February 28, 2012

What Does It Mean to be “Pro-Technology and Pro-Internet?”

February 24, 2012 | By Mitch Stoltz

Ahead of the Academy Awards this weekend, Chris Dodd, head of the Motion Picture Association of America, would like to assure you that "Hollywood is pro-technology and pro-Internet." But what does that mean? The comments filed at the Copyright Office this month by MPAA and RIAA, together with the Business Software Alliance, the Entertainment Software Association, and other copyright owners' groups, paint a clear picture of these groups' vision for the future of the Internet and digital technologies.

EFF is asking the Copyright Office for legal exemptions to the Digital Millennium Copyright Act to allow jailbreaking (or "rooting") of smartphones, tablets, and game consoles, so that people can run their software of choice on the devices they own. EFF is also asking for exemptions that will allow noncommercial video remixers to use video clips from DVDs and online video services. Other organizations are asking for exemptions for various forms of digital video, accessibility for the disabled, and other important projects. Under the DMCA, exemptions expire every three years, and have to be justified all over again. Many of you sent comments and signed petitions in support of EFF's exemption requests, and the Copyright Office received almost 700 comments.

MPAA and friends don't approve of a single one of the exemption requests. "The risk associated with encouraging people to circumvent and test the limits of fair use is too high," they say, and the makers of computing devices should be able to stop "unintended uses" of their products. In fact, say the entertainment lobbies, giving you the ability to modify your own devices for your own use will "wreak havoc" on "markets for consumer access to works."

Let's unpack this. Almost everything we do on the Internet or with digital media makes a copy—even viewing a webpage. In many cases, the fair use rule of copyright law is what keeps these everyday activities from being copyright violations. But proving definitively that a use is fair often requires a courageous artist or entrepreneur to go to court and risk massive penalties for the chance of having a judge say that what they're doing is legal. According to the entertainment lobbies, the U.S. government should not encourage people to do this.

Ironically, most of the devices that let us create and experience movies, music, software, and so on "test the limits of fair use"—and many have wound up in court. If this were discouraged, we may never have had the VCR, the MP3 player, the digital video recorder, image-searching websites, or social networks—at least not without asking the entertainment industries' permission first. 

And speaking of permission, MPAA regrets that "the Copyright Office missed an opportunity to endorse" the custom of "asking permission" before innovating.

So what should the Copyright Office be doing? MPAA et al. humbly suggest that the Office should be protecting the "ongoing viability of business models" that create "predictability with respect to how works will be accessed and how copyrighted software and technologies used to facilitate such access will be used and manipulated." You won't find that in any law, although it sounds a lot like the goals of the now-defunct SOPA and PIPA bills. Again, let's look behind the euphemisms: the entertainment lobbies want the U.S. government to protect their members' bottom lines by regulating how digital technologies can be used. Only uses that receive Hollywood's permission, and are "predictable," should pass muster.

Apparently this is what Mr. Dodd means when he says "Hollywood is pro-technology and pro-Internet": technology that blocks "unintended uses" and an Internet subject to Hollywood's veto power. SOPA and PIPA may be dead, but the agenda behind them seems alive and well.

Filed under internet, RIAA by al

Permalink • Print • Comment

How Internet Companies Would Be Forced to Spy on You Under H.R. 1981

February 23, 2012 | By Rainey Reitman

Online commentators are pointing to the Internet backlash against H.R. 1981 as the new anti-SOPA movement. While this bill is strikingly different from the Stop Online Piracy Act, it does have one thing in common: it’s a poorly-considered legislative attempt to regulate the Internet in a way experts in the field know will have serious civil liberties consequences. This bill specifically targets companies that provide commercial Internet access – like your ISP – and would force them to collect and maintain data on all of their customers, even if those customers have never been suspected of committing a crime.

Under H.R. 1981, which has the misleading title of Protecting Children From Internet Pornographers Act of 2011, Congress would force commercial Internet access providers to keep for one year a “log of the temporarily assigned network addresses the provider assigns to a subscriber to or customer of such service that enables the identification of the corresponding customer or subscriber information under subsection (c)(2) of this section.”  Let’s break that down into simple terms.

Temporarily Assigned Network Addresses: More than IP Addresses

Under this proposal, ISPs would have to maintain “temporarily assigned network addresses” to enable the identification of a subscriber. At a minimum, this refers to the IP addresses assigned by ISPs, including the Internet services associated with mobile phones.  It could also potentially include mobile phone numbers or other forms of cell phone identification, such as the three major mobile device identifiers: IMEI, IMSI, TMSI. These are the tracking IDs for your mobile devices, the unique identifiers that mobile phone companies use to track handsets and the accounts associated with them.

IP Addresses Aren't a Perfect Identifier

An IP address is like a street address or a phone number; it's the arrow that points packets of information your way when people send you things over the Internet. But it cannot tell you who is actually sitting behind a computer screen, typing at a computer.

Currently IP addresses by themselves aren’t a perfect way to identify individuals. One reason is because there are only a limited number of IPv4 addresses (the current schema most ISPs use to allocate IP addresses), and so there are many situations in which a bunch of Internet users are sharing a single IP address. This strategy, called Network Address Translation (NAT), is a creative way to deal with the shortage of IP addresses while we are still in the protracted process of transitioning to IPv6. All of which is to say: H.R. 1981 mandates that companies keep a log of assigned network addresses in order to identify customers, but IP addresses are only one clue in figuring out a user's identity.

IP Addresses: Useful for Location Tracking

But there’s another element many commentators are forgetting: even if a single IP address isn’t a perfect identifier, a collection of IP addresses assigned to a user can be combined with other data elements to create a frighteningly detailed map of a person’s location over time. For example, law enforcement could review the IP addressses an individual used to log onto her email account over the period of several months to create a detailed picture of when she was at home, when she went to work, when she was in transit, and when she went to sleep – and whether there were certain days she deviated from her typical schedule.

IP addresses can also indicate information about a user's physical proximity to other users. For example, if two people are using the same IP address at the same time, they are likely at the same location. Law enforcement might be very interested in how IP addresses can indicate one's associations in this way.

Law enforcement could also demand that a social network hand over the IP addresses and logged-in times of an individual using its service. Law enforcement could then combine this information with data from an ISP or mobile carrier to figure who was assigned to each of those IP addresses. For mobile providers, each entry could be combined with data about one’s GPS location. So a law enforcement agent could know when an individual was posting to a social network as well as her location. ISPs will be slightly less exact but still provide a detailed portrait of an individual’s physical location each time she logged in. 

This is no nightmare scenario. This is exactly what the U.S. government attempted when it pressured Twitter to hand over Icelandic parliamentarian Birgitta Jónsdóttir’s data as part of the WikiLeaks investigation. And we’ve seen numerous other occasions where law enforcement pressured Internet companies to hand over the IP addresses and times of individuals using their services.

Law enforcement is coming to understand that IP addresses are a powerful key to location data and to tracking people's movements over time. But in order for this data to be most useful to them, they need ISPs and mobile carriers to keep records of who is assigned to which IP addresses, and when.

The Supreme Court has already decided that tracking an individual’s car with a GPS device for months at a time without a search warrant is blatantly unconstitutional.  But by passing H.R. 1981, law enforcement hopes to create a mountain of data that will facilitate the location tracking of anyone who uses the Internet, if that person is under suspicion for any reason in the coming year.

Detailed Banking Information

Because the actual language of the bill is somewhat vague, activists at Demand Progress have correctly noted that this legislation might force Internet companies to retain even more data just to be on the safe side. The proposed bill is an amendment to 18 USC § 2703, the law currently defining the circumstances under which companies that store electronic data on customers must disclose it to the government. H.R. 1981 is attempting to amend and expand this law in a way that “enables the identification of the corresponding customer or subscriber information under subsection (c)(2) of this section.”

So what is subsection (c)(2)?  It requires a provider to turn over to the government without a warrant:

  • Name
  • Address
  • Records of session times and durations
  • Length of service (including start date) and types of service utilized
  • Credit card or bank account number

The language of H.R. 1981 is dangerously unclear – it would definitely require a network to maintain an historical log of IP addresses, but will ISPs believe it also requires them to maintain detailed records on customers’ addresses, credit card, and bank information? Such an interpretation would create a honeypot of sensitive data ripe for overly ambitious law enforcement agents, malicious hackers, or even accidental disclosures.

This Attack on the Internet Has Nothing to Do With Child Pornography

H.R. 1981 is touted as a way to crack down on child pornography, but the data retention mandates of this bill will affect every Internet user who uses a U.S. ISP.  It’s sad to see our legislators using the mantle of child pornography to order Internet companies to spy on users, forcing ISPs to keep mountains of unnecessary data about innocent Internet subscribers in the hopes that it might one day be useful to law enforcement.  That’s exactly why Representative Zoe Lofgren proposed an amendment to rename the bill the 'Keep Every American's Digital Data for Submission to the Federal Government Without a Warrant Act of 2011.'

This type of legislation goes against the fundamental values of our country where individuals are treated as innocent until proven guilty. H.R. 1981 would uproot this core American principle, forcing ISPs to treat everyone like a potential criminal. 

Help us defeat the Internet spying bill. Contact Congress today.

Filed under government, internet by al

Permalink • Print • Comment

February 16, 2012

Welcome to The Journal!

 
This “Daily Journal” category is created for you automatically to help you get started as quickly as possible.
 
NOTE: This example entry can be deleted. Press CTRL+A to select all of this text, and then press DELETE to delete it. Or you can press F9 to create a new, blank entry.
 
Click on the calendar to select a new entry date.
The “Daily Journal” category is a calendar (or daily entry) category.  Calendar categories automatically create a new entry each day. Plus you can easily add past or future entries simply by clicking on the calendar to the left.
 
When you click on the calendar, a new, empty entry is created for you. Type anything you want, format it with bold, italic, underline, change the color, add highlighting, insert pictures, and more!
 
The entry tree shows your entries by year, month and day.As you create new entries, you will see them listed in the “entry tree”, just below the calendar. When you first bring up a new entry date, it won’t be listed in the tree. Once you start typing, though, the entry will show up.
 
And don’t worry about empty entries. If you don’t actually type in an entry, nothing is saved.
 
 
If you want to change the font or background color of this category, or if you want to create additional entry categories, right-click on the entry and select “Category Properties…”

Right-click on the category tab and choose Category Properties...
 
You can give this entry a Calendar Charm by pressing Ctrl+F2. The small graphical icon you select will be displayed on the calendar for this entry. Use Calendar Charms to mark important entries and add a personal touch to The Journal! You can also insert Calendar Charms in your entries, by pressing Shift+F2:
 
Don’t forget to check out the “Notebook” category (click on the “Notebook” tab on the right, or press Ctrl+Tab)!
 
The Journal’s monthly newsletter features:
  • Announcements of The Journal’s latest releases and updates.
  • Tips and Tricks of using The Journal.
  • Articles about journaling.
  • Special journaling- and writing-exercises.
  • And more!
 
To receive The Journal’s newsletter, sign up here:
I hope you enjoy using The Journal!
 
David Michael
 
NOTE: This example entry can be deleted. Press CTRL+A to select all of this text, and then press DELETE to delete it. Or you can press F9 to create a new, blank entry.

Filed under info resources by al

Permalink • Print • Comment

Testing The Journal on updated alsplace.info


I’ve just upgraded this WordPress blog from version 2.1.3 to the current 3.3.1.  I hope to add the logon to my “The Journal” software so that I am able to do posts on the fly.

It was amazing that the same theme works in this latest release as did it in v2.1.3.  I should mention that I need to check the configuration as there is a column of widgets missing– although the column is still available.

There is much to review and configure in this upgrade and I’ll get to it as soon as possible.  The reason that I bothered researching doing such an upgrade and implementing it is that I shall be reinstalling my main computer shortly and there is much newly discovered software that I have just installed on my recently purchased laptop.  I hope to do posts of the more interesting software as I do the install.

Now to clean up my notes and post them to my database and then to do a backup of the site after this upgrade.

See ya soon!

Filed under info resources by al

Permalink • Print • Comment

August 4, 2011

Cloud Computing – A Blessing or a Curse?

There’s no doubt that cloud computing has made a huge splash in our technologically ubiquitous society. Its benefits help businesses with productivity and give consumers more convenience about back-ups and data storage. Still, there are a few issues that should be addressed for anyone, whether a business owner or average Joe computer user, before making the jump to any cloud computing solution.

Reduced Control

Cloud Computing – Geeks.comThe popular concept of cloud computing involves offloading and archiving pertinent files and data to an off-site 3rd party company which guarantees virtually 100% uptime and secure access anytime anywhere. The problem is that you’re basically having another entity hang on to your confidential information which reduces the amount of control you have over that information. In addition, you have no idea where your information is being stored.

What if, for example, your data is managed by a 3rd party cloud service company whose computer servers are located in Niger and due to an anti-government uprising, the cloud company’s infrastructure is compromised? You would have no idea whether your data was saved and moved to another location or if the data itself was possibly compromised by unauthorized parties. Granted, the chance of this happening is probably low but the big picture is that you’re virtually powerless in safeguarding your own information against issues from the external environment. Regarding Murphy’s Law, many cloud service companies pitch a near-100% uptime guarantee but there is still a chance the service could be unavailable (due to system malfunctions or maintenance) during the time when you need it the most.

Legal Issues

Cloud Computing – Geeks.comUsing cloud services also presents a potential legal headache for both you and the hosting company. For example, cloud service provider Dropbox recently experienced a security breach in which all accounts were accessible by entering ANY password for approximately four hours. While Dropbox was able to rectify the issue promptly, one of their users is now filing a lawsuit for the security issue.

What if you had personal (or company) information that was compromised? Cloud Computing – Geeks.comWhat legal recourse would you have? Basically it means there would be extra work for you (and your legal team) having to deal with straightening things out, (such as breach of contract and/or having to find another cloud service provider). For cloud service users looking to store music into their respective digital lockers, external parties such as music label companies have raised a legal uproar about Amazon’s cloud music service which could make it difficult, in the long-run, about what type of data can be stored on a cloud.

Proactive Measures

While there is zero way to completely prevent any type of cloud service issue, there are a few steps you can take to minimize the chance of having one of these issues compromise your confidential personal or business information.

Cloud Computing – Geeks.comFirst, it would be logical to adopt a “Don’t keep all your eggs in one basket” approach which means only uploading the pertinent data that needs to be accessible to the necessary company personnel.

For example, if you have sales personnel traveling to Europe for a trade show and they need cloud access, it would be wise to not leave your Finance, Competitive Strategy and Company Financial Statements available on the cloud.

You can also specify exactly, which employee(s) are allowed access to your cloud servers and make them aware of the heightened security involved with such access. (Increased accountability with updated IT security access/policies)

Cloud Computing – Geeks.comNext, you can also use a 3rd party encryption program such as True Crypt and encrypt all information before uploading it to your cloud service. This provides redundant security on two counts.

  1. First, your data would be useless if intercepted (in any way) by unauthorized parties. (unless they can break through True Crypt’s ridiculously-tough encryption)
  2. Second, if the cloud service’s infrastructure is compromised, your information is still useless to anyone except you or your employees. You can also save a copy of all your confidential information on your own secure personal or company network which provides an alternative access point in case the cloud service goes down for any reason.

The big picture is that with all this technology that’s continuously revolutionizing our personal and company lives, you should always approach new technological solutions with a balanced perspective, weighing both the pros and cons while considering what steps can be taken to keep your digital life secure.

Filed under cloud by al

Permalink • Print • Comment
« Previous PageNext Page »
Made with WordPress and an easy to use WordPress theme • Sky Gold skin by Denis de Bernardy