Slashdot Mirror

Dupple writes One of the most frequent refrains from the big broadband players and their friends who are fighting against net neutrality rules is that there's no evidence that ISPs have been abusing a lack of net neutrality rules in the past, so why would they start now? That does ignore multiple instances of violations in the past, but in combing through the comments submitted to the FCC concerning net neutrality, we came across one very interesting one that actually makes some rather stunning revelations about the ways in which ISPs are currently violating net neutrality/open internet principles in a way designed to block encryption and thus make everyone a lot less secure.

1729 (581437) writes Back in August, there was speculation that the "real life" Walter O'Brien (alleged inspiration for CBS's new drama Scorpion) might be a fraud. Mike Masnick from Techdirt follows up on the story: "The more you dig, the more of the same you find. Former co-workers of O'Brien's have shown up in comments or reached out to me and others directly — and they all say the same thing. Walter is a nice enough guy, works hard, does a decent job (though it didn't stop him from getting laid off from The Capital Group), but has a penchant for telling absolutely unbelievable stories about his life. It appears that in just repeating those stories enough, some gullible Hollywood folks took him at his word (and the press did too), and now there's a mediocre TV show about those made up stories." Masnick's article is a fascinating look at a man who appears to have conned both TV executives and journalists into believing his far-fetched Walter Mitty fantasies.

sandbagger writes: " ...it is often the case that one can be led astray by relying on the generic or commonly understood definition of a particular word." That quote apparently applies to words offering constitutional protections against unreasonable search and seizure. TechDirt looks at the redefinition of the term "collection" as redefined by Executive Order 12333 to allow basically every information dragnet, provided no-one looks at it. "Collection" is now defined as "collection plus action." According to this document, it still isn't collected, even if it has been gathered, packaged and sent to a "supervisory authority." No collection happens until examination. It's Schrodinger's data, neither collected nor uncollected until the "box" has been opened. This leads to the question of aging off collected data/communications: if certain (non) collections haven't been examined at the end of the 5-year storage limit, are they allowed to be retained simply because they haven't officially been collected yet? Does the timer start when the "box" is opened or when the "box" is filled?

Advocatus Diaboli writes: According to a report from Gizmodo, "After six years and over one billion dollars in development, the FBI has just announced that its new biometric facial recognition software system is finally complete. Meaning that, starting soon, photos of tens of millions of U.S. citizen's faces will be captured by the national system on a daily basis. The Next Generation Identification (NGI) program will logs all of those faces, and will reference them against its growing database in the event of a crime. It's not just faces, though. Thanks to the shared database dubbed the Interstate Photo System (IPS), everything from tattoos to scars to a person's irises could be enough to secure an ID. What's more, the FBI is estimating that NGI will include as many as 52 million individual faces by next year, collecting identified faces from mug shots and some job applications." Techdirt points out that an assessment of how this system affects privacy was supposed to have preceded the actual rollout. Unfortunately, that assessment is nowhere to be found.

Two recent news items are related. First, at a music festival in Boston last year, face recognition software was tested on festival-goers. Boston police denied involvement, but were seen using the software, and much of the data was carelessly made available online. Second, both Ford and GM are working on bringing face recognition software to cars. It's intended for safety and security — it can act as authentication and to make sure the driver is paying attention to the road.

onproton writes Northern Illinois University recently began restricting student access to web pages that contain "illegal or unethical" content which, according to University policy, includes resources used for "political activities...and the organization or participation in meetings, rallies and demonstrations." A student raised concerns after attempting to access the Wikipedia page for Westboro Baptist Church, and receiving a filter message informing him that his access of this page would likely violate the University's Acceptable Use Policy, along with a warning that "all violations would be reviewed." This has lead to questions about whether some policies that restrict student access to information are in the best interest of the primary goal of education.

An anonymous reader writes with a bit of pith from TechDirt: Every so often, people who don't really understand the importance of anonymity or how it enables free speech (especially among marginalized people), think they have a brilliant idea: "just end real anonymity online." They don't seem to understand just how shortsighted such an idea is. It's one that stems from the privilege of being in power. And who knows that particular privilege better than members of the House of Lords in the UK — a group that is more or less defined by excess privilege? The Communications Committee of the House of Lords has now issued a report concerning "social media and criminal offenses" in which they basically recommend scrapping anonymity online.

An anonymous reader sends an article about another case in which a business who received a negative review online decided to retaliate with legal complaints. In August of last year, a French food blogger posted a review of an Italian restaurant called Il Giardino. The restaurant owners responded with legal threats based on the claim that they lost business from search results which included the review. The blogger deleted the post, but that wasn't enough. She was brought to court, and a fine of €1,500 ($2,040) was imposed. She also had to pay court costs, which added another €1,000 ($1,360). The blogger said, "Recently several writers in France were sentenced in similar proceedings for defamation, invasion of privacy, and so on. ... I don't see the point of criticism if it's only positive. It's clear that online, people are suspicious of places that only get positive reviews."

Advocatus Diaboli writes The secretive British spy agency GCHQ has developed covert tools to seed the internet with false information, including the ability to manipulate the results of online polls, artificially inflate pageview counts on web sites, "amplif[y]" sanctioned messages on YouTube, and censor video content judged to be "extremist." The capabilities, detailed in documents provided by NSA whistleblower Edward Snowden, even include an old standby for pre-adolescent prank callers everywhere: A way to connect two unsuspecting phone users together in a call. The tools were created by GCHQ's Joint Threat Research Intelligence Group (JTRIG), and constitute some of the most startling methods of propaganda and internet deception contained within the Snowden archive. Previously disclosed documents have detailed JTRIG's use of "fake victim blog posts," "false flag operations," "honey traps" and psychological manipulation to target online activists, monitor visitors to WikiLeaks, and spy on YouTube and Facebook users.

An anonymous reader writes with this excerpt from TechDirt: Three years ago we wrote about how Austrian police had seized computers from someone running a Tor exit node. This kind of thing happens from time to time, but it appears that folks in Austria have taken it up a notch by... effectively now making it illegal to run a Tor exit node. According to the report, which was confirmed by the accused, the court found that running the node violated 12 of the Austrian penal code, which effectively says:"Not only the immediate perpetrator commits a criminal action, but also anyone who appoints someone to carry it out, or anyone who otherwise contributes to the completion of said criminal action." In other words, it's a form of accomplice liability for criminality. It's pretty standard to name criminal accomplices liable for "aiding and abetting" the activities of others, but it's a massive and incredibly dangerous stretch to argue that merely running a Tor exit node makes you an accomplice that "contributes to the completion" of a crime. Under this sort of thinking, Volkswagen would be liable if someone drove a VW as the getaway car in a bank robbery. It's a very, very broad interpretation of accomplice liability, in a situation where it clearly does not make sense.

beaker_72 (1845996) writes "On Sunday we saw a story that the Turing Test had finally been passed. The same story was picked up by most of the mainstream media and reported all over the place over the weekend and yesterday. However, today we see an article in TechDirt telling us that in fact the original press release was just a load of hype. So who's right? Have researchers at a well established university managed to beat this test for the first time, or should we believe TechDirt who have pointed out some aspects of the story which, if true, are pretty damning?" Kevin Warwick gives the bot a thumbs up, but the TechDirt piece takes heavy issue with Warwick himself on this front.

An anonymous reader writes in with this latest bit of EFF vs NSA news. 'We followed the back and forth situation earlier this year, in which there were some legal questions over whether or not the NSA needed to hang onto surveillance data at issue in various lawsuits, or destroy it as per the laws concerning retention of data. Unfortunately, in the process, it became clear that the DOJ misled FISA court Judge Reggie Walton, withholding key information. In response, the DOJ apologized, insisting that it didn't think the data was relevant — but also very strongly hinting that it used that opportunity to destroy a ton of evidence. However, this appeared to be just the latest in a long history of the NSA/DOJ willfully destroying evidence that was under a preservation order.

The key case where this evidence was destroyed was the EFF's long running Jewel v. NSA case, and the EFF has now told the court about the destruction of evidence, and asked the court to thus assume that the evidence proves, in fact, that EFF's clients were victims of unlawful surveillance. The DOJ/NSA have insisted that they thought that the EFF's lawsuit only covered programs issued under executive authority, rather than programs approved by the FISA Court, but the record in the case shows that the DOJ seems to be making this claim up.'

BUL2294 (1081735) writes "Techdirt and Consumerist posted articles about a user in the UK who, after a firmware update to his 2-year old LG Smart TV, declined their new Privacy Policy, only to find that most Internet-connected features (e.g. BBC iPlayer, Skype) of the TV now no longer work. From the Techdirt article: 'Does a manufacturer have the right to "brick" certain integral services just because the end user doesn't feel comfortable sharing a bunch of info with LG and other, unnamed third parties? LG certainly feels it has the right to do this. In fact, it makes no secret of this in its long Privacy Policy — a document that spends more time discussing the lack thereof, rather than privacy itself. The opening paragraph makes this perfectly clear.' To add, even declining the policy still results in non-specified information being sent to LG. LG's policy of spying on the viewing habits of customers, along with sending filenames of videos stored on USB devices connected to TVs, was previously discussed on Slashdot."

Glyn Moody (946055) writes "The Transatlantic Trade and Investment Partnership (TTIP), potentially the world's biggest trade agreement, has been negotiated behind closed doors for nearly a year now. Apart from what we learn from a few official releases — and an increasing number of leaks — we still don't really know what is being agreed in the name of 800 million people in the U.S. and EU. When a peaceful anti-TTIP protest was held outside yet another closed-doors meeting in Belgium, the local police sent in the water cannons and arrested nearly 300 people in what seems an extreme over-reaction. Will TTIP turn into the next ACTA revolt?"

An anonymous reader writes "Addressing the audience at the Freedom Online Coalition Conference, Secretary of State John Kerry defended NSA snooping actions saying: 'Let me be clear – as in the physical space, cyber security cannot come at the expense of cyber privacy. And we all know this is a difficult challenge. But I am serious when I tell you that we are committed to discussing it in an absolutely inclusive and transparent manner, both at home and abroad. As President Obama has made clear, just because we can do something doesn't mean that we should do it. And that's why he ordered a thorough review of all our signals intelligence practices. And that's why he then, after examining it and debating it and openly engaging in a conversation about it, which is unlike most countries on the planet, he announced a set of concrete and meaningful reforms, including on electronic surveillance, in a world where we know there are terrorists and others who are seeking to do injury to all of us. And finally, transparency – the principles governing such activities need to be understood so that free people can debate them and play their part in shaping these choices. And we believe these principles can positively help us to distinguish the legitimate practices of states governed by the rule of law from the legitimate practices of states that actually use surveillance to repress their people. And while I expect you to hold the United States to the standards that I've outlined, I also hope that you won't let the world forget the places where those who hold their government to standards go to jail rather than win prizes.' He added: 'This debate is about two very different visions: one vision that respects freedom and another that denies it. All of you at the Freedom Online Coalition are on the right side of this debate, and now we need to make sure that all of us together wind up on the right side of history."

An anonymous reader writes "The US government has entered its reply brief in the US vs. Wurie case and its argument in favor of warrantless searches of arrestees' cell phones contains some truly terrible suppositions. The government argues that impartial technological advancements somehow favor criminals. As it sees it, the path to the recovery of evidence should not be slowed by encryption or wiping or even the minimal effort needed to obtain a warrant. From the article: 'The government agrees that times are changing but counterintuitively argues that only law enforcement is being negatively affected by this. Every argument in favor of warrantless searches contains some sort of lamentation about how tech-savvy criminals will be able to cover up or destroy evidence contained on their phones before the police can crack open these new-fangled address books and copy everything down.'"

Bennett Haselton writes: "If you watch a movie or TV show (legally) on your mobile device while away from your home network, it's usually by streaming it on a data plan. This consumes an enormous amount of a scarce resource (data bundled with your cell phone provider's data plan), most of it unnecessarily, since many of those users could have downloaded the movie in advance on their home broadband connection — if it weren't for pointless DRM restrictions." Read on for the rest of Bennett's thoughts.

T-Mobile may not have great coverage — on our way to the Olympic National Park, my T-Mobile phone stopped working a long time before my friend's Verizon phone did — but I switched two weeks ago because the $80/month plan came with unlimited data, and I thought it would be convenient to watch Netflix streaming content and queued shows on Hulu from anywhere in the city. Since then I've been using data at about 10 times the rate that I did when I was capped at 2GB/month on Verizon.

But there was never any good reason that any of that data had to be downloaded over my data plan at all. I always know in advance what I'm going to be watching on Hulu, and almost always what I'm going to be watching on Netflix, which means if the apps would let me, I would rather download and queue up those movies and shows over my home broadband connection, and then watch the locally saved copies on the go. Hulu and Netflix would make at least the same profit off of me as they do now — I would still be watching Hulu's mandated advertisements before each show, and I would still be paying my monthly Netflix subscription. The difference is that I wouldn't be wasting a limited resource by downloading the content over my data plan. Even if my plan comes with unlimited data, that's not without costs, since one of the reasons I had to upgrade to unlimited data (and give up the broader Verizon coverage in the process) is that I can't download this content in advance at home. Otherwise, Verizon's sub-2GB data cap would have been fine with me.

Unfortunately, Hulu and Netflix apps both make it impossible to save their content locally, presumably due to a misguided attempt at DRM. ("DRM" is often used to refer to static content which has been encrypted in a way to make it difficult to copy; I'm using it more broadly here to include the practice of streaming content in a way which makes it difficult for users to save the content to a local file.)

(It has been pointed out, for example by Timothy Geigner on Techdirt, that data plan bandwidth may not truly be a "scarce resource" at all, and providers impose the data caps just to extract more money from users. The irony, though, is that even if the "scarcity" of cell phone plan data is not real, the streaming of content still constitutes waste of a precious resource, because users waste resources dealing with the data cap — prioritizing which content to download, or figuring out how to download the content illegally at home so they can save it as a local file. Or, they may simply decide to go without having the content on the go because they don't have enough data on their data plan — this counts as a deadweight economic loss caused by the DRM as well.)

You might think that the apps do not allow locally saved copies because the copyright owners prohibit it, but the Google Play app, for example, does allow you to download a saved copy of any content that you have rented or purchased from the Google Play store. (If you "rent" a movie or TV show episode from the Google Play store, you can still save it locally, but some predetermined time after you start watching the content, the content will "expire" and the file will be deleted.) So there is precedent for a non-fly-by-night company allowing you to save a local copy of content that you have paid for the right to access. So why not Hulu and Netflix?

I fear it may be that either the copyright holders, or the lawyers at Hulu and Netflix themselves, have been led to believe that locally saved content is easier to pirate, and neither of them want to be pegged as responsible for enabling piracy. This is fallacious for a couple of reasons: (a) If it's that easy, why hasn't it happened on a large scale with movies from Google Play, which can be saved locally? (b) Streaming content is just as easy to pirate, by, as a last resort, holding up a video camera to a screen playing the movie. (Yes, most users would not bother, but for piracy to occur, only one user in the entire world has to go to the trouble of doing this, and once it's done, an unprotected copy will be freely available on peer-to-peer networks for as long as people have any interest in the movie at all.) Which leads to: (c) Any user technically savvy enough to figure out how to pirate streamed content, is obviously going to be savvy enough to simply download the same content from p2p networks. In other words, forcing users to stream content instead of watching it from locally saved copies, gains the copyright holders and the app makers exactly nothing.

If I had to save content locally in the Hulu app before watching it, of course I'd have to watch ads before the content started playing, just as I do with the streaming version. In that scenario, if I had the time, I could probably try to find a black-market application that would watch the saved content without the ads, but like probably 90% of users, I probably wouldn't bother. And if I did want to make the effort, I'd just BitTorrent a copy of the movie or TV show instead, instead of trying to defeat copy protection on the local saved file.

I have no idea how much data plan bandwidth is used every day on content that users would have preferred downloading at home in advance, but it seems like a non-trivial percentage. Most Hulu and Netflix viewing is of movies or TV shows that you knew in advance you would want to watch, and could have saved. On the other hand, this wouldn't be true of random browsing of YouTube videos in the kind of mindset where you just watch a 60-second clip, feel mildly amused, and watch whatever comes up next in the recommendations bar to the right. Ironically, as you read these words, multiple telecommunications companies are drawing up plans to roll out billions of dollars' worth of communications infrastructure to provide more data services to more users — meanwhile, we could vastly increase the utility of the existing infrastructure with just the flick of a switch. (Well, a couple of switches -- convincing the copyright holders, and the Netflix and Hulu legal departments, that locally saved content is not illegal, as Google Play has shown, and could in fact make them more money. Hulu, after all, is making more money off of me now than the used to, since I'm watching more of their shows on the road, and viewing more of their ads.)

With a static download model, I'm sure the overwhelming majority of Hulu and Netflix users would go on paying (and Hulu would probably actually make more money, from the increased ad views). I would even start the day the same way, before even getting out of bed — by taking the phone on the bedside table, loading up a queued Hulu show, and getting the ad out of the way, then pausing just as the real show begins so that later on I can start watching it immediately. Because it just feels good to start the day with a feeling of accomplishment.

After being forced to turn over encryption keys (being held in contempt of court for several weeks after initially refusing to comply), secure mail provider Lavabit halted all operations last year. With the assistance of the EFF, an appeal was mounted. Today, the appeals court affirmed the district court decision and rejected the appeal. From Techdirt: "The ruling does a decent job explaining the history of the case, which also details some of the (many, many) procedural mistakes that Lavabit made along the way, which made it a lot less likely it would succeed here. ... The procedural oddities effectively preclude the court even bothering with the much bigger and important question of whether or not a basic pen register demand requires a company to give up its private keys. The hail mary attempt in the case was to argue that because the underlying issues are of 'immense public concern' (and they are) that the court should ignore the procedural mistakes. The court flatly rejects that notion: 'exhuming forfeited arguments when they involve matters of “public concern” would present practical difficulties. For one thing, identifying cases of a “public concern” and “non-public concern” –- divorced from any other consideration –- is a tricky task governed by no objective standards..... For another thing, if an issue is of public concern, that concern is likely more reason to avoid deciding it from a less-than-fully litigated record....'"

Condoleezza Rice, Secretary of State under George W. Bush, and defender of Bush-era (and onward) policies about surveillance by wiretapping and other means, has landed at an interesting place: she's just become a part of the small board at Dropbox. TechDirt calls the appointment "tone deaf," and writes "At a time when people around the globe are increasingly worried about American tech firms having too close a connection to the intelligence community, a move like this seems like a huge public relations disaster. While Rice may be perfectly qualified to hold the role and to help Dropbox with the issues it needs help with, it's hard not to believe that there would be others with less baggage who could handle the job just as well." Some people are doing more than looking for an alternative for themselves, too, as a result.

An anonymous reader writes with this excerpt from a thought-provoking article at TechDirt: "My own representative in Congress, Jackie Speier, has apparently decided to introduce a federal 'revenge porn' bill, which is being drafted, in part, by Prof. Mary Anne Franks, who has flat out admitted that her goal is to undermine Section 230 protections for websites (protecting them from liability of actions by third parties) to make them liable for others' actions. Now, I've never written about Franks before, but the last time I linked to a story about her in a different post, she went ballistic on Twitter, attacking me in all sorts of misleading ways. So, let me just be very clear about this. Here's what she has said: '"The impact [of a federal law] for victims would be immediate," Franks said. "If it became a federal criminal law that you can't engage in this type of behavior, potentially Google, any website, Verizon, any of these entities might have to face liability for violations.' That makes it clear her intent is to undermine Section 230 and make third parties — like 'Google, any website, Verizon... face liability.'"

An anonymous reader writes with an excerpt from an intriguing article at TechDirt about the sometimes very low-tech methods of the East German Stasi. They may have been using more pencils than computers, but they were gathering information on their targets using the same kind of metadata whose significance the U.S. government has lately been downplaying: "They amassed dossiers on about one quarter of the population of the country during the Communist regime. But their spycraft — while incredibly invasive — was also technologically primitive by today's standards. While researching my book Dragnet Nation, I obtained the above hand drawn social network graph and other files from the Stasi Archive in Berlin, where German citizens can see files kept about them and media can access some files, with the names of the people who were monitored removed. The graphic shows forty-six connections, linking a target to various people (an 'aunt,' 'Operational Case Jentzsch,' presumably Bernd Jentzsch, an East German poet who defected to the West in 1976), places ('church'), and meetings ('by post, by phone, meeting in Hungary')."

FuzzNugget writes "Apparently seeking to lock competitors out of the burgeoning single-serve coffee market, Green Mountain Coffee Roasters, maker of the popular Keurig coffee machines, will make their new machines work with licensed pods only. GMCR's CEO confirmed this in a statement: 'The much-anticipated ‘Keurig 2.0’ single-cup brewing system with ‘interactive readability’ (that doesn’t work with unlicensed/copycat pods) will offer such “game-changing functionality” that consumers - and unlicensed players - will want to switch.'"

cold fjord writes "The Verge reports, 'Google and YouTube must scrub all copies of Innocence of Muslims, a low-budget anti-Islam film that drew international protest in 2012, at the behest of an actress who says she received death threats after being duped into a role. The Ninth Circuit Court of Appeals has granted a temporary takedown order on behalf of Cindy Lee Garcia, who filed a copyright claim against Google in an attempt to purge the video from the web. While actors usually give up the right to assert copyright protection when they agree to appear in a film, Garcia says that not only was she never an employee in any meaningful sense, the finished film bore virtually no relation to the one she agreed to appear in. In a majority opinion, Judge Alex Kozinski said she was likely in the right.' — Techdirt has extensive commentary on the ruling that's worth reading. It seems likely there will be an appeal, with the distinct possibility that Google and the MPAA will be on the same side."

An anonymous reader writes "The latest news in this: GCSB appears to have deleted key evidence in the case in a ham-fisted attempt to cover up its illegal activities. Even more ridiculous, GCSB is trying to cover this up by claiming that the material had 'aged off' — implying that it was deleted automatically. New Zealand Prime Minister John Key claims that they had to delete the information under the law. Of course, there are a few problems with that. The first is that under New Zealand law, like most countries these days, parties have an obligation to preserve documents likely to be necessary in a legal case. But, even more damning is that there's video of John Key in the New Zealand Parliament trying to defend against an earlier claim that GCSB had deleted some evidence by insisting that GCSB does not delete anything ever:"

Nate the greatest writes "Whether it's EA and SimCity, the Sony rootkit scandal, or Ubisoft, we've all read numerous stories about companies using DRM in stupid ways that harm their customers, and now we can add Adobe to the list. Adobe has just announced a new timeline for adoption of their recently launched 'hardened' DRM, and it's going to take your breath away. In a video posted to Youtube, Adobe reps have stated that Adobe expects all of their ebook partners to start adopting the new DRM in March. This is the same DRM that was launched only a few weeks ago and is already causing problems, but that hasn't stopped Adobe. They also expect all the stores that use Adobe's DRM to sell ebooks (as well as the ebook app and ebook reader developers) to have fully adopted the new ebook DRM by July 2014. That's when Adobe plans to end support for the old DRM (which everyone is using now). Given the dozens and dozens of different ebook readers released over the past few years, including models from companies that have gone under, this is going to present a significant problem for a lot of readers. Few, if any, will be updated in time to meet Adobe's deadline, and that's going to leave many readers unable to buy DRMed ebooks."

An anonymous reader sends this story from TechDirt: "You may recall the stories from the past couple years about the so-called 'snooper's charter' in the UK — a system to further legalize the government's ability to spy on pretty much all communications. It was setting up basically a total surveillance system, even beyond what we've since learned is already being done today. Thankfully, that plan was killed off by Deputy Prime Minister Nick Clegg. However, Prime Minister David Cameron is back to pushing for the snooper's charter — and his reasoning is as stupid as it is unbelievable. Apparently, he thinks it's necessary because the fictional crime dramas he watches on TV show why it's necessary. Cameron said, 'I love watching, as I probably should stop telling people, crime dramas on the television. There's hardly a crime drama where a crime is solved without using the data of a mobile communications device. What we have to explain to people is that... if we don't modernise the practice and the law, over time we will have the communications data to solve these horrible crimes on a shrinking proportion of the total use of devices and that is a real problem for keeping people safe.'"

Hugh Pickens DOT Com writes "Conor Friedersdorf has written a tongue-in-cheek article in The Atlantic advising New Jersey Governor Chris Christie how he can use the NSA playbook to successfully defend himself of the charges that a senior member of his staff was involved in shutting down George Washington Bridge traffic, a stunt meant to punish the mayor of an affected town for opposing his reelection. Christie's NSA-inspired explanation would include the following points: There are almost 9 million people in New Jersey, and only one was targeted for retribution, an impressively tiny error rate lower than .001 percent; The bridge closure was vital to national security because [redacted]; Since the George Washington Bridge is a potential terrorist target, everything that may or may not have happened near it is a state secret; Going after a political rival is wrong but it's important to put this event in context; Fort Lee Mayor Mark Sokolich was the only target of non-compliant behavior. No other Fort Lee resident was ever targeted for retribution, and any delays that any Fort Lee resident experienced were totally inadvertent and incidental; Finally a panel will be formed to figure out how to restore the public's faith in Chris Christie. "To some readers, these talking points may seem absurd or deliberately misleading," concludes Friedersdorf, "but there isn't any denying that so far they're working okay for the NSA.""

theodp writes "In 'The Online Education Revolution Drifts Off Course,' NPR's Eric Westervelt reports that 2013 might be dubbed the year that online education fell back to earth. Westervelt joins others in citing the higher failure rate of online students as evidence that MOOCs aren't all they're cracked up to be. But viewed another way, the ability to try and fail without dire debt or academic consequences that's afforded by MOOCs could be viewed as a feature and not a bug. Being able to learn at one's own pace is what Dr. Yung Tae Kim has long argued is something STEM education sorely lacks, and MOOCs make it feasible to allow students to try-try-again if at first they don't succeed. By the way, if you couldn't scrape together $65,000 to take CS50 in-person at Harvard this year, today's the first day of look-Ma-no-tuition CS50x (review), kids!"

cathyreisenwitz sends word of a San Francisco trial in which the U.S. government appears to be manipulating the no-fly list to its advantage. The court case involves a Stanford Ph.D. student who was barred from returning to the U.S. after visiting her native Malaysia. She's one of roughly 700,000 people on the no-fly list. Here's the sketchy part: the woman's eldest daughter, who was born in the U.S. and is a U.S. citizen, was called as a witness for the trial. Unfortunately, she mysteriously found herself on the no-fly list as well, and wasn't able to board a plane to come to the trial. Lawyers for the Department of Justice told the court that she simply missed her plane, but she was able to provide documents from the airline explaining that the Department of Homeland Security was not allowing her to fly.

cathyreisenwitz sends word of a San Francisco trial in which the U.S. government appears to be manipulating the no-fly list to its advantage. The court case involves a Stanford Ph.D. student who was barred from returning to the U.S. after visiting her native Malaysia. She's one of roughly 700,000 people on the no-fly list. Here's the sketchy part: the woman's eldest daughter, who was born in the U.S. and is a U.S. citizen, was called as a witness for the trial. Unfortunately, she mysteriously found herself on the no-fly list as well, and wasn't able to board a plane to come to the trial. Lawyers for the Department of Justice told the court that she simply missed her plane, but she was able to provide documents from the airline explaining that the Department of Homeland Security was not allowing her to fly.

An anonymous reader sends this quote from TechDirt: "One of the bizarre side notes to Hollywood's big lawsuit against the cyberlocker Hotfile was a countersuit against Warner Bros. by Hotfile, for using the easy takedown tool that Hotfile had provided, to take down a variety of content that was (a) non-infringing and (b) had nothing to do with Warner Bros. at all (i.e., the company did not hold the copyright on those files). In that case, WB admitted that it filed a bunch of false takedowns, but said it was no big deal because it was all done by a computer. Of course, it then came out that at least one work was taken down by a WB employee, and that employee had done so on purpose, annoyed that JDownloader could help possible infringers download more quickly."

sabri writes "Jen Palmer tried to order something from kleargear.com, some sort of cheap ThinkGeek clone. The merchandise never arrived and she wrote a review on ripoffreport.com. Now, kleargear.com is reporting her to credit agencies and sending collectors to fetch $3,500 as part of a clause which did not exist at the alleged time of purchase. 'By email, a person who did not identify him or herself defended the $3500 charge referring again to Kleargear.com's terms of sale. As for Jen being threatened — remove the post or face a fine — the company said that was not blackmail but rather a, "diligent effort to help them avoid [the fine]."' The terms and conditions shouldn't even apply, since the sales transaction was never completed."

Techdirt has an interesting followup on the arrest and indictment of Silk Road founder Ross Ulbricht, in connection to which the FBI seized 26,000 or so Bitcoins. From the Techdirt piece: "However, in the criminal complaint against Ulbricht, it suggested that his commissions were in the range of $80 million -- or about 600,000 Bitcoins. You might notice the disconnect between the 26,000 Bitcoins seized and the supposed 600,000 Ulbright made. It now comes out that those 26,000 Bitcoins aren't even Ulbricht's. Instead, they're actually from Silk Road's users. In other words, these were Bitcoins stored with user accounts on Silk Road. Ulbricht's actual wallet is separate from that, and was apparently encrypted, so it would appear that the FBI does not have them, nor does it have any way of getting at them just yet. And given that some courts have argued you can't be forced to give up your encryption, as it's a 5th Amendment violation, those Bitcoins could remain hidden -- though, I could see the court ordering him to pay the dollar equivalent in restitution (though still not sure that would force him to decrypt the Bitcoins)." The article also notes that the FBI's own Bitcoin wallet has been identified, leading to some snarky micropayment messages headed their direction.

Techdirt has an interesting followup on the arrest and indictment of Silk Road founder Ross Ulbricht, in connection to which the FBI seized 26,000 or so Bitcoins. From the Techdirt piece: "However, in the criminal complaint against Ulbricht, it suggested that his commissions were in the range of $80 million -- or about 600,000 Bitcoins. You might notice the disconnect between the 26,000 Bitcoins seized and the supposed 600,000 Ulbright made. It now comes out that those 26,000 Bitcoins aren't even Ulbricht's. Instead, they're actually from Silk Road's users. In other words, these were Bitcoins stored with user accounts on Silk Road. Ulbricht's actual wallet is separate from that, and was apparently encrypted, so it would appear that the FBI does not have them, nor does it have any way of getting at them just yet. And given that some courts have argued you can't be forced to give up your encryption, as it's a 5th Amendment violation, those Bitcoins could remain hidden -- though, I could see the court ordering him to pay the dollar equivalent in restitution (though still not sure that would force him to decrypt the Bitcoins)." The article also notes that the FBI's own Bitcoin wallet has been identified, leading to some snarky micropayment messages headed their direction.

Techdirt has an interesting followup on the arrest and indictment of Silk Road founder Ross Ulbricht, in connection to which the FBI seized 26,000 or so Bitcoins. From the Techdirt piece: "However, in the criminal complaint against Ulbricht, it suggested that his commissions were in the range of $80 million -- or about 600,000 Bitcoins. You might notice the disconnect between the 26,000 Bitcoins seized and the supposed 600,000 Ulbright made. It now comes out that those 26,000 Bitcoins aren't even Ulbricht's. Instead, they're actually from Silk Road's users. In other words, these were Bitcoins stored with user accounts on Silk Road. Ulbricht's actual wallet is separate from that, and was apparently encrypted, so it would appear that the FBI does not have them, nor does it have any way of getting at them just yet. And given that some courts have argued you can't be forced to give up your encryption, as it's a 5th Amendment violation, those Bitcoins could remain hidden -- though, I could see the court ordering him to pay the dollar equivalent in restitution (though still not sure that would force him to decrypt the Bitcoins)." The article also notes that the FBI's own Bitcoin wallet has been identified, leading to some snarky micropayment messages headed their direction.

theodp writes "In July, MIT drew criticism after issuing a report clearing itself in the suicide of Aaron Swartz. So, one wonders what Swartz supporters will make of The Lessons of Aaron Swartz, an MIT Technology Review op-edish piece penned by MIT EE/CS prof Hal Abelson, who chaired the review panel. Calling Swartz 'dangerously naïve about the reality of exercising that power [of technology], to the extent that he destroyed himself' (others say prosecutorial overreach destroyed him), Abelson questions 'whether the people who mentored Swartz and helped him achieve such brilliance and power had a responsibility to cultivate not only his technical excellence and his passion as an advocate but also, as my grandmother would have called it, seykhel-a wonderful Yiddish word that means a combination of intelligence and common sense.'"

Mystakaphoros writes "Mike Masnick of Techdirt argues that we can all put down our wooden shoes and take a chill pill: technology 'rarely destroys jobs.' For example, telephone operators have largely gone by the wayside, but a (brave) new world of telemarketing and call center support jobs have opened up because of advances in technology, not to mention the Internet. Masnick points out writing from Professor James Bessen that makes the same point: 'In other cases, technology creates offsetting job growth in different occupations or industry segments. For example, word processors and voice mail systems reduced the numbers of typists and switchboard operators, but these technologies also increased the number of more highly skilled secretaries and receptionists, offsetting the job losses. Similarly, Amazon may have eliminated jobs at Borders and other national book chains that relied on bestsellers, but the number of independent booksellers has been growing and with it, more jobs for sales clerks who can provide selections and advice that Amazon cannot easily match.' That said, I think it's worth asking: if machines are going to replace all our fast food workers, are we going to start paying our gourmet chefs minimum wage just because we can?"

PCWorld reports that "[A] U.S. surveillance court has given the National Security Agency no limit on the number of U.S. telephone records it collects in the name of fighting terrorism, the NSA director said Thursday. The NSA intends to collect all U.S. telephone records and put them in a searchable 'lock box' in the interest of national security, General Keith Alexander, the NSA's director, told U.S. senators." But don't worry; it's just metadata, until it isn't. (Your row in the NSA database may already be getting cozy in its nice new home in Utah.)

First time accepted submitter MrMagooAZ writes "An interesting article about a questionable reaction by FEMA in response to the flooding in Colorado. It seems a small firm was working free of charge with County officials to use drones to map the area and provide near-real-time maps of the flood damage. When FEMA took control of operations one of their first acts appears to have been to not only ground the drones, but threaten the operators. 'I'm from the government and I'm here to help you?'" The drone model in question has permits from the FAA to be flown around even. The drones were replaced with manned craft that, due to the terrain, where unable to fly low enough to make useful maps.

theodp writes "Back in the day, leprosy patients were stigmatized and shunned, quarantined from society in Leper Colonies. Those days may be long gone, but are our mapping, GPS, and social media technologies in effect helping to create modern-day 'Leper Colonies'? The recently-shuttered GhettoTracker.com (born again as Good Part of Town) generated cries of racism by inviting users to rate neighborhoods based on 'which parts of town are safe and which ones are ghetto, or unsafe'. Calling enough already with the avoid-the-ghetto apps, The Atlantic Cities' Emily Badger writes, "this idea toes a touchy line between a utilitarian application of open data and a sly wink toward people who just want to steer clear of 'those kinds of neighborhoods.'" The USPTO has already awarded avoid-crime-ridden-neighborhoods-like-the-plague patents to tech giants Microsoft, IBM, and Google. So, when it comes to navigational apps, where's the line between utility and racism? 'As mobile devices get smarter and more ubiquitous,' writes Svati Kirsten Narula, 'it is tempting to let technology make more and more decisions for us. But doing so will require us to sacrifice one of our favorite assumptions: that these tools are inherently logical and neutral...the motivations driving the algorithms may not match the motivations of those algorithms' users.' Indeed, the Google patent for Storing and Providing Routes proposes to 'remove streets from recommended directions if uploaded route information indicates that travelers seem to avoid the street.' Even faster routes that 'traverse one or more high crime areas,' Google reasons, 'may be less appealing to most travelers'."

FuzzNugget writes "No, you didn't just stumble upon The Onion by mistake. Ars Technica reports that Obama's 'reform' panel will report directly to James Clapper, the Director of National Intelligence who arguably lied to Congress about whether the NSA conducted dragnet surveillance of Americans' communications. But is anyone really surprised?"

First time accepted submitter kdataman writes "The EFF has helped launch a new site to help the potential victims of patent trolling. It is called TrollingEffects.org and is designed to parallel the way ChillingEffects.org helps those getting DMCA letters. The idea is to educate the targets and help them work together for a more cost-effective defense."

The Northside Independent School District (NISD) of Texas, has decided to drop their controversial student RFID card plans and settle on hundreds of cameras to monitor students. Apparently, the technology wasn't quite the attendance silver bullet administration thought it would be, as Slate's Will Oremus discovered. 'Northside Independent School District spokesman Pascual Gonzalez told me that the microchip-ID program turned out not to be worth the trouble. Its main goal was to increase attendance by allowing staff to locate students who were on campus but didn't show up for roll call. That was supposed to lead to increased revenue. But attendance at the two schools in question a middle school and a high school barely budged in the year that the policy was in place. And school staff found themselves wasting a lot of time trying to physically track down the missing students based on their RFID locators. "We're very confident we can still maintain a safe and secure school because of the 200 cameras that are installed at John Jay High School and the 100 that are installed at Jones Middle School. Plus we are upgrading those surveillance systems to high-definition and more sophisticated cameras. So there will be a surveillance-camera umbrella around both schools," Gonzalez said."'

Okian Warrior writes with this news as reported by TechDirt: "The Washington Post revealed some of the code names for various NSA surveillance programs, including NUCLEON, MARINA and MAINWAY. Chris Soghoian has pointed out that a quick LinkedIn search for profiles with codenames like MARINA and NUCLEON happens to turn up profiles like this one which appear to reveal more codenames: 'Skilled in the use of several Intelligence tools and resources: ANCHORY, AMHS, NUCLEON, TRAFFICTHIEF, ARCMAP, SIGNAV, COASTLINE, DISHFIRE, FASTSCOPE, OCTAVE/CONTRAOCTAVE, PINWALE, UTT, WEBCANDID, MICHIGAN, PLUS, ASSOCIATION, MAINWAY, FASCIA, OCTSKYWARD, INTELINK, METRICS, BANYAN, MARINA.' TRAFFICTHIEF, eh? WEBCANDID? Hmm... Apparently, NSA employees don't realize that information they post online can be revealed."

New submitter quarrelinastraw writes "For years, users have conjectured that the NSA may have placed backdoors in security projects such as SELinux and in cryptography standards such as AES. However, I have yet to have seen a serious scientific analysis of this question, as discussions rarely get beyond general paranoia facing off against a general belief that government incompetence plus public scrutiny make backdoors unlikely. In light of the recent NSA revelations about the PRISM surveillance program, and that Microsoft tells the NSA about bugs before fixing them, how concerned should we be? And if there is reason for concern, what steps should we take individually or as a community?" Read more below for some of the background that inspires these questions. quarrelinastraw "History seems relevant here, so to seed the discussion I'll point out the following for those who may not be familiar. The NSA opposed giving the public access to strong cryptography in the '90s because it feared cryptography would interfere with wiretaps. They proposed a key escrow program so that they would have everybody's encryption keys. They developed a cryptography chipset called the "clipper chip" that gave a backdoor to law enforcement and which is still used in the US government. Prior to this, in the 1970s, NSA tried to change the cryptography standard DES (the precursor to AES) to reduce keylength effectively making the standard weaker against brute force attacks of the sort the NSA would have used.

Since the late '90s, the NSA appears to have stopped its opposition to public cryptography and instead (appears to be) actively encouraging its development and strengthening. The NSA released the first version of SELinux in 2000, 4 years after they canceled the clipper chip program due to the public's lack of interest. It is possible that the NSA simply gave up on their fight against public access to cryptography, but it is also possible that they simply moved their resources into social engineering — getting the public to voluntarily install backdoors that are inadvertently endorsed by security experts because they appear in GPLed code. Is this pure fantasy? Or is there something to worry about here?"

mpol writes "We're all aware of PRISM and the NSA deals with software houses. Just today it was in the news that even Microsoft gives zero-day exploits to the NSA, who use them to prepare themselves, but also use the exploits to break into other systems. At my company we use Git with some private repositories. It's easy to draw the conclusion that git-hosting in the cloud, like Github or Bitbucket, will lead to sharing the sourcecode with the NSA. Self-hosting our Git repositories seems like a good and safe idea then. The question then becomes which software to use. It should be Open Source and under a Free License, that's for sure. Software like GitLab and GNU Savane seem good candidates. What other options are there, and how do they stack up against each other? What experience do people have with them?"

Nyder writes "Kim Dotcom posted via Twitter, with a link to Torrentfreak, that he owns a security patent US6078908, titled 'Method for authorizing in data transmission systems.'" Techdirt points out that Dotcom isn't just asking for financial help: Instead, he's asking companies which use two-factor authentication "to help fund his defense, in exchange for not getting sued for the patent. He points out that his actual funds are still frozen by the DOJ and (more importantly) that his case actually matters a great deal to Google, Facebook and Twitter, because the eventual ruling will likely set a precedent that may impact them -- especially around the DMCA." Update: 05/23 14:23 GMT by T : Why is this relevant to Twitter? If you're not an active Twitter user, you might not realize that (after some well publicized twitter-account hijackings), the company is trying to regain some ground on security. Nerval's Lobster writes "Twitter is now offering two-factor authentication, a feature that could help prevent embarrassing security breaches. Twitter users interested in activating two-factor authentication will need to head over to their account settings page and click the checkbox beside 'Require a verification code when I sign in.'"

danomac writes "Canipre, a Canadian anti-infringement enforcement company, has been using photos on their official website without permission. This company hopes to bring U.S.-style copyright lawsuits to Canada, and they are the company behind Voltage's current lawsuits. It says right on their website, 'they all know it's wrong, and they're still doing it' overlaid on top of the image used without permission. Multiple photos from different photographers are used; none of them with permission. Canipre's response? 'We used a third party vendor to develop the website and they purchased images off of an image bank,' they said, trying to pass the blame to someone else. Some of the photos were released under the Creative Commons, meaning they could have used the photos legally if they'd provided proper attribution."

Techdirt explains the strange story of a lawsuit-happy bus company in Illinois which managed to tick off a cadre of determined redditors by calling them uncomplimentary names in the reddit forums. This all started when a bus passenger, Jeremy Leval, reported unsavory behavior by a company employee (telling an exchange student "If you don't understand English, you don't belong at the University of Illinois or any 'American' University.") and said so online. Besides the name calling on reddit, the bus company threatened the forum moderator with libel charges, and over insults posted by the bus company employees which the moderator had deleted. Further, company owner "[Dennis] Toeppen threatened to sue Leval, saying, 'The attorneys for Suburban Express are reviewing this incident with a view towards filing the appropriate legal action against this meddlesome MBA student.'" Attorney Ken White of Popehat got involved, though, and asked with good effect whether the company had fully considered the Streisand Effect. The strangest part? Toeppen's former involvement as a domain squatter.

gnujoshua writes "In a new article, GNU Project founder Richard M. Stallman speaks out against the proposal to include hooks for DRM in HTML5. While others have been making similar arguments, RMS strikes home the point that while companies can still push Web DRM themselves, the stance taken by the W3C is still — both practically and politically — vitally important: '[...] the W3C cannot prevent companies from grafting DRM onto HTML. They do this through nonfree plug-ins such as Flash, and with nonfree Javascript code, thus showing that we need control over the Javascript code we run and over the C code we run. However, where the W3C stands is tremendously important for the battle to eliminate DRM. On a practical level, standardizing DRM would make it more convenient, in a very shallow sense. This could influence people who think only of short-term convenience to think of DRM as acceptable, which could in turn encourage more sites to use DRM. On the political level, making room for DRM in the specifications of the World Wide Web would constitute an endorsement in principle of DRM by the W3C. Standardization by the W3C could facilitate DRM that is harder for users to break than DRM implemented in Javascript code. If the DRM is implemented in the operating system, this could result in distribution of works that can't be played at all on a free operating system such as GNU/Linux.'"

An anonymous reader writes with a story at the Daily Dot: "Despite the protests of Internet privacy advocates, the controversial Cyber Intelligence Sharing and Protection Act (CISPA) passed the House of Representatives Thursday. The vote was 288-127. ... CISPA saw a handful of minor amendments soon before passage. A representative for the EFF told the Daily Dot that while they were still analyzing the specifics, none of the actual changes to the bill addressed their core criticisms. ... But also as was the case the year before, on Tuesday the Obama administration issued a promise to veto the bill if it reaches the president’s desk without significant changes." Techdirt has a short report on the vote, too — and probably more cutting commentary soon to follow.