one system, but they have them by service. So I think the next correct step would be go to a unified cause and then see if it makes sense to take the step beyond that. And I think that kind of a deliberate approach makes sure we don't go too far and then have to collapse back." Alexander said the military services and Cyber Command are making steady progress toward building the cyber mission teams it announced that it planned to stand up two years ago. DoD intends to have 133 teams up and running by 2016, some with responsibilities for defending DoD's own networks, some tasked with protecting the nation's critical infrastructure, and some attached to DoD's global combatant commands with responsibilities for offensive operations. "One of the good parts about Cyber Command being at NSA is that the training of our forces is going extremely well. We've trained almost 900 people. We have 900 more, roughly, in training right now. By the end of this year, that means we'll have 1,800 trained and ready personnel and teams that cover everything from our cyber protection teams all the way up to the national mission force," Alexander said. "And those personnel from across all the services are being trained to the same standards we set at NSA. And it's the same for the Guard and the Reserve.? Personnel oversight too stratified At the same time, there are challenges with regard to building and retaining the non-uniformed cyber workforce at NSA and CYBERCOM, including not only pay disparities with the private sector, but also a discordant group of personnel systems within government. Alexander said that while 85 percent of the civilians in the two organizations he directs fall under the Consolidated Cryptologic Program, another 12 percent fall under the Information Systems Security Program, and a handful of others are governed by other hiring and personnel authorities managed by the Air Force and the Military Intelligence Program. "What this means is that when personnel actions come, you deal with four different folks," he said. "For promotions and for raises and for everything, you're working through four different programs, so you don't have an equal setting and an equal footing. This really came through on the furloughs. It was a big issue because 85 percent of the force was in, the rest were out. Nobody wants to then go over to one of those other billets because they feel like they'd be at risk. That's not a way to set up a team, so I think we need to fix that." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 15 18:29:40 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 15 Mar 2014 19:29:40 -0400 Subject: [Infowarrior] - Anonymous Twitter account dishes dark secrets about New Media Message-ID: <9D7925AB-C801-41FE-90A5-872E923B8ADD@infowarrior.org> Anonymous Twitter account dishes dark secrets about New Media By Miles Klee on March 14, 2014 Email There is, of course, no way of knowing that the gossip in the bitter Twitter feed of @ExMediaMan is accurate. There is no way of knowing if this man really exists and/or really worked for these organizations. But in the 14 hours since he began posting incendiary comments about today?s biggest viral news sites, his anger and disgust have seemed quite genuine. Forget Whisper and Secret. This dude, whose r?sum? apparently encompasses Gawker, BuzzFeed, The Atlantic, Huffington Post, and Daily Mail Online, has enough dirt to bury the entire Internet, and it?s not going to fit on some dinky postcard image. After 10 years in the industry, he?s ?had enough,? his bio states. Hence this slew of bracing Real Talk?: < ? > http://www.dailydot.com/lol/anonymous-twitter-exmediaman-gawker-buzzfeed-secrets/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 15 19:35:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 15 Mar 2014 20:35:15 -0400 Subject: [Infowarrior] - Internet transition triggers GOP backlash Message-ID: <911F114B-58EA-42B3-84F8-E0CF77267633@infowarrior.org> Internet transition triggers GOP backlash By: Jessica Meyers and Erin Mershon March 15, 2014 05:09 PM EDT http://dyn.politico.com/printstory.cfm?uuid=E20B422C-F096-455E-83F2-49B6FF91AEF9 The Obama administration?s decision to relinquish oversight over the group that manages the Internet?s architecture has raised an early red flag with Republicans, who blast the move as a threat to free speech. The Internet Corporation for Assigned Names and Numbers has managed the Web?s domain-name system under contract with the U.S. government for more than a decade ? but the Los Angeles-based nonprofit has worked to transform itself into a global organization free of U.S. ties. European Union officials backed the globalization effort, which intensified with Edward Snowden?s leaks about the NSA?s sprawling surveillance programs. The United States has always played a leading role in overseeing the management of .com and other domain names, but the administration announced Friday night that it will give up its oversight when the current contract expires in fall 2015. The European Commission, the EU?s executive arm, last month proposed establishing ?a clear timeline? for globalizing ICANN and the duties it performs under the U.S. contract. Exactly who would regulate the Web?s back-end is unclear, but the decision already has sparked backlash among some in the GOP, who warn it could allow the United Nations or authoritarian countries to step in and seize control of the Web. ?While I certainly agree our nation must stridently review our procedures regarding surveillance in light of the NSA controversy, to put ourselves in a situation where censorship-laden governments like China or Russia could take a firm hold on the Internet itself is truly a scary thought,? Sen. Tim Scott (R-S.C.) said. ?I look forward to working with my colleagues on the Senate Commerce Committee and with the Commerce Department on this, because ? to be blunt ? the ?global internet community? this would empower has no First Amendment.? Former House Speaker Newt Gingrich, minutes after the Friday announcement, tweeted: ?Every American should worry about Obama giving up control of the Internet to an undefined group. This is very, very dangerous.? And that?s just a start. ?This is red meat for the base,? said former Rep. Mary Bono (R-Calif.), who sponsored a resolution in 2012 aimed at keeping the Internet free of governmental control. ?We?re at a critical time where [Russian President Vladimir] Putin is proving he is capable of outmaneuvering the administration. ? As they digest it, I think people are going to be very upset.? U.S. lawmakers have long warned about the dangers of ceding ICANN?s authority to the International Telecommunication Union, a United Nations agency. They see the U.N. as a vehicle for countries with tight constraints to allow even greater online censorship. Congress unanimously passed Bono?s resolution ahead of a 2012 ITU meeting to reinforce America?s commitment to an open Internet. The National Telecommunications and Information Administration ? the Commerce Department agency that made the announcement ? emphasized ICANN would need to meet several principles ahead of the transition, including ensuring the openness of the Internet. ?We will not accept a proposal that replaces the NTIA role with a government-led or an intergovernmental solution,? the agency?s administrator, Larry Strickling, told reporters. An NTIA official said Friday the agency had no intention of handing the contract over to another government or group, but wanted to find a method of oversight that incorporated broader voices. Only a proposal with broad community support would be approved, he said. Several Democratic lawmakers, including Senate Commerce Committee Chairman Jay Rockefeller (D-W.Va.), applauded the planned transition. He called it ?the next phase? toward ?an independent entity that reflects the broad diversity of the global Internet community.? Some Republicans reacted with more caution. A spokesman for Sen. Marco Rubio (R-Fla.) said lawmakers ?must consider this carefully and ensure this transition reflects the unanimous statement Congress made last year,? adding, ?Under no circumstances should this contract transition to a government or government entity.? But at least one right-leaning group called on lawmakers to intervene. ?Congress needs to prevent the Obama administration from giving away U.S. control over the Internet to any international body,? Americans for Limited Government said in a statement. ?Perhaps this latest egregious action by the Obama administration in their quest to deconstruct the United States will finally wake Congress up to their power of the purse responsibility as a co-equal partner in government.? The GOP may have just found a midterm election rallying cry, Bono predicted. ?It could be the beginning of censorship,? she said. ?Anyone frustrated with the UN Security Council could take a look at this and recognize potential problems.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 17 06:40:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 07:40:41 -0400 Subject: [Infowarrior] - =?windows-1252?q?Compare_the_NSA=92s_Facebook_Mal?= =?windows-1252?q?ware_Denial_to_its_Own_Secret_Documents?= Message-ID: Compare the NSA?s Facebook Malware Denial to its Own Secret Documents https://firstlook.org/theintercept/2014/03/15/nsa-facebook-malware-turbine-non-denial-denial/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 17 07:03:56 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 08:03:56 -0400 Subject: [Infowarrior] - AP: US cites security more to censor, deny records Message-ID: <91428EF6-92D7-4249-908F-5099A804856E@infowarrior.org> Mar 17, 5:36 AM EDT US cites security more to censor, deny records By TED BRIDIS and JACK GILLUM Associated Press http://hosted.ap.org/dynamic/stories/U/US_SUNSHINE_WEEK_FOIA?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT WASHINGTON (AP) -- The Obama administration has a way to go to fulfill its promises from Day 1 to become the most transparent administration in history. More often than ever, the administration censored government files or outright denied access to them last year under the U.S. Freedom of Information Act, cited more legal exceptions it said justified withholding materials and refused a record number of times to turn over files quickly that might be especially newsworthy, according to a new analysis of federal data by The Associated Press. Most agencies also took longer to answer records requests. The government's own figures from 99 federal agencies covering six years show that halfway through its second term, the administration has made few meaningful improvements in the way it releases records. In category after category - except for reducing numbers of old requests and a slight increase in how often it waived copying fees - the government's efforts to be more open about its activities last year were their worst since President Barack Obama took office. In a year of intense public interest over the National Security Agency's surveillance programs, the government cited national security to withhold information a record 8,496 times - a 57 percent increase over a year earlier and more than double Obama's first year, when it cited that reason 3,658 times. The Defense Department, including the NSA, and the CIA accounted for nearly all those. The Agriculture Department's Farm Service Agency cited national security six times, the Environmental Protection Agency did twice and the National Park Service once. And five years after Obama directed agencies to less frequently invoke a "deliberative process" exception to withhold materials describing decision-making behind the scenes, the government did it anyway, a record 81,752 times. "I'm concerned the growing trend toward relying upon FOIA exemptions to withhold large swaths of government information is hindering the public's right to know," said Sen. Patrick Leahy, D-Vt., chairman of the Senate Judiciary Committee. "It becomes too much of a temptation. If you screw up in government, just mark it `top secret.'" Citizens, journalists, businesses and others last year made a record 704,394 requests for information, an 8 percent increase over the previous year. The government responded to 678,391 requests, an increase of 2 percent over the previous year. The AP analysis showed that the government more than ever censored materials it turned over or fully denied access to them, in 244,675 cases or 36 percent of all requests. On 196,034 other occasions, the government said it couldn't find records, a person refused to pay for copies or the government determined the request to be unreasonable or improper. Sometimes, the government censored only a few words or an employee's phone number, but other times it completely marked out nearly every paragraph on pages. The White House said the government's figures demonstrate "that agencies are responding to the president's call for greater transparency." White House spokesman Eric Schultz noted that the government responded to more requests than previously and said it released more information. "Over the past five years, federal agencies have worked aggressively to improve their responsiveness to FOIA requests, applying a presumption of openness and making it a priority to respond quickly," Schultz said. Sunday was the start of Sunshine Week, when news organizations promote open government and freedom of information. The chief of the Justice Department's Office of Information Policy, which oversees the open records law, told the Senate last week that some of the 99 agencies in the past five years have released documents in full or in part in more than 90 percent of cases. She noted the record number of requests for government records, which exceeded 700,000 for the first time last year, and said decisions are harder than ever. "The requests are more complex than they were before," director Melanie Pustay told the Senate Judiciary Committee. The government's responsiveness under the FOIA is widely viewed as a barometer of its transparency. Under the law, citizens and foreigners can compel the government to turn over copies of federal records for zero or little cost. Anyone who seeks information through the law is generally supposed to get it unless disclosure would hurt national security, violate personal privacy or expose business secrets or confidential decision-making in certain areas. It cited such exceptions a record 546,574 times last year. "The public is frustrated and unhappy with the pace of responses and the amount of information provided," Sen. Richard Blumenthal, D-Conn., said at the same congressional hearing. "There's a common reaction for anybody who has any experience with it that it doesn't function well." John Cook, the incoming new editor at the Intercept, the online magazine founded by investor Pierre Omidyar, said his experience under the open records law was "abysmal" but not especially worse last year than previously. "It's a bureaucracy," Cook said. "As often as it's about trying to keep data from falling into the hands of reporters, it's the contractor looking for ways to reduce the caseload. It's just bureaucrats trying to get home earlier and have less to do." The AP could not determine whether the administration was abusing the national security exception or whether the public asked for more documents about sensitive subjects. The NSA said its 138 percent surge in records requests were from people asking whether it had collected their phone or email records, which it generally refuses to confirm or deny. To do otherwise, the NSA said, would pose an "an unacceptable risk" because terrorists could check to see whether the U.S. had detected their activities. It censored records or fully denied access to them in 4,246 out of 4,328 requests, or 98 percent of the time. Journalists and others who need information quickly to report breaking news fared worse than ever last year. Blocking news organizations from urgently obtaining records about a government scandal or crisis - such as the NSA's phone-records collection, Boston bombings, trouble with its health care website, the deadly shootings at the Washington Navy Yard or the attack on the diplomatic mission in Benghazi - can delay uncovering significant developments until after decisions are made and the public's interest has waned. The government said the average time it took to answer a records request ranged from less than one day to nearly two years. AP's analysis showed that most agencies took longer to answer requests than the previous year, although the White House said the government responded more quickly and did not immediately explain how it determined that. The Pentagon reported at least two requests still pending after 10 years and the CIA was still working on at least four requests from more than eight years ago. The AP's request to the Health and Human Services Department for contracts with public-relations companies to promote Obama's health care law has been pending for more than one year. Requests for files about the Affordable Care Act and the IRS's treatment of tax-exempt political groups have languished in government offices for months. Similarly, the AP has waited for more than 10 months for emails between the IRS and outside Democratic super PACs about tea party groups. After Rep. Paul Ryan, R-Wis., was selected as the Republican vice presidential candidate, the AP asked scores of federal agencies for copies of letters he wrote to them. At least seven turned over the records after the election in November 2012. Some didn't even acknowledge AP's request for Ryan's letters until months after Obama was sworn in for a second term. Last year, the government denied 6,689 out of 7,818 requests for so-called expedited processing, which moves an urgent request for newsworthy records to the front of the line for a speedy answer, or about 86 percent. It denied only 53 percent of such requests in 2008. The EPA denied 458 out of 468 expediting requests. The State Department, where expedited processing can save 100 days of waiting time for example, denied 332 of 344 such requests. The Homeland Security Department denied 1,384 or 94 percent of expediting requests. The Justice Department, which denied AP's request for video its investigators obtained days after the Navy Yard shooting, denied 900 out of 1,017 such requests. The U.S. spent a record $420 million answering requests plus just over $27 million in legal disputes, and charged people $4.3 million to search and copy documents. The government waived fees about 58 percent of the time that people asked, a 1 percent improvement over the previous year. Sometimes, the government said it searched and couldn't find what citizens wanted. The Office of the Director of National Intelligence, whose top official has testified to Congress repeatedly about NSA surveillance programs disclosed by contractor Edward Snowden, told the AP it couldn't find any records or emails in its offices asking other federal agencies to be on the lookout for journalists to whom Snowden provided classified materials. British intelligence authorities had detained one reporter's partner for nine hours at Heathrow airport and questioned him under terrorism laws. DNI James Clapper has at least twice publicly described the reporters as "accomplices" to Snowden, who is charged under the U.S. Espionage Act and faces up to 30 years in prison. Likewise, Cook, departing as the editor at Gawker, was exasperated when the State Department told him it couldn't find any emails between journalists and Philippe Reines, Hillary Clinton's personal spokesman when Clinton was secretary of state. BuzzFeed published a lengthy and profane email exchange about the 2012 attack on the diplomatic mission in Benghazi between Reines and its correspondent, Michael Hastings. "They said there were no records," Cook said of the State Department. --- Online: U.S. government FOIA performance data: http://www.foia.gov/data.html Example of heavily censored Justice Department document: http://tinyurl.com/p44ub6c --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 17 07:16:59 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 08:16:59 -0400 Subject: [Infowarrior] - Army & Vector Aerospace censoring news articles Message-ID: <7183800E-5902-466C-B434-DB4E886B83C8@infowarrior.org> Interesting to see the following articles being blocked by the US Army and Vector Aerospace mail servers for "offensive content." Really? --rick From: "Mail Delivery System" Subject: [Infowarrior] - AP: US cites security more to censor, deny records Date: March 17, 2014 8:07:32 AM EDT The message that you sent to an @us.army.mil user with subject "[Infowarrior] - AP: US cites security more to censor, deny records" was not accepted for delivery since it contained unauthorized content. From: PureMessage Admin Subject: Message Quarantined - Offensive Word/Content Subject: [Infowarrior] - If GCHQ wants to improve national security it mustfix our technology Date/Time (NST): Wed Mar 12 08:00:29 2014 The following message was quarantined by PureMessage for containing offensive word(s)/content that is against the acceptable use policy. If you think that this action is unwarranted, please contact Our Helpdesk at helpdesk at vectoraerospace.com From rforno at infowarrior.org Mon Mar 17 07:23:34 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 08:23:34 -0400 Subject: [Infowarrior] - Dotcom: Popcorn Time Shows Where Road Ends for Hollywood Message-ID: <37868C6B-E4FF-4305-B7E3-9DD9A4791C69@infowarrior.org> Dotcom: Popcorn Time Shows Where Road Ends for Hollywood ? By Andy ? on March 17, 2014 http://torrentfreak.com/dotcom-popcorn-time-shows-where-road-ends-for-hollywood-140317/ After the team behind the controversial Popcorn Time software called it quits, Kim Dotcom has weighed in on the debate ignited by the app. "Popcorn Time and countless similar applications show where the road ends for Hollywood," the Megaupload founder says. Last week Popcorn Time burst onto the scene, offering content to be found on dozens of other sites but sitting head and shoulders above the rest in simplicity and presentation. But after a dream start and dozens of news articles, it was all over. Pressure had been building within the project and rather than let things get completely out of hand, a decision was taken to move away. At the start of the weekend the Popcorn Time team called it quits and interest in the project expressed by a dev at YTS was later withdrawn by the site?s operator. Earlier in the week there had been other complications too, including the removal of the Popcorn Time installer from Mega.co.nz, the hosting service chosen by the software?s devs. So what did Kim Dotcom know about that? ?I just woke up. No idea what happened,? Dotcom told TF at 03:50am local time Thursday. ?I?m not involved in Mega?s day-to-day business since I resigned from Management to work on an alternative Internet concept called Meganet, Baboom and the Internet Party.? Days later we?re still no closer to discovering why the files were taken down, whether that was due to Mega?s own decision based on a ToS violation or if the hosting service was pressured by the MPAA. What is clear, however, is that Popcorn Time, the most elegant unofficial movie-viewing application of recent times, has underlined that the destruction of Mega did little to ease Hollywood?s plight. ?I support innovation,? Dotcom told TF. ?Popcorn Time and countless similar applications show where the road ends for Hollywood. Ultimately it?s a cat-and-mouse game Hollywood can?t win by force but only with smarter Internet offerings.? Interestingly, it seems that the people behind Popcorn Time actually understand where Dotcom is coming from. In a file-sharing world dominated by the likes of The Pirate Bay and KickassTorrents, Popcorn Time came along this week and took what XBMC has being doing for some time and amped it up to eleven. They took the same content being offered by everyone else and made it more accessible and desirable. Dotcom says this is what Hollywood should be doing, but instead their anti-piracy fixation remains. ?The destruction of Megaupload did nothing for Hollywood. Piracy is bigger than ever, despite overreaching law enforcement action & efforts by the MPAA and Chris Dodd to buy aggressive copyright laws and treaties. Hollywood made a mistake when they hired a powerful former Senator to run the MPAA in an attempt to fix their Internet problems with a sledgehammer,? he adds. While Popcorn Time was hardly stealth with its public torrent sources and open source format, Dotcom says that the worst is yet to come. ?The innovators of today are working on fully encrypted parallel Internets which don?t rely on IPs. They are fluid oceans of homeless data that can?t be controlled by anybody. I know of several projects that will make it extremely difficult for Hollywood. How do you take things down that can?t be taken down?? he questions. ?Combine that with apps and sites that provide a no-takedown one-click high-speed content experience and Hollywood?s nightmare is complete.? The signs indeed point to things getting worse. This week TF spoke to a developer who told us that work is already underway to bring a Popcorn Time-style experience to smart TVs, showing that not only is innovation far from dead, but soon even the likes of The Pirate Bay will have to do something to catch up. According to Dotcom, however, there?s still time for Hollywood to properly open up. ?It?s not to late for Hollywood to embrace the Internet and offer more appealing services than those unauthorized services out there. Within three years Hollywood could double global income with an ingenious new online content service I have created. It?s so good that International license holders of content would join this offering in a heartbeat. I have offered my help in an open letter to Hollywood some time ago. They still prefer the sledgehammer,? he says. ?Hollywood has built a fortune on stories with happy endings, yet they don?t get it in the real world. The Internet has the potential to be the biggest happy ending for Hollywood ? and I know how,? Dotcom concludes. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 17 13:05:01 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 14:05:01 -0400 Subject: [Infowarrior] - =?windows-1252?q?MH370_story_is_the_new_anti-jour?= =?windows-1252?q?nalism_=96_all_data=2C_no_real_facts=2C_endless_theories?= Message-ID: MH370 story is the new anti-journalism ? all data, no real facts, endless theories Free conspiracies are for sale, with cautious restraint that propels the absence of truth. But you?re still obsessed, aren?t you? ? Michael Wolff ? theguardian.com, Monday 17 March 2014 11.10 EDT http://www.theguardian.com/commentisfree/2014/mar/17/malaysia-airlines-mh370-media-conspiracy-theories Well, the plane is somewhere. Although there exists the eerie possibility that it will remain as if nowhere ? forever lost. And that?s just about the best situation that exists for journalism: ?missing? stories trump all others for their intensity and stickiness, fueling the imagination of journalists and audiences alike. Journalism exists to provide information. But what?s really compelling is a lack of information ? or what is more particularly being called ?an absence of empirical data?. ?It doesn?t mean anything; all it is a theory.? That was the key quote, from an appropriately unnamed ?senior American official,? in the New York Times? front-page story Sunday about the Malaysian government?s sudden conversion to the idea that their plane was snatched. ?Find the plane, find the black boxes and then we can figure out what happened. It has to be based on something, and until they have something more to go on it?s all just theories.? Precisely! And everyone is entitled to his or her own their own theory ? it?s more democratization of journalism ? including, but not limited to: a) Terrorism; b) mechanical failure; c) hijacking; d) mad or rogue pilot; e) meteor; d) aliens; e) reality show promotion (in this, the 239 passengers and crew would have been in on it ? each paid for their performance). The Tweetdeck column flutters like a deranged stock ticker, as furious as it did for the Woody Allen imbroglio, that other recent spike of obsessive interest in the unknowable. In a way, it?s anti-journalism. I am hardly the only stick-in-the-mud to observe that the impending takeover of Crimea, a precise piece of geopolitical logistics and confrontation with a full menu of international implications ? journalistic red meat ? has been blown away by a story with no evident meaning, other than the likely bleak fate of most onboard. It is, of course, an ideal story for the current journalism era because it costs nothing. Nobody has to go anywhere. Nobody has to cover the wreckage and the recovery. Not only is the story pretty much all just theories ? but theories are cheap. There is, too, a gotcha element. Mainstream journalism has tried to be cautious about its claims. It has tried to deny or at least hold the line against the unproven ? even when the unproven is obvious. ??as investigators have examined the flight manifest and looked into the two Iranian men who were on the plane traveling with stolen passports, they have become convinced that there is no clear connection to terrorism,? said the Times on Friday night, even as it became more clear by the end of the weekend that somebody had disabled the plane?s identifying signal mechanisms and diverted it from its route and had flown it somewhere! Such cautious ? or absurd ? restraint actually propels the story. That the mainstream media is trying not to deviate from mainstream sources (the recalcitrant, in-denial, shell-shock Malaysian government, and the in-the-dark US authorities) maintains something illogical, which in turn agitates or inspires the counter-media (the conspiracists), which was once marginal, but which is now mainstream itself. After 10 days and counting, mainstream outlets along with the Malaysian government catch up with the story that everybody else was onto anyway. The plane?s been taken! Grabbed. Stolen. Commandeered. It was only yesterday that the Times acknowledged the ?increasing likelihood that Flight 370 was purposefully diverted and flown possibly thousands of miles from its planned route?. Part of the problem in the story is language itself. ?Terrorism? is implicitly connected to al-Qaida and suggests clear cause and effect and tends to trigger a spasm of maximum responses. So don?t go there until you are sure about going there. Hijacking suggests precise demands and an evident aircraft. Mechanical failure needs a crash site. What words are left, then? Just: diverted. And vanished. This may be the first wholly data-driven story. There are no first-hand facts. There are only secondary data implications. And so far it has demonstrated not the strength of data ? that new religion ? but its weakness. ?What investigators are left with is an hourly electronic ?handshake? or digital communication, between the airplane and a satellite orbiting 22,250 miles above the Indian Ocean,? says the Times with some poetry. ?But the handshake is mostly devoid of data, and cannot be used to pinpoint the plane?s last known location. It is the electronic equivalent of catching someone?s eye in the crowd.? The data, in other words, merely reinforces the existential. Indeed, the most telling data point may be that the plane so artfully slipped through the data filters leaving so few data points. But the plane is somewhere ? that?s the only certain data point. It is at the bottom of the ocean, sunk without a trace, or in a jungle or rainforest with remarkable discrete pattern or wreckage. Or, it is on the ground somewhere ? indeed, may have been on the ground somewhere, re-fueled, and gone somewhere else to land again, whereabouts of 239 passengers and crew unknown. It is a new kind of hijacking in which the plane can?t be stormed or hijackers targeted by sharpshooters because plane and hijackers are invisible. Or, a new kind of terrorism, wherein we wait for the plan to be inserted, undetected, back into the air lanes for what terrible purpose we can only guess. Just when we start to believe that we know all, that systems track us mercilessly, we find we know nothing, and the plot thickens. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 17 15:27:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Mar 2014 16:27:14 -0400 Subject: [Infowarrior] - Which VPN Services Take Your Anonymity Seriously? 2014 Edition Message-ID: <4428D35B-F3E4-4840-8A31-BECCE84F9CAB@infowarrior.org> (disclosure: I use #1 on their list and am quite pleased with its performance and the company?s quite responsive support. ?rick) Which VPN Services Take Your Anonymity Seriously? 2014 Edition http://torrentfreak.com/which-vpn-services-take-your-anonymity-seriously-2014-edition-140315/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 07:01:44 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 08:01:44 -0400 Subject: [Infowarrior] - Death of a National License-Plate Tracking Database Have Been Greatly Exaggerated Message-ID: Reports of the Death of a National License-Plate Tracking Database Have Been Greatly Exaggerated https://firstlook.org/theintercept/2014/03/17/1756license-plate-tracking-database/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 07:08:53 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 08:08:53 -0400 Subject: [Infowarrior] - The Big Secret Behind the CIA-Congressional Battle Message-ID: The Big Secret Behind the CIA-Congressional Battle http://www.ritholtz.com/blog/2014/03/the-big-secret-behind-the-cia-congressional-battle/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 11:48:19 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 12:48:19 -0400 Subject: [Infowarrior] - =?windows-1252?q?NSA_surveillance_program_reaches?= =?windows-1252?q?_=91into_the_past=92_to_retrieve=2C_replay_phone_calls?= Message-ID: <6DC65124-6619-4F2C-9291-ED2380D9403A@infowarrior.org> NSA surveillance program reaches ?into the past? to retrieve, replay phone calls By Barton Gellman and Ashkan Soltani http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_print.html The National Security Agency has built a surveillance system capable of recording ?100 percent? of a foreign country?s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden. A senior manager for the program compares it to a time machine ? one that can replay the voices from any call without requiring that a person be identified in advance for surveillance. < - > http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_print.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 11:55:17 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 12:55:17 -0400 Subject: [Infowarrior] - Copyright Alliance Attacks ChillingEffects.org As 'Repugnant, ' Wants DMCA System With No Public Accountability Message-ID: <08B1A690-414A-4475-A513-E452F156D846@infowarrior.org> Copyright Alliance Attacks ChillingEffects.org As 'Repugnant,' Wants DMCA System With No Public Accountability http://www.techdirt.com/articles/20140317/11355726599/copyright-alliance-attacks-chilling-effects-clearinghouse-argues-dmca-system-with-no-public-accountability.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 11:56:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 12:56:41 -0400 Subject: [Infowarrior] - =?windows-1252?q?It=92s_Over!_Viacom_and_Google_S?= =?windows-1252?q?ettle_YouTube_Lawsuit=2E?= Message-ID: <24168E88-9A44-4BBA-992D-97FEAAC7C310@infowarrior.org> It?s Over! Viacom and Google Settle YouTube Lawsuit. March 18, 2014, 5:38 AM PDT By Peter Kafka http://recode.net/2014/03/18/its-over-viacom-and-google-settle-youtube-lawsuit/ Viacom, which has been suing Google over alleged copyright violations at its YouTube unit since 2007, has settled out of court, the two companies announced today. Google and Viacom didn?t provide details, but did offer this statement: ?Google and Viacom today jointly announced the resolution of the Viacom vs. YouTube copyright litigation. This settlement reflects the growing collaborative dialogue between our two companies on important opportunities, and we look forward to working more closely together.? At one point Viacom, the cable powerhouse that owns networks such as MTV and Comedy Central, had been seeking $1 billion in damages from Google. But no money traded hands in the settlement, according to people familiar with the transaction. Google had won a significant victory against Viacom in 2010, when U.S. District Court Judge Louis Stanton ruled largely in the company?s favor. Viacom appealed that decision, but a federal appeals court kicked the case back down to Stanton again, who repeated his ruling in 2013. Viacom appealed that ruling, and the two companies were scheduled to appear in court again next Monday. Seven years ago, the copyright lawsuit looked like it would have major implications for the way the Web worked. But by now the suit had become an asterisk, because in many ways the core issues have been settled by both the courts and the market. In very broad strokes, the practical consensus is that digital services like YouTube ? and Twitter, and Facebook, and everyone else that distributes lots of content uploaded by its users ? are not responsible for copyright violations if they don?t explicitly encourage them, and if they let copyright holders take down stuff they don?t want up there. Like many other media companies, Viacom had originally objected to the fact that lots of its content appeared on YouTube without its permission. But Google, which acquired YouTube in 2006, has more or less made peace with most big content companies, in part via a ?ContentID? system that allows copyright owners to track their stuff on the world?s largest video site. The system also gives content owners the ability to demand ?takedowns? of their stuff ? or the option to run ads against it. Viacom itself has been working with YouTube?s ContentID system for some time. Two years ago, Viacom?s Paramount film studio struck a deal to rent movies via YouTube. And, if you?re keeping track of these things, note that Viacom CEO Philippe Dauman?s son, Philippe Dauman Jr., has worked for Google since 2007 ? the same year Viacom sued Google. Dauman Jr.?s LinkedIn profile says he?s now working on the ?Google Wallet? program. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 18 16:17:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Mar 2014 17:17:15 -0400 Subject: [Infowarrior] - Google to reportedly kill Voice, integrate it into Hangouts Message-ID: (Of course, Hangouts crashed today, I hear. Great timing! ?rick) Google to reportedly kill Voice, integrate it into Hangouts Florence Ion Mar 18, 2014 12:18 PM http://www.pcworld.com/article/2109265/google-to-reportedly-kill-voice-integrate-it-into-hangouts.html You know how some things are just inevitable? Like, a plant will wither if it doesn't have an adequate amount of sunlight and water? That's kind of what's happening Google Voice, if the latest hearsay is to be believed. 9to5Google reports from its own unnamed sources that Google plans to do the inevitable: roll up its Voice functionality into the Google+ Hangouts app for both Android and iOS devices. Hangouts will be able to do VoIP calls and SMS via your Google Voice number, in addition to the video calls and instant messaging it's capable of now. It all makes perfect sense: once sequestered as its own standalone app, SMS messaging integration was recently rolled up into Hangouts after the launch of KitKat in an effort to kickstart Google's idea of a unified messaging app. Google Talk and Google Plus instant messaging are also a part of that package, and every service is easily accessible through one unified Omnibar that lets you search for anyone, whether they're in your Contacts or a public Google+ user. Also consider Google's insistence for its users to use Google+. The social network is slowly transforming into a portal for every Google service you utilize. All the Google things that are not tied to a Google+ account are slowly being swallowed up by the things that do. None of this is a new concept, but rather the proper evolution of Google's myriad of services. Its competitors, Apple and Microsoft, both insist you have a user ID to log into its services. Both companies also offer their own unified messaging portals: Apple's Messages on the Mac and iOS, and Microsoft's Lync on the desktop. Either Google will push forth a silent update for Hangouts?as the company is known to do with some of its high profile services and apps?or we'll expect to hear an official announcement during the Google I/O keynote. For now it's just an unconfirmed rumor?and a wish that Google would just pull the trigger on the inevitable. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 07:11:27 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 08:11:27 -0400 Subject: [Infowarrior] - =?windows-1252?q?Warner_Bros_Fights_Looming_Expos?= =?windows-1252?q?=E9_of_Anti-piracy_Secrets?= Message-ID: <48B6CDDA-F557-4A64-BE8D-8C8B86619CBE@infowarrior.org> Warner Bros Fights Looming Expos? of Anti-piracy Secrets ? By Ernesto ? on March 19, 2014 http://torrentfreak.com/warner-bros-fights-looming-expose-of-anti-piracy-secrets-140319/ Hollywood studio Warner Bros. is fighting a request from the Electronic Frontier Foundation to a Florida federal court to unseal details of the movie studio's anti-piracy practices. The sealed documents are part of Warner's DMCA-abuse case against Hotfile, and the movie studio says that pirates could "infringe without fear of detection" should enforcement tactics be exposed. To deal with the ongoing threat of online piracy, major Hollywood studios have entire divisions dedicated to tracking down copyright infringers. Exactly what goes on behind the scenes is a mystery, but if the Electronic Frontier Foundation (EFF) has its way, part of this veil will soon be lifted. Last month the digital rights group asked a Florida federal court to unseal the filings Warner submitted in its now-settled DMCA abuse case against Hotfile. EFF argued that the public has the right to know what mistakes Warner made. Knowing how Warner Bros? anti-piracy system works will be instrumental in discussing the effectiveness of the DMCA takedown procedure and similar measures. This week Warner opposed the EFF?s request. The movie studio fears that by exposing the sealed documents pirates will obtain an unfair advantage. According to David Kaplan, Warner?s Senior Vice President of Anti-Piracy operations, the information ?would give pirates multiple routes for evading detection and copyright enforcement.? ?Persons familiar with Warner?s methods and strategies for identifying unauthorized Warner content online could infringe without fear of detection if they knew how the detection worked,? Kaplan informed the court. The above is intriguing, as it suggests that there are ways to bypass Warner?s anti-piracy systems. While this may be as simple as using anonymizer tools, the studio clearly doesn?t want the public to know. The opposition filings themselves are heavily redacted, but Warner warns the court that exposing their secrets could allow more ?criminals? to avoid justice. From Warner Bros? redacted filing The movie studio asks the court to keep the documents under seal, and accuses EFF of having a secret agenda. Warner believes that the digital rights group is not so much interested in serving the public good, and suggests that the EFF mostly wants to use the information to their own advantage. ?Although EFF claims that this unsealing would serve the ?public interest,? EFF?s motion is a thinly-veiled effort to gain access to Warner?s confidential information for EFF?s own tactical advantage in private litigation that EFF regularly brings against copyright owners to challenge their use of takedown systems,? Warner writes. In EFF?s case, the public interest may of course be aligned with the interests of the group itself. However, the Hollywood studios believe that EFF is mainly interested in scandalizing. ?Plaintiffs? concern that EFF?s true intentions are to exploit the sealed information in order to ?promote scandal? regarding Warner and other copyright owners is fully justified, and tips the balance even further toward continued sealing of the designated information,? Warner informs the court. According to Warner, the EFF?s reasoning doesn?t trump their right to protect their anti-piracy secrets. This is not to avoid ?embarrassment? as EFF suggests, but to prevent pirates from outsmarting them. If the sealed documents were exposed, this could severely damage Warner?s operation, they claim. ?As Plaintiffs have explained, this detailed information could be used by infringers to evade Warner?s copyright enforcement efforts. That such disclosure would cause significant harm to Warner?s copyright enforcement efforts is beyond serious dispute,? Warner stresses. It?s now up to the court to decide whose interests weigh stronger. If Judge Kathleen Williams decides to unseal the documents, it will be interesting to see what Warner is so afraid of. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 07:16:31 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 08:16:31 -0400 Subject: [Infowarrior] - Judge rebuffs Feds' attempt to search mac.com email Message-ID: <31CBA06D-4C24-4D5B-911D-7A943EAD7049@infowarrior.org> Judge rebuffs Feds' attempt to search mac.com email updated 12:00 am EDT, Wed March 19, 2014 Cites 'expectation of privacy' in email, says warrant was 'overly broad' While specifics of the case have not been made public, a federal magistrate judge has issued an unusual rebuke to the US government over its request for a warrant to search the records of an unnamed @mac.com user. The request was rejected by the judge for being "overly broad" and because it "makes no effort to balance the law enforcement interests against the obvious expectation of privacy email account holders have in their communications." The case revolves around alleged corruption by a defense contractor, and the government's warrant request asked for "all records or other information stored by an individual using each account, including address books, contact and buddy lists, pictures, and files," and other details such as logged IP addresses, billing details, and other details, reports Ars Technica. However, Judge John Facciola noted that "it is evident ... that the government is really after emails from December to the present. Nothing in Attachment B, however, explicitly requests that Apple gives the government any emails." After complaining that "the government continues to submit overly broad warrants ," the judge pointed out that the request contradicts itself by wanting the content of emails without specifically asking for them, but for just about any other detail regarding the account -- phrasing he called "poor drafting" that created "confusion" in the request. "It is equally evident that the government is using language that has the potential to confuse the provider-in this case Apple-which must determine what information must be given to the government," Judge Facciola said in his ruling. "This Court should not be placed in the position of compelling Apple to divine what the government actually seeks. Until this Application is clarified, it will be denied." The root problem with the government's request, said the judge, is that it is relying on seizure guidelines issued in 2009, a year before an appellate court ruled that email content is protected under the Fourth Amendment of the US Constitution. Major tech firms, including Google and (presumably) Apple, have taken the position that the government needs a specific warrant before it can ask to access email content. Only one federal circuit has thus far ruled on the question, finding that authorities do need a warrant. Judge Facciola issued his ruling earlier this month, but left the door open for the government to refile a narrower request. The ruling is part of an evolving pro-privacy stance that more of the judiciary is taking in light of Edward Snowden's revelations on the US government's "bulk" collection of electronic as well as phone and other forms of communication. Public backlash against what is seen as over-reaching invasions of privacy under the guise of "security" and an attitude by authorities that email (and texts or chats) is a less-protected form of speech may be having an influence on judges, who are in some jurisdictions requiring the government to be very specific in its requests for record searches where there is no evidence of actual security threats. Read more: http://www.electronista.com/articles/14/03/19/cites.expectation.of.privacy.in.email.says.warrant.was.overly.broad/#ixzz2wPUu5g5G --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 07:17:39 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 08:17:39 -0400 Subject: [Infowarrior] - Court Says FBI's Secret GPS Tracking Memos Can Stay Secret Message-ID: <096D9D23-188D-4242-A8B3-C91FD79F9F27@infowarrior.org> Court Says FBI's Secret GPS Tracking Memos Can Stay Secret from the government-states-black-toner-shortage-as-primary-motivator dept Back in January 2013, the ACLU managed to pry loose two secret memos on the FBI's GPS tracking from the DOJ with a FOIA request. The only problem was that the request didn't actually free much information. The responsive documents consisted of a few scattered paragraphs ? and 111 pages of black ink. The ACLU objected to this mockery of the words "freedom" and "information," noting that secret interpretations of existing laws is exactly the sort of thing the Freedom of Information Act was designed to discourage, not protect. So, the ACLU sued the government in hopes of being given something a little less redacted. That legal battle is now over. And no additional information will be freed.... < - < http://www.techdirt.com/articles/20140313/08523326565/court-says-fbis-secret-gps-tracking-memos-can-stay-secret.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 07:26:50 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 08:26:50 -0400 Subject: [Infowarrior] - Longtime Full Disclosure list shuts down Message-ID: <4D3925A4-5D55-4FE0-A3A8-9D897CC25A42@infowarrior.org> (c/o w.) http://seclists.org/fulldisclosure/2014/Mar/332 Administrivia: The End From: John Cartwright Date: Wed, 19 Mar 2014 10:30:15 +0000 Hi When Len and I created the Full-Disclosure list way back in July 2002, we knew that we'd have our fair share of legal troubles along the way. We were right. To date we've had all sorts of requests to delete things, requests not to delete things, and a variety of legal threats both valid or otherwise. However, I always assumed that the turning point would be a sweeping request for large-scale deletion of information that some vendor or other had taken exception to. I never imagined that request might come from a researcher within the 'community' itself (and I use that word loosely in modern times). But today, having spent a fair amount of time dealing with complaints from a particular individual (who shall remain nameless) I realised that I'm done. The list has had its fair share of trolling, flooding, furry porn, fake exploits and DoS attacks over the years, but none of those things really affected the integrity of the list itself. However, taking a virtual hatchet to the list archives on the whim of an individual just doesn't feel right. That 'one of our own' would undermine the efforts of the last 12 years is really the straw that broke the camel's back. I'm not willing to fight this fight any longer. It's getting harder to operate an open forum in today's legal climate, let alone a security-related one. There is no honour amongst hackers any more. There is no real community. There is precious little skill. The entire security game is becoming more and more regulated. This is all a sign of things to come, and a reflection on the sad state of an industry that should never have become an industry. I'm suspending service indefinitely. Thanks for playing. Cheers - John _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 08:00:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 09:00:15 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google_Won=92t_Face_Group_E-Mail?= =?windows-1252?q?_Privacy_Lawsuit=3A_Judge?= Message-ID: Google Won?t Face Group E-Mail Privacy Lawsuit: Judge By Joel Rosenblatt Mar 19, 2014 12:01 AM ET http://www.bloomberg.com/news/2014-03-19/google-won-t-face-group-e-mail-privacy-lawsuit-judge-rules.html Google Inc. (GOOG) won a major victory in its fight against claims it illegally scanned private e-mail messages to and from Gmail accounts, defeating a bid to unify lawsuits in a single group case on behalf of hundreds of millions of Internet users. U.S. District Judge Lucy Koh in San Jose, California, yesterday refused to let the case proceed as a class action, which would have allowed plaintiffs to pool resources and put greater pressure on Google to settle. If individuals pursue their claims against the owner of world?s largest search engine, they?ll need to use their own financial resources to litigate. E-mail users claimed Google intercepted, read and mined the content of e-mail messages for targeted advertising and to build user profiles. Legal experts including Stanford Law School Professor Deborah Hensler said before yesterday?s ruling that while the plaintiffs faced difficulty joining forces, the case stood to potentially become the largest group lawsuit ever. The amount at stake could have reached into the trillions of dollars if, as the plaintiffs argued, each person was eligible for damages of $100 a day for violations of federal wiretap law. Koh?s ruling has implications for e-mail privacy cases assigned to her that were filed last year against Yahoo! Inc. and LinkedIn Corp. (LNKD), which also have hundreds of millions of users. Similarly giant cases have been brought against Facebook Inc. (FB) and Hulu as Web users challenge how companies monetize their data for the online advertising market that generated more than $40 billion in the U.S. last year. Koh found that the proposed classes of people in the Google case aren?t ?sufficiently cohesive,? according to yesterday?s ruling. Members? Consent The judge wrote in her order that the question of whether the proposed class members consented to the alleged interceptions has been ?central to this case since it was filed.? Based on the evidence presented so far, to prove the arguments on each side, ?consent must be litigated on an individual, rather than class-wide basis,? Koh said. Sean Rommel, a lawyer representing plaintiffs in the case, didn?t respond after regular business hours yesterday to phone and e-mail messages seeking comment on the ruling. Google representatives didn?t respond to an e-mail seeking comment. At a Feb. 27 hearing on whether the case would proceed as a group lawsuit, Michael Rhodes, a lawyer representing Google, argued the plaintiffs never presented a ?model that they have demonstrated will actually work? to include so many plaintiffs. ?And worse, they?ve never shown some statistical sampling of the data set to give you more comfort that we can test to say it will not produce enough false positives,? Rhodes said. Texas, Pennsylvania The case started with separate lawsuits by users of Gmail and other e-mail services from states including Texas, Pennsylvania, Maryland and Florida. Those complaints were consolidated before Koh last year. Rommel contended in a filing that the the case is ?perfectly suited for class treatment? because everyone affected by the e-mail scanning has so much in common, from the ?uniform nature? of Google?s extraction of data in e-mails to the company?s ?uniform disclosures? about its privacy practices. ?This is no different than, I would assert, a shareholder case where somebody is saying yes, I bought shares within the class period and here?s my share,? he argued to Koh at the hearing. ?You have to compare it to the company records to see the date when they bought it, to see that they are actually a shareholder.? ?Very Steep? Hensler said in an interview last month that the plaintiffs? lawyers faced ?a very steep hurdle,? to proceed with a group case, adding that only 10 percent to 20 percent of all cases filed as class-actions are allowed to go forward. Koh in September rejected Mountain View, California-based Google?s bid to dismiss the case. In a rare early victory for plaintiffs in an online privacy lawsuit, the judge rejected Google?s argument that Gmail users agreed when they accepted subscription service terms and privacy policies to let their messages be scanned. Google faces another privacy case in federal court in San Francisco brought on behalf of everyone in the U.S. whose wireless Internet connections were intercepted by company vehicles gathering information for the Street View mapping service. The case is In re Google Inc. Gmail Litigation, 13-md-02430, U.S. District Court, Northern District of California (San Jose). To contact the reporter on this story: Joel Rosenblatt in San Francisco at jrosenblatt at bloomberg.net To contact the editors responsible for this story: Michael Hytha at mhytha at bloomberg.net Peter Blumberg --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 10:31:48 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 11:31:48 -0400 Subject: [Infowarrior] - LA Cops Argue All Cars in LA Are Under Investigation Message-ID: Los Angeles Cops Argue All Cars in LA Are Under Investigation March 19, 2014 | By Jennifer Lynch Do you drive a car in the greater Los Angeles Metropolitan area? According to the L.A. Police Department and L.A. Sheriff?s Department, your car is part of a vast criminal investigation. The agencies took a novel approach in the briefs they filed in EFF and the ACLU of Southern California?s California Public Records Act lawsuit seeking a week?s worth of Automatic License Plate Reader (ALPR) data. They have argued that ?All [license plate] data is investigatory.? The fact that it may never be associated with a specific crime doesn?t matter. This argument is completely counter to our criminal justice system, in which we assume law enforcement will not conduct an investigation unless there are some indicia of criminal activity. In fact, the Fourth Amendment was added to the U.S. Constitution exactly to prevent law enforcement from conducting mass, suspicionless investigations under ?general warrants? that targeted no specific person or place and never expired. ALPR systems operate in just this way. The cameras are not triggered by any suspicion of criminal wrongdoing; instead, they automatically and indiscriminately photograph all license plates (and cars) that come into view. This happens without an officer targeting a specific vehicle and without any level of criminal suspicion. The ALPR system immediately extracts the key data from the image?the plate number and time, date and location where it was captured?and runs that data against various hotlists. At the instant the plate is photographed not even the computer system itself?let alone the officer in the squad car?knows whether the plate is linked to criminal activity. < - > The sheriff?s department recognized that ALPR data tracked ?individuals? movement over time? and that, with only a license plate number, someone could learn ?personal identifying information? about the vehicle owner (such as the owner?s home address) by looking up the license plate number in a database with ?reverse lookup capabilities such as LexisNexis and Westlaw.? The agencies use the fact that ALPR data collection impacts privacy to argue that?although they should still be allowed to collect this information and store it for years?they should not have to disclose any of it to the public. However, the fact that the technology can be so privacy invasive suggests that we need more information on where and how it is being collected, not less. This sales video from Vigilant Solutions shows just how much the government can learn about where you've been and how many times you've been there when Vigilant runs their analytics tools on historical ALPR data. We can only understand how LA police are really using their ALPR systems through access to the narrow slice of the data we?ve requested in this case. We will be arguing these points and others at the hearing on our petition for writ of mandate in Los Angeles Superior Court, Stanley Mosk Courthouse, this coming Friday at 9:30 AM. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 10:33:15 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 11:33:15 -0400 Subject: [Infowarrior] - CORRECTION: LA Cops Argue All Cars in LA Are Under Investigation In-Reply-To: References: Message-ID: Link to that full post is @ https://www.eff.org/deeplinks/2014/03/los-angeles-cops-argue-all-cars-la-are-under-investigation > Los Angeles Cops Argue All Cars in LA Are Under Investigation > March 19, 2014 | By Jennifer Lynch > > Do you drive a car in the greater Los Angeles Metropolitan area? According to the L.A. Police Department and L.A. Sheriff?s Department, your car is part of a vast criminal investigation. > > The agencies took a novel approach in the briefs they filed in EFF and the ACLU of Southern California?s California Public Records Act lawsuit seeking a week?s worth of Automatic License Plate Reader (ALPR) data. They have argued that ?All [license plate] data is investigatory.? The fact that it may never be associated with a specific crime doesn?t matter. > > This argument is completely counter to our criminal justice system, in which we assume law enforcement will not conduct an investigation unless there are some indicia of criminal activity. In fact, the Fourth Amendment was added to the U.S. Constitution exactly to prevent law enforcement from conducting mass, suspicionless investigations under ?general warrants? that targeted no specific person or place and never expired. > > ALPR systems operate in just this way. The cameras are not triggered by any suspicion of criminal wrongdoing; instead, they automatically and indiscriminately photograph all license plates (and cars) that come into view. This happens without an officer targeting a specific vehicle and without any level of criminal suspicion. The ALPR system immediately extracts the key data from the image?the plate number and time, date and location where it was captured?and runs that data against various hotlists. At the instant the plate is photographed not even the computer system itself?let alone the officer in the squad car?knows whether the plate is linked to criminal activity. > > < - > > > The sheriff?s department recognized that ALPR data tracked ?individuals? movement over time? and that, with only a license plate number, someone could learn ?personal identifying information? about the vehicle owner (such as the owner?s home address) by looking up the license plate number in a database with ?reverse lookup capabilities such as LexisNexis and Westlaw.? > > The agencies use the fact that ALPR data collection impacts privacy to argue that?although they should still be allowed to collect this information and store it for years?they should not have to disclose any of it to the public. However, the fact that the technology can be so privacy invasive suggests that we need more information on where and how it is being collected, not less. This sales video from Vigilant Solutions shows just how much the government can learn about where you've been and how many times you've been there when Vigilant runs their analytics tools on historical ALPR data. We can only understand how LA police are really using their ALPR systems through access to the narrow slice of the data we?ve requested in this case. > > We will be arguing these points and others at the hearing on our petition for writ of mandate in Los Angeles Superior Court, Stanley Mosk Courthouse, this coming Friday at 9:30 AM. From rforno at infowarrior.org Wed Mar 19 14:40:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 15:40:14 -0400 Subject: [Infowarrior] - FBI 'busts' another of its own 'terrorist' plots Message-ID: FBI Bust Another Handcrafted 'Terrorist' For The Crime Of Thinking About Supporting A Terrorist Organization http://www.techdirt.com/articles/20140318/17221226618/fbi-bust-another-handcrafted-terrorist-crime-thinking-about-supporting-terrorist-organization.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 14:40:22 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 15:40:22 -0400 Subject: [Infowarrior] - Why Isn't the Fourth Amendment Classified as Top Secret? Message-ID: <2A9B4370-C24E-41E5-9DF1-90398663D350@infowarrior.org> Why Isn't the Fourth Amendment Classified as Top Secret? Think how much useful information its text and the case law surrounding it tell America's enemies. Conor Friedersdorf Mar 18 2014, 8:12 AM ET http://www.theatlantic.com/politics/archive/2014/03/why-isnt-the-fourth-amendment-classified-as-top-secret/284439/ Notice how much the Fourth Amendment tells our enemies. "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated," it states, "and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." The Framers are usually considered patriots. Yet they gave traitors and criminals in their midst such powerful knowledge about concealing evidence of skullduggery! Today every terrorist with access to a pocket Constitution is privy to the same text. And thanks to the Supreme Court's practice of publishing its opinions, al-Qaeda need only have an Internet connection to gain a very nuanced, specific understanding of how the Fourth Amendment is applied in individual cases, how it constrains law enforcement, and how to exploit those limits. Such were my thoughts Friday at UCLA Law School, where Stewart Baker, an attorney who worked in the Department of Homeland Security during the Bush Administration, participated in a debate about Edward Snowden. Some of his remarks focused on the NSA whistleblower's professed desire to trigger a debate among Americans, many of whom think it's their right to weigh in on all policy controversies. Baker disagrees. "You can't debate our intelligence capabilities and how to control them in the public without disclosing all of the things that you're discussing to the very people you're trying to gather intelligence about," he said. "Your targets are listening to the debates." In fact, he continued, they're listening particularly closely. For that reason, publicly debating intelligence techniques, targets and limits is foolish. As soon as targets figure out the limits of what authorities can touch, they'll change their tactics accordingly. In his view, limits should be set in secret. A class of overseers with security clearances can make the necessary judgment calls. Trevor Timm, co-founder of the Freedom of the Press Foundation, attempted to defend normal democratic debate. "What separates us from countries like Russia and China is that we can have these types of debates with an informed public that are completely aware of what types of surveillance are available to governments and what the legal standards are," he argued. "We're not specifically debating who the NSA is going to spy on, but whole surveillance regimes. If we didn't debate that in this country, the Fourth Amendment would be classified. But it's not." Then again, the Fourth Amendment could be classified. Jonathan Abel has written about retroactive classification, "a little-known provision of national security law that allows the government to declassify a document, release it to the public, and declare it classified later on." The government could "hand you a document today and prosecute you tomorrow for not giving it back," he explains. "Retroactive classification can even reach documents that are available in public libraries, on the Internet, or elsewhere in the public domain." What if an unclassified Fourth Amendment was a pre-9/11 luxury? Knowledge of its contours would take many years to fade. But if its text and opinions interpreting it were scrubbed from the public record, if Fourth Amendment jurisprudence were conducted behind closed doors going forward, so that a secret body of law could develop, the next generation of terrorists wouldn't know the limits of the state in future years. If we stick with the system that the Framers envisioned, however, there may be some attendant risks. Whereas right now, judges openly set forth limits?including limits on particular surveillance methods (like GPS car trackers)?for everyone including al-Qaeda to see! A terrorist with American citizenship is especially positioned to exploit this knowledge. Transparency is, in that sense, terror-enabling. Of course, if the Fourth Amendment and the law surrounding it is kept secret from terrorists and criminals, it would have to be kept from law-abiding Americans too. But like Baker says, the limits of surveillance can't be debated in public without better informing terrorists. And that leaves Americans with an important decision. The U.S. could continue to operate as a transparent representative democracy, where law is debated, interpreted, and adjudicated publicly; one where the people can oust elected officials as a consequence of any law that they enact or implement. If we stick with the system that the Framers envisioned, however, there may be some attendant risks. Are liberty and democratic legitimacy worth those risks? Because there are alternatives. For example, the government could run with Baker's logic, declare that it's foolhardy to publicize any information about the limits of state surveillance, and take measures to keep all useful information from terrorists. Perhaps the Fourth Amendment and relevant case law could be retroactively classified. Citizen groups who support doing whatever is necessary to thwart al-Qaeda could organize Stewart Baker-inspired counterterrorism patrols: a list would be drawn up of all schools, law libraries, and book stores in a given area; then the patrols could go around with scissors, cutting the Fourth Amendment from all copies of the Constitution, as well as with gasoline cans and matches, so that Fourth Amendment textbooks could be burned for all of our safety. It would prove more difficult to scrub information about the limits set by the Fourth Amendment from the web. But a few Espionage Act prosecutions would go a long way toward encouraging those who control web portals to stop resisting the transition. The terrorists would have a much harder time learning about limits on surveillance imposed by the Fourth Amendment. Far-fetched? Not as far-fetched as you thought! The next step would be obvious. There are ways in which the First, Second, and Fifth Amendments help to inform terrorists too. The same goes for related case law. Think how much less terrorists and criminals alike would know if all constitutional law, indeed all law of any kind, were interpreted before a secret body like the FISA court, rather than in open court where anyone can listen. Until then, our judges and constitutional-law scholars will regularly be putting out information that could be useful to our enemies. Stopping them would create an undemocratic system in which prosecutorial and police abuse would often be essentially undiscoverable and unchallengeable, and would inevitably end in civil liberties abuses of millions of innocents. But if, like Baker, you're not much bothered by mass surveillance of innocents, perhaps that price isn't too high to pay. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 14:43:44 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 15:43:44 -0400 Subject: [Infowarrior] - NSA General Counsel: US tech giants knew of NSA data collection Message-ID: <8C2690F7-6792-4990-9AFD-33E1496BDE7E@infowarrior.org> US tech giants knew of NSA data collection, agency's top lawyer insists NSA general counsel Rajesh De contradicts months of angry denials from big companies like Yahoo and Google ? Spencer Ackerman in Washington ? theguardian.com, Wednesday 19 March 2014 14.40 EDT The senior lawyer for the National Security Agency stated unequivocally on Wednesday that US technology companies were fully aware of the surveillance agency?s widespread collection of data, contradicting month of angry denials from the firms. Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies ? both for the internet collection program known as Prism and for the so-called ?upstream? collection of communications moving across the internet. Asked during at a Wednesday hearing of the US government?s institutional privacy watchdog if collection under the law, known as Section 702 or the Fisa Amendments Act, occurred with the ?full knowledge and assistance of any company from which information is obtained,? De replied: ?Yes.? When the Guardian and the Washington Post broke the Prism story in June, thanks to documents leaked by whistleblower Edward Snowden, nearly all the companies listed as participating in the program ? Yahoo, Apple, Google, Microsoft, Facebook and AOL ? claimed they did not know about a surveillance practice described as giving NSA vast access to their customers? data. Some, like Apple, said they had ?never heard? the term Prism. De explained: ?Prism was an internal government term that as the result of leaks became the public term,? De said. ?Collection under this program was a compulsory legal process, that any recipient company would receive.? < -- > http://www.theguardian.com/world/2014/mar/19/us-tech-giants-knew-nsa-data-collection-rajesh-de --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 19 16:11:32 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Mar 2014 17:11:32 -0400 Subject: [Infowarrior] - Providers ignore routing and DNS security: experts Message-ID: <72B6FEA0-A127-423B-A00A-F738D308442E@infowarrior.org> Providers ignore routing and DNS security: experts Juha Saarinen | Mar 19, 2014 6:49 AM The internet can be stolen easily. http://www.itnews.com.au/Tools/Print.aspx?CIID=375374 The temporary re-routing of the network that hosts Google's public Domain Name System (DNS) servers shows that large parts of the internet are open to hijacking, with attackers easily being able to capture, alter and redirect traffic without users' knowledge, experts say. Geoff Huston, chief scientist at the Asia-Pacific Network Information Centre (APNIC), called attacks on routing and DNS "the most insidious" because to end users, everything appears to be working as usual. "The issue about this attack form is that I don't need to pervert the operation of your system - no worms, no viruses, no attacks on your system per se - what the attack relies on is your system working and instead, it distorts the infrastructure of the internet," Huston told iTnews. He said attacks using the trust-based Border Gateway Protocol (BGP) and the related Domain Name System (DNS) that specify how traffic flows on the internet and how numeric addresses are resolved into human readable names respectively have been a long standing issue. He said they should have been dealt with years ago, but are by and large being ignored by the industry. "Is it serious? Of course. Do folk take it seriously? Of course not," Huston said. "It would be good to say that the ISP industry is acutely aware of the issues here and is enthusiastically supporting initiatives to build up the level of security in the routing system and to prevent the ease with which these attacks can be undertaken. "But it would be a lie in every respect," he said. Huston said as a result, users were being offered a "lousy service by any reasonable metric of security and safety". "How can ISPs get away with cutting corners with such reckless abandon? Why are we apparently learning nothing in all this and allowing the internet to become a toxic wasteland?" Huston said. How Google lost control of its DNS Over the weekend, traffic to Google's commonly used public DNS service was rerouted, meaning traffic with DNS resolution queries destined for Google's servers instead ended up at a Venezuelan network. Andree Toonk of BGP monitoring service BGPmon revealed the issue began at 17:32 UTC last Saturday when the BP LATAM network in Venezuela issued a route announcement for the 8.8.8.8/32 prefix for unknown reasons. While the announcement was withdrawn 23 minutes later, it had been picked up by a university network in Florida, United States and at least two Brazilian networks, according to Toonk. The /32 classless inter-domain routing (CIDR) notation means just a single address was announced; Toonk said the 8.8.8.0 network is normally announced as a /24 with 254 possible addresses and 256 subnets. "This may have been both a good and a bad thing," Toonk said. "Many networks filter routes more specific than a /24, so a /32 route is typically not propagated very far, typically only over peering connections where filtering is a bit more relaxed. "The bad news is that a /32 route is always selected over the 8.8.8.0/24 one that is normally announced by Google, no matter how long the Autonomous System (AS) path - a BGP metric of network routes - or any other route policies a network has in place." He said this meant if a router learnt the /32 route, it would typically always be selected as the best path and used for packet forwarding. While there is no evidence that the re-routing was malicious or intentional, Toonk said in theory, the traffic could have been altered or intercepted. The re-routing shows how easy it is to steal parts of the internet. Toonk said such incidents take place several times a day. Such incidents can have serious consequences, he said. Attackers can set up fake Secure Sockets Layer (SSL) certificate authorities so as to fake authentication and verification of traffic - for instance to financial institutions - and obtain full control over information flows assumed to be secured without users being any the wiser. Failure to secure routing and the DNS puts users at risk There are ways to stop accidental and intentional stealing of the internet, both Huston and Toonk said. Toonk recommended ISPs improve their BGP filtering and also implement the Resource Public Key Infrastructure (RPKI). This sets up policies that specify which entities can announce and change certain routes. He also suggested that when a public DNS resolver is used, end to end encryption is deployed. This prevents the interception and recording of DNS data, Toonk said. He recommended encryption tools such as the OpenDNS dnscrypt for this purpose. Huston agreed providers must secure BGP and said they should also use the Domain Name System Security Extensions (DNSsec) to ensure queries for domains return the correct answers. "It's there for a reason, and the reason is that you can't lie in the DNS when you use DNSsec," Huston said. However, while DNSsec is an established security standard, Huston's research [PDF] shows it isn't commonly used. Only 10.72 percent of Australian users operate DNSsec validating resolvers, according to the research. The numbers "are nothing to be proud of; quite the opposite," Huston said, and called for change. "Why is this industry so incredibly stupid and lazy that we are all prepared to go "tut tut" when we hear evidence of yet another instance of an incredibly longstanding attack vector, yet do absolutely nothing about it?" he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 06:53:04 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 07:53:04 -0400 Subject: [Infowarrior] - Judge Tells FBI To Explain Its Overly-Broad Use Of FOIA Exceptions Message-ID: Judge Tells FBI To Explain Its Overly-Broad Use Of FOIA Exceptions from the Occupy-J.E.-Hoover dept As we recently covered, a judge had ordered the CIA to explain its ridiculous FOIA response tactics. The CIA had, with a straight face, first claimed it could ONLY produce hard copies of digital files from an internal security journal. Then, it said the only way it could create digital files was by printing out the files and re-scanning them. The judge noted in her order that Congress recognized government agencies would be reluctant to hand over documents to the public, which is why it directed agencies to make every reasonable effort to accommodate requests. This, of course, was not what the legislators had in mind when they crafted the Freedom of Information Act. Now, it's the FBI being asked by a judge to explain its overuse of FOIA exemptions to withhold documents. This time, it's the (in)famous Ryan Shapiro suing our government for access to information. Shapiro is well-known by the FBI, which has attempted to shut down the prolific requester by simply refusing his FOIA requests. It justifies this violation of the FOIA by claiming (somewhat accurately) that Shapiro is utilizing a "mosaic" method to gain access to information the FBI clearly wants to keep hidden. The theory is that with enough overlapping requests, responses will turn up either different documents or inconsistent redactions, thus revealing potentially sensitive information. < - > http://www.techdirt.com/articles/20140317/16151426602/judge-tells-fbi-to-explain-its-overly-broad-use-foia-exceptions.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 06:52:59 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 07:52:59 -0400 Subject: [Infowarrior] - Foreign Office excludes public from its public records day Message-ID: <534206EE-4515-4D1E-B609-A487C8A18358@infowarrior.org> Foreign Office excludes public from its public records day ? Ian Cobain ? theguardian.com, Monday 17 March 2014 03.00 EDT http://www.theguardian.com/politics/2014/mar/17/foreign-office-excludes-public-records-day The UK Foreign Office is holding a conference to explain how it will finally place into the public domain millions of public records that it has unlawfully held for decades ? but is refusing to allow members of the public to attend. Selected historians and archivists have been invited to the event on 9 May, known as Records Day, but the FCO has said it will not admit the public or media. Meanwhile, a basic inventory of the 1.2m files that have been posted on a government website has been altered, with all references to the cold war spies Guy Burgess and Donald Maclean having disappeared. An earlier version of the inventory made clear that the withheld files on the two men took up more than 4 metres of shelving. The FCO has denied that references to the spies, who passed thousands of confidential documents to the Soviet Union during the cold war, had been removed to deter requests under the Freedom of Information Act. The FCO is trying to find a way to transfer at least 600,000 files containing millions of papers that the department withheld from the National Archive at Kew in breach of the Public Records Act's 30-year rule. The files are held at Hanslope Park, a high-security compound in Buckinghamshire that the FCO shares with MI5 and MI6. In 2011, the FCO admitted it had withheld 1,500 files about colonial Kenya from the high court during a court case brought by a group of elderly Kenyans who claimed damages for the mistreatment they suffered while imprisoned during the 1950 Mau Mau insurgency. Initially, the department denied 1,500 files existed, but changed its mind when confronted with evidence in court. After the papers were handed over, the government expressed "sincere regret" and paid ?13.9m in compensation to more than 5,000 prison survivors. It then said there were 8,800 colonial era files at Hanslope Park. It later emerged there were as many as 20,000 colonial-era files. There are thought to be more than 500,000 other files at Hanslope Park that the FCO will not release, although some date back to 1852. Historians and campaigners for greater transparency have said the way in which the FCO has kept the files secret is a scandal. A number, such as Richard Drayton, Rhodes professor of imperial history at King's College London, have said that reform of the Public Records Act is overdue. Tony Badger, a history professor at the University of Cambridge who is overseeing the transfer of the files to the National Archives at Kew on behalf of the FCO, said that while some of the files contained papers of little or no value, others were "extraordinarily valuable" and should be made publicly available as soon as possible. The director of the Campaign for Freedom of Information, Maurice Frankel, said: "People will understand that the Foreign Office can't fix this problem overnight. But they have got to do this openly. They may not be able to get themselves out of this mess without a very large amount of work, but that doesn't mean that they should be solely responsible for choosing what to prioritise for transfer to the National Archives. There has to be involvement of people who may in practice try to make use of these files, and that includes members of the public." The FCO has never fully explained how such an enormous collection of files came to be hidden from view, leading to suspicions that it was attempting to conceal material that could damage diplomatic relations, fuel litigation or that was simply embarrassing. FCO minister David Lidington told MPs his department was meeting its legal obligations over the handling of public records with "maximum transparency". However, he has said he will not answer questions about the affair from the media. "The proposed records day is not a media briefing, therefore journalists will not be invited," a spokesman from the FCO said when the Guardian asked if it could attend the conference. The FCO invited historians to another record day in May last year, to discuss the colonial era papers. Again, members of the public were not admitted. The department's record-keepers used the occasion to criticise media reporting of the affair, but failed to disclose that they were holding a further 1.2m files at Hanslope Park. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 10:25:23 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 11:25:23 -0400 Subject: [Infowarrior] - Fwd: Why Does the NSA Want to Keep Its Water Usage a Secret? References: <20140320135525.GI8584@reznor.com> Message-ID: <77C60875-041D-4060-968F-039D573D1820@infowarrior.org> (c/o AJR) > > http://www.wired.com/wiredenterprise/2014/03/nsa-water/ > > By Robert McMillan 03.19.14 6:30 AM > > The National Security Agency has many secrets, but here???s a new one: the agency is refusing to say how much water it???s pumping into the brand new data center it operates in Bluffdale, Utah. According to the NSA, its water usage is a matter of national security. > > The agency made the argument in a letter sent to officials in Utah, who are considering whether or not to release the data to the Salt Lake Tribune. Back in May, Tribune reporter Nate Carlisle asked for local records relating to the data center, but when he got his files a few > months later, the water usage data was redacted. > > ... > > Updated March 19, 2014. 10:10 a.m. PDT: After his hearing this morning, Carlisle tweeted that the Utah State Records Committee has rejected the NSAs argument and ordered the records released. > From rforno at infowarrior.org Thu Mar 20 12:36:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 13:36:14 -0400 Subject: [Infowarrior] - Prosecutors Admit They Don't Understand What Weev Did, But They're Sure It's Like Blowing Up A Nuclear Plant Message-ID: <87E0FBEF-CF3E-4CA6-974A-BFC79022E151@infowarrior.org> Prosecutors Admit They Don't Understand What Weev Did, But They're Sure It's Like Blowing Up A Nuclear Plant http://www.techdirt.com/articles/20140320/08025926632/prosecutors-admit-they-dont-understand-what-weev-did-theyre-sure-its-like-blowing-up-nuclear-plant.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 12:40:21 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 13:40:21 -0400 Subject: [Infowarrior] - ODNI Rethinks Secrecy and Openness in Intelligence Message-ID: <516445F9-2B23-4992-9641-226414D6064E@infowarrior.org> ODNI Rethinks Secrecy and Openness in Intelligence http://blogs.fas.org/secrecy/2014/03/litt-transparency/ By leaking classified intelligence documents, Edward Snowden transformed public awareness of the scale and scope of U.S. intelligence surveillance programs. But his actions are proving to be no less consequential for national security secrecy policy. ?These leaks have forced the Intelligence Community to rethink our approach to transparency and secrecy,? said Robert S. Litt, General Counsel at the Office of the Director of National Intelligence. He spoke at a March 18 Freedom of Information Day program sponsored by the Collaboration on Government Secrecy at American University Washington College of Law. Mr. Litt made it clear that he did not approve of the Snowden leaks, which he said were unlawful and had ?seriously damaged our national security.? Yet he stressed that the leaks have also prompted a reconsideration of previously accepted patterns of secrecy. ?We have had to reassess how we strike the balance between the need to keep secret the sensitive sources, methods and targets of our intelligence activities, and the goal of transparency with the American people about the rules and policies governing those activities.? ?One lesson that I have drawn from the recent events? is that we would likely have suffered less damage from the leaks had we been more forthcoming about some of our activities, and particularly about the policies and decisions behind those activities,? Mr. Litt said. (Director of National Intelligence James Clapper made the same point to Eli Lake of the Daily Beast last month.) ?Going forward, I believe that the Intelligence Community is going to need to be much more forward-leaning in what we tell the American people about what we do,? Mr. Litt said. ?We need to scrutinize more closely what truly needs to be classified in order to protect what needs to be protected. And we need to move beyond the mindset of merely reacting to formal requests that we make information public, to a mindset of proactively making available as much information as we can, consistent with the need to protect sources and methods.? ?Greater disclosure to the public is necessary to restore the American people?s trust that intelligence activities are not only lawful and important to protecting our national security, but that they are appropriate and proportional in light of the privacy interests at stake. In the long run, our ability to protect the public requires that we have the public?s support,? Mr. Litt said. While Mr. Litt?s remarks conveyed an overall message of beneficence, responsiveness, and good citizenship, they also had some peculiar features. It is disconcerting to realize that the reassessment of classification policy described by Mr. Litt was not prompted by the diligent exercise of congressional oversight or by judicial review or by ordinary advocacy. Rather it was explicitly inspired by the Snowden leaks, which Mr. Litt described as ?criminal.? The upshot is that leaks emerge as a uniquely powerful tool for shaping intelligence classification policy, while conventional checks and balances appear all but irrelevant by comparison. Moreover, the purpose of the newfound push for greater transparency seems to be instrumental, not principled. In other words, it is driven by tactical considerations, not by statutory requirements or any other objective norm. ?I strongly believe that the best way to prevent the damage that leakers can cause is by increased transparency on our part,? Mr. Litt said. ?Transparency can both lessen the incentive for disaffected employees to disclose our activities improperly, and provide the public appropriate context to evaluate leaks when they occur.? That implies that what is needed is only as much transparency as it takes to achieve these imprecise and transient goals. It is a unilateral move that can be unilaterally reversed. And then there is the fact that Mr. Litt?s rethinking of classification policy implies no new institutional reforms or externally-imposed constraints. Instead, the very same people who have classified too much up to now are suddenly expected to change course and to disclose more. It is not immediately clear how or why that would happen. ?There is no question that overclassification of information is a genuine problem,? Mr. Litt said. ?So how do we deal with the problem of overclassification? I think that there are three principal steps we can take.? ?The first is to change the culture. We need high-level management emphasis on the problem of overclassification,? he said. To his credit, Mr. Litt has helped provide such emphasis. ?Second, we need to continue our efforts at proactive transparency? at reviewing information that we have historically protected to see whether, in fact, the overall public interest would better be served by releasing the information.? Significantly, however, he refrained from providing specific performance goals or benchmarks by which future progress could be measured. ?Finally, I think that those in the agencies who are responsible for responding to FOIA requests, and who are representing the government in FOIA litigation, need to look critically at all potentially responsive documents that are classified,? Mr. Litt said. ?We should focus not on whether we can protect information, but whether we should.? This is an interesting formulation. Most FOIA officers do not have authority to declassify records, and the adversarial nature of the FOIA process is rarely conducive to self-critical analysis of established agency policies even by more senior officials. But sometimes it is. In 1997, the Federation of American Scientists filed suit against the CIA for release of the intelligence budget total for that year. The CIA ultimately decided that it could not defend its position of classifying the figure, according to an internal draft statement that was prepared for DCI George Tenet and released by the Clinton Library just last week. ?In order to defend this lawsuit,? the Tenet statement read, ?I, as head of the Intelligence Community, would have had to sign a declaration to the court that release of the figure in question could cause serious damage to the national security. I found that, in good conscience, I could not attest to that statement.? But such judgments are fluid and can be fleeting. Two years later, in response to another lawsuit for the 1999 budget figure, Director Tenet had no trouble declaring under oath that ?Disclosure of? the total appropriation reasonably could be expected to cause damage to the national security in several ways.? So spontaneous gestures of openness and transparency, as welcome as they may be, are imperfect substitutes for systemic change and external accountability. News organizations have now released some 1,300 pages of classified records leaked by Edward Snowden, according to a tally by cryptome.org. In response, US intelligence agencies have declassified and disclosed approximately twice that many. ?Our commitment to increased transparency will continue,? Mr. Litt said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 15:05:09 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Mar 2014 16:05:09 -0400 Subject: [Infowarrior] - Rep. Nadler Claims 'You Bought It, You Own It' Is An 'Extreme Digital View' Message-ID: <77EAAE23-601B-4B5D-B65F-A0A1EA7AC1D9@infowarrior.org> Rep. Nadler Claims 'You Bought It, You Own It' Is An 'Extreme Digital View' from the oh-really? dept We've written about Rep. Jerry Nadler a few times. He recently became the "ranking member" (i.e., highest ranking Democrat) on the House subcommittee on intellectual property, which clearly made copyright maximalists happy. Nadler has a history of heavily supporting copyright maximalist positions, including pushing for what was effectively an RIAA bailout a couple years ago, and has previously supported ridiculous dangerous concepts like a new copyright for fashion designs (and idea that is both unnecessary and likely to harm the fashion industry). He's already off to a dangerous start, introducing a bill to create artist resale rights (something he's done before. This is an issue we've written about many times, creating a ridiculous idea that people who buy artwork no longer own it outright. Any time they resell the artwork at auction, they might have to pay some of the proceeds back to the original artist. As with the fashion copyright idea, what this does is harm innovative new artists by favoring wealthy established artists. As we've discussed, this punishes investors who are willing to support new artists, taking away their incentive to invest in those artists, while at the same time decreasing the incentive for other artists to continue producing art (since now they get paid multiple times for the same work). Given all that, it's quite clear what Rep. Nadler thinks about basic concepts like property rights: he's not a fan at all. In fact, in a rather astounding statement to the Association of American Publishers, Nadler claimed that the idea that "you bought it, you own it" is somehow extremist: ?The ?you bought it, you own it? principle is an extreme digital view and I don?t think it will get much traction,? he said, referring to the mantra of proponents of the right to resell digital goods. Oh really? The specific discussion concerned people wanting to be able to resell used ebooks, just like they can resell regular books. But, really, the idea that "you bought it, you own it" is somehow extremist? Isn't that a fundamental concept in property rights? In fact, we've highlighted how copyright maximalists are trying to destroy property rights by denying people the basic ownership rights over things they bought. It seems extremely troubling when such a key member of the House subcommittee on intellectual property has such a negative view of our basic property rights. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 23:21:20 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 00:21:20 -0400 Subject: [Infowarrior] - =?windows-1252?q?Inside_the_NSA=92s_Secret_Effort?= =?windows-1252?q?s_to_Hunt_and_Hack_System_Administrators?= Message-ID: Inside the NSA?s Secret Efforts to Hunt and Hack System Administrators https://firstlook.org/theintercept/article/2014/03/20/inside-nsa-secret-efforts-hunt-hack-system-administrators/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 20 23:33:47 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 00:33:47 -0400 Subject: [Infowarrior] - Syrian hackers claim to reveal how much FBI pays Microsoft for customer data Message-ID: <4A1C0EA5-6F02-49EB-9C66-1E5F319EF830@infowarrior.org> Syrian hackers claim to reveal how much FBI pays Microsoft for customer data Published time: March 21, 2014 01:47 http://rt.com/usa/syrian-hackers-reveal-fbi-microsoft-205/ Syrian Electronic Army (SEA) hackers have reportedly obtained documents that reveal how much money the FBI pays Microsoft each time agents try to obtain or view an individual customer?s communication information. The SEA, a group that has made headlines in the past for infiltrating Western media outlets that it perceives to be against Syrian President Bashar Assad, provided a trove of emails and invoices to the Daily Dot, which analyzed the documents before publishing them. ?The documents consist of what appear to be invoices and emails between Microsoft?s Global Criminal compliance team and the FBI?s Digital Intercept Technology Unit (DITU), and purport to show exactly how much money Microsoft charges DITU, in terms of compliance costs, when DITU provides warrants and court orders for customers? data,? wrote the Daily Dot?s Kevin Collier and Fran Berman. ?In December 2012, for instance, Microsoft emailed DITU a PDF invoice for $145,100, broken down to $100 per request for information, the documents appear to show,? they went on. ?In August 2013, Microsoft allegedly emailed a similar invoice, this time for $352, 200 at a rate of $200 per request. The latest invoice provided, from November 2013, is for $281,000.? The documents make clear just how often law enforcement officials work to acquire information that individuals would likely consider private. DITU agents seem to have filed requests for information from Microsoft hundreds of times each month, finding success by preying on sympathetic relationships at the company. From Microsoft?s perspective, though, nothing about the arrangement is out of the ordinary. ?Regarding law enforcement requests, there?s nothing unusual here,? a company spokesperson told The Verge?s Valentina Palladino. ?Under US law, companies can seek reimbursement for costs associated with complying with valid legal orders for customer data. We attempt to recover some of the costs associated with such orders.? While the public now has a basic figure showing how much taxpayer money is dedicated to surveillance, these numbers only include Microsoft ? whereas the taxpayer cost for companies like Verizon, Google, and others are almost certainly in the millions as well. The ongoing debate over security versus privacy has been making headlines since Edward Snowden leaked classified intelligence files obtained from the US National Security Agency. The initial public reaction put at least some of the blame at the feet of the major communication and data companies, though it has since been revealed that these corporations are legally required to provide information that the government requires. Consequently, the SEA?s hack essentially makes clear how much money Microsoft charged the government for work that the company had already completed at investigators? behest. Similar relationships have turned sour, as US Department of Justice lawyers announced earlier this month that they had filed suit against Sprint. The attorneys claim the corporation, when issuing invoices for three years of surveillance, overcharged the government by $21 million, inflating the actual cost by 58 percent. Furthermore, the government accused Sprint of ?knowingly? submitting ?false claims to federal law enforcement agencies.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 07:21:32 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 08:21:32 -0400 Subject: [Infowarrior] - Obama to meet again with tech CEOs about NSA Message-ID: <4DC9C2F9-AF3F-464B-9BF7-E6E19F2ADD71@infowarrior.org> Barack Obama to meet again with tech CEOs about NSA By: Tony Romm March 20, 2014 11:40 PM EDT http://dyn.politico.com/printstory.cfm?uuid=B299CF88-2C1C-41A4-9377-2F784EF6EE64 President Barack Obama will huddle with ?tech CEOs? on Friday to ?continue his dialogue with them on the issues of privacy, technology, and intelligence,? according to a White House official. The Obama administration declined to provide a full list of chief executives who will be attending the meeting, which the White House first revealed on the president?s schedule earlier Thursday night. But industry sources later indicated that Google, Facebook and Yahoo, among many others, have received invites ? and Facebook chief Mark Zuckerberg is slated to join the sit-down, according to one of the sources. The meeting comes days after Zuckerberg called Obama personally to voice his displeasure with the latest round of NSA revelations. ?Unfortunately, it seems like it will take a very long time for true full reform,? Zuckerberg wrote in a Facebook post on March 13. He stressed the U.S. government needed to be ?much more transparent about what they?re doing.? Yahoo CEO Marissa Mayer ? who attended a meeting with Obama and other tech leaders to talk surveillance in December ? was among the CEOs invited to this Friday?s session. But she ultimately couldn?t make the trip on short notice, industry sources said. Google, Facebook and Yahoo ? and many other tech giants involved in the surveillance battle in Washington ? did not immediately return calls for comment. The meeting comes at a critical juncture in the NSA reform debate. The president soon will announce the future of the phone metadata program, as he promised in a January speech, while the Hill is racing toward a series of new bills that could refine existing surveillance programs before some of those authorities expire. Moreover, the White House recently has commenced a comprehensive look at the intersection of big data and privacy, a process that?s directly impacted top tech companies and their trade associations. And Obama?s fiscal-year 2015 budget specifically calls for the creation of an Internet-policy focused arm of the Commerce Department, though the administration has not yet provided further details on what that effort entails. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 07:43:12 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 08:43:12 -0400 Subject: [Infowarrior] - Microsoft tightens privacy policy after admitting to reading journalist's emails Message-ID: <65CBAB92-1E14-4BC6-91D9-5EFC0BC9ADC1@infowarrior.org> (Too little, too late. --rick) Microsoft tightens privacy policy after admitting to reading journalist's emails After outrage from privacy campaigners, the tech firm will now seek legal advice before examining the contents of customers? inboxes ? Alex Hern ? theguardian.com, Friday 21 March 2014 06.34 EDT Microsoft has tightened up its privacy policy after admitting to reading emails from a journalist?s Hotmail account while tracking down a leak. The new rules prevent the company from snooping on customers? communications without first convincing two legal teams, independent of the internal investigation, that they have evidence sufficient to obtain a court order were one applicable. The company did not apologise for the search. John Frank, vice president and deputy general counsel at the firm, says that following coverage of the case in the Guardian and elsewhere, Microsoft wants ?to provide additional context regarding how we approach these issues generally and how we are evolving our policies. ?Courts do not issue orders authorising someone to search themselves, since obviously no such order is needed,? he continues. ?So even when we believe we have probable cause, it?s not feasible to ask a court to order us to search ourselves. However, even we should not conduct a search of our own email and other customer services unless the circumstances would justify a court order, if one were available.? As well as requiring an internal and external review of the evidence, Frank also promises to confine any future searches ?to the matter under investigation and not search for other information?. Finally, he says that the firm will begin to ?report the data on the number of these searches that have been conducted and the number of customer accounts that have been affected? in its bi-annual transparency report. ?The only exception to these steps will be for internal investigations of Microsoft employees who we find in the course of a company investigation are using their personal accounts for Microsoft business,? Frank concludes. ?And in these cases, the review will be confined to the subject matter of the investigation.? The initial search occurred in September 2012, when the company was attempting to discover who had handed an anonymous blogger the source code to Windows 8, its then-upcoming operating system. It discovered that the blogger was using a Microsoft Hotmail email address, and that they had used it to send the code to a third party. ?After confirmation that the data was Microsoft?s proprietary trade secret, on September 7, 2012 Microsoft?s office of legal compliance (OLC) approved content pulls of the blogger?s Hotmail account?, said FBI agent Armando Ramirez III in court papers filed Monday. The company?s user agreement reserves the right to carry out such searches, even after the changes Frank announced. ?We may access information about you, including the content of your communications, to protect the rights or property of Microsoft,? it reads. The news of the search sparked immediate reaction following the Guardian?s report on Thursday. Parker Higgins, an activist for San Francisco-based pressure group EFF, wrote that the decision was a ?very bad move? and that he was ?reeling from this Microsoft story. Journalists need to be wary of government and corporate espionage. Knowing your source?s ID is a liability.? Microsoft has taken a further PR hit due to the fact that email privacy has been a key weapon in its fight against Google?s dominance of the sector. In the company?s ?Scroogled!? campaign, it emphasises that ?Outlook.com [the service which replaced Hotmail] prioritises your privacy? Your email is nobody else?s business.? It even offers a petition asking customers to ?tell Google to stop! Let them know they shouldn?t go through your email?. Full statement by John Frank, Microsoft?s vice president and deputy general counsel...... < -- > http://www.theguardian.com/technology/2014/mar/21/microsoft-tightens-privacy-policy-journalists-emails --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 12:14:39 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 13:14:39 -0400 Subject: [Infowarrior] - Navy database tracks civilians' parking tickets, fender-benders, more Message-ID: <421A33F8-57C2-43F5-9FCB-2DE11223BCA6@infowarrior.org> Navy database tracks civilians' parking tickets, fender-benders, raising fears of domestic spying By Mark Flatten | MARCH 21, 2014 AT 5:18 AM http://washingtonexaminer.com/navy-database-tracks-civilians-parking-tickets-fender-benders-raising-fears-of-domestic-spying/article/2546038 The Law Enforcement Information Exchange, or LinX, has already amassed 506.3 million law... A parking ticket, traffic citation or involvement in a minor fender-bender are enough to get a person's name and other personal information logged into a massive, obscure federal database run by the U.S. military. The Law Enforcement Information Exchange, or LinX, has already amassed 506.3 million law enforcement records ranging from criminal histories and arrest reports to field information cards filled out by cops on the beat even when no crime has occurred. LinX is a national information-sharing hub for federal, state and local law enforcement agencies. It is run by the Naval Criminal Investigative Service, raising concerns among some military law experts that putting such detailed data about ordinary citizens in the hands of military officials crosses the line that generally prohibits the armed forces from conducting civilian law enforcement operations. Those fears are heightened by recent disclosures of the National Security Agency spying on Americans, and the CIA allegedly spying on Congress, they say. Eugene Fidell, who teaches military law at Yale Law School, called LinX ?domestic spying.? ?It gives me the willies,? said Fidell, a member of the Defense Department?s Legal Policy Board and a board member of the International Society for Military Law and the Law of War. Fidell reviewed the Navy's LinX website at the request of the Washington Examiner to assess the propriety of putting such a powerful database under the control of a military police entity. ?Clearly, it cannot be right that any part of the Navy is collecting traffic citation information,? Fidell said. ?This sounds like something from a third-world country, where you have powerful military intelligence watching everybody.? The military has a history of spying on Americans. The Army did it during the Vietnam War and the Air Force did it after the Sept. 11 terror attacks. Among the groups subjected to military spying in the name of protecting military facilities from terrorism was a band of Quakers organizing a peace rally in Florida. LinX administrators say it is nothing more than an information-sharing network that connects records from participating police departments across the country. LinX was created in 2003 and put under NCIS, which has counterterrorism and intelligence-gathering missions in addition to responsibility for criminal investigations. LinX was originally supposed to help NCIS protect naval bases from terrorism. More than 1,300 agencies participate, including The FBI and other Department of Justice divisions, the Department of Homeland Security and the Pentagon. Police departments along both coasts and in Texas, New Mexico, Alaska and Hawaii are in LinX. The number of records in the system has mushroomed from about 50 million in 2007 to more than 10 times that number today. Background checks for gun sales and applications for concealed weapons permits are not included in the system, according to NCIS officials and representatives of major state and local agencies contacted by the Examiner. The director of NCIS, Andrew Traver, drew stiff opposition from the National Rifle Association after President Obama twice nominated him to be head of the Bureau of Alcohol, Tobacco, Firearms and Explosives. The nomination failed to go forward in the Senate both times, largely because of what the NRA described as Traver's advocacy for stricter gun laws. He became NCIS director in October. NCIS officials could not say how much has been spent on LinX since it was created 2003. They provided figures since the 2008 fiscal year totaling $42.3 million. Older records are not available from NCIS. Incomplete data from USAspending.gov shows at least $7.2 million more was spent between 2003 and 2008. The actual figure is probably much higher, since the spending listed on the disclosure site only totals $23 million since 2003. Other law enforcement databases have limited information on things like criminal histories, said Kris Peterson, LinX division chief at NCIS. More detailed narratives and things like radio dispatch logs and pawn shop records don?t show up in those databases, but are available in LinX, he said. Participating agencies must feed their information into the federal data warehouse and electronically update it daily in return for access. Why LinX wound up in the NCIS, a military law enforcement agency, is not clear. Current NCIS officials could not explain the reasoning, other than to say it grew out of the department's need for access to law enforcement records relevant to criminal investigations. A 2008 investigation into the removal of nine U.S. attorneys during the George W. Bush administration found that an overly aggressive push for DOJ to embrace LinX led to the firing of John McKay, then the U.S. attorney for western Washington state. A DOJ inspector general's report said McKay developed the initiative with NCIS officials, and that NCIS agreed to fund it. Neither McKay nor David Brant, head of NCIS at the time, could be reached for comment. The FBI, a DOJ entity, has since built its own system similar to LinX, called the National Data Exchange or N-Dex. The systems are connected, and much of the information in N-Dex comes from LinX, said Christopher Cote, assistant director for information technology at NCIS. Putting the military in control of so much information about civilians is what makes people like Fidell nervous. Americans have distrusted the use of the military for civilian law enforcement since before the Revolutionary War, he said. Since the passage of the Posse Comitatus Act of 1878, it has been illegal for the military to engage in domestic law enforcement except in limited circumstances, such as quelling insurrections. The limits in the law were largely undefined for almost a century. In 1973, the Army provided logistical support for FBI agents trying to break the standoff with American Indian Movement militants at Wounded Knee, S.D. Several criminal defendants later argued the use of the military was illegal under Posse Comitatus. Ensuing court decisions decreed that using the military for direct policing, such as making arrests or conducting searches, was illegal and should be left to civilian departments. Providing logistical support, equipment and information are allowed. Since then, the law has been loosened to allow limited military participation in certain large-scale anti-drug investigations. Aside from the legal issues is the problem of ?mission creep,? said Gene Healy, vice president of the Cato Institute and an Examiner columnist, who has written about the overreach of the military in civilian law enforcement. What begins as a well-meaning and limited effort to assist local police can grow into a powerful threat to constitutional protections, Healy said. A recent example of mission-creep gone awry is the Threat And Local Observation Notice, or TALON, program created by the Air Force at the same time LinX was launched. Like LinX, TALON?s purpose was to create a network for information-sharing among federal, state and local police agencies that could be used to help protect military facilities. In 2005, media reports showed TALON was being used to spy on anti-war groups, including the Quakers. TALON was disbanded in 2007. ?The history of these programs is that they tend to metastasize and that there is mission creep that involves gathering far more information than is needed,? said Healy. ?In general, what you see in these programs is they start out very narrow and they expand beyond the limits of their original logic. Repeatedly throughout American history, what starts small becomes larger, more intrusive, more troubling,? he said. LinX can only be used for law enforcement purposes, though intelligence and counter-terror officers at NCIS do have access to the system, Cote said. TALON was primarily an intelligence-gathering network. The rules governing LinX are almost identical to those controlling other federal databases run by the FBI, he said. While NCIS is a military police unit, its agents are civilian employees equivalent to those at the FBI and other federal agencies, said NCIS spokesman Ed Buice. While there are limits on military enforcement of civilian laws, it is allowed if it is done ?primarily for a military purpose,? which is how NCIS uses the system, Buice said. Before LinX was launched, NCIS briefed representatives of the ACLU, ?who didn't even blink,? he added. Chris Calabrese, legislative counsel for the ACLU, said he doesn?t know who, if anyone, in the organization would have told the Navy that LinX raised no concerns. Calabrese was not particularly troubled about LinX being run by the military, though he did question why it is necessary since most of the same information is available in the FBI's N-Dex database. Generally, the ACLU recognizes the need for police to collect and share information about criminal activity ? things like felony histories and outstanding warrants. Civil libertarians get more concerned as more trivial information on average citizens is collected under the guise of protecting the public, especially absent some reasonable suspicion that a crime has been committed, he said. Pawn shop records and parking tickets are that kind of questionable information. ?To me, that may be where you are starting to cross the line on mass collection of information on innocent people just because you can,? Calabrese said. ?We live now in a world of records where everything we do is generating a record. So the standard can?t be, 'We have to keep it all because it might be useful for something some day.' The rationale has to be more finely tuned than that,? he said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 12:21:53 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 13:21:53 -0400 Subject: [Infowarrior] - Republicans get gTLD name Message-ID: <375E35F2-CE60-4C6A-AF45-2BD118C7D469@infowarrior.org> c/o Ferg..... it's not exactly a Friday Funny, but maybe it could be??? Subject: [gtldnotification] New gTLD Registry Agreement for republican Date: Fri, 21 Mar 2014 05:08:36 +0000 (GMT) TLD: republican Date of Contract Signature: 2014-03-20 Registry Operator: United TLD Holdco Ltd. Application ID: 1-1255-42012 (And yes, I'd be snarking any dot-democrat gTLD, too.) Ready for .gop? By Julian Hattem March 15, 2014, 02:57 pm If the political campaigns of the future will be waged online, the Republican Party hopes to keep the fight on its turf with .gop domain names. As soon as next week, the GOP hopes to roll out the first ever partisan top-level domain name. And, if all goes according to plan, candidates and activists will be operating from websites ending in .gop by the midterm elections in November. ?We know that this going to be a major factor in helping Republicans organize online,? said Will Martinez, vice president for sales and marketing with the Republican State Leadership Committee?s effort. Partly, the movement hopes to counterbalance the vastly superior technology focus that President Obama?s reelection team had in the 2012 election. The Republican Party?s so-called autopsy report after that election repeatedly noted the importance of web strategy and new media outreach for modern politics. ?It?s not by any means a silver bullet or something that closes a tech or data deficiency, but it does take a big step forward in terms of creating a culture where the latest digital trends are part of the conversation in the GOP,? Martinez said. < -- > Read more: http://thehill.com/blogs/hillicon-valley/technology/200859-ready-for-gop#ixzz2wcPaqDDK From rforno at infowarrior.org Fri Mar 21 18:10:22 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 19:10:22 -0400 Subject: [Infowarrior] - DiFi charges ahead w/her delusions Message-ID: <5FE31AE3-1357-43B6-BC2F-C08E9546E581@infowarrior.org> Dianne Feinstein Still A Believer In Collecting All Phone Records; Pretends That Such Collection Has Stopped Terrorists from the not-very-convincing dept It would appear that Senator Dianne Feinstein's newly discovered anger about the CIA spying on the metadata of her staffers hasn't yet lead to the recognition of why the American public is upset about the NSA collecting all of our metadata. Despite two different executive branch review boards and a federal judge declaring the program to likely be both unconstitutional and illegal (though, yes, other courts have disagreed) and (importantly) President Obama asking Congress to figure out a way to end the program, Feinstein still insists the program is great. Even more bizarre, she claims that it has helped stop terrorist attacks -- an argument that even the NSA is no longer making after its original claims about that were totally debunked. However, a new statement from Feinstein on the program insists that it's legal and Constitutional, and has helped stop terrorists. Because she says so? < - > http://www.techdirt.com/articles/20140321/12430826650/dianne-feinstein-still-believer-collecting-all-phone-records-pretends-that-such-collection-has-stopped-terrorists.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 20:59:25 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 21:59:25 -0400 Subject: [Infowarrior] - Judge Walton Catches The DOJ Withholding Info About NSA Metadata Lawsuits Message-ID: Judge Walton Catches The DOJ Withholding Info About NSA Metadata Lawsuits from the I-may-actually-miss-this-guy-once-he's-gone dept http://www.techdirt.com/articles/20140321/12060026649/judge-walton-catches-doj-withholding-info-about-nsa-metadata-lawsuits.shtml Another FISC opinion and order has just been released dealing with the NSA's retention of metadata that may be used as evidence in some ongoing lawsuits against the government. The DOJ had originally asked to hold onto the pertinent data past the five-year expiration date because of these pending lawsuits. This request was shot down by FISC judge Reggie Walton, who stated that holding Americans' data past the disposal date put the surveillance programs on shaky Constitutional grounds, while also pointing out that the government's arguments relied on caselaw dealing with the retention of corporate documents, something which clearly wasn't in the same league as data collected on Americans. Shortly thereafter, a federal court handling two lawsuits (Jewel v. NSA [this is an EFF lawsuit originally filed in 2008], First Unitarian Church v. NSA) centered on NSA domestic surveillance issued a temporary restraining order on the destruction of relevant metadata. This was brought about by the DOJ's announcement that it would begin destroying the relevant data for these two cases based on Walton's February order. This is where the DOJ starts looking very shady, according to Judge Walton's recounting of the events. < - > This latest order from Judge Walton shows that the government wants to destroy data that might be used as evidence. There was some back-and-forth previous to this, but the DOJ probably had a good idea what Judge Walton would say back in February when it showed up to ask to hold on to domestic surveillance records indefinitely, deploying civil litigation guidelines and common law requirements as its only rhetorical weapons. Walton refused and the DOJ went happily off to tell plaintiffs that the FISA court had overridden their existing preservation orders. If the plaintiffs hadn't asked for a temporary restraining order, it might have gotten away with it. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 21 21:01:32 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 21 Mar 2014 22:01:32 -0400 Subject: [Infowarrior] - =?windows-1252?q?Tech_CEOs_Meet_With_Obama_for_?= =?windows-1252?q?=93Honest_Talk=94_About_NSA?= Message-ID: Tech CEOs Meet With Obama for ?Honest Talk? About NSA March 21, 2014, 5:19 PM PDT By Amy Schatz http://recode.net/2014/03/21/tech-ceos-meet-with-obama-for-honest-talk-about-nsa/ Facebook CEO Mark Zuckerberg and a handful of other CEOs had an ?honest talk? with President Obama Friday afternoon at a hastily arranged meeting to discuss Silicon Valley?s continued unhappiness with U.S. government surveillance practices White House officials characterized the meeting as a ?continued dialogue? on the surveillance issue, but it appeared to be a direct reaction to a blistering post the Facebook co-founder published last week criticizing the administration?s efforts thus far to change the National Security Agency?s data collection practices. Zuckerberg ?brought his concerns about government surveillance directly to the president today? and the CEOs had ?an honest talk about government intrusion on the Internet and the toll it is taking on people?s confidence in a free and open Internet,? a Facebook spokeswoman said in a statement after the meeting. ?While the U.S. government has taken helpful steps to reform its surveillance practices, these are simply not enough,? the statement continued. Several other tech companies with CEOs at the meeting declined to comment, including Netflix and Google. White House officials said President Obama ?reiterated his administration?s commitment to taking steps that can give people greater confidence that their rights are being protected while preserving important tools that keep us safe.? Invitations to the CEOs were sent just a few days after Zuckerberg posted his scathing comments. Zuckerberg complained about the Obama administration?s slow response to concerns raised by the public and tech companies. The post appeared to be sparked by news reports that suggested the NSA had used a fake Facebook server to obtain files and infect targets? computers. ?The U.S. government should be the champion for the Internet, not a threat. They need to be much more transparent about what they?re doing, or otherwise people will believe the worst,? Zuckerberg posted on Facebook, adding that he?d called President Obama to complain. ?Unfortunately, it seems like it will take a very long time for true full reform.? The Friday meeting was a follow-up with tech CEOs ?to continue his dialogue with them on the issues of privacy, technology and intelligence,? White House Press Secretary Jay Carney said Friday. In January, the president laid out a framework for reforming the NSA?s surveillance methods, which have become a particular problem for tech companies trying to do business overseas, as the New York Times noted Friday morning. Concerns about NSA spying and its effect on consumer confidence in tech companies like Dropbox and Facebook has become a major issue for the industry in Washington and has prompted many companies to increase their lobbying efforts. Several companies sued the government for the right to release more information about NSA information requests. Those suits were later dropped after the companies reached an agreement with federal officials that allows companies to release more information about intelligence requests. They?ve formed lobbying groups like Reform Government Surveillance to coordinate their efforts. CEOs present at the Friday meeting included: ? Eric Schmidt of Google ? Mark Zuckerberg of Facebook ? Reed Hastings of Netflix ? Drew Houston of Dropbox ? Alexander Karp of Palantir Technologies ? Aaron Levie of Box Several other CEOs couldn?t rearrange their schedules after getting an invite last Saturday, including Yahoo?s Marissa Mayer and Microsoft CEO Satya Nadella, industry officials said. Mayer attended a similar meeting of tech CEOs in December at the White House that was supposed to be about how to improve HealthCare.gov, but quickly turned into a complaint session about NSA surveillance techniques. In mid-January, Obama announced the Justice Department and intelligence community had until the end of March to make recommendations on how to overhaul the NSA?s phone-data collection program. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 22 10:03:26 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 22 Mar 2014 11:03:26 -0400 Subject: [Infowarrior] - Spying: How Orange and intelligence services cooperate Message-ID: <2F0A4A5F-F2ED-47C0-B3C2-4F675B9BD43C@infowarrior.org> Spying: How Orange and intelligence services cooperate LE MONDE | 03/20/2014 at 11:25 ? Updated 21/03/2014 at 7:44 | By Jacques Follorou http://translate.google.co.in/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.lemonde.fr%2Finternational%2Farticle%2F2014%2F03%2F20%2Fdgse-orange-des-liaisons-incestueuses_4386264_3210.html&act=url We often learn more things about ourselves by people who do not belong to your family . The British, a little unwillingly, we just inform on highly confidential relationship between services french secrets, the Directorate General for External Security (DGSE) and the incumbent telecommunications operator France Telecom, which took the name d ' Orange in February 2012. According to an internal document of the British secret service technical (GCHQ), the equivalent of the U.S. National Security Agency (NSA), the DGSE has a close cooperation with "a French telecommunications operator." The length of their relationship, the description of the specific expertise of the company as well as the investigation of the World used to conclude that it is France Telecom- Orange . According to GCHQ, the DGSE and the French incumbent work together to improve the national interception networks communication skills and work together to break the encryption of data flowing through the network. France Telecom is a major player in the surveillance system in France. DATA COLLECTION FREE OF CONTROL This note, taken from the archives of the NSA by her ex-consultant Edward Snowden, ensures that the relationship between the French DGSE and the operator is a major advantage over its Western counterparts. One of the strengths of the DGSE lies in the fact that not only the permissions granted by the legislature to access customer data from France Telecom- Orange . It has especially without the knowledge of control, a free and access total to networks and data flow passing through. This free collection of control, through the French operator on massive data concerning both French and foreigners. It is used by the DGSE, which puts it at the disposal of all French intelligence agencies to track the sharing of technical information and its database. These data are also shared with foreign allies such as GCHQ. Finally, the French operator develops, in partnership with the DGSE, research in cryptology. At the highest level of the State, in France, we refuse to comment, but it tells the world that if the public authority became a minority (27%) in the capital of France Telecom, the oldest French operator still considered "a public service delegation." The expertise of the company, which was first administration, contributes in an essential way, "as now" on homeland security and autonomy of decision of the French leaders. "The relationship between France Telecom and the DGSE is not the same as that found in the Prism NSA program, which has contractual relationships with Internet giants, says a former chief of French intelligence service. In France is consubstantial. "There is no formalization of this cooperation between the DGSE and France Telecom-Orange. It is worn by persons authorized secret- defense within the company, and perpetuated for at least thirty years by engineers who commute between the two institutions. "INTERNAL USE AND UNOFFICIAL" Daily in the company, this link is managed by a very small number of people in three services. Management networks in the first place, manages, including the so-called "landing" stations, where Telecom-Orange submarine cables affecting France France berth and transit of the massive flows of data collected. Presorting can easily be carried out in different countries and regions of origin, and everything is stored in the premises of the DGSE. "The mass transit data is stored for internal and unofficial usage, details a frame attached to the management of networks. But the focal point is the access provider, like that, you cross traffic of the data and the identity of those who exchange. It is for this reason that the DGSE is in contact with all French operators. " DGSE also relies on international direction of the operator, which operates subsidiaries mobile abroad. Orange plays in some cases a strategic role. He has accompanied the French military operations in Mali and the Central African Republic . Finally, security management, guarded ancient art direction of the DGSE hunting is the main interlocutor of the secret services. It ensures, with Orange Business Services, on issues of data protection and decryption. Asked the boss of Orange, St?phane Richard, stated that "persons authorized secret defense may have to manage within the company, the relationship with the State services including access to networks, but they do not have to let me see . All this is done under the responsibility of public authorities within a legal framework. " DGSE has refused to comment. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 22 10:07:40 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 22 Mar 2014 11:07:40 -0400 Subject: [Infowarrior] - Sarah Harrison speaks out Message-ID: <93DE970A-3FC7-4A05-A0D7-CDF0B0228A0A@infowarrior.org> Britain is treating journalists as terrorists ? believe me, I know My links to WikiLeaks and Edward Snowden mean I am treated as a threat and can't return to the UK. We need a free speech roadmap ? Sarah Harrison ? The Guardian, Friday 14 March 2014 09.38 EDT ? Jump to comments (595) http://www.theguardian.com/commentisfree/2014/mar/14/britain-journalists-terrorists-edward-snowden-nsa Free speech and freedom of the press are under attack in the UK. I cannot return to England, my country, because of my journalistic work with NSA whistleblower Edward Snowden and at WikiLeaks. There are things I feel I cannot even write. For instance, if I were to say that I hoped my work at WikiLeaks would change government behaviour, this journalistic work could be considered a crime under the UK Terrorism Act of 2000. The act gives a definition of terrorism as an act or threat "designed to influence the government", that "is made for the purpose of advancing a political, religious, racial or ideological cause" and that would pose a "serious risk" to the health or safety of a section of the public. UK government officials have continually asserted that this risk is present with the disclosure of any "classified" document. Elsewhere the act says "the government" means the government of any country ? including the US. Britain has used this act to open a terrorism investigation relating to Snowden and the journalists who worked with him, and as a pretext to enter the Guardian's offices and demand the destruction of their Snowden-related hard drives. Britain is turning into a country that can't tell its terrorists from its journalists. The recent judgment in the Miranda case proves this. David Miranda was assisting journalist Glenn Greenwald and transited through Heathrow with journalists' documents when he was held under schedule 7 of the Terrorism Act last summer. Schedule 7 means a person can be stopped and detained at a UK port for up to nine hours and affords no right to silence. It compels you to answer questions and give up any documents you possess, and so forced Miranda to hand over his Snowden documents. Subsequently Miranda fought a case against the UK government over the legality of his detainment, to show how this act infringes upon journalists' ability to work freely. Outrageously, the court found politically transparent excuses to ignore the well-defined protections for freedom of expression in the European convention on human rights. If Britain is going to investigate journalists as terrorists take and destroy our documents, force us to give up passwords and answer questions ? how can we be sure we can protect our sources? But this precedent is now set; no journalist can be certain that if they leave, enter or transit through the UK this will not happen to them. My lawyers advise me not to return home. Snowden's US legal adviser, Jesselyn Radack, was questioned about Julian Assange and her client when she entered the UK recently. I am strongly connected to both men: I work for one, and rescued and watched over the other for four months. In addition, if schedule 7 is used to stop me upon entering the country . I could not answer such questions or relinquish anything, as this would be a risk to WikiLeaks's journalistic work, our people and our sources. As I would have no right to silence under this act, I would be committing a crime in the government's eyes. A conviction for "terrorism" would have severe consequences for free movement across international borders. Schedule 7 is not really about catching terrorists, even in its own terms. The Miranda judgment states that it has in this case "constituted an indirect interference with press freedom" and is admittedly "capable, depending on the facts, of being deployed so as to interfere with journalistic freedom". Officers can detain someone not because they suspect them of being involved in terrorist activities, but to see "if someone appears" to ? even indirectly ? be facilitating the bizarre definition of terrorism used in the act. Mr Justice Ouseley, who also presided over Assange's extradition case, stated in his judgment that an officer can act on "no more than hunch or intuition". It is now decreed by our courts that it is acceptable to interfere with the freedom of the press, based on a hunch ? all in the name of "national security". Today instead of meaning "to ensure the stability of a nation for its people", national security is a catchphrase rolled out by governments to justify their own illegalities, whether that be invading another country or spying on their own citizens. This act ? it is now crystal clear ? is being consciously and strategically deployed to threaten journalists. It has become a tool for securing the darkness behind which our government can construct a brand new, 21st-century Big Brother. This erosion of basic human civil rights is a slippery slope. If the government can get away with spying on us ? not just in collusion with, but at the behest of, the US ? then what checks and balances are left for us to fall back on? Few of our representatives are doing anything to act against this abusive restriction on our press freedoms. Green MP Caroline Lucas tabled an early day motion on 29 January but only 18 MPs have signed it so far. From my refuge in Berlin, this reeks of adopting Germany's past, rather than its future. I have thought about the extent to which British history would have been the poorer had the governments of the day had such an abusive instrument at their disposal. What would have happened to all the public campaigns carried out in an attempt to "influence the government"? I can see the suffragettes fighting for their right to vote being threatened into inaction, Jarrow marchers being labelled terrorists, and Dickens being locked up in Newgate prison. In their willingness to ride roughshod over our traditions, British authorities and state agencies are gripped by an extremism that is every bit as dangerous to British public life as is the (real or imaginary) threat of terrorism. As Ouseley states, journalism in the UK does not possess a "constitutional status". But there can be no doubt that this country needs a freedom of speech roadmap for the years ahead. The British people should fight to show the government we will preserve our rights and our freedoms, whatever coercive measures and threats it throws at us. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 22 13:48:23 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 22 Mar 2014 14:48:23 -0400 Subject: [Infowarrior] - NSA Spied on Chinese Government and Huawei Message-ID: Targeting Huawei: NSA Spied on Chinese Government and Networking Firm http://www.spiegel.de/international/world/nsa-spied-on-chinese-government-and-networking-firm-huawei-a-960199.html According to documents viewed by SPIEGEL, America'a NSA intelligence agency put considerable efforts into spying on Chinese politicians and firms. One major target was Huawei, a company that is fast becoming a major Internet player. The American government conducted a major intelligence offensive against China, with targets including the Chinese government and networking company Huawei, according to documents from former NSA worker Edward Snowden that have been viewed by SPIEGEL. Among the American intelligence service's targets were former Chinese President Hu Jintao, the Chinese Trade Ministry, banks, as well as telecommunications companies. But the NSA made a special effort to target Huawei. With 150,000 employees and ?28 billion ($38.6 billion) in annual revenues, the company is the world's second largest network equipment supplier. At the beginning of 2009, the NSA began an extensive operation, referred to internally as "Shotgiant," against the company, which is considered a major competitor to US-based Cisco. The company produces smartphones and tablets, but also mobile phone infrastructure, WLAN routers and fiber optic cable -- the kind of technology that is decisive in the NSA's battle for data supremacy. A special unit with the US intelligence agency succeeded in infiltrating Huwaei's network and copied a list of 1,400 customers as well as internal documents providing training to engineers on the use of Huwaei products, among other things. Source Code Breached According to a top secret NSA presentation, NSA workers not only succeeded in accessing the email archive, but also the secret source code of individual Huwaei products. Software source code is the holy grail of computer companies. Because Huawei directed all mail traffic from its employees through a central office in Shenzhen, where the NSA had infiltrated the network, the Americans were able to read a large share of the email sent by company workers beginning in January 2009, including messages from company CEO Ren Zhengfei and Chairwoman Sun Yafang. "We currently have good access and so much data that we don't know what to do with it," states one internal document. As justification for targeting the company, an NSA document claims that "many of our targets communicate over Huawei produced products, we want to make sure that we know how to exploit these products." The agency also states concern that "Huawei's widespread infrastructure will provide the PRC (People's Republic of China) with SIGINT capabilities." SIGINT is agency jargon for signals intelligence. The documents do not state whether the agency found information indicating that to be the case. The operation was conducted with the involvement of the White House intelligence coordinator and the FBI. One document states that the threat posed by Huawei is "unique". The agency also stated in a document that "the intelligence community structures are not suited for handling issues that combine economic, counterintelligence, military influence and telecommunications infrastructure from one entity." Fears of Chinese Influence on the Net The agency notes that understanding how the firm operates will pay dividends in the future. In the past, the network infrastructure business has been dominated by Western firms, but the Chinese are working to make American and Western firms "less relevant". That Chinese push is beginning to open up technology standards that were long determined by US companies, and China is controlling an increasing amount of the flow of information on the net. In a statement, Huawei spokesman Bill Plummer criticized the spying measures. "If it is true, the irony is that exactly what they are doing to us is what they have always charged that the Chinese are doing through us," he said. "If such espionage has been truly conducted, then it is known that the company is independent and has no unusual ties to any government and that knowledge should be relayed publicly to put an end to an era of mis- and disinformation." Responding to the allegations, NSA spokeswoman Caitlin Hayden said she should could not comment on specific collection activities or on the intelligence operations of specific foreign countries, "but I can tell you that our intelligence activities are focused on the national security needs of our country." She also said, "We do not give intelligence we collect to US companies to enhance their international competitiveness or increase their bottom line." Editor's note: A longer version of this story will appear in German in the issue of SPIEGEL to be published on Monday. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Mar 23 11:30:45 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 23 Mar 2014 12:30:45 -0400 Subject: [Infowarrior] - Rep Rogers 'links' Snowden to Crimea Message-ID: <8FAB7427-C72D-4FFA-A276-A9A0CB701079@infowarrior.org> Once again, Rep Mike Rogers is demonstrating that he is full of something or other ?. but certainly not facts or a grasp of reality. Sheer speculation on his behalf, as usual. ?rick Snowden 'supporting, in an odd way,' Russia's Crimea incursion, Rogers says By ERIC BRADNER 3/23/14 10:59 AM EDT http://www.politico.com/blogs/politico-live/2014/03/snowden-supporting-in-an-odd-way-russias-crimea-incursion-185571.html The chairman of the House Intelligence Committee is pinning some blame for Russia?s incursion into Ukraine?s Crimean peninsula on Edward Snowden. Rep. Mike Rogers (R-Mich.) said Sunday on NBC?s ?Meet the Press? that he believes there is ?good evidence? that the former National Security Agency contractor hasn?t told the truth about his activities in Hong Kong and Moscow ? and that Snowden had earlier help from Russian intelligence operatives than he has previously admitted. ?I do believe there?s more to this story,? Rogers said. ?He is under the influence of Russian intelligence officials today. He?s actually supporting, in an odd way, this very activity of brazen brutality and expansionism of Russia. He needs to understand that.? He didn?t elaborate on what he sees as Snowden?s connection to the standoff between Russia and western countries over Crimea. Rogers said ?every counterintelligence official? believes Snowden is now working with those Russian officials, and that the question is: ?Was he interested in cooperating earlier than the timeline would suggest?? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 06:28:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 07:28:37 -0400 Subject: [Infowarrior] - =?windows-1252?q?Sssh!_Dotcom=92s_Use_of_Twitter_?= =?windows-1252?q?Problematic=2C_Court_Told?= Message-ID: Ummm, WTFO? --rick Sssh! Dotcom?s Use of Twitter Problematic, Court Told ? By Andy ? on March 24, 2014 ? C: 2 Days after the Supreme Court denied Kim Dotcom access to evidence held by the FBI, the Megaupload founder's legal team were back in court seeking other documents in connection with a compensation claim. During the hearing, however, a Crown lawyer took the opportunity to complain about Dotcom's use of Twitter. < - > http://torrentfreak.com/sssh-dotcoms-use-of-twitter-problematic-court-told-140324/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 06:45:12 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 07:45:12 -0400 Subject: [Infowarrior] - Greenwald: Some Facts About How NSA Stories Are Reported Message-ID: <82636771-DEF2-4DE5-B00F-BD7B159407A3@infowarrior.org> Some Facts About How NSA Stories Are Reported By Glenn Greenwald 23 Mar 2014, 6:41 AM EDT https://firstlook.org/theintercept/2014/03/23/facts-nsa-stories-reported/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 06:47:26 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 07:47:26 -0400 Subject: [Infowarrior] - Is Revealing Secrets Akin to Drunk Driving? Intelligence Official Says So Message-ID: <67B9EEAA-56A7-4097-A51C-D0FC2D31E6BC@infowarrior.org> Is Revealing Secrets Akin to Drunk Driving? Intelligence Official Says So By Dan Froomkin 21 Mar 2014, 5:08 PM EDT https://firstlook.org/theintercept/2014/03/21/top-intelligence-official-likens-revealing-secrets-drunk-driving/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 18:55:51 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 19:55:51 -0400 Subject: [Infowarrior] - Spy chief James Clapper wins not-so-coveted Rosemary award Message-ID: <9E5BCD5C-6E76-4AD1-92AB-2C070D6F7850@infowarrior.org> Spy chief James Clapper wins not-so-coveted Rosemary award ? By Al Kamen ? March 24 at 8:00 am http://www.washingtonpost.com/blogs/in-the-loop/wp/2014/03/24/spy-chief-james-clapper-wins-not-so-coveted-rosemary-award/?tid=hpModule_308f7142-9199-11e2-bdea-e32ad90da239 And now, the winner of the National Security Archive?s Ninth Annual Rosemary Award, named for President Richard M. Nixon?s secretary, Rose Mary Woods, whose spectacular stretch allegedly erased 18 1/2 minutes of a Watergate tape. The not-so-coveted award, given by the nonprofit archive at George Washington University for the worst open-government performance during 2013, goes to Director of National Intelligence James Clapper. Clapper won for answering ?No, sir,? to a question by Sen. Ron Wyden (D-Ore.), who asked, ?Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?? Clapper added, ?not wittingly.? Now that we?ve had the revelations of National Security Agency programs that include the collection of data from U.S. phone call records and NSA?s surveillance of online communications to and from foreign targets, the answer, Clapper has said, was the ?least untruthful? he could give, and it was ?too cute by half.? The award also recognizes NSA director Gen. Keith Alexander, former FBI director Robert Mueller and the Justice Department?s national security division for claiming that an entire wiretap court opinion was appropriately given the highest of ?top secret? classifications, including the part that included the ?actual language of the Fourth Amendment to the U.S. Constitution? which deals with unreasonable searches. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 20:00:56 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 21:00:56 -0400 Subject: [Infowarrior] - Kim Dotcom Seeks N.Z. Mega Listing Message-ID: Kim Dotcom Seeks N.Z. Mega Listing as He Fights U.S. Extradition By Matthew Brockett Mar 24, 2014 7:39 PM ET http://www.bloomberg.com/news/2014-03-24/kim-dotcom-seeks-n-z-mega-listing-as-he-fights-u-s-extradition.html Kim Dotcom, an Internet entrepreneur facing extradition to the U.S. from New Zealand on copyright infringement charges, is seeking to list his online storage company Mega Ltd. on the nation?s stock exchange. Mega will buy out listed shell company TRS (TRS) Investments Ltd. via a reverse takeover in a deal valuing Mega at NZ$210 million ($179 million), the companies said today. While Dotcom resigned as a director of Mega in August to concentrate on fighting extradition, his wife, Mona Verga Dotcom, owns 26.5 percent of the company, Companies Office records show. ?The rapid global growth of Mega has generated significant interest from potential investors,? Mega Chief Executive Officer Stephen Hall said in a statement. ?Listing on the New Zealand stock exchange will allow investors to participate in the ongoing growth of Mega.? Mega says it has around seven million registered users of its encrypted, cloud-based storage services and that it is signing up more than 20,000 new customers a day. It was started by Dotcom in January 2013, a year after armed police stormed his Auckland mansion over allegations his previous site, Megaupload, was the hub of the biggest copyright infringement case in U.S. history. The U.S. extradition hearing was delayed as Dotcom challenged the legality of the raid and the spying on him that preceded it. Political Clash Last year, he clashed with New Zealand Prime Minister John Key over a new law giving greater spying powers to the nation?s foreign-intelligence agency. Dotcom has since founded a new political party, the Internet Party, and campaigned for web freedom. Mega said today it expects to release encrypted instant messaging and encrypted chat and video conferencing in the second quarter of this year. Development of an encrypted e-mail service is also planned, it said. Other shareholders of Mega include individuals or companies from Germany, Australia, Hong Kong, New Zealand and Belize in central America. TRS will buy all the shares in Mega in return for 700 million new TRS shares. Following completion, existing Mega shareholders will own 99 percent of TRS, which will change its name to Mega. Dotcom, born in Germany as Kim Schmitz, is a resident of New Zealand and legally changed his name. He was indicted in Virginia in January 2012 on racketeering, money laundering, copyright infringement and wire fraud charges. He faces as long as 20 years in prison for each conviction in the U.S. on the racketeering and money laundering charge. To contact the reporter on this story: Matthew Brockett in Wellington at mbrockett1 at bloomberg.net To contact the editors responsible for this story: Matthew Brockett at mbrockett1 at bloomberg.net Tracy Withers, John McCluskey --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 24 20:30:28 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Mar 2014 21:30:28 -0400 Subject: [Infowarrior] - =?windows-1252?q?Obama_to_Call_for_End_to_N=2ES?= =?windows-1252?q?=2EA=2E=92s_Bulk_Data_Collection?= Message-ID: <80ADF6AF-D291-4F5E-8AE6-16DC436553F3@infowarrior.org> Obama to Call for End to N.S.A.?s Bulk Data Collection By CHARLIE SAVAGE MARCH 24, 2014 http://www.nytimes.com/2014/03/25/us/obama-to-seek-nsa-curb-on-call-data.html WASHINGTON ? The Obama administration is preparing to unveil a legislative proposal to drastically overhaul the National Security Agency?s once-secret bulk phone records program. Under the proposal, data about Americans? calling habits would be kept in the hands of phone companies, which would not be required to retain the data for any longer than they normally would, according to senior administration officials. If approved by Congress, the changes would end the most controversial part of the bulk phone records program, a major focus of privacy concerns inside the United States since its existence was leaked last year. In a speech in January, President Obama said he wanted to get the N.S.A. out of the business of collecting call records in bulk while preserving the program?s capabilities. He acknowledged, however, that there was no easy way to do so, and had instructed Justice Department and intelligence officials to come up with a plan by March 28 ? Friday ? when the current court order authorizing the program expires. As part of the proposal, the administration has decided to renew the program as it currently exists for at least one more 90-day cycle, senior administration officials said. But under the plan the administration has developed and now advocates, the officials said, the government would no longer systematically collect and store records of calling data. Instead, it would obtain individual orders from the Foreign Intelligence Surveillance Court to obtain only records linked to phone numbers a judge agrees are likely tied to terrorism. The N.S.A. now retains the phone data for five years. But the administration considered and rejected imposing a mandate on phone companies that they hold onto their customers? calling records for a period longer than the 18 months that federal regulations already generally require ? a burden that the companies had resisted and that was seen as a major obstacle to keeping the data in their hands. A senior administration official said that intelligence agencies had concluded that the impact of that change would be small because older data is less important. The new surveillance court orders would require phone companies to swiftly provide those records in a technologically compatible data format, including making available, on a continuing basis, data about any new calls placed or received after the order is received, the officials said. They would also allow the government to seek related records for callers up to two calls, or ?hops,? removed from the number that has come under suspicion, even if those callers are customers of other companies. The N.S.A. uses the once-secret call records program ? sometimes known as the 215 program, after Section 215 of the Patriot Act ? to analyze links between callers in an effort to identify hidden terrorist associates, if they exist. It was part of the secret surveillance program that President George W. Bush unilaterally put in place after the terrorist attacks of Sept. 11, 2001, outside of any legal framework or court oversight. In 2006, as part of a broader Bush administration effort to put its programs on a firmer legal footing, the Justice Department persuaded the surveillance court to begin authorizing the program. It claimed that Section 215, which allows the F.B.I. to obtain court orders for business records deemed ?relevant? to an investigation, could be interpreted as allowing the N.S.A. to systematically collect domestic calling records. Marc Rotenberg, the executive director of the Electronic Privacy Information Center, called the administration?s proposal a ?sensible outcome, given that the 215 program likely exceeded current legal authority and has not proved to be effective.? While he said that he would like to see more reforms to other surveillance authorities, he said the proposal was ?significant? and addressed the major concerns with the bulk records program. Jameel Jaffer of the American Civil Liberties Union said: ?We have many questions about the details, but we agree with the administration that the N.S.A.?s bulk collection of call records should end.? He added, ?As we?ve argued since the program was disclosed, the government can track suspected terrorists without placing millions of people under permanent surveillance.? The administration proposal will join a jumble of bills in Congress ranging from proposals that would authorize the current program with only minor adjustments, to proposals to end it. In recent days, attention in Congress has shifted to legislation developed by leaders of the House Intelligence Committee. That bill, according to people familiar with a draft proposal, would have the court issue an overarching order authorizing the program, but allow the N.S.A. to issue subpoenas for specific phone records without prior judicial approval. The Obama administration proposal, by contrast, would retain a judicial role in determining whether the standard of suspicion was met each time. The administration?s proposal would also include a provision clarifying whether Section 215 of the Patriot Act, due to expire next year unless Congress reauthorizes it, may in the future be legitimately interpreted as allowing bulk phone data collection. The proposal would not, however, affect other forms of bulk collection under the same provision. The Central Intelligence Agency, for example, has obtained orders for bulk collection of records about international money transfers handled by companies like Western Union. The existence of the N.S.A. program was disclosed and then declassified last year following leaks by Edward J. Snowden, the former N.S.A. contractor. The disclosure set off a controversy that scrambled the usual partisan lines in Congress. The government has been unable to point to any thwarted terrorist attacks that would have been carried out if the program had not existed, but has argued that it is a useful tool. A review group appointed by Mr. Obama and an independent federal privacy watchdog both called for major changes to the program; the latter also concluded that the bulk collection is illegal, rejecting the government?s Patriot Act interpretation. In January, Mr. Obama narrowed how far out from suspects N.S.A. analysts could go in analyzing calling records, reducing the limit to two steps from three. He also began requiring the N.S.A. to obtain prior court approval for using a phone number to make queries of the database. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 06:35:55 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 07:35:55 -0400 Subject: [Infowarrior] - HPSCI to unveil its own surveillance 'reform' bill Message-ID: <1AB33156-EC8E-4964-A1A4-BC9BCD199756@infowarrior.org> (Of course, anything being introduced under Rep Rogers' signature likely isn't going to chang the status quo anyway. The devil will be in the details.....but I remain very sceptical --rick) NSA: House bill would lower standards for collecting individuals' data Spencer Ackerman in Washington theguardian.com, Monday 24 March 2014 21.59 EDT http://www.theguardian.com/world/2014/mar/25/nsa-house-bill-bulk-phone-data-collection-end The House intelligence committee is circulating a draft bill that would permit the government to acquire the phone or email records of an "individual or facility" inside the US for up to a year. The move by the House intelligence committee's leadership ? the Republican chairman Michael Rogers of Michigan and Democrat Dutch Ruppersberger of Maryland ? would significantly prohibit mass surveillance of all Americans' phone data, a shift in position by two of the most stalwart congressional defenders of the practice. It comes as the New York Times reports that Barack Obama will propose ending bulk collection. Obama's self-imposed deadline on revamping the National Security Agency's collection of bulk domestic phone data is set to expire on Friday. The bill, titled the End Bulk Collection Act of 2014 and currently circulating on Capitol Hill, would prevent the government from acquiring "records of any electronic communication without the use of specific identifiers or selection terms," some 10 months after the Guardian first exposed the bulk collection based on leaks by the whistleblower Edward Snowden. But the bill would allow the government to collect electronic communications records based on "reasonable articulable suspicion", rather than probable cause or relevance to a terrorism investigation, from someone deemed to be an agent of a foreign power, associated with an agent of a foreign power, or "in contact with, or known to, a suspected agent of a foreign power." A draft of the bill acquired by the Guardian proposes the acquisition of such phone or email data for up to a year and would not necessarily require prior approval by a judge. Authorisation of the collection would come jointly from the US attorney general and director of national intelligence. The NSA or the FBI would not be able to collect the content of those communications without probable cause. Nor does the House intelligence committee's draft bill require phone companies or any other private entity to store bulk phone records on behalf of the NSA ? a proposal that has met with stiff opposition from the telecom companies. In essence, the draft bill gets rid of bulk collection, but makes it easier for government authorities to collect metadata on individuals inside the US suspected of involvement with a foreign power. The House intelligence committee proposal represents competition to a different bill introduced last fall by privacy advocates in the Senate and House judiciary committees known as the USA Freedom Act. That bill, which has 163 co-sponsors in both chambers, does not lower the legal standard for data collection on US persons, and would prohibit the NSA from searching for Americans' identifying information in its foreign-oriented communications content databases, something the House intelligence bill would not. A spokesperson for the House intelligence committee did not immediately respond to a request for comment on Monday. Rogers and Ruppersberger have scheduled a press conference on Tuesday morning to discuss what they described in a release as "Fisa improvement legislation" ? a reference to the seminal Foreign Intelligence Surveillance Act of 1978, which their bill would amend. While a judge would not necessarily review the collection of a US individual's phone or email records ahead of time, the House intelligence committee bill would require judicial review of the collection procedures and associated privacy protections to "reasonably limit the receipt, retention, use and disclosure of communications records associated with a specific person when such records are not necessary to understand foreign intelligence information or assess the importance of such information". A telecom or internet service provider could challenge the collection order before the secret Fisa court under the House intelligence committee proposal. The court would also have latitude to reject challenges "that are not warranted by existing law or consists of a frivolous argument for extending, modifying or reversing existing law or for establishing a new law", and to impose contempt of court penalties for noncompliant companies. The attorney general and the director of national intelligence would have to "assess compliance with the selection and the civil liberties and privacy protection procedures" associated with the collection every six months, and submit those assessments to the Fisa court and the intelligence and judiciary committees of the House and Senate. Additionally, and in keeping with an October proposal from Senate intelligence committee chairwoman Dianne Feinstein of California, the House intelligence committee proposal would permit the NSA to continue surveillance for 72 hours on a suspected foreigner's communications content if that person enters the US. The House intelligence committee proposal contains provisions embraced by critics of widespread NSA surveillance. It would create a privacy advocate before the Fisa ?ourt; mandate additional declassification of Fisa court rulings; require the Senate to confirm the NSA director and inspector general. It also requires annual disclosure of the number of times "in which the contents of a communication of a United States person was acquired under this Act when the acquisition authorized by this Act that resulted in the collection of such contents could not reasonably have been anticipated to capture such contents." But in a sign of the continuing contentiousness on Capitol Hill over changes to NSA surveillance, James Sensenbrenner, a Wisconsin Republican and co-author of the USA Freedom Act, preemptively rejected the House intelligence committee proposal, calling it "a convoluted bill that accepts the administration's deliberate misinterpretations of the law. "It limits, but does not end, bulk collection. Provisions included in the draft fall well short of the safeguards in the USA Freedom Act and do not strike the proper balance between privacy and security," Sensenbrenner said in a statement late on Monday. On Friday, the Obama administration and the intelligence agencies will face the expiration of a Fisa court order for bulk domestic phone records collection. That expiration represents a deadline imposed by Obama in January for his administration to come to reach consensus on the specific contours of post-NSA phone metadata collection. According to a New York Times report late on Monday, Obama will propose ending bulk phone data collection and replacing it with individualised orders for telecom firms to provide phone records up to two "hops" ? or degrees of separation ? from a phone number suspected of wrongdoing. The effort goes further towards the position favoured by privacy advocates than Obama proposed in January. Obama will request the Fisa court bless the current bulk collection program for a final 90-day renewal as he attempts to implement the new plan, the Times reported. A senior White House official cited a January speech by Obama in which he announced some limits on NSA surveillance: "in the coming days, after concluding ongoing consultations with Congress, including the intelligence and judiciary committees, will put forward a sound approach to ensuring the government no longer collects or holds this data, but still ensures that the government has access to the information it needs to meet the national security needs his team has identified. Until Congress passes new authorizing legislation, the president has directed his administration to renew the current program, as modified substantially by the president in his January speech." --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 10:18:13 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 11:18:13 -0400 Subject: [Infowarrior] - NSA would gain access to cellphone records under Obama plan Message-ID: <5C2D7179-D872-4124-9EE7-C05001D7D011@infowarrior.org> NSA would gain access to cellphone records under Obama plan By Ken Dilianian March 25, 2014, 8:03 a.m. http://www.latimes.com/nation/politics/politicsnow/la-pn-obama-nsa-cellphone-records-20140325,0,4809178.story#axzz2wzJoM8Z3 WASHINGTON -- The National Security Agency would lose its authority to collect and hold years' worth of telephone calling records but gain access to cellphone information it currently lacks under an Obama administration proposal aimed at quieting controversy over the spy agency?s data archive. The plan, which would need congressional approval, would significantly curb what has been the most controversial secret program revealed by former NSA contractor Edward Snowden. Currently, the NSA collects most landline calling records and stores them for five years in a database that it periodically searches using telephone numbers connected to terrorists abroad. The new proposal would end the NSA?s practice of holding the massive amounts of calling data. Administration officials hope that would assuage public concerns that an intelligence agency had access to information that could reveal deeply private information. Though NSA does not obtain the contents of communications under the program, the ability to map a person?s communications with times, dates and numbers called can provide a window into someone's activities and connections. But the compromise plan would also offer benefits for the NSA that might give privacy advocates pause. Most importantly, it would expand the universe of calling records the agency can access. After months of suggesting that they were collecting all the calling metadata, U.S. officials disclosed last month that a large segment of mobile phone calls were not covered by the program, and that as a result the NSA may only collect 30% of all call data in the country. That revelation raised questions about the efficacy of the current program, said Rep. Adam Schiff (D-Burbank), who proposed legislation in January that tracks closely with the White House proposal. ?This could actually make the program more efficient and more effective [and] at the same time more protective of civil liberties,? Schiff said. Under the new arrangement, phone companies would be required to standardize their data and make it available on a continuously updated basis so the NSA could search it for terrorist connections. The NSA would have to obtain a court order for such a search, said an official who confirmed details of the program on condition of anonymity because it has not yet officially been released. The proposal was first reported Monday night by the New York Times. The NSA would be allowed to search up to two ?hops? of numbers connected to a known terrorist number, meaning all the numbers connected to the suspect number, and all the numbers connected to that first set of connections. Gen. Keith Alexander, the NSA's director, who is retiring, has been lobbying members of Congress in favor of the compromise. He believes it is the best outcome the NSA could hope for with the program, the official said. The NSA's collection authority currently will expire in 18 months unless Congress reauthorizes the program. White House officials also have been laying the groundwork with the phone service providers to get them on board. In recent days, key lawmakers on the House and Senate intelligence committees have said they could support a change in the way the records are stored, as long as the NSA still has access to the data. The once-secret program, authorized by Section 215 of the Patriot Act, is used by the NSA to analyze links between callers in an effort to identify hidden terrorist plots inside the United States. ken.dilanian at latimes.com --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 11:39:26 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 12:39:26 -0400 Subject: [Infowarrior] - Michael Hayden Thinks Snowden Revelations, Rather Than NSA Actions, May Splinter The Internet Message-ID: <8137E584-6B70-4989-8FC1-972BB467A21A@infowarrior.org> Michael Hayden Thinks Snowden Revelations, Rather Than NSA Actions, May Splinter The Internet http://www.techdirt.com/articles/20140324/16234826674/michael-hayden-thinks-snowden-revelations-rather-than-nsa-actions-may-splinter-internet.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 13:36:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 14:36:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?Obama=92s_New_NSA_Proposal_and_D?= =?windows-1252?q?emocratic_Partisan_Hackery?= Message-ID: <79B4DFBF-A346-43CE-AF49-0FF8B912FA07@infowarrior.org> Obama?s New NSA Proposal and Democratic Partisan Hackery https://firstlook.org/theintercept/2014/03/25/obamas-new-nsa-proposal-democratic-partisan-hackery/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 16:06:14 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 17:06:14 -0400 Subject: [Infowarrior] - MIT developing PRISM-proof system Message-ID: New Approach Could Stop Websites from Leaking or Stealing Your Data A system called Mylar makes it possible to build online services that can never decrypt or leak your data. ? By Tom Simonite on March 25, 2014 http://www.technologyreview.com/news/525651/new-approach-could-stop-websites-from-leaking-or-stealing-your-data// Online services frequently have user data stolen, or are required to hand it over to authorities. Reminders that data entrusted to online services can easily be leaked or stolen aren?t hard to find. Major companies commonly have passwords and other data taken by attackers, while governments have their own ways to get hold of user data. Researcher Raluca Popa of MIT thinks many online services should and could be redesigned to guard against that. ?Really, there?s no trusting a server,? she says. Popa has led the development of a system called Mylar for building Web services that puts that philosophy into practice. Services built using it keep data on their servers encrypted at all times and only ever decrypt it on a person?s computer. ?You don?t notice any difference, but your data gets encrypted using your password inside your browser before it goes to the server,? Popa says. ?If the government asks the company for your data, the server doesn?t have the ability to give unencrypted data.? Popa developed the software with colleagues from MIT and a Web development software company, Meteor Development Group. A paper on Mylar will be presented at the Usenix Symposium on Networks Systems Design and Implementation next month. The idea of designing Web services that always keep data encrypted while it resides on their servers has been around for years, and researchers have developed tools to demonstrate how it might be done. But Popa says Mylar is more practical than previous efforts and could even be used to build services today. The software is designed to work with a popular Web service building tool called Meteor, to make it easy for Web developers to use. Mylar?s design has code running inside a person?s browser take on most of the processing and presenting of information?work that a conventional service would do on its servers. But Mylar also includes some new cryptographic tricks that allow a server to do useful things with user data without having to descramble it. It is possible for a service built with Mylar to search across encrypted data stored on its servers, for example, so a person could search documents they had uploaded to a file storage service. Mylar also lets individuals share data with other users, thanks to a system that can distribute the necessary encryption key in a way that protects it from ever being disclosed either to the server or to someone monitoring communications. An optional browser extension can be used to protect against the server stealing the key needed to decrypt a person?s data, in the event it has been taken over by an attacker or malicious insider. A small group of patients at Newton-Wellesley hospital in Boston are already using a website built using Mylar to collect medical history information. The information a patient enters is only decrypted when viewed by the patient or his doctor. If that small trial is successful, it will be rolled out more widely, says Popa. She says using Mylar for a real use case shows it can be practical. ?All they had to change is 28 lines of code out of 3,659 to secure their application,? she says. Popa and colleagues have also built chat, photo sharing, and calendar Web services to test their idea. Ariel Feldman, a researcher at the University of Pennsylvania, says that Mylar manages to combine several useful features for an encrypted Web service not packaged together before. However, he notes that the chance of many Web companies opting to embrace encryption so thoroughly look slim. ?It would be a watershed moment if any of these types of systems actually got deployed to millions of users,? he says. ?The real obstacles to adoption are usability and the business case for deploying them.? A big usability challenge is that if anyone loses their password, they can permanently lose access to their information. Business challenges range from the added expense of building a more secure system, to the fact that many online companies rely on being able to crunch user data to make money from ads. Feldman says Mylar may catch on in places where protecting data is seen as critical. ?Enterprises or governments may be willing to pay for extra security,? he says. Popa remains optimistic that the Wellesley trial will be only the first real-world use case of Mylar. She points to how she previously led development of a system called CryptDB, software that allows databases to be fully encrypted, which has since been adopted by Google and the business software giant SAP. ?I think Mylar will be at least as useful, if not more,? she says. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Tue Mar 25 16:08:08 2014 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Mar 2014 17:08:08 -0400 Subject: [Infowarrior] - MS-DOS, Word for Windows source released Message-ID: <566F7EE3-2FC1-4A7A-99EF-155C08EC1165@infowarrior.org> Computer History Museum Makes Historic MS-DOS and Word for Windows Source Code Available to the Public http://www.computerhistory.org/press/ms-source-code.html As a part of its Historical Source Code Series Mountain View, Ca?March 25, 2014? The Computer History Museum (CHM) announced today that it has, with permission from Microsoft Corporation, made available original source code for two historic programs: MS-DOS, the 1982 "Disk Operating System" for IBM-compatible personal computers, and Word for Windows, the 1990 Windows-based version of their word processor. IBM went outside the company for many hardware and software components of their 1981 personal computer. Though most vendors were kept in the dark about the project, code-named ?Chess,? IBM developed a unique relationship between their Boca Raton-based team and Microsoft, then a small company based in Seattle. Microsoft, which was providing the BASIC language interpreter, agreed to also supply an operating system. Without their own operating system already in place, they licensed a product from nearby Seattle Computer Products and worked closely with IBM to make the changes they wanted. It shipped as "PC-DOS" for IBM and "MS-DOS" for other PC manufacturers. We are today releasing the source code of MS-DOS version 1.1 from 1982, and of version 2.0 from 1983. "Version 1.1 fits an entire operating system ? limited as it was ? into only 12K bytes of memory, which is tiny compared to today's software," said Len Shustek, CHM Chairman. Microsoft's DOS-based version of Word, first released in 1983, was not a success against the dominant word processor of that era, WordPerfect. The 1989 release of Word for Windows changed all that: within four years it was generating over half the worldwide word processing market revenue. It was a remarkable marketing and engineering achievement. We are today revealing the technical magic by releasing the source code to version 1.1a of Word for Windows. ?MS-DOS and Word for Windows built the foundation for Microsoft?s success in the technology industry,? said Roy Levin, distinguished engineer and managing director, Microsoft Research. ?By contributing these source codes to the Computer History Museum archives, Microsoft is making these historic systems from the early era of personal computing available to the community for historical and technical scholarship.? "We think preserving historic source code like these two programs is key to understanding how software has evolved from primitive roots to become a crucial part of our civilization,? says Shustek. For a blog posting surrounding the release of this source code, please visit: http://www.computerhistory.org/atchm/microsoft-ms-dos-early-source-code http://www.computerhistory.org/atchm/microsoft-word-for-windows-1-1a-source-code For other releases in the historic source code series, see: APPLE II DOS, IBM APL, Apple Macpaint and QuickDraw, Adobe Photoshop To search the Museum?s online catalog of more than 80,000 artifacts, click here. About the Computer History Museum The Computer History Museum in Mountain View, California is a nonprofit organization with a four-decade history as the world?s leading institution exploring the history of computing and its ongoing impact on society. The Museum is dedicated to the preservation and celebration of computer history, and is home to the largest international collection of computing artifacts in the world, encompassing computer hardware, software, documentation, ephemera, photographs and moving images. The Museum brings computer history to life through large-scale exhibits, an acclaimed speaker series, a dynamic website, docent-led tours and an award-winning education program. The Museum?s signature exhibition is ?Revolution: The First 2000 Years of Computing,? described by USA Today as ?the Valley?s answer to the Smithsonian.? Other current exhibits include ?Charles Babbage's Difference Engine No. 2,? and ?Going Places: The History of Google Maps with Street View.? For more information and updates, call (650) 810-1059, visit www.computerhistory.org , check us out on Facebook, and follow @computerhistory on Twitter. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 06:11:29 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 07:11:29 -0400 Subject: [Infowarrior] - Zittrain: The misguided freakout over ICANN Message-ID: <596F9DE5-35BD-4D5B-9992-A18FCD2E34C9@infowarrior.org> No, Barack Obama Isn't Handing Control of the Internet Over to China BY JONATHAN ZITTRAIN http://www.newrepublic.com/article/117093/us-withdraws-icann-why-its-no-big-deal On March 14, the U.S. government announced that it would seek to relinquish a privileged role in the management of Internet names and numbers. An organization called ICANN?the non-profit Internet Corporation for Assigned Names and Numbers?is to continue doing what it?s doing without maintaining an ongoing contract with the Department of Commerce to do it. And what does ICANN do? It helps keep IP addresses in order, ensuring that each address?used to let parties on the Internet identify one another?is not assigned more than once. And it facilitates the addition of ?top level domains,? those suffixes like .com, .org, .uk, and more recently, .clothing, which, with a concatenation of names to their left, become the names for nearly all online destinations, including newrepublic.com. A receding role for the U.S. government has been anticipated for over a decade, and the move is both wise and of little impact. Some reaction has been surprisingly alarmist. A Wall Street Journal columnist described it as ?America?s Internet surrender.? Said one member of Congress: ?Giving up control of ICANN will allow countries like China and Russia, that don?t place the same value in freedom of speech, to better define how the internet looks and operates.? From a former Bush administration official in the Daily Caller: ?This is the Obama equivalent of Carter?s decision to give away the Panama Canal?only with possibly much worse consequences.? (Namely, to ?endanger the security of both the Internet and the U.S.?and open the door to a global tax on Web use.?) And Newt Gingrich: ?Every American should worry about Obama giving up control of the internet to an undefined group. This is very, very dangerous.? The venerable information technology publication The Register summed it up this way: ?US govt: You, ICANN. YOU can run the internet. We quit.? And from the National Journal: ?When U.S. Steps Back, Will Russia and China Control the Internet?? As Betteridge?s Law of Headlines suggests, the answer is no. Indeed, the truth is much less salacious?and far more interesting?than any of the reactions above. To understand why, we need to talk about the difference between owned and unowned technologies. Owned technologies are easy to grasp, because they?re so prevalent. They?re technologies that are developed and shaped by a defined group, usually someone selling it. The original AT&T phone system was an owned technology?and so are its descendants like Verizon landline services and mobile phone networks. TV broadcasting is owned, in the sense that governments around the world have asserted power over the airwaves that permeate their territories, deciding who can use what bandwidth and why?and those with licenses then, with exceptions determined by regulators, decide what to broadcast. If you?re reading this article on a digital device, chances are good that its hardware is owned?Apple or HP or Lenovo designed and built it?and so, too, is its operating system, whether iOS, Android, or Windows. If any of these technologies were to break, we?d turn to their vendors for an explanation and a fix. If a government wanted to affect how they work, it would seek to pressure or outright require certain changes?the way that, for example, the U.S. Communications Assistance to Law Enforcement Act requires AT&T and Verizon to design their telephone networks to be responsive to lawful wiretap orders. But owned isn?t the whole story. Occasionally unowned configurations emerge. In 1983, we might have assumed that walled gardens such as CompuServe and America Online would keep being the way we communicate with one another?classic, owned information services for which we paid for access by the minute. But something odd happened: An experimental network, subsidized by the U.S. National Science Foundation, shaped by researchers at universities and corporate think tanks, came about. This Internet was meant to provide compatibility among any number of smaller networks, and unlike CompuServe and its siblings, it had no CEO, business plan, or budget. CompuServe and AOL become mere ways to access the Internet, rather than their original incarnations as globe-spanning one-stop information shops whose subscribers could be reached only by special arrangement with them. Access CompuServe and you?d be asked for an ID and password to prove you?re a paying subscriber, and then you?d be shown a main menu of content and activities selected by CompuServe to appeal to you. By comparison, when you access the Internet, there?s nothing: no main menu, no meter from the overarching network, and no persistent identity upon it. (That?s why various Web sites fight one another to be the home page of your browser.) The Internet was less a particular set of hardware and more a set of protocols. You are simply assigned a number?which is not really meant to identify you personally?that lets you reach out to any other number on the network with bits. But it turns out that for the Internet to work, certain functions benefit greatly from a little centralized record keeping. To surf the Net with your unique number, it helps greatly if that number isn?t already assigned to someone else?assign it twice and bits can get confused as they wend their way towards you (or is it towards your doppelganger?). Same problem with phone numbers: they shouldn?t belong to more than one pizza shop at a time. So someone had to maintain a master list of IP addresses for the simple purpose of not handing them out twice. That someone was Jon Postel, a computer scientist who in essence drew the short straw to have to keep track. As the Internet?s protocols were written up it seemed a little informal to say with a technical document, ?Well, a guy named Jon performs this function,? so Jon was labeled to be something much more official-sounding: The Internet Assigned Numbers Authority, or IANA. No official paperwork was filed; nothing was incorporated. Still no CEO. Just IANA. Jon also helped get domain names going, so we could visit mnemonic-sounding addresses like www.newrepublic.com instead of 166.78.85.160. (Both work, though ? try it!) Jon asked various colleagues to manage lists like all those names ending in .com, and others ending in .org, etc. He maintained a list, called the root, of those names. It was Jon who agreed to create .uk for those interested in United Kingdom-themed domain names. When he realized that domain names were taking on real meaning to people, he looked for other ways to create names rather than just deciding on his own. (For countries, he found a list of country names maintained by the International Standards Organization and stuck to it?creating names for lots of peoples whose governments hadn?t formally asked for them.) And when disputes came up, he looked for consensus to settle them, such as when there was objection over the person originally entrusted to maintain names under .pn, for Pitcairn Island, population 50. (The objection was lodged by the entire adult population of Pitcairn Island, with the exception of the trustee and his wife.) It took years to settle the issue. By 1997 it was clear that having Jon simply run numbering and names, however fairly, was tricky. Entrepreneurs stood to gain millions should they be entrusted to register names in a new domain like .web or .chef. How to decide how many more to create and who would get them? The U.S. government, in the form of the Department of Commerce, began a process to create a ?new IANA,? one supported by the Internet as a whole. This was seen as consistent with the idea of privatizing the Internet. But note that this process skated over the U.S. government?s authority to choose a new shepherd to begin with. Why was a new leader something for the U.S. government to designate? It wasn?t as if there were local airwaves over which the government claimed power. The only real hook was that American funding had subsidized the creation of Internet protocols?but these were grants, not fee-for-service; subsidies, not permission. And the small fees the government awarded to companies that maintained the domain name databases?after Jon found it boring to maintain on his own?were ones that the companies would be delighted to simply waive, charging Internet users directly instead. In reality, the U.S. government got to choose for two reasons, neither of which had to do with any legal authority. First, the government made sure that there wasn?t really a choice for anyone to make: the ultimate ballot it was to cast had only one entry on it. When three entities stepped forward to be the new IANA, the Department of Commerce persuaded them to negotiate with one another until only one proposal was left. Choosing something from a list of one is not controversial. Second, nearly everyone concerned about the future of the Internet wanted certainty and stability. So the U.S. government?s ?decision? to recognize ICANN as the new IANA in 1998 was welcomed as a rallying cry to get a move on with the allocation of numbers and names. ICANN, a California non-profit, had a Byzantine set of by-laws to make Madison proud: Board members were appointed from various constituencies (?stakeholders? in governance parlance) and from various regions of the world. But it is not run by the governments of the world. Many had seen the way the UN operated and had little interest in replicating it. And in 1998, the U.S. government?s recognition of ICANN took the form of a cooperative agreement between ICANN and the Commerce Department spelling out certain minimal responsibilities?and a nominal way for the U.S. government to pull the plug if something went terribly wrong. With this background in mind, we can process the news that the U.S. government is letting that agreement ultimately lapse. First, the U.S. government control so far has had minimal impact on how ICANN has operated. For example, there was some consternation within the U.S. Congress about the creation of a .xxx domain, which was within ICANN?s purview to create. This likely delayed .xxx, but it didn?t stop it. And that accords with the government?s role in ICANN?s creation: Had it tried to be more heavy-handed, it?s not clear that it could have pulled off the move to a new IANA. Whoever newly contracts with ICANN for these IANA functions?yes, once again the U.S. government has vaguely called for a new organization to step up?will be similarly constrained. So there?s no obvious place for Russia or China to take control. Second, the plausible ways in which ICANN could trample free speech are narrow. ICANN does not itself hand out domain names?it only designates who runs each list of names. ICANN does not directly ?shut down? names or otherwise deal in individual decisions. So far it has established procedures in some domains for trademark-like disputes to play out. But these are only over domain names themselves?not over claims of behavior taking place more generally on a Web site. Register gap.clothing and be prepared to justify your action through an ICANN-approved process; sell fake Gap clothing on your website goodclothes.clothing and that process won?t have anything to say about it. Any attempt to impose broad-based censorship through domain name assignments would be met with stiff resistance by the operators of domain name registries, and ultimately by the Internet Service Providers who choose to consult those registries for information about what destination each name represents. Anyone trying to tighten the screws too much will simply strip them. Taxes? ICANN takes a cut of fees generated by registering and renewing names for many domains like .com and many new ones in the process of being unveiled?so much so that ICANN enjoys tens of millions of dollars in income each year?but it doesn?t and can?t otherwise impose a ?tax on Internet use.? Thus last week?s news is simply about symbolism. Having the U.S. nominally, but not really, controlling the modest functions of top-level numbering and name assignments provided ammunition to those who think the Internet should be utterly stateless?some of whom, oddly enough, might favor turning over ICANN?s functions to the International Telecommunications Union, which is an arm of the United Nations and has states as its members. To eliminate this symbolic U.S. involvement, an action envisioned from the moment of ICANN?s creation, helps address that complaint, while costing nothing. As ICANN?s own Q-and-A on the topic put it: How does this announcement affect the individual Internet user? This announcement does not affect Internet users and their use of the Internet. However, all Internet users have a stake in how the Internet is run, and it is therefore important to get involved. Confusing: Nothing to see here, but Internet governance matters, so go on and get involved. Such are the puzzles of unowned technologies. They can become incalculably powerful even with no one at the helm?or perhaps precisely because of it. Numbering and naming is a tiny part of the Internet, and governing it is of interest mostly because it?s one of the few things we can point to where decisions can be made. But these decisions happen by consensus, and are implemented one ISP and router at a time, rather than some kind of fiat. You may be reading this article at newrepublic.com, and if you are, you?re here because your ISP, your operating system vendor, your browser maker and you are agreeing to map that name to this online place. Any could change it, notwithstanding actions of governments and institutions like ICANN. Internet protocols at large aren?t implemented through anyone?s fiat; they are generated through open processes channeled through unincorporated organizations like the Internet Engineering Task Force (motto: ?We reject kings, presidents, and voting: we believe in rough consensus and running code?), and then implemented through the actions of hardware and software makers. The Internet is a collective hallucination, one of the best humanity has ever generated. To be sure, it is delicate in many ways, with its unowned character threatened from many quarters. But rest easy that ICANN isn?t one of them. Jonathan Zittrain is a professor of law and professor of computer science at Harvard University, and author of The Future of the Internet ? And How to Stop It. He is a former trustee of the Internet Society, which facilitates the work of the Internet Engineering Task Force. He served on a membership advisory committee to ICANN in 1998, testified to Congress about it in 2000, and was among the authors of the Berkman Center?s 2010 report done at the request of ICANN, ?Accountability and Transparency at ICANN: An Independent Review.? --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 06:16:22 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 07:16:22 -0400 Subject: [Infowarrior] - Security-Cleared Population Rises to 5.1 Million Message-ID: <5ED4ABB9-DB0F-4B3E-B95A-BB55AFA09ED3@infowarrior.org> (But yet they refuse to deal with the culture of classification --> overclassification, which creates this ungodly sized population to begin with. --rick) Security-Cleared Population Rises to 5.1 Million http://blogs.fas.org/secrecy/2014/03/security-cleared/ The number of Americans who have been investigated and deemed eligible for access to classified information rose last year to a total of 5,150,379 as of October 2013. It was the fourth consecutive year of growth in the security-cleared population. The new total includes civilian and military government employees (3.7 million) and contractor personnel (1 million), as well as indeterminate others (0.4 million). It represents an increase of 4.7% from the previous year?s total of 4.9 million. Of the 5.1 million persons who were found eligible for access to classified information, 60% had access in fact. An Office of Management and Budget review said that the continuing growth of the security clearance system is problematic both for financial and security reasons. ?[The] growth in the number of clearance-holders increases costs and exposes classified national security information, often at very sensitive levels, to an increasingly large population,? said the OMB review, which was released last week. Accordingly, the OMB review recommended that the government ?reduce [the] total population of 5.1M Secret and TS/SCI clearance holders to minimize risk of access to sensitive information and reduce cost.? The number of security clearances is supposed to be reported to Congress each year by the Office of the Director of National Intelligence. But ODNI said it has not yet filed its 2013 report. However, the data were provided in the OMB review. ?Since 9/11, the number of clearances annual approved by DoD [the Department of Defense] has tripled, and continues to grow,? according to an independent review of the Washington Navy Yard Shooting in September 2013 that was also released last week. ?This growth magnifies the challenge of investigating clearance seekers, judging their applications, and periodically reviewing them after they are approved.? ?The continuing expansion of the cleared population has created a culture in which once-rare security clearances are now too often granted by default.? (Actually, security clearances have not been ?rare? for quite a few decades.) The independent review proposed that ?DoD should seek to make a 10 percent cut in the number of positions that require access to material classified as Secret.? ?As soon as this reduction is attained, a follow-on review should determine whether further reductions can be realized.? The independent review also identified ?a growing culture of over-classification? as a related issue that ?merit[s] additional focused study.? See Security From Within: Independent Review of the Washington Navy Yard Shooting, Department of Defense, November 2013 (released March 18, 2014). Another review conducted by the Under Secretary of Defense for Intelligence concurred that there are too many people with security clearances. But it said that reducing the cleared population will not necessarily improve quality control or significantly reduce the burden on background investigators and adjudicators, because they are also responsible for a large number of ?suitability? investigations in addition to security clearance investigations. ?The workload challenge will not be eliminated by reducing the number of security clearances because of the pending impacts of the alignment of suitability and security investigations and reinvestigations required by Executive Order 13467 and the 2012 Revised Federal Investigative Standards.? ?The net effect of the new standards will be to increase the Department?s investigative and adjudicative workload, regardless of the number of security clearances.? See Internal Review of the Washington Navy Yard Shooting, Report to the Secrecy of Defense, November 20, 2013. Last week, the Department of Defense issued updated policy on the DoD Personnel Security Program (PSP), DoD Instruction 5200.02, March 21, 2014. Among other things, the updated policy dictates that ?All personnel in national security positions shall be subject to continuous evaluation,? referring to a process of collecting, reporting and evaluating security-relevant information about cleared individuals on an ongoing basis. But this policy is aspirational rather than descriptive of current practice, which is limited to small-scale pilot projects to develop such a capacity. Full implementation of the ?continuous evaluation? process is at least several years away, according to last week?s OMB report. Secretary of Defense Chuck Hagel said last week that ?We will consider reducing the number of personnel holding Secret security clearances by at least 10 percent, a recommendation in line with the October 2013 guidance from the Director of National Intelligence.? Reducing the number of ?personnel? that hold security clearances is a slightly different objective than reducing the number of ?positions? that require access to classified information, as recommended by the Independent Review. It is not clear if the Secretary intended to make such a distinction. In response to a request from Secrecy News, ODNI public affairs refused to provide a copy of the October 2013 DNI guidance. (Update: The DNI guidance was described further in this article from Politico.) --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 14:54:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 15:54:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?MPAA=3A_Moviegoers_Use_More_=91P?= =?windows-1252?q?iracy-Enabling=92_Smartphones?= Message-ID: <7A84A44E-6E10-45CB-857C-3313D47C04E8@infowarrior.org> MPAA: Moviegoers Use More ?Piracy-Enabling? Smartphones ? By Ernesto ? on March 26, 2014 New data revealed by the MPAA shows that frequent moviegoers own more smartphones and other technological devices. The MPAA notes that the movie industry should therefore explore fresh options to use these devices to drive new visitors to theaters. At the same time, however, the movie group is warning theater owners over the piracy-enabling capabilities of smartphones?. < ? > Using smartphones to drive more people to the movies also presents a problem, as the MPAA doesn?t want them to be used *inside* the theater. < - > http://torrentfreak.com/mpaa-moviegoers-use-piracy-enabling-smartphones-140326/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 14:55:40 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 15:55:40 -0400 Subject: [Infowarrior] - UK used terror laws against tax whistleblower Message-ID: <1E03CB3D-6D12-413D-BA84-A265F0AF24B2@infowarrior.org> HMRC criticised for using terror laws against tax whistleblower Public accounts committee chair says tax official's use of powers to track down journalist had 'shocked her to the bones' ? Rajeev Syal ? The Guardian, Monday 24 March 2014 16.55 EDT http://www.theguardian.com/politics/2014/mar/24/hmrc-criticised-mps-terror-law-tax-whistleblower-hodge MPs have criticised Britain's leading tax official after HM Revenue & Customs used powers meant to catch terrorists to hunt down an employee who exposed a secret multimillion-pound "sweetheart" deal with Goldman Sachs. Lin Homer, the chief executive of HMRC, had told the public accounts committee that phone records had been obtained using the Regulation of Investigatory Powers Act (Ripa) to unearth information about Osita Mba, an in-house lawyer. Margaret Hodge, the chair of the committee, said that HMRC's use of the powers, ostensibly to track down whether Mba had been talking to the Guardian's then investigations editor, David Leigh, had "shocked her to her bones". The MP told Homer she was particularly surprised "that you made a request under Ripa, which is there to deal with terrorism". She asked for assurances that HMRC would "never again use these powers on a whistleblower". However, Homer declined to offer Hodge the desired reassurance, responding: "You know that we cannot offer carte blanche assurances for evermore that we won't use these ? I have other duties of care to parliament and other individuals." Using the Public Interest Disclosure Act, Mba wrote in confidence to the National Audit Office (NAO) and two parliamentary committees in 2011 saying that the then head of tax, Dave Hartnett, had "let off" Goldman Sachs from paying at least ?10m in interest. When HMRC discovered Mba's intervention, his belongings, emails, internet search records and phone calls and the phone records of his then wife, Claudia, were examined by investigators. At the committee meeting, Hodge also asked whether it was appropriate to pass Mba's wife's address, mobile number and office number to HMRC staff to investigate. Homer, who joined HMRC shortly after the investigation into Mba, acknowledged that mistakes had been made. She said that lessons had been learnt and accepted that he was acting in good faith. Steve Barclay, the MP for Cambridge North, said that it was surprising that HMRC felt able to use its investigative powers on someone who was helping an official parliamentary inquiry. "This was as high-profile a case as you could get." Homer replied saying her department is taking further steps to help individuals with genuine concerns. On 11 October 2011, the Guardian published a story under the headline "Goldman Sachs let off paying ?10m interest on failed tax avoidance scheme", written by Leigh. Publication prompted members of the revenue's criminal investigative unit to take action. One named internal criminal investigator sent an email on 19 October to a colleague saying that the revenue had begun "a review of the suspect's (Mba's) H drive (the hard drive used within HMRC) and email traffic and internet usage", but inquiries had revealed nothing. He then proposed a "further interrogation of computer material" and an "itemised billing check". Using the Regulation of Investigatory Powers Act 2000 HMRC can see websites viewed by taxpayers, where a mobile phone call was made or received, and the date and time of emails, texts and phone calls. Mba, who trained as a barrister in Nigeria and completed his master's degree at Oxford, worked in the personal tax litigation team that dealt with the Goldman Sachs tax issue. He told the NAO and two parliamentary committees that the bank's settlement had been agreed with a handshake by Dave Hartnett, the permanent secretary for tax at HMRC. Mba believed the deal could be illegal, and told auditors he was making the disclosure under whistleblowing legislation. Hartnett admitted that his organisation had made a mistake by approving the deal. In June 2012, Mba filed a claim under the Public Interest Disclosure Act in the central London employment tribunal which was settled last year.He has now left the organisation. From rforno at infowarrior.org Wed Mar 26 15:15:38 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 16:15:38 -0400 Subject: [Infowarrior] - Fyodor reboots Full Disclosure Message-ID: Administrivia: A Fresh Start From: Fyodor Date: Tue, 25 Mar 2014 18:07:20 -0700 It hasn't even been a week since John quit running the Full-Disclosure list and I already miss it! He did a great job managing the list for almost 12 years and more than 91,500 posts. We certainly owe him our thanks and appreciation. When I mailed John recently asking how I could help, he said he was through with the list but "if you want to start a replacement, go for it." So here we are. I already deal with (or ignore) many legal threats and removal demands since I've long run the most popular Full Disclosure web archive ... < - > http://seclists.org/fulldisclosure/2014/Mar/333 From rforno at infowarrior.org Wed Mar 26 16:14:37 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 17:14:37 -0400 Subject: [Infowarrior] - FISA court names Thomas Hogan as new presiding judge Message-ID: <9991F906-13E3-43C3-8A4F-875EAFE195B4@infowarrior.org> Fisa court names Thomas Hogan as new presiding judge Secretive US court considers applications for electronic surveillance and physical searches of non-US targets ? Reuters in Washington ? theguardian.com, Wednesday 26 March 2014 09.41 EDT http://www.theguardian.com/law/2014/mar/26/fisa-court-thomas-hogan-presiding-judge The secretive US court that considers applications for electronic surveillance and physical searches of non-US targets will have a new presiding judge in May, the court has said. Judge Thomas Hogan, who has been a federal judge in Washington DC since 1982, will begin work as the presiding judge of the foreign intelligence surveillance (Fisa) court on 19 May, the court said in a statement. US chief justice John Roberts, who has exclusive authority over the makeup of the 11-judge spy court, made the appointment. Although the court meets in secret to hear applications from prosecutors, it is increasingly in the public eye. Former National Security Agency contractor Edward Snowden revealed last year that the court approved the collection of a massive amount of US telephone data, much of it related to Americans. Hogan will succeed presiding judge Reggie Walton, who like Hogan was appointed to the federal bench by Republican president Ronald Reagan. Hogan's term as presiding judge will extend through May 2016, the court said. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 17:23:29 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 18:23:29 -0400 Subject: [Infowarrior] - TSA Pushes Nationwide Changes to Airport Security Message-ID: <3972B4CB-3FDF-443B-BFB4-98C39DF9F971@infowarrior.org> TSA Pushes Nationwide Changes to Airport Security March 27, 2014 (AP) By The Associated Press http://abcnews.go.com/US/wireStory/tsa-pushes-nationwide-airport-security-23073854 The Transportation Security Administration released a 25-page report to Congress on Wednesday that includes 14 recommendations to improve airport security after a nationwide review prompted by last year's fatal shooting at Los Angeles International Airport. Authorities say a gunman targeted TSA officers in his attack, which resulted in the agency's first line-of-duty death. Two other officers and a passenger were wounded. Some of TSA's recommendations: ?Require armed law enforcement officers at security checkpoints and ticket counters during peak hours. ?Make active shooter training and exercises for TSA officers mandatory; airports should also conduct twice yearly active shooter training and exercises. ?TSA supervisors should mention emergency procedures to staff at the beginning of each shift and have evacuation drills twice a year. ?Provide automatic notification to federal air marshals when there's an active shooter; most were notified by phone about the LAX shooting. ?Require weekly testing of panic alarms at airports, add more alarms if necessary, and have the alarms link to security cameras. ?Ensure all TSA wireless devices are programmed with the local airport's emergency numbers. AP reported that 911 calls at LAX on Nov. 1 weren't routed to the airport police. ?Extend deployment of special teams of air marshals, baggage inspectors and others who conduct random security sweeps. ?Require airport security plans to state how long it should take police to get to a security checkpoint when an officer isn't stationed there. The review discovered that 71 airports without officers stationed at checkpoints didn't state a required maximum response time. TSA considered and dismissed several other changes, including creating an armed unit of TSA officers, allowing them to carry personal cellphones on their belts, issuing bulletproof vests, and assigning federal air marshals to checkpoints at major airports. The agency also has decided not to pursue installing ballistic protection for the stands where officers check travelers' documents, or putting Kevlar panels, shatterproof glass, ballistic blankets or clear body shields at checkpoints. It also found that adding deafening alarms or strobe lights would incapacitate responders as well as any attacker. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 18:42:41 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 19:42:41 -0400 Subject: [Infowarrior] - OT: Friday humor, early. (must-watch) Message-ID: Oh, this video absolutely *nails* the joys of modern conference calls. Every Conference Call You?ve Ever Been On http://www.youtube.com/watch?v=DYu_bGbZiiQ#t=208 --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Wed Mar 26 19:31:20 2014 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Mar 2014 20:31:20 -0400 Subject: [Infowarrior] - HPSCI surveillance 'reform' bill has controversial legislative path Message-ID: <852137C1-C011-436E-B7E1-E4777DCF2293@infowarrior.org> NSA critics express 'deep concern' over route change for House reform bill Bill will go through intelligence committee rather than judiciary committee, in a move described by insiders as 'highly unusual' ? Spencer Ackerman in Washington ? theguardian.com, Wednesday 26 March 2014 17.22 EDT Congressional critics of the bulk collection of telephone records by the National Security Agency fear that its allies are circumventing them in the House of Representatives. The House parliamentarian, who oversees procedural matters, has determined that a new bill that substantially modifies the seminal 1978 Foreign Intelligence Surveillance Act will go through the intelligence committee rather than the judiciary committee, a move that two congressional aides consider ?highly unusual.? Seemingly an arcane parliamentary issue, the jurisdiction question reveals a subterranean and intense fight within the House about the future course of US surveillance in the post-Edward Snowden era. The fight does not align with partisan divides, with both sides claiming both Republican and Democratic support. The bill, authored by Republican Mike Rogers of Michigan and Democrat Dutch Ruppersberger of Maryland, would largely get the NSA out of the business of collecting US phone data in bulk. Rogers and Ruppersberger, both staunch advocates of the NSA and until now just as staunch defenders of bulk collection, are the leaders of the intelligence committee. Yet the House judiciary committee thought it was the natural choice for primary legislative jurisdiction over the Fisa Transparency and Modernization Act, introduced on Tuesday. While the intelligence committee oversees US spy activities, the judiciary committee has oversight responsibilities over surveillance law. The judiciary committee is also a stronghold of support for a rival bill, the USA Freedom Act, two of whose principal sponsors are its top Democrat and a former GOP chairman. The Freedom Act also ends NSA bulk collection, but includes more civil libertarian provisions, such as the prior approval of a judge to force phone companies to turn over customer data and a threshold requirement of relevance to an ongoing investigation to secure such approval. Ruppersberger, in a press conference on Tuesday, blasted the USA Freedom Act, saying it would make Americans ?less safe.? But the USA Freedom Act, despite also being centrally concerned with intelligence policy, was given primarily to the judiciary committee, raising an expectation on the committee that the same would hold for Rogers and Ruppersberger?s bill despite the committee affiliations of its sponsors. A congressional aide who would only speak on condition of anonymity said it was ?new and different that a bill that amends Fisa wouldn?t come to us first." The House parliamentarian, Thomas Wickham, declined to comment. < ? > http://www.theguardian.com/world/2014/mar/26/nsa-critics-house-reform-bill-switch From rforno at infowarrior.org Thu Mar 27 06:05:00 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 07:05:00 -0400 Subject: [Infowarrior] - Cornyn Rips Schumer's Media 'Shield Law' Message-ID: (I agree completely w/Cornyn here. --rick) Exclusive: John Cornyn Rips Chuck Schumer's Media 'Shield Law' by Matthew Boyle 26 Mar 2014 315 post a comment http://www.breitbart.com/Big-Government/2014/03/26/Exclusive-Cornyn-Rips-Schumer-s-Media-Shield-Law The number two Republican in the Senate is lambasting a media ?shield law? proposed by New York Democrat Sen. Chuck Schumer, potentially imperiling its shot at passage. ?This is a bad idea and one whose time has not come,? Sen. John Cornyn (R-TX), the Senate minority whip, told Breitbart News in an exclusive interview. ?Believe me, we will not be rolled over.? Schumer?s ?Free Flow of Information Act? passed the Senate Judiciary Committee in September, and he recently said he already has the 60 votes needed to pass the bill on the floor. ?We?ll get a few more Republicans, not many more, but we have the 60 votes,? Schumer told reporters in New York last week. He's bluffing, Cornyn retorts. ?If he had the votes to pass it, it already would have been passed,? Cornyn says, adding, ?This isn?t about passing legislation, this is about distracting the public?s attention and changing the subject from the failed policies of this administration. I think you could put this in that same category.? Schumer's proposal would exempt a ?covered journalist? from subpoenas and other legal requirements to expose their confidential sources in leak investigations and other areas. Other lawmakers have proposed similar ideas in the past, but the effort gained new momentum after a series of revelations about controversial tactics the Justice Department was using to target journalists. For instance, the Department of Justice secretly monitored Fox News reporter James Rosen in the course of a leak investigation, even claiming in a court filing he was a subject of investigation himself. In another instance, the government had secretly monitored numerous phone lines used by the Associated Press, including one in the U.S. Capitol. Cornyn says Schumer's proposal is fatally flawed and may be an unworkable idea altogether. ?They want to pick and choose which journalists are covered,? the Texan Republican told Breitbart News. ?In other words, if you?re a blogger they might not cover you, but if you work for the New York Times they might. Given the changes in the way we get information and the way we consume news, that really smacks to me in essence of government licensing who?s an official ?journalist? for the purposes of a shield law and who?s not. If there is one thing I can glean from the First Amendment, it is that government should not be in the business of licensing the news media.? In practice, defining who is considered a ?journalist? and protected under the law from having to disclose confidential sources is a thorny legal problem. On the one hand, the law's drafters don't want to provide blanket immunity to everyone. But anointing a government-approved class of scribes cuts against the nature of journalism, which almost by definition is frequently critical of the government. ?It?s totally inconsistent with the notion of a free press and the First Amendment,? Cornyn said. His ?fundamental problem? with the bill, though, is that it would exempt journalists from being subpoenaed to testify before a grand jury if they witness a crime. ?For example, if you?ve witnessed a crime taking place, you or I would both have to respond to a grand jury subpoena and come to testify to what we?ve seen. This idea of saying you could have information about a crime and you are immunized to having to partake in a basic act of American citizenship strikes me as pretty odd to say the least,? he says. Cornyn, who just breezed past a primary challenge from Rep. Steve Stockman, notes it's more than a bit ironic that Senate Democrats are championing the bill while their party's president wreaks havoc on press freedoms. Cornyn believes the bill's timing ? and the administration?s backing of it ? appears to be aimed at alleviating criticism of the Justice Department?s secret attainment of Associated Press phone conversations and the administration?s similar actions against Fox News?s James Rosen, among other media targeting. ?You remember when this was recently resurrected?? Cornyn asks. ?It was essentially an attempt to deflect... from the Department of Justice and this administration... the criticism they were taking [from] James Rosen and other traditional journalists. So, I really question the timing of all of this.? Finally, Cornyn raises concerns about the proposal's champion ? Schumer. The mere fact that Schumer is the one pushing this bill is something that should send alarm bells off throughout the Congress, Cornyn says. ?My antennae are always very sensitive whenever he is on the march,? he says, noting the New York Democrat openly declared war on the Tea Party in a Center for American Progress speech earlier this year. Cornyn says that the bill would very likely exclude bloggers and would definitely exclude citizen journalists and other new media practitioners, those who may practice journalism but not in the employ of a major newspaper or television network, from being government-defined ?journalists.? As such, it could end up hurting conservatives because many of the most widely-read new media figures are on the right. ?Well, you remember, a few years ago there was a discussion about the Fairness Doctrine, and whether they would go after talk radio,? Cornyn says. ?Talk radio, I think, the left feels as a threat. Now, you know, you start to put the dots together and the FCC?s recent discussion about placing monitors in newsrooms, you begin to see that this administration wants to control the information that people get and particularly any information that might be critical of them ? which is, as you pointed out in the first instance... the function of a free press: to give people unbiased and factual information they can use to make their own decisions, not to collaborate with government in squashing speech that people find unfavorable,? he adds. Cornyn says he will ?absolutely? be whipping against the bill and doubts the Republican-controlled House would pass it anyway. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 07:15:55 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 08:15:55 -0400 Subject: [Infowarrior] - UK Court Says Information Stored Electronically Is Not 'Property' Message-ID: <0F5D1E38-9390-4178-9491-C228FF0CA142@infowarrior.org> UK Court Says Information Stored Electronically Is Not 'Property' http://www.techdirt.com/articles/20140326/04380226685/uk-court-says-information-stored-electronically-does-not-constitute-property.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 10:57:05 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 11:57:05 -0400 Subject: [Infowarrior] - Weev's attorney: The FBI is intercepting my client's mail Message-ID: Hacker Weev's attorney: The FBI is intercepting my client's mail http://www.dailydot.com/crime/weev-fbi-mail-intercept/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 10:59:57 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 11:59:57 -0400 Subject: [Infowarrior] - Girl Scouts Get A Badge In Intellectual Property Maximalism Message-ID: <77CBE575-DC5B-46F8-B0FC-07EECEC3ADC7@infowarrior.org> Girl Scouts Get A Badge In Intellectual Property Maximalism http://www.techdirt.com/articles/20140326/18013826701/girl-scouts-get-badge-intellectual-property-maximalism.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 12:58:33 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 13:58:33 -0400 Subject: [Infowarrior] - =?windows-1252?q?Fwd=3A__Judge_denies_gov=92t_req?= =?windows-1252?q?uest_to_search_suspect=92s_iPhone_in_ricin_case?= References: <53345BCB.40107@inetassoc.com> Message-ID: (c/o DS) > http://arstechnica.com/tech-policy/2014/03/judge-denies-govt-request-to-search-suspects-iphone-in-ricin-case/ > > Judge denies gov?t request to search suspect?s iPhone in ricin case > Georgetown U student told FBI he learned to make the poison via his iPhone. > by Cyrus Farivar - Mar 26 2014, 5:25pm EDT > > According to court documents, sometime in the late hours of March 17, 2014, a Georgetown University student showed a fellow student a small plastic bag containing what he claimed was ricin, a known deadly poison. > > The alleged ricin cook, Daniel Harry Milzman, then showed the same bag to the dorm?s residential advisor (RA). The RA contacted the university?s counseling services, which ultimately led to the FBI arriving to the scene on the following day to interview Milzman. (Other court documents say that Milzman was partly inspired to make ricin as it was featured as a plot line in Breaking Bad and that he was considering using it on himself to commit suicide.) > > According to an affidavit filed March 20, 2014 by FBI Special Agent Aidan Garcia, Milzman waived his rights to an attorney and told Garcia that he had made ricin through materials purchased at Home Depot and American Plant Company and that he had learned how to do it by conducting online research on his iPhone. > > In a 13-page order filed on Wednesday in the United States District Court for the District of Columbia, Judge John Facciola denied the government?s request for a warrant to search Milzman?s iPhone on the grounds that it was overbroad. > Judge Facciola made a similar rebuke against an overbroad digital search earlier this month as part of an investigation into the possible corruption and conspiracy of a defense contractor. > > Facciola wrote: > >> > Although Attachment B provides a sufficiently particularized list of the data that the government will search for and seize, the Forensic Analysis section fails to provide this Court with the same level of detail as to the methodologies to be used to conduct the search. Specifically, the government fails to articulate how it will limit the possibility that data outside the scope of the warrant will be searched. For the reasons stated below, the government?s Application for a search and seizure warrant will, therefore, be denied. > << > > Attachment B is a long list of specific digital items that the government submitted in its warrant application to access Milzman?s phone, including his Internet activity, cookies, caches, browser history, call logs, notes, user IDs, passwords, location data, and more. > > Judge Facciola mentioned that this issue had come before his court twice in the last two weeks alone, and he issued similar admonishments in those cases. > > He continued: > >> > The government has made some improvements in its current Application, yet it still fails to satisfy the particularity requirement of what will be searched and fails to fully explain to the Court how much data for which it does not have probable cause will likely be seized. The only way to address these issues is for the government to provide the Court with its search protocol, which would explain how the search will occur. > << > > Facciola specifically wants government investigators to specify ?whether the target devices would be imaged in full, for how long those images will be kept, and what will happen to data that is seized but is ultimately determined not to be within the scope of the warrant?or, more precisely, Attachment B?can only be addressed by a search protocol; after all, the imaging actually occurs as part of the search process.? > > While the government did acknowledge in its warrant application that data outside the scope of the warrant ?will be returned or, if copied, destroyed within a reasonably prompt amount of time after the information is identified,? that wasn?t good enough for Judge Facciola. > > Indeed, while the warrant application does detail a particular iPhone with a specific IMEI number, it does not detail precisely how the government will go about determining where it will look. > > ?Instead of identifying specific blocks of the iPhone?s flash drive [that] will be searched ahead of time?which would be impossible?the Court is instead asking the government to explain its methodology for determining, once it is engaged in the search, how it will determine which blocks should be searched for data within the scope of the warrant,? he added. > > Judge Facciola also showed fluency with various pieces of technical jargon, concluding: > >> > The government need only tell the Court what it already intends to do and what it does in every other similar search of an iPhone. The government should not be afraid to use terms like ?MD5 hash values,? ?metadata,? ?registry,? ?write blocking? and ?status marker,? nor should it shy away from explaining what kinds of third party software are used and how they are used to search for particular types of data. The Court is not dictating that particular terms or search methods should be used. Instead, the Court is attempting to convey that it wants a sophisticated technical explanation of how the government intends to conduct the search so that the Court may conclude that the government is making a genuine effort to limit itself to a particularized search. > << -------------- next part -------------- An HTML attachment was scrubbed... URL: From rforno at infowarrior.org Thu Mar 27 17:03:03 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 18:03:03 -0400 Subject: [Infowarrior] - DOJ Describes Its Use Of Malware As 'Augmenting Content' As It Pushes For Great Ability To Hack Computers Message-ID: DOJ Describes Its Use Of Malware As 'Augmenting Content' As It Pushes For Great Ability To Hack Computers http://www.techdirt.com/articles/20140327/11364226712/doj-describes-its-use-malware-as-augmenting-content-as-it-pushes-great-ability-to-hack-computers.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 17:03:46 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 18:03:46 -0400 Subject: [Infowarrior] - DOJ Pushes to Expand Hacking Abilities Against Cyber-Criminals Message-ID: <0A728D7D-D508-4D30-8253-254907F21A70@infowarrior.org> DOJ Pushes to Expand Hacking Abilities Against Cyber-Criminals ? Jennifer Valentino-DeVries http://blogs.wsj.com/law/2014/03/27/doj-pushes-to-expand-hacking-abilities-against-cyber-criminals/ The U.S. Department of Justice is pushing to make it easier for law enforcement to get warrants to hack into the computers of criminal suspects across the country. The move, which would alter federal court rules governing search warrants, comes amid increases in cases related to computer crimes. Investigators say they need more flexibility to get warrants to allow hacking in such cases, especially when multiple computers are involved or the government doesn?t know where the suspect?s computer is physically located. The Justice Department effort is raising questions among some technology advocates, who say the government should focus on fixing the holes in computer software that allow such hacking instead of exploiting them. Privacy advocates also warn government spyware could end up on innocent people?s computers if remote attacks are authorized against equipment whose ownership isn?t clear. The Justice Department declined to provide further comment beyond the original documents. The government?s push for rule changes sheds light on law enforcement?s use of remote hacking techniques, which are being deployed more frequently but have been protected behind a veil of secrecy for years. In documents submitted by the government to the judicial system?s rule-making body this year, the government discussed using software to find suspected child pornographers who visited a U.S. site and concealed their identity using a strong anonymization tool called Tor. The government?s hacking tools?such as sending an email embedded with code that installs spying software ? resemble those used by criminal hackers. The government doesn?t describe these methods as hacking, preferring instead to use terms like ?remote access? and ?network investigative techniques.? Right now, investigators who want to search property, including computers, generally need to get a warrant from a judge in the district where the property is located, according to federal court rules. In a computer investigation, that might not be possible, because criminals can hide behind anonymizing technologies. In cases involving botnets?groups of hijacked computers?investigators might also want to search many machines at once without getting that many warrants. Some judges have already granted warrants in cases when authorities don?t know where the machine is. But at least one judge has denied an application in part because of the current rules. The department also wants warrants to be allowed for multiple computers at the same time, as well as for searches of many related storage, email and social media accounts at once, as long as those accounts are accessed by the computer being searched. ?Remote searches of computers are often essential to the successful investigation? of computer crimes, Acting Assistant Attorney General Mythili Raman wrote in a letter to the judicial system?s rulemaking authority requesting the change in September. The government tries to obtain these ?remote access warrants? mainly to ?combat Internet anonymizing techniques,? the department said in a memo to the authority in March. Some groups have raised questions about law enforcement?s use of hacking technologies, arguing that such tools mean the government is failing to help fix software problems exploited by criminals. ?It is crucial that we have a robust public debate about how the Fourth Amendment and federal law should limit the government?s use of malware and spyware within the U.S.,? said Nathan Wessler, a staff attorney at the American Civil Liberties Union who focuses on technology issues. A Texas judge who denied a warrant application last year cited privacy concerns associated with sending malware when the location of the computer wasn?t known. He pointed out that a suspect opening an email infected with spyware could be doing so on a public computer, creating risk of information being collected from innocent people. A former computer crimes prosecutor serving on an advisory committee of the U.S. Judicial Conference, which is reviewing the request, said he was concerned that allowing the search of multiple computers under a single warrant would violate the Fourth Amendment?s protections against overly broad searches. The proposed rule is set to be debated by the Judicial Conference?s Advisory Committee on Criminal Rules in early April, after which it would be opened to public comment. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 17:53:06 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 18:53:06 -0400 Subject: [Infowarrior] - HPSCI 'reform' bill threatens NSL challenges Message-ID: New NSA Bill From House Intelligence Committee Aims To Head Off Future Challenges To Legality Of National Security Letters http://www.techdirt.com/articles/20140326/16400426699/new-nsa-bill-house-intelligence-committee-aims-to-head-off-future-challenges-to-legality-national-security-letters.shtml --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Thu Mar 27 17:56:24 2014 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Mar 2014 18:56:24 -0400 Subject: [Infowarrior] - FYI: 8 Symptoms of Groupthink Message-ID: <87034F95-E19C-4AB9-BDF6-0A35359FD971@infowarrior.org> (Applicable to many analyses, not just investment decisions! ?rick) 8 Symptoms of Groupthink Posted on March 27, 2014 http://awealthofcommonsense.com/8-symptoms-groupthink/ ?Never underestimate the power of stupid people in large groups.? ? George Carlin A study on our eating habits found that, on average, if you dine with one other person you will eat about 35% more than if you were eating alone. If you?re out with a group of four other people you eat about 75% more and groups of 7 or more eat 96% more than if they were alone. This is the herd mentality at work. From an investing standpoint groupthink isn?t always a bad thing as markets tend to trend for long periods of time. But it can hurt your performance, especially at the extremes in investor sentiment, when you put the blinders on and assume that the crowd will be right always and forever. The list of groupthink investments that have gone terribly wrong over the years is a long one. To deal with the herd mentality problem, here are the 8 symptoms of groupthink from The Little Book of Behavioral Investing by James Montier: ? An illusion of invulnerability: Members ignore danger, take extreme risk and are overly optimistic. ? Collective rationalization: Members discredit and explain away warning contrary to group thinking. ? Belief in inherent morality: Members discredit and explain away warning contrary to group thinking. ? Stereotyped views of out-groups: The group constructs negative stereotypes of rivals outside the group. ? Direct pressure on dissenters: Members pressure any in the group who expresses arguments against the group?s stereotypes, illusions, or commitments, viewing such opposition as disloyalty. ? Self-censorship: Members withhold their dissenting views and counter-arguments. ? Illusion of unanimity: Members perceive falsely that everyone agrees with the group?s decision; silence is seen as consent. ? ?Mind guards? are appointed: Some members appoint themselves to the role of protecting the group from adverse information that might threaten group complacency. Now here are some ways to avoid getting too caught up in the herd: ? Be aware of the consequences if/when the group is wrong. ? Seek out alternative viewpoints that disagree with your own and keep an open mind. ? Try to poke holes in your own argument. In the words of Charlie Munger ? invert, always invert. Look at your ideas from the other side to better understand your own incentives. ? Understand the concept of mean reversion and the fact that investments can?t grow forever. ? Prepare to make mistakes. ? Write down your reasons for making the investment decision in the first place and review periodically to see if things have changed. ? Talk your ideas through with a trusted outside source that will give you honest feedback. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 28 06:08:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Mar 2014 07:08:18 -0400 Subject: [Infowarrior] - Sen Lame-r Alexander on "chilling speech" concerns Message-ID: <3106FC2B-8CF2-497B-840A-B78C80FE9795@infowarrior.org> Sen Lamar Alexander: if shills have to tell Congress who's paying them, it will "chill speech" Cory Doctorow at 8:00 pm Thu, Mar 27, 2014 Senator Lamar Alexander (R-TN) is one of many Republican legislators who've objected to a new policy at OSHA that requires experts to disclose when they have been funded by parties with an interest in the outcome of regulatory proceedings. According to Alexander, he and his colleagues are "very concerned about OSHA's attempt to have commenters disclose their financial backers," because "the chilling effect the financial disclosure could have seems counter to the idea of robust inclusion of a diverse set of ideas and views to inform the rule-making." The current proceeding is about whether silica in cement poses a health hazard, and OSHA wants to know if the experts it's hearing from have been paid to have an opinion one way or another. http://boingboing.net/2014/03/27/sen-lamar-alexander-if-shills.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 28 07:04:52 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Mar 2014 08:04:52 -0400 Subject: [Infowarrior] - HPSCI chair Rep Mike Rogers to retire Message-ID: (This can't happen fast enough in my view. But good news, anyway! --rick) Rep. Mike Rogers to retire, launch national radio show ? By Ed O'Keefe ? March 28 at 7:44 am http://www.washingtonpost.com/blogs/post-politics/wp/2014/03/28/rep-mike-rogers-to-retire-launch-national-radio-show/ Rep. Mike Rogers (R-Mich.), the chairman of the House Intelligence Committee, plans to retire from Congress after his current term to host a nationally radio show syndicated by Cumulus Media, he announced Friday. Rogers, 50, made the announcement in a statement and during interviews on Michigan radio stations Friday morning. "I have always believed in our founder's idea of a citizen legislature," he said in his statement. "I had a career before politics and always planned to have one after. The genius of our institutions is they are not dependent on the individual temporary occupants privileged to serve." Lew Dickey, the CEO of Cumulus, said "We are thrilled to have Chairman Rogers join our team. He has been instrumental helping to shape many of the most important issues and events of our time and will play a significant role in our expanding content platform." Cumulus own 460 radio stations nationwide and syndicates its programming to thousands more. Rogers has served in Congress since 2001 and is a former FBI agent who had been mentioned as a possible nominee to lead the FBI or CIA. In recent years he's been a regular guest on Sunday morning political talk shows, serving as a frequent critic of President Obama but more recently as a vocal defender of the National Security Agency in the wake of reports by The Washington Post and other outlets about the scope of the agency's surveillance programs. Rogers is a close ally of House Speaker John A. Boehner (R-Ohio) and is the third sitting House committee chairman to announce his retirement this year. He is also the third member of the Michigan congressional delegation to announce plans to step down. Already Sen. Carl Levin (D-Mich.) and Rep. John Dingell (D-Mich.) have announced their retirements. Rogers declined overtures by Republicans last year to run for Levin's seat, saying at the time that he could be more effective as chairman of the intelligence panel. Rogers hails from a safely Republican district and he didn't dispute suggestions Friday that his brother, Bill, might run for the seat. Rogers said in one of his radio interviews Friday that an announcement could come in the next few days. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 28 08:30:18 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Mar 2014 09:30:18 -0400 Subject: [Infowarrior] - =?windows-1252?q?After_seven_years=2C_exactly_one?= =?windows-1252?q?_person_gets_off_the_gov=92t_no-fly_list?= Message-ID: <4ED52844-3291-480B-BCB6-E163FFB449D5@infowarrior.org> After seven years, exactly one person gets off the gov?t no-fly list New report on terrorism "blacklists" suggests it won't be easier the next time. by Joe Silver - Mar 27 2014, 6:10pm EDT A hearing in federal court Tuesday has apparently marked the conclusion of a drawn-out, costly, and, to use the judge?s own term, ?Kafkaesque? legal battle over the government no-fly list. Malaysian college professor Rahinah Ibrahim sued the government back in 2006, after Dr. Ibrahim?s name mistakenly ended up on a federal government no-fly list. Last month, US District Judge William Alsup ruled that Ibrahim must be removed from the government's various watchlists. At Tuesday's hearing, a Department of Justice lawyer said that the government did not intend to appeal the ruling. The ruling in Ibrahim v. DHS calls into question the government's administration of its controversial no-fly list as well as other terrorist watch lists, but it leaves no clear roadmap for other people wrongly placed on such lists. Ibrahim's pro bono attorney, Elizabeth Pipkin, has asked for the government to pay more than $3.5 million to cover her legal fees and costs. Alsup didn't rule on that motion, but said that the issue was "not easy," while indicating that Pipkin is unlikely to be entitled to such a large payout. No recourse The Ibrahim case marks the first and only successful challenge to the terrorist watch-listing program, which arose following the 9/11 attacks. But Ibrahim's case, as just one of hundreds of thousands of individuals who have been placed on such lists, shows the system's opacity. First, the only surefire way to even determine if one is on such a list in the US is to attempt to board a flight and be denied. Even after that happens, when a denied person inquires about his or her status, the likely response will be that the government ?can neither confirm nor deny? the placement on such lists. The government's surrender in Ibrahim comes on the heels of a new report by the American Civil Liberties Union that shows just how insanely difficult it is to contest one's status on the government blacklists. The ACLU explains: ... < -- > http://arstechnica.com/tech-policy/2014/03/after-seven-years-exactly-one-person-gets-off-the-govt-no-fly-list/ --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Fri Mar 28 16:47:44 2014 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Mar 2014 17:47:44 -0400 Subject: [Infowarrior] - U.S. cyberwarfare force to grow significantly, defense secretary says Message-ID: U.S. cyberwarfare force to grow significantly, defense secretary says By Ellen Nakashima http://www.washingtonpost.com/world/national-security/us-cyberwarfare-force-to-grow-significantly-defense-secretary-says/2014/03/28/0a1fa074-b680-11e3-b84e-897d3d12b816_story.html The Pentagon is significantly growing the ranks of its cyberwarfare unit in an effort to deter and defend against foreign attacks on crucial U.S. networks, Defense Secretary Chuck Hagel said Friday. In his first major speech on cyber policy, Hagel sought to project strength but also to tame perceptions of the United States as an aggressor in computer warfare, stressing that the U.S. government ?does not seek to militarize cyberspace.? His remarks, delivered at the retirement ceremony of Gen. Keith Alexander, the outgoing director of the National Security Agency and Cyber Command, come in advance of Hagel?s trip to China next week, his first as defense secretary. The issues of cyberwarfare and cyber-espionage have been persistent sources of tensions between Washington and Beijing. Hagel said that the fighting force at U.S. Cyber Command will number more than 6,000 people by 2016, making it one of the largest such forces in the world. The force will help expand the president?s options for responding to a crisis with ?full-spectrum cyber capabilities,? Hagel said, a reference to cyber operations that can include destroying, damaging or sabotaging an adversary?s computer systems, and that can complement other military operations. But, Hagel said, the military?s first purpose is ?to prevent and de-escalate conflict.? The Pentagon will maintain ?an approach of restraint to any cyber operations outside of U.S. government networks.? Although some U.S. adversaries, notably China and Russia, which also have formidable cyber capabilities, may view his remarks with skepticism, Hagel said the Pentagon is making an effort to be ?open and transparent? about its cyberforces and doctrine. The hope, senior officials said, is that transparency will lead to greater stability in cyberspace. To underscore the point, Hagel?s speech was broadcast live online from NSA headquarters at Fort Meade, the first such broadcast from the agency. ?The most important point is we want people to understand the reality of what our policies are,?? said a senior defense official, who spoke on the condition of anonymity to discuss the Pentagon?s thinking. ?We only engage in cyber operations when it is something that is important, either providing options to the president, defending the [department] networks or, most importantly, ensuring the security of the United States and critical infrastructure.? Tensions over U.S. cyber operations intensified again last weekend after a report that the NSA had penetrated the networks of a Chinese telecommunications giant, Huawei Technologies, in search of evidence that it was involved in espionage operations for Beijing and to use its equipment to spy on adversaries such as Iran. After the disclosure, first reported by the New York Times and Der Spiegel, China demanded a halt to any such activity and called for an explanation. Such reports make it all the more important for the Pentagon to be candid, the senior official said. ?We want the Chinese to understand what it is we?re doing in building a cyberforce at Cyber Command, understand how we operate, understand the policies we use, like the policy of restraint,? the official said in a call with reporters before the speech. Analysts said that China and Russia were unlikely to be convinced by Hagel?s remarks. Revelations about NSA?s activities, based on documents provided by former contractor Edward Snowden, make U.S. assertions that it is focused on protecting U.S. national security ? and not actively infiltrating others? networks ? that much harder to accept, they said. Alexander, a 62-year-old Army general, is retiring after more than eight years at NSA?s helm ? the longest-serving agency director ever, and after 40 years of service. His last year has been, arguably, the most turbulent of any director?s as the agency has been buffeted by the disclosures. On Friday, Hagel praised Alexander?s service, saying he led the agency ?through countless intelligence breakthroughs and successes? and that his vision is driving the build-up of Cyber Command to an ?elite, modern cyberforce.? ?Cyber will be a part of all future conflicts,? Hagel said, repeating a point that Alexander has made over the years. Cyber Command?s teams will support regional combatant commands, defend department networks and defend the nation in the event of a major cyberattack on the United States, officials say. Their capabilities will be integrated into the services. Alexander, who is expected to be succeeded by Vice Adm. Michael S. Rogers, did not specifically mention the public disclosures over the past year of dozens of NSA programs or push to place new restrictions on the agency?s operations in the aftermath of those leaks. But he praised NSA employees ?for doing your job when many would have walked away. Thanks for not losing hope, faith and courage.? The agency?s employees deserve credit, Alexander said, for ?12-plus years without a major terrorist attack on our soil.? Greg Miller contributed to this report. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sat Mar 29 14:38:05 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 29 Mar 2014 15:38:05 -0400 Subject: [Infowarrior] - GCHQ and NSA Targeted Private German Companies Message-ID: <4A7DFA3D-9F42-449F-B7F4-36574774AAF7@infowarrior.org> 'A' for Angela Merkel: GCHQ and NSA Targeted Private German Companies By Laura Poitras, Marcel Rosenbach and Holger Stark Documents show that Britain's GCHQ intelligence service infiltrated German Internet firms and America's NSA obtained a court order to spy on Germany and collected information about the chancellor in a special database. Is it time for the country to open a formal espionage investigation? The headquarters of Stellar, a company based in the town of H?rth near Cologne, are visible from a distance. Seventy-five white antennas dominate the landscape. The biggest are 16 meters (52 feet) tall and kept in place by steel anchors. It is an impressive sight and serves as a popular backdrop for scenes in TV shows, including the German action series "Cobra 11." Stellar operates a satellite ground station in H?rth, a so-called "teleport." Its services are used by companies and institutions; Stellar's customers include Internet providers, telecommunications companies and even a few governments. "The world is our market," is the high-tech company's slogan. Using their ground stations and leased capacities from satellites, firms like Stellar -- or competitors like Cetel in the nearby village of Ruppichteroth or IABG, which is headquartered in Ottobrunn near Munich -- can provide Internet and telephone services in even the most remote areas. They provide communications links to places like oil drilling platforms, diamond mines, refugee camps and foreign outposts of multinational corporations and international organizations. Super high-speed Internet connections are required at the ground stations in Germany in order to ensure the highest levels of service possible. Most are connected to major European Internet backbones that offer particularly high bandwidth. < ? > http://www.spiegel.de/international/germany/gchq-and-nsa-targeted-private-german-companies-a-961444.html From rforno at infowarrior.org Sun Mar 30 10:11:58 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 30 Mar 2014 11:11:58 -0400 Subject: [Infowarrior] - The inside story of MIT and Aaron Swartz Message-ID: <50F38C6F-A6AD-4B4C-886D-84F6A9D676AE@infowarrior.org> The inside story of MIT and Aaron Swartz More than a year after Swartz killed himself rather than face prosecution, questions about MIT?s handling of the hacking case persist < - > http://www.bostonglobe.com/metro/2014/03/29/the-inside-story-mit-and-aaron-swartz/YvJZ5P6VHaPJusReuaN7SI/story.html --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Sun Mar 30 18:00:38 2014 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 30 Mar 2014 19:00:38 -0400 Subject: [Infowarrior] - German University Tells Elsevier 'No Deal' Message-ID: (c/o EP) German University Tells Elsevier 'No Deal' 27 March 2014 1:30 pm http://news.sciencemag.org/people-events/2014/03/german-university-tells-elsevier-no-deal In the stacks. The library at the University of Konstanz, which is balking at journal prices charged by publisher Elsevier. In the latest skirmish between academia and publishers over the costs of academic journals, the University of Konstanz in Germany has broken off negotiations over a new licensing agreement with the scientific publisher Elsevier. The publisher?s prices are too high, said university Rector Ulrich R?diger in a statement, and the institution ?will no longer keep up with this aggressive pricing policy and will not support such an approach.? Journals offered by the Dutch publishing giant, which sells more than 2500 titles, were covered by what was the university?s most expensive license by far, says Julia Wandt, the university?s head of communications and marketing. Negotiations had been ongoing since October, she says. The average Elsevier journal license cost 3400 euros ($4693) per year, three times as high as licenses offered by the second-priciest publisher, the university said in a statement. Wandt says Elsevier?s prices had increased more than 30% in the last 5 years. Adding to tensions, the university hinted, was a feeling that academia is essentially paying twice for its own work. "Universities are in a way forced to purchase a good back in the form of expensive subscription fees ? a good which is actually produced by their own scientists," said Petra H?tscher, a university administrator, in a statement. Other universities have made similar threats in the past, among them the University of California, which threatened both Elsevier and Nature Publishing Group with boycotts. Those disputes were both resolved, and the university continued its site licenses. The breakdown doesn?t mean that University of Konstanz researchers will completely lose access to the journals, officials say. The university has access to journal archives through the end of 2013, Wandt says, and if researchers want to read articles from 2014, they will be able to access them through interlibrary loan or purchase them on a pay-per-view basis. The university library will cover any associated fees, she says, which administrators expect to be less expensive than the license agreement. If Elsevier approaches the university with a new offer, they would consider it, Wandt says, but for now ?the matter is settled.? Elsevier had not responded to a request for comment as this article went to press. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 31 07:08:29 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Mar 2014 08:08:29 -0400 Subject: [Infowarrior] - Court: Search Engine Censorship = Free Speech References: <533952C0.7070900@inetassoc.com> Message-ID: <50F69208-84DA-4D73-9795-65E63F8CE91B@infowarrior.org> (c/o DS) Begin forwarded message: > http://www.nextgov.com/cio-briefing/2014/03/us-court-just-ruled-censorship-search-engines-form-free-speech/81517/ > > A US COURT JUST RULED THAT CENSORSHIP BY SEARCH ENGINES IS A FORM OF FREE SPEECH > > Alexander F. Yuan/AP File Photo > By Heather Timmons > March 28, 2014 > > A US District Court judge dismissed a lawsuit March 27 that accused Chinese search engine Baidu of illegally suppressing free speech by censoring information about democracy movements in China on the internet. The decision raises some unsettling questions about the world?s dependency on a handful of search engines. > > The group of activists who brought the suit said Baidu?s government-mandated censorship was preventing Baidu?s users in the US from seeing their work, and thus violated their right to free speech under the US constitution?s First Amendment. Judge Jesse M. Furman?s paradoxical conclusion was that forbidding Baidu from censoring results would be a violation of its right to free speech, as the ruling states: > > >> > The case raises the question of whether the First Amendment protects as speech the results produced by an Internet search engine. The Court concludes that, at least in the circumstances presented here, it does. Accordingly, allowing Plaintiffs to sue Baidu for what are in essence editorial judgments about which political ideas to promote would run afoul of the First Amendment. > << > > The topic, he notes, has ?been the subject of vigorous academic debate? but has received little attention from courts, except two rulings with ?sparse analysis? that came down on the same side he did. > > He cites instead legal precedents in which a newspaper and a gay rights parade stand in for the internet search engine. They were being sued to include information or participants they didn?t want to. He concludes: ?as a general matter, the Government may not interfere with the editorial judgments of private speakers on issues of public concern.? > > The difference between a monolithic internet search engine like Baidu or Google and a newspaper or a private parade, though, is that most of Google?s billions of users or Baidu?s estimated 530 million won?t encounter another comparable source of information (like a newspaper) with similar reach, and they can?t create their own alternative (like the marchers who were excluded from the parade.) > > The dominant search engines are far ahead of their nearest competitors. And people tend to use one search engine exclusively, whereas newspaper readers are likely to see news from other sources too (radio, TV, the internet, even another newspaper). To wipe a topic or person from the leading search engine is, therefore, effectively to wipe them from much of public discourse. > > Here?s a look at how much Baidu dominates the Chinese internet market, for example, from EnfoDesk via ChinaInternetWatch: > > In the US, Google has 67% of the internet search market, followed by distant second Bing with 18.1%, according to ComScore. Google is even more dominant in some European countries, like the Netherlands, where it has a 94% market share. It leads in Latin American markets as well. > > Wiping a person or topic from the public discourse is of course what the Chinese government intended with its censorship on democracy movements. But the issue is bigger than China?s censorship. If, like Baidu, Google were to decide to censor individuals or companies or their work from the internet for any other reason, they would practically disappear from the public discourse in many countries, killing business, personal and other opportunities. And according to Judge Furman?s ruling, Google would be within its rights to free speech to do so. > From rforno at infowarrior.org Mon Mar 31 11:59:22 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Mar 2014 12:59:22 -0400 Subject: [Infowarrior] - Report: RSA endowed crypto product with second NSA-influenced code Message-ID: <5B05F726-A1B9-457C-B873-74FE0D9167EC@infowarrior.org> Report: RSA endowed crypto product with second NSA-influenced code Extended Random like "dousing yourself with gasoline," professor warns. by Dan Goodin - Mar 31 2014, 11:49am EDT http://arstechnica.com/security/2014/03/report-rsa-endowed-crypto-product-with-second-nsa-influenced-code/ Security provider RSA endowed its BSAFE cryptography toolkit with a second NSA-influenced random number generator (RNG) that's so weak it makes it easier for eavesdroppers to decrypt protected communications, Reuters reported Monday. Citing soon-to-be-published research from several universities, Reuters said the Extended Random extension for secure websites allows attackers to work tens of thousands of times faster when breaking cryptography that uses the Dual EC_DRBG algorithm to generate the random numbers that populate a specific cryptographic key. Dual EC_DRBG is a pseudo-random number generator that was developed by cryptographers from the National Security Agency and was the default RNG in BSAFE even after researchers demonstrated weaknesses so severe that many suspected they were introduced intentionally so the US spy agency could exploit them to crack encrypted communications of people it wanted to monitor. In December, Reuters reported that the NSA paid RSA $10 million to give Dual EC_DRBG its favored position in BSAFE. Extended Random was a second RNG that would presumably make cryptographic keys more robust by adding a second source of randomness. In theory, the additional RNG should increase the entropy used when constructing a new key. In reality, the algorithm made protected communications even easier for attackers to decrypt by reducing the time it takes to predict the random numbers generated by Dual EC_DRBG, which is short for Dual Elliptic Curve, Reuters reported Monday. "If using Dual Elliptic Curve is like playing with matches, then adding Extended Random is like dousing yourself with gasoline," Matt Green, a professor specializing in cryptography at Johns Hopkins University and one of the authors of the upcoming academic report, told Reuters. Monday's report continued: "The NSA played a significant role in the origins of Extended Random. The authors of the 2008 paper on the protocol were Margaret Salter, technical director of the NSA's defensive Information Assurance Directorate, and an outside expert named Eric Rescorla. Rescorla, who has advocated greater encryption of all Web traffic, works for Mozilla, maker of the Firefox Web browser. He and Mozilla declined to comment. Salter did not respond to requests for comment. Though few companies appear to have embraced Extended Random, RSA did. The company built in support for the protocol in BSafe toolkit versions for the Java programming language about five years ago, when a preeminent Internet standards group?the Internet Engineering Task Force?was considering whether to adopt Extended Random as an industry standard. The IETF decided in the end not to adopt the protocol." The researchers said it took them about an hour to crack a free version of BSAFE for Java using about $40,000 worth of computer gear, Reuters reported. Cracking was 65,000 times faster when BSAFE used Extended Random, an improvement that reduced attacks to seconds. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 31 12:42:43 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Mar 2014 13:42:43 -0400 Subject: [Infowarrior] - FCC Increases 5GHz Spectrum for Wi-Fi, Other Unlicensed Uses Message-ID: http://www.fcc.gov/document/fcc-increases-5ghz-spectrum-wi-fi-other-unlicensed-uses FCC Increases 5GHz Spectrum for Wi-Fi, Other Unlicensed Uses Released: March 31, 2014 NEWS Federal Communications Commission News Media Information 202 / 418-0500 445 12th Street, S.W. Internet: http://www.fcc.gov Washington, D. C. 20554 TTY: 1-888-835-5322 FOR IMMEDIATE RELEASE: NEWS MEDIA CONTACT: March 31, 2014 Bruce Romano, 202-418-2124 Bruce.Romano at fcc.gov FCC INCREASES AVAILABILITY OF SPECTRUM FOR HIGH-SPEED, HIGH-CAPACITY WI-FI AND OTHER UNLICENSED USES IN THE 5 GHz BAND Washington, D.C. ? The Federal Communications Commission today provided for accelerated growth and expansion of new Wi-Fi technology that can offer faster speeds of one gigabit per second or more, increase overall capacity, and reduce congestion at Wi-Fi hot spots. The new rules will make 100 MHz of spectrum more accessible for use in homes and congested spaces like convention centers, parks, and airports and increase the potential for more unlicensed spectrum innovation. The Commission adopted a Report and Order modifying the rules governing the operation of Unlicensed National Information Infrastructure (U-NII) devices operating in the 5 GHz band. By its action the Commission significantly increased the utility of the 100 megahertz of spectrum, and streamlined existing rules and equipment authorization procedures for devices throughout the 5 GHz band. U-NII devices play an important role in meeting public demand for wireless broadband service. Currently U-NII devices operate in 555 megahertz of spectrum in the 5 GHz band, and are used for Wi-Fi and other high-speed wireless connections. These devices support a variety of applications including Wi-Fi hot spots and wireless home local area networks to connect smart phones, tablets and laptops to the Internet, broadband service to rural areas offered by Wireless Internet Service Providers and off-loading of traffic from commercial cellular wireless networks. The rules adopted today remove the current restriction on indoor-only use and increase the permissible power which will provide more robust access in the 5.150-5.250 GHz band. This in turn will allow U-NII devices to better integrate with other unlicensed portions of the 5 GHz band to offer faster speeds and reduce congestion at crowded Wi-Fi hot spots such as airports and convention centers. The Commission also modified certain technical rules to improve protection for incumbent systems by requiring manufacturers to secure their devices against illegal modification which could cause interference to incumbent users in the band. Action by the Commission March 31, 2014 by First Report and Order (FCC 14-30). Chairman Wheeler, Commissioners, Clyburn, Rosenworcel, Pai, and O?Rielly with Chairman Wheeler, Commissioners Clyburn, Rosenworcel, Pai and O?Rielly issuing statements. For further information, contact Mark Settle (202-418-2470); mark.settle at fcc.gov ) or Aole Wilkins (202-418-2406); aole.wilkins at fcc.gov). -- FCC -- --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 31 17:06:01 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Mar 2014 18:06:01 -0400 Subject: [Infowarrior] - FBI Probing High-Speed Traders Over Abuse of Information Message-ID: <198A119E-F076-46E3-9218-6CEE92F1040B@infowarrior.org> FBI Said to Probe High-Speed Traders Over Abuse of Information By Keri Geiger and Patricia Hurtado Mar 31, 2014 5:48 PM ET http://www.bloomberg.com/news/2014-03-31/fbi-said-to-probe-high-speed-traders-over-abuse-of-information.html Federal agents are investigating whether high-frequency trading firms violate U.S. laws by acting on nonpublic information to gain an edge over competitors, according to a person with knowledge with the probe. The Federal Bureau of Investigation?s inquiry stems from a multiyear crackdown on insider trading, which has led to at least 79 convictions of hedge-fund traders and others. Agents are examining whether traders abuse information to act ahead of orders by institutional investors, according to the person, who asked not to be named because the probe is confidential. Even trades based on computer algorithms could amount to wire fraud, securities fraud or insider trading. The FBI joins a roster of authorities examining high-frequency trading, in which firms typically use super-fast computers to post and cancel orders at rates measured in thousandths or even millionths of a second to capture price discrepancies. New York Attorney General Eric Schneiderman opened a broad investigation into whether U.S. stock exchanges and alternative venues give such traders improper advantages. To contact the reporters on this story: Keri Geiger in New York at kgeiger4 at bloomberg.net; Patricia Hurtado in Federal Court in Manhattan at pathurtado at bloomberg.net To contact the editors responsible for this story: Sara Forden at sforden at bloomberg.net; Michael Hytha at mhytha at bloomberg.net David Scheer --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. From rforno at infowarrior.org Mon Mar 31 17:30:21 2014 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Mar 2014 18:30:21 -0400 Subject: [Infowarrior] - Feds mull DNA testing for security clearances Message-ID: Feds mull DNA testing for security clearances By JOSH GERSTEIN 3/31/14 1:58 PM EDT http://www.politico.com/blogs/under-the-radar/2014/03/feds-mull-dna-testing-for-security-clearances-186046.html The U.S. Government is considering requiring DNA testing as part of the process for background checks on applicants for security clearances needed to access classified information, according to a Defense Department notice made public Monday. "The Federal Government is looking into the feasibility of using biometric identifiers other than fingerprints in the security clearance process," the Pentagon said in response to a comment it received on new personnel security regulations for the Defense Department. In the comment, an unnamed individual suggested that adding DNA testing to the background check process "would help [ensure] that no applicant for a clearance is a subject of an active federal, state, or local criminal investigation based on DNA evidence" and "would achieve the same end as the current collection of fingerprints." While the Defense Department declined to implement a DNA testing requirement on a unilateral basis at this time, officials indicated the idea of obtaining DNA from those seeking clearances could have merit and is under review. "Any such requirement such as the suggested collection of DNA from clearance applicants would be covered in a separate rulemaking. As the comment correctly notes, such a policy would be best coordinated with the other federal agencies with personnel security programs to [ensure] appropriate reciprocity of clearances between agencies," the Pentagon announcement said. The discussion of potential DNA testing in the federal government's security clearance process is set to appear in Tuesday's Federal Register. A preview of the announcement is posted here. The federal government currently conducts DNA testing on persons arrested on federal criminal charges, but does not seek such information for job applicants or security clearances. Spokespeople for the Office of Personnel Management and the Director of National Intelligence, who have joint authority over the security clearance process, had no immediate comment Monday on the state of any review of DNA and other biometric technologies. UPDATE (Monday, 3:37 P.M.): This post has been updated to correct spelling in the Pentagon notice. --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it.