Slashdot Mirror

An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle's occupants.

"The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren't supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. ... In short: the technology is looking at your image, the image of the people you're with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox's software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)"

An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle's occupants.

"The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren't supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. ... In short: the technology is looking at your image, the image of the people you're with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox's software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)"

An anonymous reader writes: Ken White at Popehat explains how the U.S. Drug Enforcement Agency has been purposefully sowing disinformation to hide the extent of their surveillance powers. The agency appears to have used a vast database of telecommunications metadata, which they acquired via general (read: untargeted, dragnet-style) subpoenas. As they begin building cases against suspected criminals, they trawl the database for relevant information. Of course, this means the metadata of many innocent people is also being held and occasionally scanned. The Electronic Frontier Foundation has filed a lawsuit to challenge this bulk data collection. The DEA database itself seems to have been shut down in 2013, but not before the government argued that it should be fine not only to engage in this collection, but to attempt to hide it during court cases. The courts agreed, which means this sort of surveillance could very well happen again — and the EFF is trying to prevent that.

eldavojohn writes It's 2015 and the EFF is still submitting requests to alter or exempt certain applications of the draconian DMCA. One such request concerns abandoned games that utilized or required online servers for matchmaking or play (PDF warning) and the attempts taken to archive those games. A given example is Madden '09, which had its servers shut down a mere one and a half years after release. Another is Gamespy and the EA & Nintendo titles that were not migrated to other servers. I'm sure everyone can come up with a once cherished game that required online play that is now abandoned and lost to the ages. While the EFF is asking for exemptions for museums and archivists, the ESA appears to take the stance that it's hacking and all hacking is bad. In prior comments (PDF warning), the ESA has called reverse engineering a proprietary game protocol "a classic wolf in sheep's clothing" as if allowing this evil hacking will loose Sodom & Gomorrah upon the industry. Fellow gamers, these years now that feel like the golden age of online gaming will be the dark ages of games as historians of the future try to recreate what online play was like now for many titles.

eldavojohn writes It's 2015 and the EFF is still submitting requests to alter or exempt certain applications of the draconian DMCA. One such request concerns abandoned games that utilized or required online servers for matchmaking or play (PDF warning) and the attempts taken to archive those games. A given example is Madden '09, which had its servers shut down a mere one and a half years after release. Another is Gamespy and the EA & Nintendo titles that were not migrated to other servers. I'm sure everyone can come up with a once cherished game that required online play that is now abandoned and lost to the ages. While the EFF is asking for exemptions for museums and archivists, the ESA appears to take the stance that it's hacking and all hacking is bad. In prior comments (PDF warning), the ESA has called reverse engineering a proprietary game protocol "a classic wolf in sheep's clothing" as if allowing this evil hacking will loose Sodom & Gomorrah upon the industry. Fellow gamers, these years now that feel like the golden age of online gaming will be the dark ages of games as historians of the future try to recreate what online play was like now for many titles.

eldavojohn writes It's 2015 and the EFF is still submitting requests to alter or exempt certain applications of the draconian DMCA. One such request concerns abandoned games that utilized or required online servers for matchmaking or play (PDF warning) and the attempts taken to archive those games. A given example is Madden '09, which had its servers shut down a mere one and a half years after release. Another is Gamespy and the EA & Nintendo titles that were not migrated to other servers. I'm sure everyone can come up with a once cherished game that required online play that is now abandoned and lost to the ages. While the EFF is asking for exemptions for museums and archivists, the ESA appears to take the stance that it's hacking and all hacking is bad. In prior comments (PDF warning), the ESA has called reverse engineering a proprietary game protocol "a classic wolf in sheep's clothing" as if allowing this evil hacking will loose Sodom & Gomorrah upon the industry. Fellow gamers, these years now that feel like the golden age of online gaming will be the dark ages of games as historians of the future try to recreate what online play was like now for many titles.

An anonymous reader writes Comedian and journalist John Oliver set out to understand US Government surveillance in advance of the June 2015 expiration of section 215 of the Patriot Act. What resulted was a humorous but exceptionally journalistic interview of Edward Snowden which distilled the issues down in a (NSFW) way everyone can understand. Regardless of whether you view Snowden as a despicable traitor or an honorable whistleblower, it's worth a watch.

An anonymous reader sends this report from TechDirt: As you know, last year the Supreme Court made a very important ruling in the Alice v. CLS Bank case, in which it basically said that merely doing something on a general purpose computer didn't automatically make it patentable. ... However, the USPTO apparently was offended at parts of the EFF's comment submission, claiming that it was an "improper protest." Protest or not, the EFF denies in strong terms that the original comments were improper.

An anonymous reader writes: The Digital Millennium Copyright Act contains anti-circumvention prohibitions that affect everything from music files to cell phones. The EFF noticed that it could apply to cars as well, so they asked for an exemption to be put in place so car owners would be free to inspect and modify the code running on their vehicles. It turns out U.S. automakers don't agree — they filed opposition comments through trade associations. "They say you shouldn't be allowed to repair your own car because you might not do it right. They say you shouldn't be allowed to modify the code in your car because you might defraud a used car purchaser by changing the mileage. They say no one should be allowed to even look at the code without the manufacturer's permission because letting the public learn how cars work could help malicious hackers, "third-party software developers" (the horror!), and competitors. John Deere even argued that letting people modify car computer systems will result in them pirating music through the on-board entertainment system, which would be one of the more convoluted ways to copy media (and the exemption process doesn't authorize copyright infringement, anyway)."

An anonymous reader writes: The Digital Millennium Copyright Act contains anti-circumvention prohibitions that affect everything from music files to cell phones. The EFF noticed that it could apply to cars as well, so they asked for an exemption to be put in place so car owners would be free to inspect and modify the code running on their vehicles. It turns out U.S. automakers don't agree — they filed opposition comments through trade associations. "They say you shouldn't be allowed to repair your own car because you might not do it right. They say you shouldn't be allowed to modify the code in your car because you might defraud a used car purchaser by changing the mileage. They say no one should be allowed to even look at the code without the manufacturer's permission because letting the public learn how cars work could help malicious hackers, "third-party software developers" (the horror!), and competitors. John Deere even argued that letting people modify car computer systems will result in them pirating music through the on-board entertainment system, which would be one of the more convoluted ways to copy media (and the exemption process doesn't authorize copyright infringement, anyway)."

angry tapir writes: It's not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation. They write, "ODNI has now finished releasing documents in response to our suit, and the results are surprisingly meager. Among the handful of heavily redacted documents is a one-page list of VEP 'Highlights' from 2010. It briefly describes the history of the interagency working group that led to the development of the VEP and notes that the VEP established an office called the 'Executive Secretariat' within the NSA. The only other highlight left unredacted explains that the VEP 'creates a process for notification, decision-making, and appeals.' And that's it. This document, which is almost five years old, is the most recent one released. So where are the documents supporting the 'reinvigorated' VEP 2.0 described by the White House in 2014?"

angry tapir writes: It's not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation. They write, "ODNI has now finished releasing documents in response to our suit, and the results are surprisingly meager. Among the handful of heavily redacted documents is a one-page list of VEP 'Highlights' from 2010. It briefly describes the history of the interagency working group that led to the development of the VEP and notes that the VEP established an office called the 'Executive Secretariat' within the NSA. The only other highlight left unredacted explains that the VEP 'creates a process for notification, decision-making, and appeals.' And that's it. This document, which is almost five years old, is the most recent one released. So where are the documents supporting the 'reinvigorated' VEP 2.0 described by the White House in 2014?"

jones_supa writes As is the search engine company's annual habit, DuckDuckGo has chosen to advance four open source projects by donating to them. The primary focus this year was to support FOSS projects that bring privacy tools to anyone who needs them. $25,000 goes to The Freedom of the Press Foundation to support SecureDrop, which is a whistleblower submission used to securely accept documents from anonymous sources. The Electronic Frontier Foundation was given $25,000 to support PrivacyBadger, which is a browser add-on that stops advertisers and other third-party trackers from secretly tracking your surfing habits. Another $25,000 arrives at GPGTools to support GPG Suite, which is a software package for OS X that encrypts files or messages. Finally, $25,000 was donated to Riseup to support Tails, which is a live operating system that aims at preserving your privacy and anonymity.

An anonymous reader writes On Monday, the U.S. Supreme Court refused to review a case involving the conviction of a man based solely on the analysis of his "inadvertently shed" DNA. The Electronic Frontier Foundation (EFF) argues that this tacit approval of the government's practice of collecting anyone's DNA anywhere without a warrant will lead to a future in which people's DNA are "entered into and checked against DNA databases and used to conduct pervasive surveillance."

An anonymous reader writes: The Electronic Frontier Foundation went through a recent leak of the secretive Trans-Pacific Partnership agreement, an international treaty in development that (among other things) would impose new intellectual property laws on much of the developed world. The EFF highlights one section in particular, which focuses on the punishments for copyright infringement. The document doesn't set specific sentences, but it actively encourages high monetary penalties and jail terms. Its authors reason that these penalties will be a deterrent to future infringement. "The TPP's copyright provisions even require countries to enable judges to unilaterally order the seizure, destruction, or forfeiture of anything that can be 'traceable to infringing activity,' has been used in the 'creation of pirated copyright goods,' or is 'documentary evidence relevant to the alleged offense.' Under such obligations, law enforcement could become ever more empowered to seize laptops, servers, or even domain names."

According to the EFF's Deep LInks, Through a request under South Carolina’s Freedom of Information Act, EFF found that, over the last three years, prison officials have brought more than 400 hundred disciplinary cases for "social networking" — almost always for using Facebook. The offenses come with heavy penalties, such as years in solitary confinement and deprivation of virtually all privileges, including visitation and telephone access. In 16 cases, inmates were sentenced to more than a decade in what’s called disciplinary detention, with at least one inmate receiving more than 37 years in isolation. ... The sentences are so long because SCDC issues a separate Level 1 violation for each day that an inmate accesses a social network. An inmate who posts five status updates over five days, would receive five separate Level 1 violations, while an inmate who posted 100 updates in one day would receive only one. In other words, if a South Carolina inmate caused a riot, took three hostages, murdered them, stole their clothes, and then escaped, he could still wind up with fewer Level 1 offenses than an inmate who updated Facebook every day for two weeks.

An anonymous reader writes: Games that rely on remote servers became the norm many years ago, and as those games age, it's becoming more and more common for the publisher to shut them down when they're no longer popular. This is a huge problem for the remaining fans of the games, and the Digital Millennium Copyright Act forbids the kind of hacks and DRM circumvention required for the players to host their own servers. Fortunately, the EFF and law student Kendra Albert are on the case. They've asked the Copyright Office for an exemption in the case of players who want to keep abandoned games alive. It's another important step in efforts to whittle away at overreaching copyright laws.

An anonymous reader writes: Games that rely on remote servers became the norm many years ago, and as those games age, it's becoming more and more common for the publisher to shut them down when they're no longer popular. This is a huge problem for the remaining fans of the games, and the Digital Millennium Copyright Act forbids the kind of hacks and DRM circumvention required for the players to host their own servers. Fortunately, the EFF and law student Kendra Albert are on the case. They've asked the Copyright Office for an exemption in the case of players who want to keep abandoned games alive. It's another important step in efforts to whittle away at overreaching copyright laws.

An anonymous reader writes with news about what might be the largest Freedom of Information Act fee yet. "The EFF recently kicked off a contest for the 'most outrageous response to a Freedom of Information Act request' and we already have a frontrunner for the first inaugural 'Foilie.' MuckRock's loose confederation of FOIA rabblerousers has been hit with a $1.4 million price tag for John Dyer's request for documents related to the 'localization and capture' of Mexican drug lord 'El Chapo.'"

Trailrunner7 writes: In the years since Edward Snowden began putting much of the NSA's business in the street, including its reliance on the secret FISA court and National security Letters, warrant canaries have emerged as a key method for ISPs, telecoms, and other technology providers to let the public know whether they have received any secret orders. But keeping track of the various canaries scattered around the Web is difficult, so a group of legal and civil liberties organizations have come together to launch a new site to monitor the known warrant canaries.

The Canary Watch site is the work of the EFF, the Berkman Center for Internet and Society, and NYU's Technology Law and Policy Center and it works on a simple concept. The site maintains a list of all of the known warrant canaries and periodically checks each organization's site to see whether the canary is still there and then lists any changes to the status. Right now, Canary Watch lists 11 organizations, including Lookout, Pinterest, Reddit, and Tumblr.

"Canarywatch lists the warrant canaries we know about, tracks changes or disappearances of those canaries, and allows users to submit canaries not listed on the site. For people with interest in a particular canary, the site will show any changes we know about," Nadia Kayyali of the EFF said in a blog post.

itwbennett writes: The Federal Aviation Administration has issued eight more commercial drone licenses, the latest approvals for several hundred applications it has received. The newest licenses went to companies planning to use drones for video and TV production, aerial photography and surveying and inspecting flare stacks in the oil, natural gas and petro-chemical industry. Other readers sent in followups to last week's stories about an enthusiast's drone that crashed onto the White House grounds, and the subsequent firmware update from the drone's manufacturer to enforce a no-fly zone in that area. The EFF argues that this is a shortsighted solution and only serves to highlight how the concept of ownership is increasingly being pulled out of users' hands. Meanwhile, such "no-fly zone" updates give rise to a host of liability issues for manufacturers and enthusiasts alike.

An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age.

They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."

An anonymous reader tips an Associated Press report saying that Healthcare.gov is sending users' personal data to private companies. The information involved is typical ad-related analytic data: "...it can include age, income, ZIP code, whether a person smokes, and if a person is pregnant. It can include a computer's Internet address, which can identify a person's name or address when combined with other information collected by sophisticated online marketing or advertising firms." The Electronic Frontier Foundation confirmed the report, saying that data is being sent from Healthcare.gov to at least 14 third-party domains.

The EFF says, "Sending such personal information raises significant privacy concerns. A company like Doubleclick, for example, could match up the personal data provided by healthcare.gov with an already extensive trove of information about what you read online and what your buying preferences are to create an extremely detailed profile of exactly who you are and what your interests are. It could do all this based on a tracking cookie that it sets which would be the same across any site you visit. Based on this data, Doubleclick could start showing you smoking ads or infer your risk of cancer based on where you live, how old you are and your status as a smoker. Doubleclick might start to show you ads related to pregnancy, which could have embarrassing and potentially dangerous consequences such as when Target notified a woman's family that she was pregnant before she even told them. "

Gamoid writes: The Electronic Frontier Foundation has identified online harassment as a major challenge facing free speech on the Internet, and lays out its plan to fix it. They say, "Online harassment is a digital rights issue. At its worst, it causes real and lasting harms to its targets, a fact that must be central to any discussion of harassment. Unfortunately, it's not easy to craft laws or policies that will address those harms without inviting government or corporate censorship and invasions of privacy—including the privacy and free speech of targets of harassment. ... Just because the law sometimes allows a person to be a jerk (or worse) doesn’t mean that others in the community are required to be silent or to just stand by and let people be harassed. We can and should stand up against harassment. Doing so is not censorship—it’s being part of the fight for an inclusive and speech-supporting Internet."

schwit1 writes The EFF launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to their action center quickly and easily, using a variety of mobile devices. Sadly, though, they had to leave out Apple devices and the folks who use them. Why? Because they could not agree to the terms in Apple's Developer Agreement and Apple's DRM requirements.

schwit1 writes The EFF launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to their action center quickly and easily, using a variety of mobile devices. Sadly, though, they had to leave out Apple devices and the folks who use them. Why? Because they could not agree to the terms in Apple's Developer Agreement and Apple's DRM requirements.

schwit1 writes The EFF launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to their action center quickly and easily, using a variety of mobile devices. Sadly, though, they had to leave out Apple devices and the folks who use them. Why? Because they could not agree to the terms in Apple's Developer Agreement and Apple's DRM requirements.

An anonymous reader writes with this news from the EFF's Deep Links: The public got an early holiday gift today when a federal court agreed with us that six weeks of continually video recording the front yard of someone's home without a search warrant violates the Fourth Amendment. In United States v. Vargas local police in rural Washington suspected Vargas of drug trafficking. In April 2013, police installed a camera on top of a utility pole overlooking his home. Even though police did not have a warrant, they nonetheless pointed the camera at his front door and driveway and began watching every day. A month later, police observed Vargas shoot some beer bottles with a gun and because Vargas was an undocumented immigrant, they had probable cause to believe he was illegally possessing a firearm. They used the video surveillance to obtain a warrant to search his home, which uncovered drugs and guns, leading to a federal indictment against Vargas.

Peter Eckersley writes: Today EFF, Mozilla, Cisco, and Akamai announced a forthcoming project called Let's Encrypt. Let's Encrypt will be a certificate authority that issues free certificates to any website, using automated protocols (demo video here). Launching in summer 2015, we believe this will be the missing piece that deprecates the woefully insecure HTTP protocol in favor of HTTPS.

Peter Eckersley writes: Today EFF, Mozilla, Cisco, and Akamai announced a forthcoming project called Let's Encrypt. Let's Encrypt will be a certificate authority that issues free certificates to any website, using automated protocols (demo video here). Launching in summer 2015, we believe this will be the missing piece that deprecates the woefully insecure HTTP protocol in favor of HTTPS.

New submitter riskkeyesq writes with a link to a blog post from Dane Jasper, CEO of Sonic.net, about what Jasper sees as the deepest problem in the U.S. broadband market and the Internet in general: "There are a number of threats to the Internet as a system for innovation, commerce and education today. They include net neutrality, the price of Internet access in America, performance, rural availability and privacy. But none of these are the root issue, they're just symptoms. The root cause of all of these symptoms is a disease: a lack of competition for consumer Internet access." Soft landings for former legislators, lobbyists disguised as regulators, hundreds of thousands of miles of fiber sitting unused, the sham that is the internet provider free market is keeping the US in a telecommunications third-world. What, exactly, can American citizens do about it? One upshot, in Jasper's opinion (hardly disinterested, is his role at CEO at an ISP that draws praise from the EFF for its privacy policies) is this: "Today’s FCC should return to the roots of the Telecom Act, and reinforce the unbundling requirements, assuring that they are again technology neutral. This will create an investment ladder to facilities for competitive carriers, opening access to build out and serve areas that are beyond our reach today."

Presto Vivace points out this troubling new report from the Electronic Frontier Foundation: Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

Presto Vivace points out this troubling new report from the Electronic Frontier Foundation: Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

An anonymous reader writes: The EFF, representing a coalition of computer scientists, filed an amicus brief with the Supreme Court yesterday hoping for a ruling that APIs can't be copyrighted. The names backing the brief include Bjarne Stroustrup, Ken Thompson, Guido van Rossum, and many other luminaries. "The brief explains that the freedom to re-implement and extend existing APIs has been the key to competition and progress in both hardware and software development. It made possible the emergence and success of many robust industries we now take for granted—for example, mainframes, PCs, and workstations/servers—by ensuring that competitors could challenge established players and advance the state of the art. The litigation began several years ago when Oracle sued Google over its use of Java APIs in the Android OS. Google wrote its own implementation of the Java APIs, but, in order to allow developers to write their own programs for Android, Google's implementation used the same names, organization, and functionality as the Java APIs."

An anonymous reader writes: The EFF, representing a coalition of computer scientists, filed an amicus brief with the Supreme Court yesterday hoping for a ruling that APIs can't be copyrighted. The names backing the brief include Bjarne Stroustrup, Ken Thompson, Guido van Rossum, and many other luminaries. "The brief explains that the freedom to re-implement and extend existing APIs has been the key to competition and progress in both hardware and software development. It made possible the emergence and success of many robust industries we now take for granted—for example, mainframes, PCs, and workstations/servers—by ensuring that competitors could challenge established players and advance the state of the art. The litigation began several years ago when Oracle sued Google over its use of Java APIs in the Android OS. Google wrote its own implementation of the Java APIs, but, in order to allow developers to write their own programs for Android, Google's implementation used the same names, organization, and functionality as the Java APIs."

Peter Eckersley writes: Over at EFF we just launched our Secure Messaging Scorecard, which is the first phase in a campaign to promote the development of communications protocols that are genuinely secure and usable by ordinary people. The Scorecard evaluates communications software against critical minimum standards for what a secure messaging app should look like; subsequent phases are planned to examine real world usability, metadata protection, protocol openness, and involve a deeper look at the security of the leading candidates. Right now, we don't think the Internet has any genuinely usable, genuinely secure messaging protocols — but we're hoping to encourage tech companies and the open source community to starting closing that gap.

itwbennett writes Tests on the latest version of Adobe System's e-reader software shows the company is now collecting less data following a privacy-related dustup last month, according to the Electronic Frontier Foundation. Adobe was criticized in early October after it was discovered Digital Editions collected metadata about e-books on a device, even if the e-books did not have DRM. Those logs were also sent to Adobe in plain text. Digital Editions version 4.0.1 appears to only collect data on e-books that have DRM (Digital Rights Management), writes Cooper Quintin, a staff technologist with the EFF.

An anonymous reader writes: The Electronic Frontier Foundation has issued a report grading online service providers for how well they side with users over intellectual property disputes. They looked at sites like YouTube, Imgur, tumblr, and Twitter. "The services could receive a maximum of five stars, based on criteria including publicly documented procedures for responses to DMCA takedown notices and counter-notices, how the services handle trademark disputes, and if the company issued detailed transparency reports." Only two sites got a perfect rating: WordPress and Namecheap. tumblr got the worst score, and Imgur was not far behind. The rest of the sites were in between, though the EFF did give a bit of extra credit to Etsy for its educational guides and Twitter for its transparency reports.

An anonymous reader writes: The Electronic Frontier Foundation has issued a report grading online service providers for how well they side with users over intellectual property disputes. They looked at sites like YouTube, Imgur, tumblr, and Twitter. "The services could receive a maximum of five stars, based on criteria including publicly documented procedures for responses to DMCA takedown notices and counter-notices, how the services handle trademark disputes, and if the company issued detailed transparency reports." Only two sites got a perfect rating: WordPress and Namecheap. tumblr got the worst score, and Imgur was not far behind. The rest of the sites were in between, though the EFF did give a bit of extra credit to Etsy for its educational guides and Twitter for its transparency reports.

Frequent contributor Bennett Haselton writes: Facebook threatened to banish drag queen pseudonyms, and (some) users revolted by flocking to Ello, a social network which promised not to enforce real names and also to remain ad-free. Critics said that the idealistic model would buckle under pressure from venture capitalists. But both gave scant mention to the fact that a distributed social networking protocol, backed by a player large enough to get people using it, would achieve all of the goals that Ello aspired to achieve, and more. Read on for the rest.

At the end of September, "FacebookDragQueenGate" fell from the sky like a gift from the gods to the founders (and venture capital backers) of the Ello social network. The company promised not only to remain ad-free and to allow drag queen stage names, but even stated that they planned to allow pornographic content (something that received relatively little press, compared to the ad-free model). But critics such as Aral Balkan wrote that once Ello received venture capital funding, the backers would inevitably pressure the company to change its relationship with its users in order to make money. In an interview published in Forbes on Monday, Harvard Business School professor John Deighton was blunt: "The board will need to monetize the membership in whatever fashion ensures a profitable return of capital for the venture fund’s investors. So my advice, if they believe Ello is still viable by then, is to buy out [Paul Budnitz, the idealistic founder who came up with the 'no ads' idea]."

There is, in short, nothing to stop Ello from doing what Facebook does whenever they make a significant change to their Terms of Service: presenting users with a dialog box next time they sign in, saying, "These are the new rules, by checking this box, you are agreeing to abide by the new contract which you're not going to read." If Ello succeeds beyond its founders' dreams, then its ad-free nature might start to hinge on its founders all turning down buyout offers of tens of millions of dollars to stick to their ideals -- hardly a sure thing. Or the VCs might get enough seats on the board that they can outvote the founders and render their objections moot.

As Joshua Kopstein writes in an editorial for Al-Jazeera America, what really would have changed the game would have been a distributed, decentralized social network. I already wrote two pieces arguing that a distributed social network could work, and how -- a protocol that allows users to create profiles, "status" posts, groups, events, and other familiar social networking features as "objects" that live on their own server, but that can interact with users' profiles hosted on other servers. I don't want to re-hash all the details here, but the short version is that there seems to be nothing about social networks, as we currently use them, which would require all of the data to be stored in a single centralized system. In a distributed protocol, you could host your profile with any hosting company, and users could "subscribe" to updates from your profile, as well as the ability to receive invites to your events and your groups, and direct messages from you. Think RSS feeds, but with better support for well-defined objects like "event invites".

If your profile were linked to a domain name that you own, then if your existing hosting company ever deleted your profile (or threatened to), you could simply move your profile to a new hosting company, the same way that any person or company can currently switch their domain name between hosting providers. This, obviously, would instantly render moot any one company's policies about "real names" (or porn, for that matter) -- all you have to do is find at least one company, anywhere in the world, whose policies are permissive enough to host your profile, and that should be possible for all but the most extreme or illegal content.

This also renders moot all the worries about profile hosting companies trying to amass tens of millions of users and then stabbing them in the back, by changing the terms of service to allow them to sell user data or stuff unwieldy ads down their throat. When users can switch seamlessly between hosts, no one host is going to be able to "charge" more than the going market rate for hosting a profile (where "charging" could be in the form of monetary payment or displaying ads to the user). How much would it actually cost to host a profile for the typical user these days, complete with all their photos and status updates? It's hard to know, because other than university professors, nobody really has personal webpages any more, after they all went to MySpace and then to Facebook. But since the old days when people did actually host their own personal pages, hosting and serving data has gotten really, really cheap. For the average user, with a few hundred photos and a few hundred friends looking at them, $1 per year might be enough. Maybe they'd just have to watch one of those ads once a year that Youtube puts in front of a Beyoncé music video, and that would cover it.

Unfortunately, to many people the concept of distributed social networking is linked with the failure of Diaspora, the most ambitious attempt to create a decentralized protocol to compete with the likes of Facebook. But Diaspora didn't fail because the idea lacked merit; it almost certainly failed because people asked the same question that they asked of any other upstart Facebook competitor: Why should I join, when all of my friends are on Facebook instead? Of course people might reasonably asked the same question about Google+, but when Google launches a product, people join because they know the quality will be decent, they know that probably some of their friends will join because of the Google brand, and they know people will be buzzing about it anyway so they want to join in order to see what the big deal is.

And that brings up the story's second moral: Despite what you may have heard from your cousin who just read The Fountainhead, the products that are the most successful are not necessarily the best, by any objective measure; rather, they're usually the ones that had major backing (Google+) or were the beneficiaries of a staggering lucky break (Ello). Diaspora didn't take off, because it didn't have either one of these.

And since you cannot manufacture a lucky break, I continue to believe that the last best hope for truly free social networking -- with minimal censorship, and ads and costs kept to a minimum by market competition -- would be for a major player like Google to launch a social networking protocol, and to set up themselves as the default host for new profiles, but allowing the protocol to interoperate seamlessly with profiles hosted elsewhere. Either that, or if the system is launched by a startup or a nonprofit, make sure that you have a host of widely respected luminaries or organizations standing ready to help promote it -- if the EFF and the BoingBoing guys endorsed a new social networking system as the future of Internet freedom, people would join because it would seem uncool not to. As long as the product itself is functional, just have the right connections lined up when you launch it. Because that's what matters, and don't let the deluded ghost of Ayn Rand tell you otherwise.

maynard writes: Kathy Sierra spent a tech career developing videogames and teaching Java programming in Sun Microsystems masterclasses. Up until 2007, she'd been a well regarded tech specialist who happened to be female. Until the day she opined on her private blog that given the crap-flood of bad comments, maybe forum moderation wasn't a bad idea. This opinion made her a target. A sustained trolling and harassment campaign followed, comprised of death and rape threats, threats against her family, fabricated claims of prostitution, and a false claim that she had issued a DMCA takedown to stifle criticism. All of this culminated in the public release of her private address and Social Security Number, a technique known as Doxxing. And so she fled from the public, her career, and even her home.

It turned out that a man named Andrew Auernheimer was responsible for having harassed Sierra. Known as 'Weev', he admitted it in a 2008 New York Times story on Internet Trolls. There, he spoke to the lengths which he and his cohorts went to discredit and destroy the woman. "Over a candlelit dinner of tuna sashimi, Weev asked if I would attribute his comments to Memphis Two, the handle he used to troll Kathy Sierra, a blogger. Inspired by her touchy response to online commenters, Weev said he "dropped docs" on Sierra, posting a fabricated narrative of her career alongside her real Social Security number and address. This was part of a larger trolling campaign against Sierra, one that culminated in death threats."

Now, seven years later, Kathy Sierra has returned to explain why she left and what recent spates of online harassment against women portend for the future if decent people don't organize. The situation has grown much more serious since she went into hiding all those years ago. It's more than just the threat of Doxxing to incite physical violence by random crazies with a screw loose. Read on for the rest of maynard's thoughts. These days, malicious trolls have taken to SWATting, where harassers call police and make false accusations to induce a SWAT raid. One prominent example is that of game developer Chris Kootra, who experienced a SWAT raid on camera while playing an online video game recently. There is also the troubling trend of developing malicious software intended to harm victims directly. For example, posting images on epilepsy forums which flicker at rates known to induce epileptic seizure. Given that Sierra is epileptic herself, this kind of harmful trolling hits home personally. She writes:

[While not photo-sensitive], I have a deep understanding of the horror of seizures, and the dramatically increased chance of death and brain damage many of us with epilepsy live with, in my case, since the age of 4. FYI, deaths related to epilepsy in the US are roughly equal with deaths from breast cancer. There isn't a shred of doubt in my mind that if the troll hackers could find a way to increase your risk of breast cancer? They'd do it. Because what's better than lulz? Lulz with BOOBS. Yeah, they'd do it.

And yet Auernheimer, the man who put her through all this horror, has for entirely different reasons become a kind of 'Net cause célèbre for Internet freedom. After having committed a hack against AT&T where he obtained the email addresses of thousands of iPad users, he attracted the attention of federal authorities. In due course he was convicted and sentenced to 41 months in federal prison for identity fraud and conspiracy to access a computer without authorization. Many thought his conviction and sentence egregious. Weev attracted support from the Electronic Frontier Foundation and prominent Georgia University Law Professor Tor Ekeland, and they worked together to craft an appeal and overturn the conviction. In April 2014, they succeeded. Auernheimer is now free.

Ekeland wasn't the only one bothered by the government's case. Even Kathy Sierra disagreed. Yet she's appalled that somehow she'd been dragged into supporting the very man who'd abused her.

But you all know what happened next. Something something something horrifically unfair government case against him and just like that, he becomes tech's "hacktivist hero." He now had A Platform not just in the hacker/troll world but in the broader tech community I was part of. ... But hard as I tried to find a ray of hope that the case against him was, somehow, justified and that he deserved, somehow, to be in prison for this, oh god I could not find it. I could not escape my own realization that the cast against him was wrong. So wrong. And not just wrong, but wrong in a way that puts us all at risk.

The lawyer Ekeland, in recent commentary at Wired, continues to defend Auernheimer as having been wronged by an overzealous prosecution, the precedent of which could have significant ramifications for 'Net freedom. "...the crucial issue here is not weev or his ideas but the future of criminal computer law in the U.S. You may think weev is an #@$hole. But being an #@$hole is not a crime, and neither is obtaining unsecured information from publicly facing servers."

Which leaves Sierra lamenting that Auernheimer still hasn't been charged and convicted for what she considers the real crime of harassment he'd committed, harming her and countless others. Where's the justice? Inciting violence and dissemination of "fighting words" are not free speech. Yet, as she admits, unless you're a celebrity, you're "...more likely to win the lottery than get any law enforcement agency to take action." So there is none. "We are on our own," she laments. "And if we don't take care of one another, nobody else will."

Thus, Sierra returned to push back — to push back against prominent journalists and members in the tech community who'd conflate prosecutorial violations of due process with the right to disseminate harassment and cruelty.

I came back because I believe this sent a terrible, devastating message about what was acceptable. ... To push back on the twist and spin. I believed the fine-grained distinctions mattered. I pushed back because I believed I was pushing back on the implicit message that women would be punished for speaking out. I pushed back because almost nobody else was, and it seemed like so many people in tech were basically OK with that.

Auernheimer, for his part, remains unapologetic. Responding to Sierra on Livejournal, he writes:

Yesterday Kathy Sierra (a.k.a. seriouspony), a mentally ill woman, continued to accuse me on her blog of leading some sort of harassment campaign against her by dropping her dox (information related to identify and location) on the Internet. ... Kathy Sierra has for years acted like a toddler, throwing tantrums and making demands whenever things didn't go her way. She rejects any presentation of polite criticism or presentation of evidence as some sort of assault on her. She was the blueprint for women like Zoe Quinn and Anita Sarkeesian, who also feign victimhood for financial and social gain. Kathy Sierra is the epitome of what is wrong with my community. She had something coming to her and by the standards set by her own peers in the social justice community, there was nothing wrong with what she got.

Some people never change.

maynard writes: Kathy Sierra spent a tech career developing videogames and teaching Java programming in Sun Microsystems masterclasses. Up until 2007, she'd been a well regarded tech specialist who happened to be female. Until the day she opined on her private blog that given the crap-flood of bad comments, maybe forum moderation wasn't a bad idea. This opinion made her a target. A sustained trolling and harassment campaign followed, comprised of death and rape threats, threats against her family, fabricated claims of prostitution, and a false claim that she had issued a DMCA takedown to stifle criticism. All of this culminated in the public release of her private address and Social Security Number, a technique known as Doxxing. And so she fled from the public, her career, and even her home.

It turned out that a man named Andrew Auernheimer was responsible for having harassed Sierra. Known as 'Weev', he admitted it in a 2008 New York Times story on Internet Trolls. There, he spoke to the lengths which he and his cohorts went to discredit and destroy the woman. "Over a candlelit dinner of tuna sashimi, Weev asked if I would attribute his comments to Memphis Two, the handle he used to troll Kathy Sierra, a blogger. Inspired by her touchy response to online commenters, Weev said he "dropped docs" on Sierra, posting a fabricated narrative of her career alongside her real Social Security number and address. This was part of a larger trolling campaign against Sierra, one that culminated in death threats."

Now, seven years later, Kathy Sierra has returned to explain why she left and what recent spates of online harassment against women portend for the future if decent people don't organize. The situation has grown much more serious since she went into hiding all those years ago. It's more than just the threat of Doxxing to incite physical violence by random crazies with a screw loose. Read on for the rest of maynard's thoughts. These days, malicious trolls have taken to SWATting, where harassers call police and make false accusations to induce a SWAT raid. One prominent example is that of game developer Chris Kootra, who experienced a SWAT raid on camera while playing an online video game recently. There is also the troubling trend of developing malicious software intended to harm victims directly. For example, posting images on epilepsy forums which flicker at rates known to induce epileptic seizure. Given that Sierra is epileptic herself, this kind of harmful trolling hits home personally. She writes:

[While not photo-sensitive], I have a deep understanding of the horror of seizures, and the dramatically increased chance of death and brain damage many of us with epilepsy live with, in my case, since the age of 4. FYI, deaths related to epilepsy in the US are roughly equal with deaths from breast cancer. There isn't a shred of doubt in my mind that if the troll hackers could find a way to increase your risk of breast cancer? They'd do it. Because what's better than lulz? Lulz with BOOBS. Yeah, they'd do it.

And yet Auernheimer, the man who put her through all this horror, has for entirely different reasons become a kind of 'Net cause célèbre for Internet freedom. After having committed a hack against AT&T where he obtained the email addresses of thousands of iPad users, he attracted the attention of federal authorities. In due course he was convicted and sentenced to 41 months in federal prison for identity fraud and conspiracy to access a computer without authorization. Many thought his conviction and sentence egregious. Weev attracted support from the Electronic Frontier Foundation and prominent Georgia University Law Professor Tor Ekeland, and they worked together to craft an appeal and overturn the conviction. In April 2014, they succeeded. Auernheimer is now free.

Ekeland wasn't the only one bothered by the government's case. Even Kathy Sierra disagreed. Yet she's appalled that somehow she'd been dragged into supporting the very man who'd abused her.

But you all know what happened next. Something something something horrifically unfair government case against him and just like that, he becomes tech's "hacktivist hero." He now had A Platform not just in the hacker/troll world but in the broader tech community I was part of. ... But hard as I tried to find a ray of hope that the case against him was, somehow, justified and that he deserved, somehow, to be in prison for this, oh god I could not find it. I could not escape my own realization that the cast against him was wrong. So wrong. And not just wrong, but wrong in a way that puts us all at risk.

The lawyer Ekeland, in recent commentary at Wired, continues to defend Auernheimer as having been wronged by an overzealous prosecution, the precedent of which could have significant ramifications for 'Net freedom. "...the crucial issue here is not weev or his ideas but the future of criminal computer law in the U.S. You may think weev is an #@$hole. But being an #@$hole is not a crime, and neither is obtaining unsecured information from publicly facing servers."

Which leaves Sierra lamenting that Auernheimer still hasn't been charged and convicted for what she considers the real crime of harassment he'd committed, harming her and countless others. Where's the justice? Inciting violence and dissemination of "fighting words" are not free speech. Yet, as she admits, unless you're a celebrity, you're "...more likely to win the lottery than get any law enforcement agency to take action." So there is none. "We are on our own," she laments. "And if we don't take care of one another, nobody else will."

Thus, Sierra returned to push back — to push back against prominent journalists and members in the tech community who'd conflate prosecutorial violations of due process with the right to disseminate harassment and cruelty.

I came back because I believe this sent a terrible, devastating message about what was acceptable. ... To push back on the twist and spin. I believed the fine-grained distinctions mattered. I pushed back because I believed I was pushing back on the implicit message that women would be punished for speaking out. I pushed back because almost nobody else was, and it seemed like so many people in tech were basically OK with that.

Auernheimer, for his part, remains unapologetic. Responding to Sierra on Livejournal, he writes:

Yesterday Kathy Sierra (a.k.a. seriouspony), a mentally ill woman, continued to accuse me on her blog of leading some sort of harassment campaign against her by dropping her dox (information related to identify and location) on the Internet. ... Kathy Sierra has for years acted like a toddler, throwing tantrums and making demands whenever things didn't go her way. She rejects any presentation of polite criticism or presentation of evidence as some sort of assault on her. She was the blueprint for women like Zoe Quinn and Anita Sarkeesian, who also feign victimhood for financial and social gain. Kathy Sierra is the epitome of what is wrong with my community. She had something coming to her and by the standards set by her own peers in the social justice community, there was nothing wrong with what she got.

Some people never change.

realized sends this news from the EFF: For years, local law enforcement agencies around the country have told parents that installing ComputerCOP software is the "first step" in protecting their children online. ... As official as it looks,ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies. The way ComputerCOP works is neither safe nor secure. It isn't particularly effective either, except for generating positive PR for the law enforcement agencies distributing it.

As security software goes, we observed a product with a keystroke-capturing function, also called a "keylogger," that could place a family's personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption. EFF conducted a security review of ComputerCOP while also following the paper trail of public records to see how widely the software has spread. Based on ComputerCOP's own marketing information, we identified approximately 245 agencies in more than 35 states, plus the U.S. Marshals, that have used public funds (often the proceeds from property seized during criminal investigations) to purchase and distribute ComputerCOP. One sheriff's department even bought a copy for every family in its county.

realized sends this news from the EFF: For years, local law enforcement agencies around the country have told parents that installing ComputerCOP software is the "first step" in protecting their children online. ... As official as it looks,ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies. The way ComputerCOP works is neither safe nor secure. It isn't particularly effective either, except for generating positive PR for the law enforcement agencies distributing it.

As security software goes, we observed a product with a keystroke-capturing function, also called a "keylogger," that could place a family's personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption. EFF conducted a security review of ComputerCOP while also following the paper trail of public records to see how widely the software has spread. Based on ComputerCOP's own marketing information, we identified approximately 245 agencies in more than 35 states, plus the U.S. Marshals, that have used public funds (often the proceeds from property seized during criminal investigations) to purchase and distribute ComputerCOP. One sheriff's department even bought a copy for every family in its county.

HughPickens.com writes When Apple published its first Transparency Report on government activity in late 2013, the document contained an important footnote that stated: "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us." Now Jeff John Roberts writes at Gigaom that Apple's warrant canary has disappeared. A review of the company's last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the "canary" language is no longer there suggesting that Apple is now part of FISA or PRISM proceedings.

Warrant canaries are a tool used by companies and publishers to signify to their users that, so far, they have not been subject to a given type of law enforcement request such as a secret subpoena. If the canary disappears, then it is likely the situation has changed — and the company has been subject to such request. This may also give some insight into Apple's recent decision to rework its latest encryption in a way that makes it almost impossible for the company to turn over data from most iPhones or iPads to police.

jfruh writes A U.S. appeals court cleared Yelp of charges of extortion related to its interaction with several small businesses who claim Yelp demanded that they pay for advertising or face negative reviews. While Yelp says it never altered a business rating for money, the court's finding was instead based on a strict reading of the U.S. extortion law, classifying Yelp's behavior as, at most, "hard bargaining." Interestingly, the EFF supported Yelp here, arguing that "Section 230 of the Communications Decency Act (CDA) protects online service providers from liability and lawsuits over user-generated content, except in very narrow circumstances where the providers created or developed content themselves. In its amicus brief, EFF argued that mere conjecture about contributing content – like there was in this case – is not enough to allow a lawsuit to go forward."

Personal Audio has been trying to assert patents they claim cover podcasting for some time now; in March Adam Carolla was sued and decided to fight back. Via the EFF comes news that he has settled with Personal Audio, and the outcome is likely beneficial to those still fighting the trolls. From the article: Although the settlement is confidential, we can guess the terms. This is because Personal Audio sent out a press release last month saying it was willing to walk away from its suit with Carolla. So we can assume that Carolla did not pay Personal Audio a penny. We can also assume that, in exchange, Carolla has given up the opportunity to challenge the patent and the chance to get his attorney’s fees. ... EFF’s own challenge to Personal Audio’s patent is on a separate track and will continue ... with a ruling likely by April 2015. ... We hope that Personal Audio’s public statements on this issue mean that it has truly abandoned threatening and suing podcasters. Though a press release might not be legally binding, the company will have a hard time justifying any further litigation (or threats of litigation) against podcasters. Any future targets can point to this statement. Carolla deserves recognition for getting this result.

Personal Audio has been trying to assert patents they claim cover podcasting for some time now; in March Adam Carolla was sued and decided to fight back. Via the EFF comes news that he has settled with Personal Audio, and the outcome is likely beneficial to those still fighting the trolls. From the article: Although the settlement is confidential, we can guess the terms. This is because Personal Audio sent out a press release last month saying it was willing to walk away from its suit with Carolla. So we can assume that Carolla did not pay Personal Audio a penny. We can also assume that, in exchange, Carolla has given up the opportunity to challenge the patent and the chance to get his attorney’s fees. ... EFF’s own challenge to Personal Audio’s patent is on a separate track and will continue ... with a ruling likely by April 2015. ... We hope that Personal Audio’s public statements on this issue mean that it has truly abandoned threatening and suing podcasters. Though a press release might not be legally binding, the company will have a hard time justifying any further litigation (or threats of litigation) against podcasters. Any future targets can point to this statement. Carolla deserves recognition for getting this result.

Personal Audio has been trying to assert patents they claim cover podcasting for some time now; in March Adam Carolla was sued and decided to fight back. Via the EFF comes news that he has settled with Personal Audio, and the outcome is likely beneficial to those still fighting the trolls. From the article: Although the settlement is confidential, we can guess the terms. This is because Personal Audio sent out a press release last month saying it was willing to walk away from its suit with Carolla. So we can assume that Carolla did not pay Personal Audio a penny. We can also assume that, in exchange, Carolla has given up the opportunity to challenge the patent and the chance to get his attorney’s fees. ... EFF’s own challenge to Personal Audio’s patent is on a separate track and will continue ... with a ruling likely by April 2015. ... We hope that Personal Audio’s public statements on this issue mean that it has truly abandoned threatening and suing podcasters. Though a press release might not be legally binding, the company will have a hard time justifying any further litigation (or threats of litigation) against podcasters. Any future targets can point to this statement. Carolla deserves recognition for getting this result.

An anonymous reader writes: The Electronic Frontier Foundation has updated its guide for protecting yourself and your cell phone at a protest. In addition to being extremely powerful tools (real-time communication to many watchers via social media, and video recording functionality), cell phones can also give authorities a lot of information about you if they confiscate it. The EFF is trying to encourage cell phone use and prepare people to use them. (The guide is based on U.S. laws, but much of the advice makes sense for other places as well.) Here are a few small snippets: "Start using encrypted communications channels. Text messages, as a rule, can be read and stored by your phone company or by surveillance equipment in the area. ... If the police ask to see your phone, tell them you do not consent to the search of your device. Again, since the Supreme Court's decision in Riley, there is little question that officers need a warrant to access the contents of your phone incident to arrest, though they may be able to seize the phone and get a warrant later. ... If your phone or electronic device was seized, and is not promptly returned when you are released, you can file a motion with the court to have your property returned."