Home page logo
/

risks logo RISKS Forum mailing list archives

Risks Digest 27.93
From: RISKS List Owner <risko () csl sri com>
Date: Fri, 16 May 2014 17:30:36 PDT

RISKS-LIST: Risks-Forum Digest  Friday 15 May 2014  Volume 27 : Issue 93

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/27.93.html>
The current issue can be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:
Germany Sets New Record, Generating 74 Percent Of Energy
  Needs from Renewable Energy (Kiley Kroh)
Who Watches the Watchers? *Beyond the NSA* (politico.com via Rebecca Mercuri)
Dan Wallach's talk at NSF on STAR-Vote (Jeremy Epstein)
Photo from san diego fire (Paul Saffo)
Kansas muzzles academic tweets (Richard Forno)
Forged SSL Certs (Chris Beck)
EFF: Which Tech Companies Help Protect You From Government Data Demands?
  (Rebecca Jeschke)
EFF: AT&T, Comcast, and Snapchat are laggards on privacy policies
  (Ars Technica)
Can This Web Be Saved? Mozilla Accepts DRM, and We All Lose
  (Danny O'Brien via Dewayne Hendricks via Dave Farber)
Internet Subversion (Bruce Schneier)
FCC votes to proceed with net neutrality rules (BBC)
Here's that FCC net neutrality compromise everyone demanded.
  And here's the problem. (Stacey Higginbotham)
Lauren Weinstein <lauren () vortex com>
A politician, paedophile and doctor have already asked Google
  ``to be forgotten'' (BBC)
Glenn Greenwald: U.S. Corporate Media is ``Neutered, Impotent and Obsolete''
  (Democracy Now)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: May 14, 2014 at 1:28:23 PM EDT
From: Dewayne Hendricks <dewayne () warpspeed com>
Subject: Germany Sets New Record, Generating 74 Percent Of Energy
  Needs from Renewable Energy (Kiley Kroh via Dave Farber)

  [Some readers will ask, Why is this computer-related?  The answer of
  course that our computer systems and especially Big Data systems tend to
  be power hungry.  Besides, I have been harping for years on the need for
  holistic thinking, and thus it behooves us to keep in mind the effects of
  climate change (the popular term for `global warming') in our long-term
  thinking.  Thus, this item seems highly relevant to the bigger picture.
  PGN]

Kiley Kroh, *Think Progress*, 13 May 2014
http://thinkprogress.org/climate/2014/05/13/3436923/germany-energy-records/

On Sunday, Germany's impressive streak of renewable energy milestones
continued, with renewable energy generation surging to a record portion --
nearly 75 percent -- of the country's overall electricity demand by
midday. With wind and solar in particular filling such a huge portion of the
country's power demand, electricity prices actually dipped into the negative
for much of the afternoon, according to Renewables International.

In the first quarter of 2014, renewable energy sources met a record 27
percent of the country's electricity demand, thanks to additional
installations and favorable weather. ``Renewable generators produced 40.2
billion kilowatt-hours of electricity, up from 35.7 billion kilowatt-hours
in the same period last year,'' Bloomberg reported. Much of the country's
renewable energy growth has occurred in the past decade and, as a point of
comparison, Germany's 27 percent is double the approximately 13 percent of
U.S. electricity supply powered by renewables as of November 2013.

Observers say the records will keep coming as Germany continues its
Energiewende, or energy transformation, which aims to power the country
almost entirely on renewable sources by 2050.

``Once again, it was demonstrated that a modern electricity system such as
the German one can already accept large penetration rates of variable but
predictable renewable energy sources such as wind and solar PV power,'' said
Bernard Chabot, a renewable energy consultant based in France, via
e-mail. ``In fact there are no technical and economic obstacles to go first
to 20 percent of annual electricity demand penetration rate from a
combination of those two technologies, then 50 percent and beyond by
combining them with other renewables and energy efficiency measures and some
progressive storage solutions at a modest level.''  ]...]

------------------------------

Date: Thu, 15 May 2014 17:15:19 -0400
From: Rebecca Mercuri <notable () mindspring com>
Subject: Who Watches the Watchers?

*Beyond the NSA* is a series of articles at politico.com, examining the
unchecked expansion of private-sector data collection and its implications
for consumer privacy.

One of the articles in this series -- ``Who watches the watchers? Big Data
goes unchecked'' -- can be found at
<http://www.politico.com/story/2014/05/big-data-beyond-the-nsa-106653.html>.
The lead is ``The NSA might be tracking your phone calls. But private
industry is prying far more deeply into your life.''

This is even true of the Politico.com Webpage containing the article itself!
A Ghostery analysis shows that the page initiates 495 calls to various http
or https Websites, at 38 locations, including 92 of these to DoubleClick.

As the article says, ``it's kind of creepy.''

------------------------------

Date: Thu, 15 May 2014 08:08:48 -0400
From: Jeremy Epstein <jeremy.j.epstein () gmail com>
Subject: Dan Wallach talk at NSF on STAR-Vote (also recorded)

I'm honored to have Dan Wallach speaking at NSF today (this is a lecture
series I organize).  Please watch it on the recorded copy.  (BTW, the
recorded copy is closed captioned.)

Dan Wallach (Rice University), STAR-Vote: A Secure, Transparent, Auditable,
and Reliable Voting System, 15 May 2014

STAR-Vote is a collaboration between a number of academics and the Travis
County (Austin), Texas elections office, which currently uses a DRE voting
system and previously used an optical scan voting system. STAR-Vote
represents a rare opportunity for a variety of sophisticated technologies,
such as end-to-end cryptography and risk limiting audits, to be designed
into a new voting system, from scratch, with a variety of real world
constraints, such as election-day vote centers that must support thousands
of ballot styles and run all day in the event of a power failure. This paper
describes the current design of STAR-Vote which is now largely settled and
whose development will soon begin.

Bio

Dan Wallach is a professor in the Department of Computer Science and a Rice
Scholar at the Baker Institute for Public Policy at Rice University in
Houston, Texas. His research considers a variety of different computer
security topics, ranging from web browsers and servers through electronic
voting technologies and smartphones.

Future talks:
Jul 17 2014: Crispin Cowan, Microsoft
Nov 13 2014: Data Chisnell from UsabilityWorks

------------------------------

Date: Fri, 16 May 2014 06:33:32 -0700
From: Paul Saffo <psaffo () discern com>
Subject: Photo from san diego fire

An old story, but right in the risks area:

http://www.utsandiego.com/photos/2014/may/15/1325563/

------------------------------

Date: May 15, 2014 7:17 AM
From: Richard Forno <rforno () infowarrior org>
Subject: Kansas muzzles academic tweets (via Dave Farber)

In Kansas, Professors Must Now Watch What They Tweet
NRP,  14 May 2014

http://www.npr.org/2014/05/14/312524014/in-kansas-professors-must-now-watch-what-they-tweet

The Kansas Board of Regents gave final approval Wednesday to a strict new
policy on what employees may say on social media. Critics say the policy
violates both the First Amendment and academic freedom, but school officials
say providing faculty with more specific guidelines will actually bolster
academic freedom on campus.

The controversial policy was triggered by an equally controversial tweet
posted last September by David Guth, an associate journalism professor.
Reacting to a lone gunman who killed 12 people at the Washington Navy Yard
in Washington, D.C., he wrote: ``The blood is on the hands of the #NRA. Next
time, let it be YOUR sons and daughters.''

Guth was placed on administrative leave after an outcry from the public and
state lawmakers.

Rep. Travis Couture-Lovelady, a member of the Kansas House of
Representatives and the National Rifle Association, says he was outraged by
the tweet. He supports the board of regents' new policy to place parameters
on professors.  ``Look, you have freedom of speech, but you can't go this
far, I think having a clear understanding between faculty and the board of
regents on what's acceptable and what's not is better for everyone
involved.''

The new policy says that faculty and staff of the state's six universities,
19 community colleges and six technical colleges may not say anything on
social media that would incite violence, disclose confidential student
information or release protected data. But it also says staffers are barred
from saying anything ``contrary to the best interests of the university.''

Critics say the broad nature of the guidelines would offer administrators
enormous latitude in firing people -- even those with tenure.

Will Creeley, director of legal and public advocacy at the Foundation for
Individual Rights in Education, says it's one of the most restrictive social
media policies in the country.  ``We have a First Amendment to protect
controversial statements like professor Guth's, We don't have it to protect
pictures of kittens posted on Facebook. If you punish a student or professor
for a clearly protected speech, you send a message to everyone else on
campus that you better watch what you say.''

Kansas University science professor Burdett Loomis says the regents are
scared of Kansas lawmakers. ``All of this has to be taken into account in
the context of a very, very conservative Kansas Legislature that has very
little sympathy, I think, for higher education,'' Loomis says. The board of
regents is appointed by the state's Republican governor, Sam Brownback.

Last December, when the board of regents first announced that a new policy
was in the works, Loomis posted this reaction on Facebook: ``Unbelievably
broad and vague set of policies. Perfect example of using a nuclear weapon
to destroy a gnat of a pseudo problem.''

The board of regents chairman, Fred Logan, has dismissed the controversy
over the policy as `ludicrous'. He defended the new policy and said it would
shore up academic freedom by creating more specific guidelines.  ``In many
respects, the work that has been done has really focused on lifting up
academic freedom as a core principle for the Kansas Board of Regents.  Now,
that may sound funny, but if you look in our policy manual, there's really
not much in there about that.''

As for Guth, the professor who triggered the policy, he spent this semester
on sabbatical in far western Kansas. But he's still talking; on his blog, he
writes, ``How can a guy talk to students about social media if he doesn't
participate in the online discussion?''

------------------------------

Date: May 16, 2014 at 9:38:16 AM EDT
From: Chris Beck <cbeck () pacanukeha net>
Subject: Forged SSL Certs (via Dave Farber)

http://arstechnica.com/security/2014/05/significant-portion-of-https-web-connections-made-by-forged-certificates/

------------------------------

Date: May 15, 2014 at 2:02:13 PM EDT
From: Rebecca Jeschke <press () eff org>
Subject: EFF: Which Tech Companies Help Protect You From Government Data
  Demands? (via Dave Farber)

Electronic Frontier Foundation Media Release
For Immediate Release: Thursday, 15 May 2014

Contact:

Rebecca Jeschke
 Media Relations Director
 Electronic Frontier Foundation
 press () eff org
 +1 415 436-9333 x177

Which Tech Companies Help Protect You From Government Data
Demands?

EFF Survey Shows Improved Privacy and Transparency Policies
of the Internet's Biggest Companies

San Francisco - Technology companies are privy to our most sensitive
information: our conversations, photos, location data, and more.  But which
companies fight the hardest to protect your privacy from government data
requests?  Today, the Electronic Frontier Foundation (EFF) releases its
fourth annual *Who Has Your Back* report, with comprehensive information on
26 companies' commitments to fighting unfair demands for customer data.  The
report examines the privacy policies, terms of service, public statements,
and courtroom track records of major technology companies, including
Internet service providers, e-mail providers, social networking sites, and
mobile services.

``The sunlight brought about by a year's worth of Snowden leaks appears have
prompted dozens of companies to improve their policies when it comes to
giving user data to the government,'' said EFF Activism Director Rainey
Reitman.  ``Our report charts objectively verifiable categories of how tech
companies react when the government seeks user data, so users can make
informed decisions about which companies they should trust with their
information.''

EFF's report awards up to six gold stars for best practices in categories
like require a warrant for content, and publish transparency reports.  Last
year, only one company we surveyed earned a full six stars -- Sonic, a
California ISP.  This year, Apple, CREDO Mobile, Dropbox, Facebook, Google,
Microsoft, Twitter, and Yahoo all joined Sonic in receiving six full stars,
and several others -- LinkedIn, SpiderOak, Tumblr, Wickr and Wordpress --
only missed getting all six stars because they did not have to bring public
court battles on behalf of their users.

This year, the majority of the companies surveyed have made a formal
commitment to inform users when their data was sought, a welcome safeguard
that gives users the information they need to fight on their own.  This
shows that the technology industry is adopting a best practice pioneered by
Twitter, which in 2010 fought for the right to tell its users about a
government order for their information as part of the WikiLeaks
investigation.

Additionally, 20 of the companies EFF reviewed published transparency
reports detailing government requests for user data, which is a striking
increase from last year, when only seven companies in EFF's report published
them.  This is now a new standard in the tech industry: corporations are
actively and voluntarily working to shed light on the government attempts to
access user data.  However, it's not all good news in this year's report.
Photo-messaging application Snapchat received only one star -- particularly
troubling due to the sensitive nature of photos and the company's young user
base.

``Snapchat joins AT&T and Comcast in failing to require a warrant for
government access to the content of communications.  That means the
government can obtain extraordinarily sensitive information about your
activities and communications without convincing a judge that there is
probable cause to collect it,'' said EFF Staff Attorney Nate Cardozo.  ``We
urge these companies to change course and give their users this simple and
needed protection from government overreach.''

As part of this year's report, EFF collaborated with data analysis company
Silk to help explore trends in government access requests.  Silk's analysis
provides a simple mechanism for reporters and the general public to explore
corporate transparency reports, shedding light on which companies receive
the most data requests, which companies push back against government data
requests, and which countries are most aggressive in demanding user data.

For the full report, *Who Has Your Back*:
https://www.eff.org/who-has-your-back-government-data-requests-2014

For the Silk analysis:
https://transparency-reports.silk.co/

For this release:
https://www.eff.org/press/releases/which-tech-companies-help-protect-you-government-data-demands

About EFF

The Electronic Frontier Foundation is the leading organization protecting
civil liberties in the digital world. Founded in 1990, we defend free speech
online, fight illegal surveillance, promote the rights of digital
innovators, and work to ensure that the rights and freedoms we enjoy are
enhanced, rather than eroded, as our use of technology grows. EFF is a
member-supported organization.  Find out more at https://www.eff.org.

------------------------------

Date: Thu, 15 May 2014 14:08:38 -0700
From: Lauren Weinstein <lauren () vortex com>
Subject: EFF: AT&T, Comcast, and Snapchat are laggards on privacy policies

EFF: AT&T, Comcast, and Snapchat are laggards on privacy policies
  [Terser summary of the preceding item.  PGN]

(Ars Technica via NNSquad)
http://arstechnica.com/tech-policy/2014/05/att-comcast-and-snapchat-are-laggards-on-privacy-policies/

  The highest ratings -- companies given six stars -- were handed to Apple,
  Credo Mobile, Dropbox, Facebook, Google, Microsoft, Sonic, Twitter, and
  Yahoo.  The report, (PDF) released Thursday, reviewed 26 companies in all,
  rating them on everything from whether they require warrants for data
  handovers to whether they have publicly opposed mass surveillance and
  fight for ``users' privacy rights in courts.''  The study found that
  Snapchat, AT&T, and Comcast lagged ``behind others.'' Snapchat was among
  the biggest privacy underachievers, earning one star.

------------------------------

Date: May 16, 2014 at 12:49:14 AM EDT
From: Dewayne Hendricks <dewayne () warpspeed com>
Subject: Can This Web Be Saved? Mozilla Accepts DRM, and We All Lose
  (Danny O'Brien via Dave Farber)

Danny O'brien, EFF, 14 May 2014
<https://www.eff.org/deeplinks/2014/05/mozilla-and-drm>

It's official: the last holdout for the open web has fallen. Flanked on all
sides by Google, Microsoft, Opera, and (it appears) Safari's support and
promotion of the EME DRM-in-HTML standard, Mozilla is giving in to pressure
from Hollywood, Netflix, et al, and will be implementing its own third-party
version of DRM. It will be rolled out in Desktop Firefox later this
year. Mozilla's CTO, Andreas Gal, says that Mozilla ``has little choice.''
Mozilla's Chair, Mitchell Baker adds, ``Mozilla cannot change the industry on
DRM at this point.''

At EFF, we disagree. We've had over a decade of watching this ratchet at
work, and we know where it can lead. Technologists implement DRM with great
reticence, because they can see it's not a meaningful solution to anything
but rather a font of endless problems. It doesn't prevent infringement,
which continues regardless. Instead, it reduces the security of our devices,
reduces user trust, makes finding and reporting of bugs legally risky,
eliminates fair use rights, undermines competition, promotes secrecy, and
circumvents open standards.

It's clear from the tone of Gal and Baker's comments, and our own
discussions with Mozilla, that you'll find no technologist there who is
happy with this step. The fact that Mozilla, in opposition to its mission,
had to prepare and design this feature in secret without being able to
consult the developers and users who make up its community is an indication
of how much of a contradiction DRM is in a pro-user open-source browser.

Unchecked, that contradiction is only going to grow. Mozilla's DRM
code,imported from Adobe as a closed-source binary, will sit in a cordoned
sandbox, simultaneously Mozilla's responsibility but beyond its
control. Mozilla will be responsible for updates to the DRM blackbox, which
means users will have to navigate browser updates that will either fix
security bugs or strip features from their video watching. Mozillians have
already been warned of the danger of talking too much about how DRM works
(and doesn't work), lest they trigger the provisions in the Digital
Millennium Copyright Act (DMCA) that forbid `trafficking' in circumvention
knowledge.

Baker may think that Mozilla cannot change the industry on its own (despite
it having done so many years ago). Sadly, it changes the industry by
accepting DRM. It is these repeated compromises to the needs of DRM
advocates by tech company after tech company that are changing the nature of
personal computing, transforming it into a sector that is dominated by
established interests and produces locked-down devices, monitored and
managed by everyone but their users.

Past experience has shown that standing up to DRM and calling it out does
have an effect. As we have said to the W3C, and Cory Doctorow spells out to
Mozilla in this Guardian article, we can do much more to fight the negative
consequences of DRM than simply attempt to mitigate the damage of its
adoption. [...]

------------------------------

Date: Wed, 14 May 2014 22:02:06 -0500
From: Bruce Schneier <schneier () schneier com>
Subject: Internet Subversion

CRYPTO-GRAM, May 15, 2014, by Bruce Schneier, CTO, Co3 Systems, Inc.
        schneier () schneier com http://www.schneier.com

In addition to turning the Internet into a worldwide surveillance platform,
the NSA has surreptitiously weakened the products, protocols, and standards
we all use to protect ourselves. By doing so, it has destroyed the trust
that underlies the Internet. We need that trust back.  Trust is inherently
social. It is personal, relative, situational, and fluid. It is not uniquely
human, but it is the underpinning of everything we have accomplished as a
species. We trust other people, but we also trust organizations and
processes. The psychology is complex, but when we trust a technology, we
basically believe that it will work as intended.

This is how we technologists trusted the security of the Internet. We didn't
have any illusions that the Internet was secure, or that governments,
criminals, hackers, and others couldn't break into systems and networks if
they were sufficiently skilled and motivated. We didn't trust that the
programmers were perfect, that the code was bug-free, or even that our
crypto math was unbreakable. We knew that Internet security was an arms
race, and the attackers had most of the advantages.  What we trusted was
that the technologies would stand or fall on their own merits.

We now know that trust was misplaced. Through cooperation, bribery, threats,
and compulsion, the NSA -- and the United Kingdom's GCHQ -- forced companies
to weaken the security of their products and services, then lie about it to
their customers.

We know of a few examples of this weakening. The NSA convinced Microsoft to
make some unknown changes to Skype in order to make eavesdropping on
conversations easier. The NSA also inserted a degraded random number
generator into a common standard, then worked to get that generator used
more widely.

I have heard engineers working for the NSA, FBI, and other government
agencies delicately talk around the topic of inserting a `backdoor' into
security products to allow for government access. One of them told me,
``It's like going on a date. Sex is never explicitly mentioned, but you know
it's on the table.'' The NSA's SIGINT Enabling Project has a $250 million
annual budget; presumably it has more to show for itself than the fragments
that have become public. Reed Hundt calls for the government to support a
secure Internet, but given its history of installing backdoors, why would we
trust claims that it has turned the page?  We also have to assume that other
countries have been doing the same things. We have long believed that
networking products from the Chinese company Huawei have been backdoored by
the Chinese government. Do we trust hardware and software from Russia?
France? Israel? Anywhere?  This mistrust is poison. Because we don't know,
we can't trust any of them. Internet governance was largely left to the
benign dictatorship of the United States because everyone more or less
believed that we were working for the security of the Internet instead of
against it. But now that system is in turmoil. Foreign companies are fleeing
US suppliers because they don't trust American firms' security claims. Far
worse governments are using these revelations to push for a more
isolationist Internet, giving them more control over what their citizens see
and say.  All so we could eavesdrop better.

There is a term in the NSA: `nobus', short for `nobody but us'.  The NSA
believes it can subvert security in such a way that only it can take
advantage of that subversion. But that is hubris. There is no way to
determine if or when someone else will discover a vulnerability. These
subverted systems become part of our infrastructure; the harms to everyone,
once the flaws are discovered, far outweigh the benefits to the NSA while
they are secret.

We can't both weaken the enemy's networks and protect our own. Because we
all use the same products, technologies, protocols, and standards, we either
allow everyone to spy on everyone, or prevent anyone from spying on
anyone. By weakening security, we are weakening it against all attackers. By
inserting vulnerabilities, we are making everyone vulnerable. The same
vulnerabilities used by intelligence agencies to spy on each other are used
by criminals to steal your passwords. It is surveillance versus security,
and we all rise and fall together.

Security needs to win. The Internet is too important to the world -- and
trust is too important to the Internet -- to squander it like this.
We'll never get every power in the world to agree not to subvert the parts
of the Internet they control, but we can stop subverting the parts we
control. Most of the high-tech companies that make the Internet work are US
companies, so our influence is disproportionate. And once we stop
subverting, we can credibly devote our resources to detecting and preventing
subversion by others.

This essay previously appeared in the *Boston Review*.
http://www.bostonreview.net/mayjune-2014

------------------------------

Date: Thu, 15 May 2014 09:53:49 -0700
From: Lauren Weinstein <lauren () vortex com>
Subject: FCC votes to proceed with net neutrality rules

(BBC via NNSquad)
http://www.bbc.com/news/technology-27426937

  ``The controversial proposals have drawn an unprecedented level of scrutiny
  to the Federal Communication Commission (FCC) and its vote, which was
  passed with three commissioners voting in favour and two against.  The
  meeting of the five commissioners was repeatedly interrupted by
  protesters, several of whom were removed from the room.''

 - - -

Had to go to BBC for this. CNN is busy running wall to wall playback and
analysis of phone conversations of an apparently senile basketball team
owner, recorded illegally by his pimp. They also interviewed the pimp live.
So they don't have time left for stories affecting the future of the
Internet.

------------------------------

Date: Thursday, May 15, 2014
From: *Dewayne Hendricks* <dewayne () warpspeed com>
Subject: Here's that FCC net neutrality compromise everyone demanded.
  And here's the problem. (Stacey Higginbotham via Dave Farber)

Stacey Higginbotham, Gigaom.com, 15 May 2014
http://gigaom.com/2014/05/15/net-neutrality-2014/

SUMMARY:
The FCC is sticking to its guns on net neutrality, voting to approve a
framework for rules that could create an Internet fast lane, while trying
to patch up the loopholes that would make that fast lane possible.

On Thursday, the FCC commissioners voted 3-2 to approve a framework for net
neutrality rules that continue to favor the creation of an Internet fast
lane while exploring a line of inquiry into the idea of reclassifying
broadband as a public utility. So, while the Federal Communications
Commission has taken the protesters outside their offices to heart and
adjusted the focus of its net neutrality rules a bit, the fate of the
Internet is still up in the air.

The notice sets off a discussion process that will culminate in new net
neutrality rules, which chairman Tom Wheeler has said he hopes will be in
place before the end of the year. Such rules are aimed at preventing ISPs
from discriminating against traffic on their pipe, for example,
preventing Comcast from slowing Gigaom traffic while stories from
Comcast-owned NBC properties load with ease. However, the timing of actual
rules will depend on what the agency decides to do after the four-month
comment period on today's proposed rules expires. So what are those
rules? I'll explain below.

Bringing in wireless networks to the net neutrality fold: In 2010, wireless
and wireline networks were subject to different net neutrality rules after a
compromise between Google and Verizon. The rules around discrimination on
wireless networks were a bit more lenient, given the challenges of
delivering large amounts of content over limited spectrum resources. By
including the possibility of bringing wireless further into these rules, we
have the debate over wireless discrimination all over again. And this is
truly a tough debate because the physics of wireless networks are different
from wireline networks. But with AT&T and Verizon trying to push landline
and DSL customers onto LTE networks for voice and broadband access in rural
areas, this debate is essential in order to make sure that the customers who
have no choice but LTE have the same Internet options as someone with cable
or fiber.

Enhance transparency rule: This is pretty simple, but the idea here is that
when ISPs take actions to block content or slow content or engage in deals
with companies under any sort of prioritization scheme, customers will know
about it, so they can ``weigh their options.''  While it's nice to know that
AT&T might have faster Netflix because the two companies have signed a deal
to put Netflix traffic in a fast lane, it doesn't help me if my only other
alternative is Time Warner Cable that has put Gigaom's servers in a fast
lane, so I can send my video files back to my corporate office. Consumers
will be left with bad choices or no choices, depending on their needs and
location.

No blocking: This gets into the concept of the Internet slow lane. As part
of no blocking, the agency recognizes that there are plenty of things an ISP
can do to make content unusable, such as slowing it to the point where video
files become unwatchable or packets in a download are lost. This rule
proposes minimum standards that remain to be seen (I'll update when I see
them) and will be a source of much drama in the weeks and months to come,
because activists worry that it's the weak legal link that ISPs can use to
fight the new net neutrality rules.

No paid prioritization: The rules also try to say that priority service
offered exclusively by a broadband provider to an affiliate should be
considered illegal until proven otherwise. However, the agency acknowledges
that this is a `Crebuttable presumption', which it defines as ``presumption
that is taken to be true unless someone comes forward to contest it and
proves otherwise.''  Like a court case. That would then allow for paid
prioritization. Yes, that is a house the FCC is building on sand. [...]

------------------------------

Date: Thu, 15 May 2014 09:39:11 -0700
From: Lauren Weinstein <lauren () vortex com>
Subject: A politician, paedophile and doctor have already asked Google
  ``to be forgotten'' says the BBC

(Next Web via NNSquad)
http://thenextweb.com/insider/2014/05/15/politician-paedophile-doctor-already-asked-google-forgotten-says-bbc/

  ``Now, the BBC reports that Google has received fresh takedown requests,
  from a former politician currently seeking re-election and who wants
  mentions of his behaviour in office deleted. Also, a man convicted of
  owning images of child abuse has requested links about his convictions to
  be removed, while a doctor has sought to delete negative reviews from his
  patients.''

 - - -

It would have been SO much easier for Stalin to delete `unfortunate' aspects
of his history (not to mention completely deleting his ex-colleagues) if he
had had access to the EU `right to be forgotten'.  Yep.  He didn't really
believe in the public's Right to Know -- like the EU, apparently.

------------------------------

Date: May 15, 2014 8:00 AM
From: Dewayne Hendricks <dewayne () warpspeed com>
Subject: Glenn Greenwald: U.S. Corporate Media is ``Neutered, Impotent
  and Obsolete''

  [via Dave Farber, who comments, ``This was a major part of the new book
  from Greenwald, very very interesting.''

Democracy Now, 14 May 2014
http://www.democracynow.org/2014/5/14/glenn_greenwald_us_corporate_media_is

In the final part of our extended interview, Glenn Greenwald reflects on the
Pulitzer Prize, adversarial journalism and the corporate media's response to
his reporting on Edward Snowden's leaked National Security Agency
documents. ``We knew that once we started publishing not one or two stories,
but dozens of stories, that not just the government, but even fellow
journalists were going to start to look at what we were doing with
increasing levels of hostility and to start to say, 'This doesn't actually
seem like journalism anymore,' because it's not the kind of journalism that
they do.  It doesn't abide by these unspoken rules that are designed to
protect the government.''

GUESTS
Glenn Greenwald, Pulitzer Prize-winning journalist and author of the new
book, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance
State.

------------------------------

Date: Sun, 7 Oct 2012 20:20:16 -0900
From: RISKS-request () csl sri com
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
 comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.  The mailman Web interface can
 be used directly to subscribe and unsubscribe:
   http://lists.csl.sri.com/mailman/listinfo/risks
 Alternatively, to subscribe or unsubscribe via e-mail to mailman
 your FROM: address, send a message to
   risks-request () csl sri com
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe () csl sri com or risks-unsubscribe () csl sri com
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
   <http://www.CSL.sri.com/risksinfo.html>
 *** Contributors are assumed to have read the full info file for guidelines.

=> .UK users may contact <Lindsay.Marshall () newcastle ac uk>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line.
 *** NOTE: Including the string `notsp' at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
     or ftp://ftp.sri.com/VL/risks for previous VoLume
 http://www.risks.org takes you to Lindsay Marshall's searchable archive at
 newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing
  is no longer maintained up-to-date except for recent election problems.
 *** NOTE: If a cited URL fails, we do not try to update them.  Try
  browsing on the keywords in the subject line or cited article leads.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 27.93
************************


  By Date           By Thread  

Current thread:
  • Risks Digest 27.93 RISKS List Owner (May 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault