Statewatch is a non-profit-making voluntary group founded in 1991. It is comprised of lawyers, academics, journalists, researchers and community activists. Its European network of contributors is drawn from 12 countries. Statewatch encourages the publication of investigative journalism and critical research in the fields of the state, civil liberties and openness.

Slashdot | Haiku vs Spam.

Mark Cantrell was among several people who sent in a story about a company using "Haiku to Stop Spam. Essentially you use a copyrighted Haiku to tag that a message meets criteria (1 Recipient, Pre-Existing Relationship, etc) which then makes it a simple matter to filter the mail. I'm sure the spammers in China will laugh wildly as they forge the haiku. I challange comment posters to post only Haiku in this discussion ;)

MIT Laboratory for Computer Science - Infranet.

Infranet consists of a requester and responder communicating over a covert tunnel. A requester, running on a user's computer, uses the tunnel to request censored content. Upon receiving the request, the responder, a standard public Web server running Infranet software, retrieves the sought content from the Web and returns it to the requester via the tunnel. In the upstream direction, the Infranet tunnel protocol modulates covert messages on standard HTTP requests for uncensored content. This is done using a confidentially negotiated function that maps URLs to message fragments, which compose requests for censored content. The requester and responder communicate via a channel with far greater bandwidth from the responder to the requester than vice versa. Because the responder serves many Infranet users' requests for hidden content, it can maintain the frequency distribution of hidden messages. A requester typically wants to send a message from this distribution.

[ ... ]

We have an initial prototype that is not yet publicly available. We have implemented an early version of the responder as an Apache module and the requester, which functions much like a Web proxy.

USENIX - Security '02 - 11th USENIX Security Symposium.

USENIX - Security '02 - Technical Sessions.

11th Annual USENIX Security Symposium — Technical Paper - Infranet: Circumventing Web Censorship and Surveillance. by Nick Feamster, Magdalena Balazinska, Greg Harfst, Hari Balakrishnan, David Karger MIT Laboratory for Computer Science {feamster, mbalazin, gch, hari, karger} @lcs.mit.edu http://nms.lcs.mit.edu/projects/infranet

An increasing number of countries and companies routinely block or monitor access to parts of the Internet. To counteract these measures, we propose Infranet, a system that enables clients to surreptitiously retrieve sensitive content via cooperating Web servers distributed across the global Internet. These Infranet servers provide clients access to censored sites while continuing to host normal uncensored content. Infranet uses a tunnel protocol that provides a covert communication channel between its clients and servers, modulated over standard HTTP transactions that resemble innocuous Web browsing. In the upstream direction, Infranet clients send covert messages to Infranet servers by associating meaning to the sequence of HTTP requests being made. In the downstream direction, Infranet servers return content by hiding censored data in uncensored images using steganographic techniques. We describe the design, a prototype implementation, security properties, and performance of Infranet. Our security analysis shows that Infranet can successfully circumvent several sophisticated censoring techniques.

Slashdot | Infranet: Circumventing Web Censorship.

edsonw writes "In this paper presented at the 11th USENIX Security Symposium, Feamster et alii presented a method that provide access to censored sites while continuing to host normal uncensored content, using covert communication and steganographic techniques." --- The Infranet webpage has some more information. No public code yet, though.

BBC NEWS | Technology | Privacy fears over EU snooping plans.

The records of who you contact via phone, web, fax or mobile could soon be stored for years under a proposal drafted by European governments.

If passed, the law would force anyone providing communication services to keep records for at least a year of what customers have been doing.

The records would be available to police forces across the European Union investigating almost any crime.

Civil liberty campaigners fear that the European law will endanger long-held rights to privacy and could tempt law enforcement agencies to go on fishing expeditions for evidence of wrongdoing.

[ ... ]

The proposal will also allow the data to be shared among police forces across Europe.

The move has been brought in under the guise of aiding the fight against terrorism but the draft proposal allows the information to be used during the investigation of almost any serious crime.

Statewatch fears that the proposal is a precursor to another that will give police forces access to the contents of communications not just contact lists.

The watchdog also said the proposal also tramples on rights to challenge information being held or to contest decisions made on the basis of it.

[ ... ]

Mr Brown also had doubts that information would be deleted once its expiry period had been reached.

"The problem is that once you start retaining the data it tends to hang around," he said.

ZDNet |UK| - News - Telecoms - Fears over EU's secret surveillance plans. Privacy groups believe that European governments will soon force ISPs and telcos to store details of Web use, emails and phone calls for up to two years

Privacy advocates have claimed that the European Union is planning to bring in sweeping changes to the laws that govern data retention and privacy in the EU, compelling the long-term storage of users' communications traffic data and making this information available to EU governments.

Statewatch, a UK Internet-based organisation that monitors threats to civil liberties within Europe, said on Monday that European governments are planning to force all of Europe's telephone and mobile network operators and Internet service providers (ISPs) to store details of their customers' communications traffic data for up to two years.

Guardian Unlimited | The Guardian | Privacy fear over plan to store email . EU wants data retained to help fight against crime

Records of personal communications, including all emails and telephone calls, will be stored for at least a year under a proposal to be decided by EU governments next month.

Under the plan, all telecommunications firms, including mobile phone operators and internet service providers, will have to keep the numbers and addresses of calls and emails sent and received by EU citizens. The information, known as traffic data, would be held in central computer systems and made available to all EU governments.

The move could lead to a further extension in the powers of European security and intelligence agencies, allowing them to see the contents of emails and intercepted calls and faxes, civil liberty groups fear.

The plan, drafted in Brussels, has been leaked to Statewatch, an independent group monitoring threats to privacy and civil liberties in the EU.

"The traffic data of the whole population of the EU - and the countries joining - is to be held on record. It is a move from targeted to potentially universal surveillance," Tony Bunyan, Statewatch editor, warned yesterday. "EU governments claimed that changes to the 1997 privacy directive would not be binding on member states - each national parliament would have to decide. Now we know that all along they were intending to make it compulsory across Europe."

Although the move was initially explained by the need to fight terrorism, EU officials now argue it is necessary to fight all serious crime, including paedophilia and racism.

[ ... ]

It states that the "confidentiality and integrity" of retained traffic data must be "ensured" but does not say how. Individuals have no right to check whether the information held about their personal communications is accurate or legally challenge decisions about its use by EU authorities.

A member state will not be able to refuse a request for information from another member state on human rights or privacy grounds. There is also no common EU list of crimes caught by the plan or of public agencies which could demand the information.

But there is one element in the EU plan that the Britain will not welcome. It says that personal data could be handed to security services and law enforcement authorities only with judicial approval.

In Britain, the Regulation of Investigatory Powers Act allows law enforcement and intelligence agencies to access personal communications data covering a wide range of purposes, including public health and tax collection, without any court or executive warrant.

CNET NEWS.COM - Group warns of massive EU surveillance.

Privacy advocates claim that the European Union plans to make sweeping changes to laws that govern communications-related data retention and privacy, requiring the long-term storage of such information and making it available to governments.

Statewatch, a U.K.-based Internet organization that monitors threats to civil liberties within Europe, said Monday that European governments are planning to force all of the continent's telephone carriers, mobile network operators and Internet service providers to store details of their customers' Web use, e-mails and phone calls for up to two years.

This data would be made available to governments and law enforcement agencies.

The European Parliament is currently debating changes to the 1997 EU Directive on privacy in telecommunications, which governs existing laws on communications data retention. This directive states that traffic data can only be retained for billing purposes and must then be deleted.

European governments were expected to agree to changes to the 1997 directive that would allow individual countries to bring in laws forcing communications companies to retain data.

Statewatch, though, said it has seen a copy of a binding "framework decision" that is currently being worked on by some EU governments. The framework decision, which could be voted into law next month, would force all governments to pass laws that would compel communications companies to retain all traffic data for 12 months to 24 months.

CNET NEWS.COM - Free speech, free beer and free software.

On the Internet, software wants to be free. But as the Free Software Foundation and many others point out, the word "free" here is not about price; it is about liberty.

"Free" is used as in the phrase "free speech" (a right we covet), rather than the phrase "free beer" (always too good to be true) or "free kitten" (which sounds good, but has a high overhead).

Confusion arises because free software mostly has a zero price tag as a natural consequence of the original license, the GPL, that enforces the liberty of developers to use code created by their peers. The innovation of the Open Source Initiative was to provide new, more business-friendly licenses. By suggesting alternatives to GPL licensing, it enabled hybrid open-source/closed-source works.

The early years of open source have thus focused on free (as in beer) software, so it is still possible to misunderstand. But we have seen a definite shift in thinking. The open-source community has welcomed companies that build commercial enterprises, as long as they act symbiotically rather than parasitically. Today it is clear that open source has matured.

Technology News from Wired News - Haiku'da Been a Spam Filter.

A hidden scrap of copyrighted poetry embedded in e-mails will be used to guarantee that any message containing the verse is spam free. And if spammers dare to hijack the haiku, they will be aggressively sued for copyright infringement.

New York Times - Editorial Op-Ed: free registration required The Real Thing.

There is an inexorably growing gap between the image and the reality of the Bush administration's policies.

Slashdot | ISP Bans RIAA to Protect Its Customers.

fader writes "Information Wave Technologies, a northeastern (US) ISP has announced that "it will actively deny the Recording Industry Association of America (RIAA) from accessing the contents of its network". Apparently this is in response to the RIAA (and MPAA, but they don't seem to be blocking them yet) plan to actively attack P2P users. All I can say is, you go, guys! I hope more ISPs will follow their lead."

The Christian Science Monitor - Digital copying rules may change.

In a few years, Americans may not be able to copy a song off a CD, watch a recorded DVD at a friend's house, or store a copy of a television show for more than a day.

Earlier this month, the Federal Communications Commission approved regulations that would require television manufacturers to include anticopying technology in the next generation of televisions. The technology would identify programs that broadcasters do not want consumers to copy without first paying a fee.

And in Congress, lawmakers are considering a bill that would require all digital devices, and the software that runs them, to include a copyright protection system. The system would make it impossible for consumers to make unauthorized copies of music, movies, and television programs.

[ ... ]

Currently individuals can legally record TV shows, make digital audio files of CDs, and lend books to friends. Such activity is protected under a federal "fair use" statute, which takes into consideration most consumers' need for flexibility.

New regulations being discussed significantly erase fair-use rights in the name of piracy prevention. Ultimately, the entertainment industry hopes to charge consumers for what they now do free of charge.

"The only way they can charge you, they realized, is to first take away your legal right, and then sell that right back to you," says Joe Kraus, president of DigitalConsumer.org, an advocacy group in Washington, D.C.

If certain antipiracy measures pass in Washington, Mr. Kraus says consumers may have to pay extra to play a CD in more than one player; be no longer able to transfer music from a CD to an MP3 player; and be unable to watch a program recorded onto a DVD on a separate machine.

Slashdot | Your Rights Online - Predicting The End Of Digital Copying.

prostoalex writes: "Christian Science Monitor warns about approaching era of digital prohibition. With FCC requiring the use of copy prevention mechanisms in future generations of television sets, soon 'Americans may not be able to copy a song off a CD, watch a recorded DVD at a friend's house, or store a copy of a television show for more than a day'. Of course, no article on this topic can go without a mandatory quote from Jack Valenti, who points out: 'It is not legal to make a copy of a DVD now. Everything people are doing legally today, they'll be able to do legally tomorrow'."