Sunday, February 26, 2006

MPAA Files Lawsuits Targeting Major Torrent Sites. MPAA Files Lawsuits Targeting Major Torrent Sites. diverge_s writes "Slyck news reports on a new wave of lawsuits the MPAA has filed against major Bit Torrent search sites including: Torrentspy, Isohunt, Torrentbox, Niteshadow and Bthub. From the article: '"Website operators who abuse technology to facilitate infringements of copyrighted works by millions of people are not anonymous - they can and will be stopped," said John G. Malcolm, Executive Vice President and Director of Worldwide Anti-Piracy Operations for the MPAA. "Disabling these powerful networks of illegal file distribution is a significant step in stemming the tide of piracy on the Internet."'" [Slashdot: Your Rights Online] 6:38:25 PM  PermaLink   / trackback []

Slyck News - Huge Anti-Piracy Push By MPAA The MPAA (Motion Picture Association of America) is steamrolling across the great indexing plains. Tuesday brought news the eDonkey2000 indexing server Razorback2 was taken offline by Belgian Police, in conjunction with the MPAA. Today, the MPAA has announced a tremendous escalation in their fight against online piracy - this time targeting BitTorrent, eDonkey2000 and Newsgroup NZB indexing sites.     Specifically, seven lawsuits were filed in Federal Court across the United States. Most remarkable of these lawsuits was the MPAA's strategy to target Newsgroup NZB indexing sites. Newsgroup indexing sites function much differently than eDonkey2000 or BitTorrent sites, as their role is to supply "NZB" or Newzbin files. These NZB files greatly simplify the task of downloading material from the Newsgroups. It eliminates the once lengthy process of digging through multiple groups and headers to find the desired archive. Because of the Newsgroups' long standing reputation of being a legitimate online source of information and community interaction, such associated indexing sites were considered immune from prosecution. Today's action dismisses this notion. 6:35:57 PM  PermaLink   / trackback []

Yahoo exec: Labels should sell music without DRM | News.blog | CNET News.com Yahoo Music chief Dave Goldberg raised eyebrows Thursday at the Music 2.0 conference in Los Angeles with a proposal rarely heard from executives at large digital music services: Record labels should try selling music online without copy protection. 6:31:37 PM  PermaLink   / trackback []

Yahoo Exec Speaks Against DRM. Yahoo Exec Speaks Against DRM. AWhiteFlame writes "Dave Goldberg of Yahoo spoke against DRM on media files last Thursday at the Music 2.0 conference in Los Angeles. From the article: 'According to attendees, Goldberg pointed to the experience of eMusic, which offers its subscribers access to MP3 files without any digital rights management attached. Rights management restrictions have created a barrier for consumers, he said, making it a hurdle to transfer music to portable devices, and creating incompatibility between music services and MP3 players ... A Yahoo spokeswoman said that Goldberg was 'basically trying to move the industry forward,' and wanted to prompt industry-wide discussion about what the consumer experience is." [Slashdot: Your Rights Online] 6:29:01 PM  PermaLink   / trackback []

BBC NEWS | Technology | UK rapped on data retention law EU countries will have until August 2007 to implement the data retention directive. Under the legislation, internet service providers and telecoms operators will have to keep details of their subscribers' communications for up to two years. The measures will require firms to keep records of all phone calls and internet communications for a period of six months to two years, although the content will not be recorded. The legislation has drawn the ire of industry representatives - as service providers will have to bear the costs of the storage themselves. 6:26:12 PM  PermaLink   / trackback []

UK Government Wins Villain of the Year. UK Government Wins Villain of the Year. Anonymous Cowpat writes  "The BBC is reporting that the UK Government, or rather their six month presidency of the EU, has been awarded the Internet Villain of the Year award by the Internet Service Providers Association for being the driving force behind the new EU data retention laws. These require that ISPs and other telecomms providers keep records of the timedate & recipient of every communication made by their subscribers."  [Slashdot: Your Rights Online] 6:23:37 PM  PermaLink   / trackback []

NATIONAL JOURNAL: TIA Lives On (02/23/2006) A controversial counter-terrorism program, which lawmakers halted more than two years ago amid outcries from privacy advocates, was stopped in name only and has quietly continued within the intelligence agency now fending off charges that it has violated the privacy of U.S. citizens. Research under the Defense Department's Total Information Awareness program -- which developed technologies to predict terrorist attacks by mining government databases and the personal records of people in the United States -- was moved from the Pentagon's research-and-development agency to another group, which builds technologies primarily for the National Security Agency, according to documents obtained by National Journal and to intelligence sources familiar with the move. The names of key projects were changed, apparently to conceal their identities, but their funding remained intact, often under the same contracts. It is no secret that some parts of TIA lived on behind the veil of the classified intelligence budget. However, the projects that moved, their new code names, and the agencies that took them over haven't previously been disclosed. Sources aware of the transfers declined to speak on the record for this story because, they said, the identities of the specific programs are classified. Two of the most important components of the TIA program were moved to the Advanced Research and Development Activity, housed at NSA headquarters in Fort Meade, Md., documents and sources confirm. One piece was the Information Awareness Prototype System, the core architecture that tied together numerous information extraction, analysis, and dissemination tools developed under TIA. The prototype system included privacy-protection technologies that may have been discontinued or scaled back following the move to ARDA. 6:19:40 PM  PermaLink   / trackback []

Total Information Awareness still Running. Total Information Awareness still Running. gordm writes  "National Journal reports that, instead of being shut down 2 years ago, the Total Information Awareness program is still datamining away. Must be effective. What else could explain Morrissey's latest adventure?"  Just posting this story probably puts me on their radar. [Slashdot: Your Rights Online] 6:18:24 PM  PermaLink   / trackback []

Taking Spying to Higher Level, Agencies Look for More Ways to Mine Data - New York Times A small group of National Security Agency officials slipped into Silicon Valley on one of the agency's periodic technology shopping expeditions this month. On the wish list, according to several venture capitalists who met with the officials, were an array of technologies that underlie the fierce debate over the Bush administration's anti-terrorist eavesdropping program: computerized systems that reveal connections between seemingly innocuous and unrelated pieces of information. The tools they were looking for are new, but their application would fall under the well-established practice of data mining: using mathematical and statistical techniques to scan for hidden relationships in streams of digital data or large databases. Supercomputer companies looking for commercial markets have used the practice for decades. Now intelligence agencies, hardly newcomers to data mining, are using new technologies to take the practice to another level. But by fundamentally changing the nature of surveillance, high-tech data mining raises privacy concerns that are only beginning to be debated widely. That is because to find illicit activities it is necessary to turn loose software sentinels to examine all digital behavior whether it is innocent or not. "The theory is that the automated tool that is conducting the search is not violating the law," said Mark D. Rasch, the former head of computer-crime investigations for the Justice Department and now the senior vice president of Solutionary, a computer security company. But "anytime a tool or a human is looking at the content of your communication, it invades your privacy." When asked for comment about the meetings in Silicon Valley, Jane Hudgins, a National Security Agency spokeswoman, said, "We have no information to provide." Data mining is already being used in a diverse array of commercial applications -- whether by credit card companies detecting and stopping fraud as it happens, or by insurance companies that predict health risks. As a result, millions of Americans have become enmeshed in a vast and growing data web that is constantly being examined by a legion of Internet-era software snoops. 6:13:53 PM  PermaLink   / trackback []

NSA Shopping For Data Mining Tech. NSA Shopping For Data Mining Tech. prostoalex writes "The National Security Agency paid a visit to Silicon Valley venture capitalists, the New York Times learned, to talk about potentially 'interesting' technologies that the Feds would be interested in purchasing. Data mining technologies that could link arbitrary facts into logical events and find dependencies, technologies for quick voice transcription - all these technologies usually get to market faster if developed by private companies." [Slashdot: Your Rights Online] 6:10:24 PM  PermaLink   / trackback []

BBC NEWS | Programmes | Click | Mobile tracking devices on trial These sorts of tracking services, now available in the UK, get information from the network about which cell your phone is currently in, and, for a small fee, display the location on an online map. As well as checking where a certain phone is right now, you can run scheduled lookups, or snail trails, to record the phone's movements throughout the day, and produce a report for you to peruse at your leisure. 6:07:01 PM  PermaLink   / trackback []

Cell Phone Tracking In the UK. Cell Phone Tracking In the UK. jvlb writes "The BBC reports on cell phone tracking systems now available in Britain. The correspondent addresses the privacy and security issues that ensue." From the article: "With more and more children owning mobile phones, special attention needs to be given to who can track them. If you are not a genuine parent or guardian, the code requires location services to check that both the tracker and the person being tracked can prove they are consenting adults. Mr Macleod says: 'The person that is to be located has to demonstrate to the service provider they are at least 16 years old.'" [Slashdot: Your Rights Online] 6:04:17 PM  PermaLink   / trackback []

Political Rivals Unite Against Paid E-Mail Plan. Political Rivals Unite Against Paid E-Mail Plan. A coalition of groups from across the political spectrum are opposed to AOL and Yahoo's use of the Goodmail CertifiedEmail service. [PCWorld.com - Latest News Stories] 5:57:21 PM  PermaLink   / trackback []

Euro cops seize Razorback P2P servers. Euro cops seize Razorback P2P servers. Site owner arrested in Switzerland Belgian and Swiss police yesterday shut down Razorback 2, a hugely popular source of content on the eDonkey and other P2P networks. Law enforcement officials mounted early morning raids on sites in the two countries, and seized servers and network equipment. [The Register - Internet and Law: Digital Rights/Digital Wrongs] 5:52:37 PM  PermaLink   / trackback []

Round up all the Fortescues! DNA crime scene surname matching. Round up all the Fortescues! DNA crime scene surname matching. Are you the owner of this surname, sir? DNA could be used by police, today's public prints tell us, to 'predict the name of suspects', according to a new study from the University of Leicester Department of Genetics. And indeed it could, but only up to a point, and the way the police would do it involves different, slightly worrying, ways of looking at the data, rather than any new gosh-wow breakthrough in DNA analysis. [The Register - Internet and Law: Digital Rights/Digital Wrongs] 5:47:52 PM  PermaLink   / trackback []

Data Retention Directive receives rubber stamp. Data Retention Directive receives rubber stamp. But support not universal The controversial Data Retention Directive received its final seal of approval on Tuesday, when ministers at the Justice and Home Affairs Council adopted the directive with a qualified majority. Irish and Slovak Ministers voted against the measure. [The Register - Internet and Law: Digital Rights/Digital Wrongs] 5:43:49 PM  PermaLink   / trackback []

Durant takes data protection battle to Strasbourg. Durant takes data protection battle to Strasbourg. The case continues... Michael Durant is taking on the UK Government in the next instalment of his ground-breaking data protection battle. His next venue is the European Court of Human Rights, following defeats in a County Court, the Court of Appeals and the House of Lords. [The Register - Internet and Law: Digital Rights/Digital Wrongs] 2:14:58 PM  PermaLink   / trackback []

Strange Bedfellows Unite to Fight AOL's "Email Tax". Strange Bedfellows Unite to Fight AOL's "Email Tax". National Conference Call - Tuesday, 1pm EST This Tuesday, an unlikely coalition of left and right, non-profits and small businesses, and Internet advocacy groups will hold a national telephone news conference call to announce an unprecedented combined campaign against AOL's new "pay-to-send" email proposal [^] which amounts to an "email tax." To RSVP for the call, please email Alex@Fenton.com. Space is limited. Under AOL's recently announced "certified email" proposal, large emailers willing to pay an "email tax" can bypass spam filters and get guaranteed access to people's inboxes[~]with their messages having a preferential high-priority designation. Charities, small businesses, civic organizing groups, and even families with mailing lists will have no guarantee that their email will be delivered unless they are willing to pay the "email tax" to AOL. AOL's proposed pay-to-send system is the first step down the slippery slope toward dividing the Internet into two classes of users[~]those who get preferential treatment and those who are left behind. The Internet is a force for democracy and economic innovation because it is open to all Internet users equally [^] AOL's "email tax" would create an unlevel playing field and harm the Internet forever. Tuesday's 1pm EST conference call will be co-hosted by Internet free speech advocates the Electronic Frontier Foundation and media policy group Free Press. Participants will include Craig Newmark of Craiglist and representatives from the Gun Owners of America, MoveOn.org Civic Action, and the Association of Cancer Online Resources. Dozens of other concerned groups will be announced on the call as members of the coalition, and details about the campaign will be announced on the call. WHAT: Conference call to announce campaign against AOL's "email tax" WHO: Co-hosts: Electronic Frontier Foundation & Free Press PARTICIPANTS: Craig Newmark (Craigslist), Gun Owners of America, MoveOn.org Civic Action, the Association of Cancer Online Resources WHEN: Tuesday, February 28, 2006 [^] 1PM EST RSVP: Please email Alex@Fenton.com. Space is limited. Contacts: Trevor Fitzgibbon or Alex Howe Fenton Communications alex@fenton.com Rebecca Jeschke Media Coordinator Electronic Frontier Foundation rebecca@eff.org [EFF: Breaking News] 2:13:11 PM  PermaLink   / trackback []

Stronger Laws Needed to Protect Privacy, CDT Report Finds. Stronger Laws Needed to Protect Privacy, CDT Report Finds. A new report by CDT details a widening gap between the technology that collects sensitive personal data and the laws designed to protect that data against government misuse. The National Security Agency's domestic spying program, the Justice Department's efforts to obtain millions of Internet search records, the government's use of cell phones to track suspects, and other developments highlight the law's failure to keep pace with technological advances, according to "Digital Search & Seizure: Updating Privacy Protections to Keep Pace with Technology." Stronger laws are needed to ensure that Americans retain their constitutional privacy protections, the report finds. [Center for Democracy and Technology] 2:10:06 PM  PermaLink   / trackback []

FDIC Security Tips. FDIC Security Tips. Posted by Peter Mucklestone and Stuart Louie The Federal Deposit Insurance Corporation (FDIC) recently released an on-line multimedia education tool that consumers can use to learn how to better protect their computers and themselves from identity thieves.   [Privacy and Security Law Blog] 2:07:44 PM  PermaLink   / trackback []

MPAA sues newsgroup, P2P search sites | CNET News.com The Motion Picture Association of America said Thursday that it sued a new round of popular Web sites associated with movie piracy, including several that serve as search engines but do not distribute files themselves. The lawsuits mark an expansion of the copyright holders' legal strategy in the file-swapping world, targeting sites that help make downloading easier, but aren't actually delivering the files or the swapping technology themselves. It's also the first time the group has sued organizations that direct their members to the Usenet newsgroup system, an MPAA spokeswoman said. The movie group makes little distinction between a peer-to-peer network and the search engines that point to pirated works, saying that all facilitate the distribution of copyright works. "Disabling these powerful networks of illegal file distribution is a significant step in stemming the tide of piracy on the Internet," John Malcom, MPAA director of Worldwide Antipiracy operations, said in a statement. The issue of targeting search engines rather than actual file-swapping networks themselves has been a touchy one in Silicon Valley, because ordinary search engines such as Google and Yahoo also can be used to find pirated works. The Digital Millennium Copyright Act protects search engines from liability for linking to pirated works, but only if the site operators don't know that the specific content is infringing, are not deriving financial gain from the links, and act quickly to remove the links when contacted by copyright holders. Unlike a traditional search engine such as Google, the sites targeted Thursday are filled almost exclusively with links and references to copyright movies, software and music. 2:04:50 PM  PermaLink   / trackback []

Security wars: Novell SELinux killer rattles Red Hat Novell Inc. of Provo, Utah, has released the source code for its recently acquired open-source Linux security application, AppArmor, and has also set up a project site in hopes of attracting outside developers to further refine the program. The release of the software has sparked debate in the open-source community, however. Novell stressed that AppArmor is easier to use than another open-source program called SELinux. First developed by the "National Security Agency", "SELinux" tackles the same job of mandatory access control (MAC) with an unrelenting thoroughness, though it has a reputation for being difficult to manage. "There needs to be a better way to deploy [MAC] so that the average systems administrator doesn't need to go through three weeks of training," said Frank Rego, products manager for Novell. Some observers fear that the AppArmor project will fracture the open-source development community around the demanding science of MAC. 2:01:08 PM  PermaLink   / trackback []

Caffeinated Security - Review: Penetration Tester's Open Source Toolkit The Penetration Tester's Open Source Toolkit is a new offering from Syngress that primarily focuses on using the Auditor live CD. The 200605-02-ipw2100 version comes included with the book; if you have an IPW2200 wireless interface in your laptop, though, the 802.11x tools won't work as it doesn't include the proper driver. The book walks through using a number of Open Source or free tools for overall reconnaissance, enumeration, and scanning (most of which everyone's seen before), but then it delves into database, web application, and wireless testing as well as network devices. There's a chapter on "Writing Open Source Security Tools", but it's a little misleading as it's a quick guide to writing security tools without any real discussion of open source development or what it means other than an appendix that briefly includes and talks about the GPL and why it's good. There are four chapters on Nessus, most of which focus on using NASL and other ways of extending the venerable vulnerability scanner. The final two chapters discuss the Metasploit Project; the first of these is also misleading as it's not so much about "Extending Metasploit" as it is an (admittedly good) introduction to the Framework. The second does a decent walkthrough of developing an exploit with Metasploit, including other offerings from the project like the Opcode Database and such. It's a very useful book; much of it you'll already know, but there's a lot of discussion about tools that I hadn't seen before. A few of the tools are mostly out-dated, and not all of them are on the Auditor CD, but this goes beyond simple discussions of nmap and whois; even some Google tools from Sensepost are examined. The database chapter features a lot of great information about Oracle but is cursory in its discussion of SQL Server (though I'll be reviewing another book focusing on database testing in the near future). The other topic areas receive decent coverage, if somewhat fast-paced from time to time. 1:56:34 PM  PermaLink   / trackback []

Biometrics used to protect Germany's Olympic athletes. Biometrics used to protect Germany's Olympic athletes. A biometric finger scanner is part of the access control system being used to monitor who's coming and going at the German House during the Olympic Games in Turin, Italy. [Computerworld Privacy News] 1:40:05 PM  PermaLink   / trackback []

Study: Americans send USPS a love letter on privacy. Study: Americans send USPS a love letter on privacy. Of some 57 federal agencies, the U.S. Postal Service is the one Americans trust most to protect their privacy, according to a study by Ponemon Institute. The least trusted agency is the Department of Homeland Security. [Computerworld Privacy News] 1:38:14 PM  PermaLink   / trackback []

IT exec sentenced to eight years for data theft. IT exec sentenced to eight years for data theft. The former owner of an e-mail marketing company was sentenced to eight years in prison for data theft. [Computerworld Privacy News] 1:36:37 PM  PermaLink   / trackback []

Auditor loses data on thousands of McAfee employees. Auditor loses data on thousands of McAfee employees. A Deloitte and Touche worker lost sensitive information on more than 9,000 McAfee employees when he left an unencrypted CD containing the data on an airplane. [Computerworld Privacy News] 1:35:01 PM  PermaLink   / trackback []

FOX 50 - Support for Government Surveillance Programs Increases ROCHESTER, N.Y. -- Concern over terrorist threats has increased in the past year, and at the same time, U.S. adults' support for government surveillance programs has increased. While 57 percent of U.S. adults believe that U.S. law enforcement is using its expanded surveillance powers in a proper way, many adults also express concern over the security of civil liberty safeguards in the future. Since September 2001, The Harris Poll has tracked this issue on seven separate occasions, and U.S. adults continue to show strong support for tough surveillance measures. As the survey reveals, support has increased since June 2005, possibly reflecting an increasing concern that there will be a major terrorist attack in the United States. These are the results of a nationwide Harris Poll of 1,016 U.S. adults surveyed by telephone by Harris Interactive between February 7 and 14. 1:33:24 PM  PermaLink   / trackback []

MetroWestDailyNews.com - Regional News: How to spy on your kids: PI says it's pretty easy to monitor loved ones A couple thousand bucks and a computer is all Rob Selevitch needs to turn anybody into James Bond. A private investigator who has worked throughout the state, Selevitch can install software that tracks a computer user's every move. He has cameras small enough to fit in a cell phone and he can use global positioning technology to track someone down to within a few feet. Once the provenance of investigators like Selevitch, technologies such as GPS and pinhole cameras are increasingly being put to work by anxious parents eager to keep virtual tabs on their children. Privacy advocates and psychologists, however, worry the rise in the use of technology for spying signals an erosion of privacy rights. "It's certainly getting creepy," Selevitch admitted. "The technology is getting so small that the applications are opening up." That opening, however, hasn't been exploited as quickly as some might think. 1:30:28 PM  PermaLink   / trackback []

Privacy group: U.S. laws needed to rein in surveillance. Privacy group: U.S. laws needed to rein in surveillance. U.S. laws haven't kept up with the government's ability to use technology to spy on people, according to a report issued Wednesday by the Center for Democracy and Technology. [Network World on Privacy] 1:26:58 PM  PermaLink   / trackback []

Phone Tap: How's the Traffic? Phone Tap: How's the Traffic? Missouri officials say there's no Big Brother agenda in a state project to manage traffic on the highways by snagging data from commuters' cell phones. But privacy advocates are cautious. [Wired News: Security Blanket] 1:25:34 PM  PermaLink   / trackback []

Spyware: What You Need to Know. Spyware: What You Need to Know. Internet users hear about the dangers of spyware all the time. But what are these vile applications that install themselves on computers and web browsers, and what can a person do to avoid or eradicate them? By Kim Zetter. [Wired News: Security Blanket] 1:24:08 PM  PermaLink   / trackback []