July 2018 - cypherpunks-legacy

voting, KISS, etc.
by Perry E. Metzger 06 Jul '18

06 Jul '18

I think that those that advocate cryptographic protocols to ensure voting security miss the point entirely. They start with the assumption that something is "broken" about the current voting system. I contend it is just fine. For example, it takes a long time to count pieces of papers compared with bits. However, there is no actual need for speed in reporting election results. This is not a stock exchange -- another election will not be held the next day, and the number of elections being held will not rise 8% per quarter. If it takes a day or even several days to get an accurate count, no one will be hurt. The desires of television networks to report the results in ten minutes is not connected to the need for a democracy to have widespread confidence in the election results. Speed is not a requirement. As it is, however, automated counts of paper ballots are plenty fast enough already. It also is seemingly "behind the times" to use paper and such to hold an election when computers are available -- but the goal is not to seem "modern" -- it is to hold a fair election with accurately reported results that can be easily audited both before, during and after the fact. It seems to some to be "easier" to vote using an electronic screen. Perhaps, perhaps not. My mother would not find an electronic screen "easier" at all, but lets ignore that issue. Whether or not the vote is entered on a screen, the fact that paper ballots can be counted both mechanically (for speed) and by hand (as an audit measure), where purely electronic systems lack any mechanism for after-the-fact audit or recount, leads one to conclude that old fashioned paper seems like a good idea, and if it is not to be marked by hand, then at least let it be marked by the computer entry device. It is also seemingly "better" to have a system where a complex cryptographic protocol "secures" the results -- but the truth is that it is more important that a system be obvious, simple and secure even to relatively uneducated members of society, and the marginal security produced by such systems over one in which physical paper ballots are generated is not obvious or significant. (The marginal security issue is significant. Consider that simple mechanisms can render the amount of fraud possible in the "old fashioned" system significantly smaller than the number of miscast votes caused by voter mistakes, but that no technology can eliminate voter mistakes. Then ask why a fully electronic "fraudless" system understandable to a miniscule fraction of the population but where miscast votes continue to occur -- and possibly to be inaccurately perceived as evidence of fraud -- would be superior.) To those that don't understand the "understandable to even those who are not especially educated" problem, consider for moment that many people will not care what your claims are about the safety of the system if they think fraud occurred, even if you hand them a mathematical proof of the system. I suspect, by the way, that they'll be right, because the proofs don't cover all the mechanisms by which fraud can occur, including "graveyard" voting. We tamper with the current system at our peril. Most security mechanisms evolve over time to adjust to the threats that happen in the real world. The "protocols" embedded in modern election laws, like having poll watchers from opposing sides, etc., come from hundreds of years of experience with voting fraud. Over centuries, lots of tricks were tried, and the system evolved to cope with them. Simple measures like counting the number of people voting and making sure the number of ballots cast essentially corresponds, physically guarding ballot boxes and having members of opposing parties watch them, etc., serve very well and work just fine. Someone mentioned that in some elections it is impractical for the people running to have representatives at all polling places. It is, in fact, not necessary for them to -- the threat of their doing so and having enough poll watchers from enough organizations in a reasonably random assortment of polling places is enough to prevent significant fraud. I'm especially scared about mechanisms that let people "vote at home" and such. Lots of people seem to think that the five minute trip to the polling place is what is preventing people from voting, and they want to let people vote from their computers. Lets ignore the question of whether it is important that the people who can't be bothered to spend ten minutes going to the polling place care enough about the election to be voting anyway. Lets also ignore the totally unimportant question of vote buying -- vote buying has happened plenty of times over the centuries without any need for the purchaser to verify that the vote was cast as promised. Tammany Hall did not need to watch people's votes to run a political machine. I'm much more concerned that we may be automating the "graveyard" vote, which is currently kept in check by the need to personally appear at polling places. I'm also concerned about the forms of fraud I haven't even considered yet because no one has invented them yet. Election security isn't just about assuring that votes are correctly counted. I'm a technophile. I've loved technology all my life. I'm also a security professional, and I love a good cryptographic algorithm. Please keep technology as far away as possible from the voting booth -- it will make everyone a lot safer. -- Perry E. Metzger perry(a)piermont.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah(a)ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

1 0

EDRi-gram newsletter - Number 7.6, 25 March 2009
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 7.6, 25 March 2009 ============================================================ Contents ============================================================ 1. Telecom Package in second reading - dangerous amendments 2. Extension of copyright term postponed in the European Parliament 3. German Police searches the homes of the wikileaks.de domain owner 4. Data sharing legislation pulled by the UK government 5. France: Three strikes law debated by the General Assembly 6. European Parliament wants more transparency on ACTA 7. Germany: Data retention is disproportionate 8. Irish ISP Association rejects the copyright industry threats 9. Coalition of musicians against criminalizing downloaders 10. Recommended Reading 11. Recommended Action 12. Agenda 13. About ============================================================ 1. Telecom Package in second reading - dangerous amendments ============================================================ Several alarming amendments to the Telecom Package second reading in the European Parliament are to be voted on 31 March 2009 by ITRE/IMCO committee. The amendments are meant to give additional control to the entertainment industry, telecoms and IT security companies over the Internet. An agreement on several delicate issues of the telecom package is sought in a trialogue between the European Parliament, the European Council and the European Commission to agree on a resolution regarding politically sensitive and technically difficult aspects of the Telecoms Package. Although the European Parliament is supposed to represent the interests and rights of the users, it seems it is trying to make compromises in agreeing upon the limitations of the users' rights pushed by the UK and France in the Council. One of the most controversial issues is that of the three-strikes strongly and continuously pushed by France in the EU Council . Although most of the dispositions introducing the graduate response system were rejected in first reading of the Telecom Package, there are still some alarming ones persisting. France is trying hard to get rid of Amendment 138 which seeks to protect users' rights against the three-strikes sanctions and which, until now, has stopped the EU from applying the three-strikes policy. Also, some new amendments reintroduce the notion of lawful content, which will impose the obligation on ISPs to monitor content going through their networks. The UK government is pushing for the "wikipedia amendments" (so-called because one of them has been created by cutting and pasting a text out of the wikipedia) in order to allow ISPs to make limited content offers. The UK amendments eliminate the text that gives users rights to access and distribute content, services and applications, replacing it with a text that says "there should be transparency of conditions under which services are provided, including information on the conditions to and/or use of applications and services, and of any traffic management policies ." "In a context where markets like mobile telecommunication or entertainment industries, merging with telecommunication operators, are controlled by oligopolies, relying on the only information of the consumer leaves the consumer without any choice. Competition law would be the only remedy, and they proved to be totally inefficient against Microsoft or mobile operators cartels. Therefore, it is essential to define a positive guarantee of access to services without discrimination," stated Jirimie Zimmermann, co-founder of La Quadrature du Net. Also a very dangerous amendment to the ePrivacy directive is introduced by the UK, allowing the telecommunications industry to collect a potentially unlimited amount of users' sensitive and confidential communications data including telephone and e-mail contacts, geographic position of mobile phones and websites visited on the Internet. As a result of the amendments pushed by the AT&T industry, network discrimination practices could be included by the use of Traffic Management Systems, leading to a discriminative way in which users can access content, services and applications, therefore giving complete control of the network to the operators who will be able to decide who and what can access. The pretext for this movement is the necessity of preventing a collapse of the network due to congestion and of a diversified range of offers by the operators. "Such practices would discourage investment in network capacity as well as competition and innovation, and could pose serious threats to freedom of speech" states La Quadrature du Net which has published an analysis of the tabled amendments and recommendations for the votes to be taken by ITRE/IMCO committee. La Quadrature du Net believes the time left before the vote in the ITRE/IMCO committee must be used to urge MEPs from IMCO and ITRE to protect the citizens' freedoms by voting against all amendments allowing net discrimination, three strikes schemes and privacy breaches. "The second reading on the Telecoms Package means a second round of intense lobbying, where corporate interests try to go back on citizen's basic freedom in order to gain more control over the network. However, the European Parliament has a unique chance of showing citizens its commitment into protecting freedom and equity, since it is only 3 months until the European elections, in June" states the group. BEUC, the European Consumers' Organisation, also issued a press release on 18 March appealing for the net neutrality of the Internet. "Over the coming days, the European Parliament, Commission and the Council are holding informal trialogue discussions on the third telecom package. We urge them to keep the principle of "net neutrality" in the final text, ensuring that consumers will still have access to an open Internet. Consumers should be able to choose their own content, application and services online - this right needs to be enforced by national telecom regulators". The next key dates after the vote by ITRE/IMCO committee are 15 April 2009, the deadline for plenary amendments, and 22 April 2009- the date estimated for the EP plenary vote. Lion of France on the attack against Amendment 138 (22.03.2009) http://www.iptegrity.com/index.php?option=com_content&task=view&id=284&Item… Telecoms Package 2nd Reading ITRE IMCO Amendments http://www.laquadrature.net/wiki/Telecoms_Package_2nd_Reading_ITRE_IMCO_Dra… UK government pushes for discriminated Internet (7.03.2009) http://www.laquadrature.net/en/uk-government-pushes-for-discriminated-inter… EU citizens: Save Internet from being turned into a TV! (22.03.2009) http://www.laquadrature.net/en/eu-citizens-save-internet-from-being-turned-… UK Proposed Amendments http://www.laquadrature.net/files/UK_PROPOSED_AMENDMENTS_on_net_neutrality_… How the EU is bargaining away the Internet (23.03.2009) http://www.iptegrity.com/index.php?option=com_content&task=view&id=287&Item… Unblock the Internet for consumers: BEUC's fight for net neutrality (18.03.2009) http://docshare.beuc.org/docs/1/GOCCADAAPAOEOHHKPKMALAKIPDBG9DBYEG9DW3571KM… EDRI-gram: Open letter to the European Parliament - Telecom Package (17.02.2009) http://www.edri.org/edrigram/campaigns/open-letter-telecom-package ============================================================ 2. Extension of copyright term postponed in the European Parliament ============================================================ As a result of the very large controversy and lack of consensus among MEPs, in a meeting of the presidents of the political groups in the European Parliament on 17 March 2009, the vote on the extension of the copyright term, which was due for 23 March 2009, was postponed for the end of April 2009. The proposed directive, introduced by Commissioner McCreevy, was to extend copyright from 50 to 90 years and was allegedly meant to support performers during their old age. As the many opponents to the proposal have emphasized and as several studies have shown, the extension would mostly benefit the major multinational companies and would negatively affect the economy and culture of Europe. Professor Martin Kretschmer, Director of the Centre for Intellectual Property Policy & Management Bournmemouth considered the measure would be beneficial to the four multinational record companies Universal, Sony BMG, Warner Music and EMI owning almost all the key records to be covered by the extension, a few major artists and the collecting societies. According to the calculation of the European Commission's own figures, most of the performers would only receive about 52 euro/year while according to the EDRi-member Open Rights Group's estimation, 80% of the performers would receive only 0.5 to 27 euro/year. Even if we take into consideration the Commission's figure, the amount is far from helping aging performers. The Association for Fair Audiovisual Copyright in Europe ("A Face"), a group including individuals and associations of the European audiovisual community, has joined other voices against the directive and initiated a petition against it. "We regard the proposed Directive, and any other one based on similar principles and affecting the audiovisual world, as detrimental to the development and dissemination of European culture and economy, which are among the basic missions of the European Parliament. For this reason, we intend to actively oppose their approval and call everybody to support this cause" is the statement of the group. Face's goal is to make sure copyright does not deviate from its initial purpose of "protecting the interest of right holders only to the extent a general progress of culture is assured." At the end of March, a discussion between the European Commission, European Council and the European Parliament will decide whether the directive will be allowed to be furthers discussed in the European Parliament. MEPs back off from copyright term extension vote! (19.03.2009) http://www.openrightsgroup.org/2009/03/19/meps-back-off-from-copyright-term… Copyright extension debate: We must not inhibit digital creators (16.03.2009) http://blogs.telegraph.co.uk/shane_richmond/blog/2009/03/16/copyright_exten… Association for Fair Audiovisual Copyright in Europe Petition of the european audiovisual community against the proposed directive for a copyright term Extension for sound recordings http://aface.eu/ EDRI- gram: Reject the Term Extension Directive (21.01.2009) http://www.edri.org/reject-term-extention-directive ============================================================ 3. German Police searches the homes of the wikileaks.de domain owner ============================================================ The German Police searched the homes of Theodor Reppe, the owner of the domain name wikileaks.de, alleging he was under investigation for "distribution of pornographic material" and "discovery of evidence" The seven police officers in Dresden and four in Jena having performed the searches in the evening of 24 March 2009 claimed the raid was initiated due to Mr. Reppe's position as the Wikileaks.de domain owner. However, it is not clear what exact documents were targeted, because the German Police did not want to give any further information to Mr. Reppe and no contact was made with Wikileaks before or after the search. But the search is considered to be related with the publication of Wikileaks of the censorship lists for Australia, Thailand, Denmark and other countries. The lists include to sites alleged to contain pornography, including child pornography. However, Wikileaks has not published any images from the sites. Wikileaks also speculated on the search: "The raid appears to be related to a recent German social hysteria around child pornography and the political battle for a national censorship system under the German family Minister Ursula von der Leyen. It comes just a few weeks after a member of parliament, SPD Joerg Tauss had his office and private house searched by police. German bloggers discussing the subject were similarly raided. " According to information from Reppe, the Police asked for the passwords to the wikileaks.de domain and asked. for the entire domain to be disabled. But Wikileaks.de and other Wikileaks domains were unaffected by the raid. Reppe is just a volunteer who sponsors the domain for Wikileaks, but is not involved in the day-to-day-operation of wikileaks and just mirrors a collection of Wikileaks US Congressional Research Service reports.He also maintains one of the most popular Tor servers in Germany. Police raid home of Wikileaks.de domain owner over censorship lists (24.03.2009) http://wikileaks.org/wiki/Police_raid_home_of_Wikileaks.de_domain_owner_ove… Police raid Wikileaks.de domain owner Theodor Reppe's home over 'censorship lists' (25.03.2009) http://www.news.com.au/technology/story/0,28348,25240192-5014239,00.html House searches for owners of the domain wikileaks.de (only in German 25.03.2009) http://www.heise.de/newsticker/Hausdurchsuchung-bei-Inhaber-der-Domain-wiki… Danish police mobilized Blocked list (only in German, 2.03.2009) http://www.lawblog.de/index.php/archives/2009/03/02/danische-sperrliste-mob… Australia secretly censors Wikileaks press release and Danish Internet censorship list (16.03.2009) http://wikileaks.de/wiki/Australia_secretly_censors_Wikileaks_press_release… ============================================================ 4. Data sharing legislation pulled by the UK government ============================================================ The campaign of Privacy International and of other civil liberties groups against data sharing legislation in UK resulted in the UK Government decision to abandon Clause 152 of the Coroners and Justice Bill. The respective clause was giving a "designated authority" the power to sign an order allowing the sharing of information between any two agencies in the public and private sector. The proposed legislation raised concerns related to the possible misuse of personal data and created a large opposition movement. In a campaign led by Privacy International and other NGOs, an open letter addressed to Justice Secretary Jack Straw, signed by thirty organisations on 28 February 2009 condemned the proposal as a dangerous threat to privacy, and called for the withdrawal of clause 152 from the Coroners & Justice Bill. "In view of the extraordinary powers conferred by clause 152, the information sharing provisions in the Bill may constitute the gravest threat to data protection in the history of the Data Protection Act, and are among the most wide-ranging and potentially intrusive proposals ever laid before Parliament," stated the letter. On 9 March 2009, a spokesman for Straw announced the "rethinking" of the legislative initiative as a result of the "strength of feeling" against it. The spokesmen stated Justice Secretary recognized that the clause had been drafted in too wide a manner and the reason for the "rethink and a re-consultation" was to "try to strike a balance between the positive elements of data-sharing and ensuring that sensitive data is protected". Although the proposal was entirely stricken out from the Coroners and Justice Bill, a new attempt will be made to introducing an adjusted version in an undetermined future. "This is an extraordinary U-turn but we cannot be led into a false sense of security. We congratulate the Government on its decision, but it was inevitable given how badly the clause have been drafted and how morally corrupt its outcome would have been. Nobody should be under the illusion that the Government has changed its colours with regard to its zeal for surveillance. This could be merely a blip, so we all have to remain vigilant for the next assault of privacy" said Simon Davies, director of Privacy International. Privacy campaigner Phil Booth, director of No2ID was also pleased by the decision. "People realized that their information could be taken and used and abused for other purposes" he said, adding: "The public backlash against Clause 152 has been phenomenal. NO2ID has been working closely with Privacy International and others to focus grassroots and organisational opposition, but the reality is that people just won't put up with the hypocrisy of politicians who want to keep their own details secret, or who support shadowy police databases on protestors, yet who clearly still think that the state can do just as it wants with our personal information. It can't - the people have spoken. Let's hope the scrapping of Clause 152 is the first nail in the coffin of the database state." However, just as Davies, he expressed some reservations, thinking the government might disregard Straw's position. Straw will launch a public consultation in view of implementing more limited proposals to allow government bodies to share information in cases when there is clear benefit. "We will talk to interested groups to get the balance right so that we have the right policy issues reflected in any future legislation and at the same time avoid worrying people unnecessarily that their data is being abused" stated Straw's spokesmen. UK Government backs down on data sharing legislation after PI campaign (8.03.2009) http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-563879 Government abandons data-sharing scheme (7.03.2009) http://www.telegraph.co.uk/news/newstopics/politics/lawandorder/4954058/Gov… Straw bows to pressure over data sharing (8.03.2009) http://www.guardian.co.uk/technology/2009/mar/08/data-sharing-civil-liberti… UK govt to rethink data-sharing plans (10.03.2009) http://www.zdnetasia.com/news/security/0,39044215,62052042,00.htm?scid=rss_… Civil society joins key professional bodies to demand removal of data sharing powers (28.02.2009) http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-563710 EDRIgram:UK Government proposes increased data sharing (11.02.2009) http://www.edri.org/edri-gram/number7.3/uk-govt-more-sharing-data ============================================================ 5. France: Three strikes law debated by the General Assembly ============================================================ The debates on the French three strikes law (so called Hadopi law) started on 11 March 2009 in the General Assembly only to be suspended at the end of the second day, to be continued on 31 March. While the law was adopted by the Senate in less than a day, it appears the deputies will need a much longer time for the debates. Several deputies have shown their opposition to the project considering it as a mechanism to suppress rights and liberties, a "legal monster" as deputy Patrick Bloche expressed himself. However, several amendments to the law were rejected during these two days. Besides the debates related to the financial costs incurred by the creation of Hadopi authority, many discussions referred to the respect of the right to defence raised by the graduated response. At the request of the Minister of Culture and some rapporteurs, the deputies rejected the amendment stipulating that "the right to an equitable procedure must be observed in all cases by the High Authority" and that "attached to this fundamental principles are the audi alteram partem right, the right of defence, the presumption of innocence and imputability rights". The deputies also rejected the modified version of the global licence despite the arguments brought by the opponents of the graduate response. Didier Mathus brought the argument of the revenue showing that with a 2 euro/month contribution from the Internet users, 400 millions euro would go to the music industry while the three strikes system would bring nothing. Jean Dionis du Sijour's proposal of an extended collective licence for the commercial platforms wishing to have access to the catalogues of the record companies was also rejected as well as the amendment introduced by the majority deputy Suguenot that referred to a tax on all advertising revenue from the web, in favour of performers. Another rejected amendment requested a report to be submitted to the Parliament before 31 October 2009 for the implementation of a fund for music creation. The financing of the fund should be included as a part of the tax payed by operators of electronic communications. So, basically, Christine Albanel succeeded in influencing the votes of the deputies in many of the issues under the debate. She also reaffirmed her intention to continue to defend the draft law. However, there is still some time before the debates are resumed which could be used to try and influence the final result. La Quadrature du Net has launched an initiative in this sense meant to make all deputies aware of the consequences of their position regarding the Hadopi law. The "Memoire Politique" (Political Memory) is a wiki including all texts and comments of the deputies that will allow the citizens to verify the position of each deputy in various national and european legal debates. La Quadrature du Net team, has decided to thus improve the democratic information and to "concretely apply the fundamental principle of the representative democracy" by the Memoire Politique". The Memoire Politique will collect the declarations and positions of the deputies during the sessions on Hadopi law, also providing their assessment. This will give the citizens the possibility to verify whether the deputies they elected really represent their interests. This will also help in providing the citizens with the counter-arguments that they may present to their deputies in requiring the refusal of amendments that may affect their rights. Internet and Creation Law (day 2): suspended until 31 March... minimum (only in French, 13.03.2009) http://www.numerama.com/magazine/12301-Loi-Creation-et-Internet-jour-2-susp… Hadopi (day 2) : the deputies rejected the global licence - version 2009 (only in French, 12.03.2009) http://www.numerama.com/magazine/12299-Hadopi-jour-2-les-deputes-rejettent-… Hadopi (day 1): The right wing divided by the suspension of the access to Internet (only in French, 12.03.2009) http://www.numerama.com/magazine/12285-Hadopi-jour-1-la-droite-divisee-sur-… Hadopi : National Assembly massively rejects the exception of non-admisability (only in French, 11.03.2009) http://www.numerama.com/magazine/12281-Hadopi-l-Assemblee-Nationale-rejette… La Quadrature du Net sets up the Mimoire Politique (only in French, 23.03.2009) http://www.numerama.com/magazine/12387-La-Quadrature-du-Net-met-en-place-un… Mimoire Politique http://www.laquadrature.net/wiki/Political_Memory Hadopi amendements - National Assembly http://www.laquadrature.net/wiki/Hadopi_amendements_assemblee_nationale EDRI-gram: HADOPI law close of creating a dangerous precedent (25.02.2009) http://www.edri.org/edri-gram/number7.4/hadopi-law-france ============================================================ 6. European Parliament wants more transparency on ACTA ============================================================ The European Parliament has included in the Draft Regulation regarding public access to the European Parliament, Council and Commission documents a reference asking for more transparency in the current negotiations on the Anti-Counterfeiting Trade Agreement (ACTA) A recital in the text adopted by the European Parliament says: "In accordance with Article 255(1) of the EC Treaty, the Commission should immediately make all documents related to the ongoing international negotiations on the Anti-Counterfeiting Trade Agreement (ACTA) publicly available." The new regulation considers that the basic principle of the new policy on access to documents should be: "No legislative documents should be kept secret." MEPs adopted amendments to the draft proposal but postponed the vote on the legislative resolution, leaving the door open for further negotiations and a first-reading agreement. The regulation foresees also the disclosure of the documents originating from a Member State and received by the EU institutions, after the consultation of the Member state, but without giving it a right of veto. Also Member States shall seek to ensure that an equivalent level of transparency is granted in relation to national measures implementing normative acts of the EU. The MEPs concluded that transparency should be extended also to the international agreements where EU is participating. Special reference was made to the agreement with the USA on the PNR that "must not give a non-EU country or an international organisation the right to prevent the European Parliament from accessing confidential information." Also, MEPs asked the Commission to make available all the documents related to ACTA that might create a new international benchmark on intellectual property right enforcement. This decision came as a breath of fresh air for all international civil rights activists that have asked several times for the publication of the documents related to this international treaty. Especially after in US a Freedom of Information Act request by Jamie Love, director of the non-profit group Knowledge Ecology International, was denied by the chief FOIA officer in the White House's Office of the U.S. Trade Representative. The subject of the request were 7 specific documents, referenced by their exact title and date. These documents are the proposals for ACTA text. The requested documents "are being widely circulated to corporate lobbyists in Europe, Japan, and the U.S. There is no reason for them to be secret from the American public." However, the answer of the Obama administration was that the discussion draft of the Anti-Counterfeiting Trade Agreement and related materials are "classified in the interest of national security pursuant to Executive Order 12958." A document published by Michael Geist in Canada reveals that also the Canadian Government might be favourable to an early release of draft ACTA ".. the Canadian delegation plans to argue for a transparent approach. . . This approach would result in an earlier release of the text, which would serve to alleviate domestic concerns about the scope of the agreement and the perceived secrecy surrounding the process. The draft text could then serve as the basis for broad-based public consultations. " Proposal for a regulation of the European Parliament and of the Council regarding public access to European Parliament, Council and Commission documents (11.03.2009) http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P6-TA-2… Access to documents: The European Parliament demands more transparency (11.03.2009) http://www.europarl.europa.eu/news/expert/infopress_page/019-51409-068-03-1… Copyright treaty is classified for 'national security' (12.03.2009) http://news.cnet.com/8301-13578_3-10195547-38.html Obama Administration Rules Texts of New IPR Agreement are State Secrets (12.03.2009) http://www.huffingtonpost.com/james-love/obama-administration-rule_b_174450… Canada Favours Early Release of ACTA Text (14.03.2009) http://www.michaelgeist.ca/content/view/3751/125/ EDRi-gram: EU pushes for an international Anti-Counterfeiting Trade Agreement (7.11.2007) http://www.edri.org/edrigram/number5.21/acta-eu EDRi-gram: BitTorrent tracker sites threatened by draft ACTA agreement (4.06.2008) http://www.edri.org/edrigram/number6.11/bittorent-acta-agreement ============================================================ 7. Germany: Data retention is disproportionate ============================================================ The German Working Group on Data Retention (AK Vorrat) announced that the Administrative Court of Wiesbaden found the blanket recording of the entire population's traffic data on telephone, mobile phone, e-mail and Internet usage is disproportionate. The decision of the court is "that data retention violates the fundamental right to privacy. It is not necessary in a democratic society. The individual does not provoke the interference but can be intimidated by the risks of abuse and the feeling of being under surveillance (...) The directive (on data retention) does not respect the principle of proportionality guaranteed in Article 8 ECHR, which is why it is invalid." AK Vorrat, that has also initiated the Constitutional complaint against the German Data retention law, used this opportunity to address another digital civil rights fear: a government project to allow Internet service providers to record everybody's Internet surfing habits. The project was debated on 19 March by the German Bundestag in the first reading. Started as a project to better protect the computer networks against any cyber-attacks, the new draft has been criticized by the Privacy Commissioner of the Federal Government, Peter Schaar, who considered that the draft needed to be revised and several law provisions needed to be clarified. The draft also contains an amendment to the Telemedia Act, which allows service providers, using data they are allowed to store and process for legal purposes, to use the information for identifying surfing habits. The amendemnt is justified by the necessity of the protection against malicious software and other similar threats. "We call on all citizens to contact their MPs now in order to protest against the proposed retention of web surfing habits," says Werner H|lsmann, member of the board of the forum of computer scientists for peace and social responsibility, actively working in the Working Group on Data Retention. "The recent criticism by Federal Minister of the Interior Wolfgang Schduble (CDU) of the Constitutional Court's preliminary decision on data retention proves that his surveillance mania is limitless", criticizes Patrick Breyer of the Working Group on Data Retention. "It is not 'a matter for the legislature' to keep eroding our constitutional guarantees protecting us from errors and abuses by the authorities. We urgently need to establish a Fundamental Rights Agency to have all existing powers and programs of the security authorities systematically and scientifically reviewed as to their effectiveness, cost, adverse effects, alternatives and compatibility with our fundamental rights." Despite all the different European attempts to stop data retention, the day of 15 March 2009, imposed by the EU data retention directive, marks the starting point for ISPs to collect and store traffic data in several European countries. Administrative Court: Data retention is "invalid" (16.03.2009) http://www.vorratsdatenspeicherung.de/content/view/301/1/lang,en/ Video: Bundestag debates draft law (only in German, 25.03.2009) http://www.vorratsdatenspeicherung.de/content/view/302/1/lang,de/ Protection against hackers, surveillance fears (only in German, 19.03.2009) http://www.tagesschau.de/inland/ueberwachung/bsigesetz100.html ============================================================ 8. Irish ISP Association rejects the copyright industry threats ============================================================ After several weeks of silence in the the Eircom deal with IRMA (Irish Recorded Music Association), the Irish ISP Association (ISPAI) has reacted considering the legal threats as spurious and that there is no evidence of wrong-doing by Internet Service Providers. The Irish ISP scandal has started with the major Irish ISP Eircom agreement to a "three strikes" approach, following the settlement of the court case with IRMA. In terms of this agreement, the evidence of illegal downloads will be provided by IRMA and Eircom will take action without a court hearing. The agreement also means that Eircom is not to oppose any application blocking file-sharing websites from their network. IRMA tried to extend the agreement to other ISPs by sending them letters threatening legal action from solicitors representing four major music recording companies. ISPAI, where Eircom is also a member, published a statement approved by "a majority" of its members that claims that two years ago they initiated meetings with the music representatives to explore these aspects, but the matter was not followed up by the industry. "The ISPAI and its members have never condoned the use of its members' services for theft of copyrighted works of any kind, and continue to operate within the existing legal framework which has provisions for taking action where appropriate," says the statement explaining that the present Irish copyright law provides remedies and means of action for breaching copyright through the courts and that "ISPAI members will continue to co-operate fully within these existing legal parameters." ISPAI also supports the privacy of its users' communications and underlines its importance through this statement: "Privacy of user communications is protected in European and Irish legislation. ISPs can not be expected to ignore these merely because it does not suit another private party. To do so would breach the privacy of our users as well as having serious implications for the continued location of international e-business in this country and the jobs these generate. " ISPAI - Position statement (13.03.2009) http://www.ispai.ie/docs/20090313copyright.pdf Irish ISPs rally against record label anti-piracy threat (17.03.2009) http://www.theregister.co.uk/2009/03/17/irish_isps_rally_against_irma_threa… Irish ISPs reject music industry's file-sharer demands (18.03.2009) http://www.out-law.com//default.aspx?page=9887 EDRi-gram: Irish ISP settled to introduce 3 strikes (11.02.2009) http://www.edri.org/edri-gram/number7.3/3-strikes-ireland EDRi-gram: IRMA tries to block websites (11.03.2009) http://www.edri.org/edri-gram/number7.5/irma-blocks-websites ============================================================ 9. Coalition of musicians against criminalizing downloaders ============================================================ On 11 March 2009, during its inaugural meeting, the Featured Artists Coalition (FAC) including 140 of UK biggest rock and pop stars, expressed concern about actions taken against fans involved in file-sharing. FAC expressed the intention to fight for a fairer deal for musicians "at a time when they can use the internet to forge direct links with their fans." The members of the coalition want to campaign for effective laws and regulations and for transparent and equitable business practices. They believe that companies such as MySpace and YouTube should be required to remunerate the artists when using their music for advertising. At the same time, they want to dissociate themselves from the industry in its move to criminalize individuals for illegally downloaded music. The artists discussed on a response to the interim version of the Digital Britain report which proposes a Rights Agency to enforce anti-piracy measures. Although the interim report does not propose a three-strikes system like in France, it proposes measures requiring ISPs to give up information about customers sharing music on P2P networks to rights-holders. This would make it easier to take actions against the most significant infringers. "What I said at the meeting was that the record industry in Britain is still going down the road of criminalising our audience for downloading illegal MP3s," said musician Billy Bragg who added that "Artists should own their own rights and they should decide when their music should be used for free, or when they should have payment." Ed O'Brien, member of Radiohand band, considered that during a "defining time for the industry (...) a lot of the rights and revenue streams are being carved up, and we need a voice... I think all the major players want to hear what we have to say." It's not a crime to download, say musicians (12.03.2009) http://www.independent.co.uk/arts-entertainment/music/news/its-not-a-crime-… Featured Artists Opposed To Cutting Off File-Sharers (12.03.2009) http://www.billboard.biz/bbbiz/content_display/industry/e3iffcfe0c0b0255a5a… ============================================================ 10. Recommended Action ============================================================ Document Freedom Day - 25.03.2009 For the second time, in 2009, the Document Freedom Day is orgganized as a global day for Document Liberation with the participation of roughly 250 active teams worldwide. It is a day of grassroots effort around the world to promote and build awareness for the relevance of Free Document Formats in particular and Open Standards in general. http://www.documentfreedom.org/ ============================================================ 11. Recommended Reading ============================================================ Database State - a comprehensive map of UK government databases By Ross Anderson, Ian Brown, Terri Dowty, Philip Inglesant, William Heath, Angela Sasse, Foundation for Information Policy Research (March 2009) Database State - full report http://www.jrrt.org.uk/uploads/Database%20State.pdf Database State - Executive Summary http://www.jrrt.org.uk/uploads/Database%20State%20-%20Executive%20Summary.p… ============================================================ 12. Agenda ============================================================ 26-27 March 2009, London, UK 5th Communia Workshop: Accessing, Using, Reusing Public Sector Content and Data http://www.communia-project.eu/ws05 27-29 March 2009, Manchester, UK Oekonux Conference: Free Software and Beyond The World of Peer Production http://www.oekonux-conference.org/ 28 March 2009, London, UK Open Knowledge Conference (OKCon) 2009 http://www.okfn.org/okcon/ 29-31 March 2009, Edinburgh, UK Governance Of New Technologies: The Transformation Of Medicine, Information Technology And Intellectual Property - An International Interdisciplinary Conference http://www.law.ed.ac.uk/ahrc/conference09/ 1-3 April 2009, Berlin, Germany re:publica 2009 "Shift happens" http://www.re-publica.de/09/ Subconference: 2nd European Privacy Open Space http://www.privacyos.eu/ 4 April 2009, Paris, France French 2009 Big Brother Awards http://bigbrotherawards.eu.org/ 21-23 April 2009, Winchester, UK BILETA 2009 Annual Conference http://www.winchester.ac.uk/?page=9871 23-24 April 2009, Brussels, Belgium The future of intellectual property - Creativity and innovation in the digital era http://www.intellectualproperty-conference.eu 23-24 April 2009, Amsterdam, Netherlands Second European Licensing and Legal Workshop organized by Free Software Foundation Europe http://www.fsfeurope.org/news/2009/news-20090323-01.en.html 11 May 2009, Brussels, Belgium GigaNet is organizing the 2nd international academic workshop on Global Internet Governance: An Interdisciplinary Research Field in Construction. Deadline for abstracts submissions is 20 March 2009. http://giganet.igloogroups.org/publiclibr/giganetcos/2009brusse 13-14 May 2009 Uppsala, Sweden Mashing-up Culture: The Rise of User-generated Content http://www.counter2010.org/workshop_call 19-20 May 2009, Brussels, Belgium European Commission organizes a personal data protection conference to look at new challenges for privacy http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_03_03_09_en.pdf 24-28 May 2009, Venice, Italy ICIMP 2009, The Fourth International Conference on Internet Monitoring and Protection http://www.iaria.org/conferences2009/ICIMP09.html 1-4 June 2009, Washington, DC, USA Computers Freedom and Privacy 2009 http://www.cfp2009.org/ 5 June 2009, London, UK The Second Multidisciplinary Workshop on Identity in the Information Society (IDIS 09): "Identity and the Impact of Technology" http://is2.lse.ac.uk/idis/2009/ 28-30 June 2009, Torino, Italy COMMUNIA Conference 2009: Global Science & Economics of Knowledge-Sharing Institutions http://www.communia-project.eu/conf2009 2-3 July 2009, Padova, Italy 3rd FLOSS International Workshop on Free/Libre Open Source Software Paper submission by 31 March 2009 http://www.decon.unipd.it/personale/curri/manenti/floss/floss09.html 13-16 August 2009, Vierhouten, The Netherlands Hacking at Random http://www.har2009.org/ 23-27 August 2009, Milan, Italy World Library and Information Congress: 75th IFLA General Conference and Council: "Libraries create futures: Building on cultural heritage" http://www.ifla.org/IV/ifla75/index.htm 10-12 September 2009, Potsdam, Germany 5th ECPR General Conference, Potsdam Section: Protest Politics Panel: The Contentious Politics of Intellectual Property http://www.ecpr.org.uk/potsdam/default.asp 16-18 September 2009, Crete, Greece World Summit on the Knowledge Society WSKS 2009 http://www.open-knowledge-society.org/ October 2009, Istanbul, Turkey eChallenges 2009 http://www.echallenges.org/e2009/default.asp 16 October 2009, Bielefeld, Germany 10th German Big Brother Awards Deadline for nominations: 15 July 2009 http://www.bigbrotherawards.de/ 15-18 November 2009, Sharm El Sheikh, Egypt UN Internet Governance Forum http://www.intgovforum.org/ ============================================================ 13. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 29 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

[p2p-hackers] Ideas for an opensource Skype lookalike
by Enzo Michelangeli 06 Jul '18

06 Jul '18

Hello everybody, I just joined this list after lurking for a while on its archive at http://zgp.org/pipermail/p2p-hackers/. I'd like to gather opinions about using P2P techniques to support a type of application that never managed to become really popular: a secure internet phone. I have recently begun to monitor the development of Speakfreely on Sourceforge (http://speak-freely.sourceforge.net/ ) after its creator John Walker decided that the future of Internet was an inhospitable environment for it and abandoned further development (http://www.fourmilab.ch/speakfree/ ). I think that John overlooked the possibilities offered by P2P architectures, in two critical areas: - Directories for location and presence. Nothing fancy here, already done before for P2P chat systems. - Working around NAT routers. John says of implementing third-party reflectors: "[...] no non-commercial site like mine could possibly afford the unlimited demands on bandwidth that would require. It's one thing to provide a central meeting point like a Look Who's Listening server, which handles a packet every five minutes or so from connected sites, but a server that's required to forward audio in real-time between potentially any number of simultaneously connected users is a bandwidth killer." However, what a centralized system can't do, is a piece of cake for a distributed system ("_One_ can't, perhaps," said Humpty Dumpty, "but two can.[...]"). The fact that something like Skype does exist, works, and may claim an average of more than 150,000 users online at any given time, looks like a proof of feasibility to me! Unfortunately, Skype is closed-source (which is a showstopper for a crypto application), and Windows-only to boot. However, nothing prevents borrowing some ideas at http://www.skype.com/skype_p2pexplained.html for an opensource alternative. Speakfreely might not represent the best starting point, but it usually works out of the box (which is more than can be said for most other Internet phones), it's multi-platform, and already contains an RTP stack and bulk encryption code. As an alternative to Speakfreely's code, one could assemble together an RTP stack such as oRTP (http://www.linphone.org/ortp/) a bulk encryption and authentication layer such as SRTP (http://srtp.sourceforge.net/srtp.html) a portable audio abstraction layer such as Portaudio (www.portaudio.com) and an unencumbered codec such as Speex (www.speex.org) It would be nice if all the components were or could be ported to WinCE, for use on wireless PDA's. What Speakfreely sorely lacks is a sensible session initiation protocol, and access to non-NATted reflectors to help NATted peers to find each other and exchange UDP traffic. That's where a P2P network (especially one supporting the concept of non-NATted "ultrapeers") can save the day. In my opinion, traditional server-based (i.e., non-P2P) session initiation protocols like SIP -not to mention H.323- represent a poor choice for a consumer-friendly application: they require an arsenal of infrastructural applications (directories, proxies, gatekeepers etc.) which make them attractive only to telcos and hardware vendors (hence Cisco's support for SIP, and the venom liberally spilled on Skype at http://www.voxilla.com/modules.php?op=modload&name=News&file=article&sid=18… ode=thread). Besides, as I wrote on speak-freely-devel(a)lists.sourceforge.net, "the mechanisms that SIP/SDP use for session key negotiation range from the pathetic (key sent in cleartext!!) to the impractical (S/MIME CMS, which is a monster built on the clay feet of a PKI that isn't quite there)". Skype claims to use RSA-based key exchange, which is good for multi-party conferencing but does not preserve forward secrecy. Maybe some variant of ephemeral D-H authenticated by RSA signatures, with transparent renegotiation every time someone joins the conference, could do the job better. But the thing I particularly would like to discuss here is if, and how, to leverage on existing P2P networks. One could always implement a brand new network, using Distributed Hash Table algorithms such as Chord or Kademlia, but it would be much easier to rely from the very beginning upon a large number of nodes (at least for directory and presence functionality, if not for the reflectors which require specific UDP code). That would somehow repeat the approach initially adopted by Vocaltec when, in 1995, they launched their Iphone making use of IRC servers to publish dynamic IP addresses. Incidentally, the IRC users community didn't particularly appreciate ;-), triggering the Great Iphone War, which quickly led Vocaltec to set up its own dedicated IRC servers. >From what I see, Gnutella is pretty hopeless for that purpose because searches are only based on flooding, and therefore full-network searches are nearly impossible; on the other hand, Overnet (which relies upon the Kademlia algorithm) could perhaps be used as a sort of distributed presence/location "server", and also key server (perhaps it would be wise to use an OpenPGP key format to enjoy WoT features from day one). The Overnet protocol is unpublished, but it's been reverse-engineered at least in part by the mldonkey team. Alternatively, Freenet or Entropy could perhaps provide similar services, but with a large code overhead (I'd like to keep the code small enough to be ported, one day, to a PDA) and perhaps slower propagation (?). Comments, as I said, are much welcome. Enzo _______________________________________________ p2p-hackers mailing list p2p-hackers(a)zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]

1 0

EDRi-gram newsletter - Number 7.6, 25 March 2009
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 7.6, 25 March 2009 ============================================================ Contents ============================================================ 1. Telecom Package in second reading - dangerous amendments 2. Extension of copyright term postponed in the European Parliament 3. German Police searches the homes of the wikileaks.de domain owner 4. Data sharing legislation pulled by the UK government 5. France: Three strikes law debated by the General Assembly 6. European Parliament wants more transparency on ACTA 7. Germany: Data retention is disproportionate 8. Irish ISP Association rejects the copyright industry threats 9. Coalition of musicians against criminalizing downloaders 10. Recommended Reading 11. Recommended Action 12. Agenda 13. About ============================================================ 1. Telecom Package in second reading - dangerous amendments ============================================================ Several alarming amendments to the Telecom Package second reading in the European Parliament are to be voted on 31 March 2009 by ITRE/IMCO committee. The amendments are meant to give additional control to the entertainment industry, telecoms and IT security companies over the Internet. An agreement on several delicate issues of the telecom package is sought in a trialogue between the European Parliament, the European Council and the European Commission to agree on a resolution regarding politically sensitive and technically difficult aspects of the Telecoms Package. Although the European Parliament is supposed to represent the interests and rights of the users, it seems it is trying to make compromises in agreeing upon the limitations of the users' rights pushed by the UK and France in the Council. One of the most controversial issues is that of the three-strikes strongly and continuously pushed by France in the EU Council . Although most of the dispositions introducing the graduate response system were rejected in first reading of the Telecom Package, there are still some alarming ones persisting. France is trying hard to get rid of Amendment 138 which seeks to protect users' rights against the three-strikes sanctions and which, until now, has stopped the EU from applying the three-strikes policy. Also, some new amendments reintroduce the notion of lawful content, which will impose the obligation on ISPs to monitor content going through their networks. The UK government is pushing for the "wikipedia amendments" (so-called because one of them has been created by cutting and pasting a text out of the wikipedia) in order to allow ISPs to make limited content offers. The UK amendments eliminate the text that gives users rights to access and distribute content, services and applications, replacing it with a text that says "there should be transparency of conditions under which services are provided, including information on the conditions to and/or use of applications and services, and of any traffic management policies ." "In a context where markets like mobile telecommunication or entertainment industries, merging with telecommunication operators, are controlled by oligopolies, relying on the only information of the consumer leaves the consumer without any choice. Competition law would be the only remedy, and they proved to be totally inefficient against Microsoft or mobile operators cartels. Therefore, it is essential to define a positive guarantee of access to services without discrimination," stated Jirimie Zimmermann, co-founder of La Quadrature du Net. Also a very dangerous amendment to the ePrivacy directive is introduced by the UK, allowing the telecommunications industry to collect a potentially unlimited amount of users' sensitive and confidential communications data including telephone and e-mail contacts, geographic position of mobile phones and websites visited on the Internet. As a result of the amendments pushed by the AT&T industry, network discrimination practices could be included by the use of Traffic Management Systems, leading to a discriminative way in which users can access content, services and applications, therefore giving complete control of the network to the operators who will be able to decide who and what can access. The pretext for this movement is the necessity of preventing a collapse of the network due to congestion and of a diversified range of offers by the operators. "Such practices would discourage investment in network capacity as well as competition and innovation, and could pose serious threats to freedom of speech" states La Quadrature du Net which has published an analysis of the tabled amendments and recommendations for the votes to be taken by ITRE/IMCO committee. La Quadrature du Net believes the time left before the vote in the ITRE/IMCO committee must be used to urge MEPs from IMCO and ITRE to protect the citizens' freedoms by voting against all amendments allowing net discrimination, three strikes schemes and privacy breaches. "The second reading on the Telecoms Package means a second round of intense lobbying, where corporate interests try to go back on citizen's basic freedom in order to gain more control over the network. However, the European Parliament has a unique chance of showing citizens its commitment into protecting freedom and equity, since it is only 3 months until the European elections, in June" states the group. BEUC, the European Consumers' Organisation, also issued a press release on 18 March appealing for the net neutrality of the Internet. "Over the coming days, the European Parliament, Commission and the Council are holding informal trialogue discussions on the third telecom package. We urge them to keep the principle of "net neutrality" in the final text, ensuring that consumers will still have access to an open Internet. Consumers should be able to choose their own content, application and services online - this right needs to be enforced by national telecom regulators". The next key dates after the vote by ITRE/IMCO committee are 15 April 2009, the deadline for plenary amendments, and 22 April 2009- the date estimated for the EP plenary vote. Lion of France on the attack against Amendment 138 (22.03.2009) http://www.iptegrity.com/index.php?option=com_content&task=view&id=284&Item… Telecoms Package 2nd Reading ITRE IMCO Amendments http://www.laquadrature.net/wiki/Telecoms_Package_2nd_Reading_ITRE_IMCO_Dra… UK government pushes for discriminated Internet (7.03.2009) http://www.laquadrature.net/en/uk-government-pushes-for-discriminated-inter… EU citizens: Save Internet from being turned into a TV! (22.03.2009) http://www.laquadrature.net/en/eu-citizens-save-internet-from-being-turned-… UK Proposed Amendments http://www.laquadrature.net/files/UK_PROPOSED_AMENDMENTS_on_net_neutrality_… How the EU is bargaining away the Internet (23.03.2009) http://www.iptegrity.com/index.php?option=com_content&task=view&id=287&Item… Unblock the Internet for consumers: BEUC's fight for net neutrality (18.03.2009) http://docshare.beuc.org/docs/1/GOCCADAAPAOEOHHKPKMALAKIPDBG9DBYEG9DW3571KM… EDRI-gram: Open letter to the European Parliament - Telecom Package (17.02.2009) http://www.edri.org/edrigram/campaigns/open-letter-telecom-package ============================================================ 2. Extension of copyright term postponed in the European Parliament ============================================================ As a result of the very large controversy and lack of consensus among MEPs, in a meeting of the presidents of the political groups in the European Parliament on 17 March 2009, the vote on the extension of the copyright term, which was due for 23 March 2009, was postponed for the end of April 2009. The proposed directive, introduced by Commissioner McCreevy, was to extend copyright from 50 to 90 years and was allegedly meant to support performers during their old age. As the many opponents to the proposal have emphasized and as several studies have shown, the extension would mostly benefit the major multinational companies and would negatively affect the economy and culture of Europe. Professor Martin Kretschmer, Director of the Centre for Intellectual Property Policy & Management Bournmemouth considered the measure would be beneficial to the four multinational record companies Universal, Sony BMG, Warner Music and EMI owning almost all the key records to be covered by the extension, a few major artists and the collecting societies. According to the calculation of the European Commission's own figures, most of the performers would only receive about 52 euro/year while according to the EDRi-member Open Rights Group's estimation, 80% of the performers would receive only 0.5 to 27 euro/year. Even if we take into consideration the Commission's figure, the amount is far from helping aging performers. The Association for Fair Audiovisual Copyright in Europe ("A Face"), a group including individuals and associations of the European audiovisual community, has joined other voices against the directive and initiated a petition against it. "We regard the proposed Directive, and any other one based on similar principles and affecting the audiovisual world, as detrimental to the development and dissemination of European culture and economy, which are among the basic missions of the European Parliament. For this reason, we intend to actively oppose their approval and call everybody to support this cause" is the statement of the group. Face's goal is to make sure copyright does not deviate from its initial purpose of "protecting the interest of right holders only to the extent a general progress of culture is assured." At the end of March, a discussion between the European Commission, European Council and the European Parliament will decide whether the directive will be allowed to be furthers discussed in the European Parliament. MEPs back off from copyright term extension vote! (19.03.2009) http://www.openrightsgroup.org/2009/03/19/meps-back-off-from-copyright-term… Copyright extension debate: We must not inhibit digital creators (16.03.2009) http://blogs.telegraph.co.uk/shane_richmond/blog/2009/03/16/copyright_exten… Association for Fair Audiovisual Copyright in Europe Petition of the european audiovisual community against the proposed directive for a copyright term Extension for sound recordings http://aface.eu/ EDRI- gram: Reject the Term Extension Directive (21.01.2009) http://www.edri.org/reject-term-extention-directive ============================================================ 3. German Police searches the homes of the wikileaks.de domain owner ============================================================ The German Police searched the homes of Theodor Reppe, the owner of the domain name wikileaks.de, alleging he was under investigation for "distribution of pornographic material" and "discovery of evidence" The seven police officers in Dresden and four in Jena having performed the searches in the evening of 24 March 2009 claimed the raid was initiated due to Mr. Reppe's position as the Wikileaks.de domain owner. However, it is not clear what exact documents were targeted, because the German Police did not want to give any further information to Mr. Reppe and no contact was made with Wikileaks before or after the search. But the search is considered to be related with the publication of Wikileaks of the censorship lists for Australia, Thailand, Denmark and other countries. The lists include to sites alleged to contain pornography, including child pornography. However, Wikileaks has not published any images from the sites. Wikileaks also speculated on the search: "The raid appears to be related to a recent German social hysteria around child pornography and the political battle for a national censorship system under the German family Minister Ursula von der Leyen. It comes just a few weeks after a member of parliament, SPD Joerg Tauss had his office and private house searched by police. German bloggers discussing the subject were similarly raided. " According to information from Reppe, the Police asked for the passwords to the wikileaks.de domain and asked. for the entire domain to be disabled. But Wikileaks.de and other Wikileaks domains were unaffected by the raid. Reppe is just a volunteer who sponsors the domain for Wikileaks, but is not involved in the day-to-day-operation of wikileaks and just mirrors a collection of Wikileaks US Congressional Research Service reports.He also maintains one of the most popular Tor servers in Germany. Police raid home of Wikileaks.de domain owner over censorship lists (24.03.2009) http://wikileaks.org/wiki/Police_raid_home_of_Wikileaks.de_domain_owner_ove… Police raid Wikileaks.de domain owner Theodor Reppe's home over 'censorship lists' (25.03.2009) http://www.news.com.au/technology/story/0,28348,25240192-5014239,00.html House searches for owners of the domain wikileaks.de (only in German 25.03.2009) http://www.heise.de/newsticker/Hausdurchsuchung-bei-Inhaber-der-Domain-wiki… Danish police mobilized Blocked list (only in German, 2.03.2009) http://www.lawblog.de/index.php/archives/2009/03/02/danische-sperrliste-mob… Australia secretly censors Wikileaks press release and Danish Internet censorship list (16.03.2009) http://wikileaks.de/wiki/Australia_secretly_censors_Wikileaks_press_release… ============================================================ 4. Data sharing legislation pulled by the UK government ============================================================ The campaign of Privacy International and of other civil liberties groups against data sharing legislation in UK resulted in the UK Government decision to abandon Clause 152 of the Coroners and Justice Bill. The respective clause was giving a "designated authority" the power to sign an order allowing the sharing of information between any two agencies in the public and private sector. The proposed legislation raised concerns related to the possible misuse of personal data and created a large opposition movement. In a campaign led by Privacy International and other NGOs, an open letter addressed to Justice Secretary Jack Straw, signed by thirty organisations on 28 February 2009 condemned the proposal as a dangerous threat to privacy, and called for the withdrawal of clause 152 from the Coroners & Justice Bill. "In view of the extraordinary powers conferred by clause 152, the information sharing provisions in the Bill may constitute the gravest threat to data protection in the history of the Data Protection Act, and are among the most wide-ranging and potentially intrusive proposals ever laid before Parliament," stated the letter. On 9 March 2009, a spokesman for Straw announced the "rethinking" of the legislative initiative as a result of the "strength of feeling" against it. The spokesmen stated Justice Secretary recognized that the clause had been drafted in too wide a manner and the reason for the "rethink and a re-consultation" was to "try to strike a balance between the positive elements of data-sharing and ensuring that sensitive data is protected". Although the proposal was entirely stricken out from the Coroners and Justice Bill, a new attempt will be made to introducing an adjusted version in an undetermined future. "This is an extraordinary U-turn but we cannot be led into a false sense of security. We congratulate the Government on its decision, but it was inevitable given how badly the clause have been drafted and how morally corrupt its outcome would have been. Nobody should be under the illusion that the Government has changed its colours with regard to its zeal for surveillance. This could be merely a blip, so we all have to remain vigilant for the next assault of privacy" said Simon Davies, director of Privacy International. Privacy campaigner Phil Booth, director of No2ID was also pleased by the decision. "People realized that their information could be taken and used and abused for other purposes" he said, adding: "The public backlash against Clause 152 has been phenomenal. NO2ID has been working closely with Privacy International and others to focus grassroots and organisational opposition, but the reality is that people just won't put up with the hypocrisy of politicians who want to keep their own details secret, or who support shadowy police databases on protestors, yet who clearly still think that the state can do just as it wants with our personal information. It can't - the people have spoken. Let's hope the scrapping of Clause 152 is the first nail in the coffin of the database state." However, just as Davies, he expressed some reservations, thinking the government might disregard Straw's position. Straw will launch a public consultation in view of implementing more limited proposals to allow government bodies to share information in cases when there is clear benefit. "We will talk to interested groups to get the balance right so that we have the right policy issues reflected in any future legislation and at the same time avoid worrying people unnecessarily that their data is being abused" stated Straw's spokesmen. UK Government backs down on data sharing legislation after PI campaign (8.03.2009) http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-563879 Government abandons data-sharing scheme (7.03.2009) http://www.telegraph.co.uk/news/newstopics/politics/lawandorder/4954058/Gov… Straw bows to pressure over data sharing (8.03.2009) http://www.guardian.co.uk/technology/2009/mar/08/data-sharing-civil-liberti… UK govt to rethink data-sharing plans (10.03.2009) http://www.zdnetasia.com/news/security/0,39044215,62052042,00.htm?scid=rss_… Civil society joins key professional bodies to demand removal of data sharing powers (28.02.2009) http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-563710 EDRIgram:UK Government proposes increased data sharing (11.02.2009) http://www.edri.org/edri-gram/number7.3/uk-govt-more-sharing-data ============================================================ 5. France: Three strikes law debated by the General Assembly ============================================================ The debates on the French three strikes law (so called Hadopi law) started on 11 March 2009 in the General Assembly only to be suspended at the end of the second day, to be continued on 31 March. While the law was adopted by the Senate in less than a day, it appears the deputies will need a much longer time for the debates. Several deputies have shown their opposition to the project considering it as a mechanism to suppress rights and liberties, a "legal monster" as deputy Patrick Bloche expressed himself. However, several amendments to the law were rejected during these two days. Besides the debates related to the financial costs incurred by the creation of Hadopi authority, many discussions referred to the respect of the right to defence raised by the graduated response. At the request of the Minister of Culture and some rapporteurs, the deputies rejected the amendment stipulating that "the right to an equitable procedure must be observed in all cases by the High Authority" and that "attached to this fundamental principles are the audi alteram partem right, the right of defence, the presumption of innocence and imputability rights". The deputies also rejected the modified version of the global licence despite the arguments brought by the opponents of the graduate response. Didier Mathus brought the argument of the revenue showing that with a 2 euro/month contribution from the Internet users, 400 millions euro would go to the music industry while the three strikes system would bring nothing. Jean Dionis du Sijour's proposal of an extended collective licence for the commercial platforms wishing to have access to the catalogues of the record companies was also rejected as well as the amendment introduced by the majority deputy Suguenot that referred to a tax on all advertising revenue from the web, in favour of performers. Another rejected amendment requested a report to be submitted to the Parliament before 31 October 2009 for the implementation of a fund for music creation. The financing of the fund should be included as a part of the tax payed by operators of electronic communications. So, basically, Christine Albanel succeeded in influencing the votes of the deputies in many of the issues under the debate. She also reaffirmed her intention to continue to defend the draft law. However, there is still some time before the debates are resumed which could be used to try and influence the final result. La Quadrature du Net has launched an initiative in this sense meant to make all deputies aware of the consequences of their position regarding the Hadopi law. The "Memoire Politique" (Political Memory) is a wiki including all texts and comments of the deputies that will allow the citizens to verify the position of each deputy in various national and european legal debates. La Quadrature du Net team, has decided to thus improve the democratic information and to "concretely apply the fundamental principle of the representative democracy" by the Memoire Politique". The Memoire Politique will collect the declarations and positions of the deputies during the sessions on Hadopi law, also providing their assessment. This will give the citizens the possibility to verify whether the deputies they elected really represent their interests. This will also help in providing the citizens with the counter-arguments that they may present to their deputies in requiring the refusal of amendments that may affect their rights. Internet and Creation Law (day 2): suspended until 31 March... minimum (only in French, 13.03.2009) http://www.numerama.com/magazine/12301-Loi-Creation-et-Internet-jour-2-susp… Hadopi (day 2) : the deputies rejected the global licence - version 2009 (only in French, 12.03.2009) http://www.numerama.com/magazine/12299-Hadopi-jour-2-les-deputes-rejettent-… Hadopi (day 1): The right wing divided by the suspension of the access to Internet (only in French, 12.03.2009) http://www.numerama.com/magazine/12285-Hadopi-jour-1-la-droite-divisee-sur-… Hadopi : National Assembly massively rejects the exception of non-admisability (only in French, 11.03.2009) http://www.numerama.com/magazine/12281-Hadopi-l-Assemblee-Nationale-rejette… La Quadrature du Net sets up the Mimoire Politique (only in French, 23.03.2009) http://www.numerama.com/magazine/12387-La-Quadrature-du-Net-met-en-place-un… Mimoire Politique http://www.laquadrature.net/wiki/Political_Memory Hadopi amendements - National Assembly http://www.laquadrature.net/wiki/Hadopi_amendements_assemblee_nationale EDRI-gram: HADOPI law close of creating a dangerous precedent (25.02.2009) http://www.edri.org/edri-gram/number7.4/hadopi-law-france ============================================================ 6. European Parliament wants more transparency on ACTA ============================================================ The European Parliament has included in the Draft Regulation regarding public access to the European Parliament, Council and Commission documents a reference asking for more transparency in the current negotiations on the Anti-Counterfeiting Trade Agreement (ACTA) A recital in the text adopted by the European Parliament says: "In accordance with Article 255(1) of the EC Treaty, the Commission should immediately make all documents related to the ongoing international negotiations on the Anti-Counterfeiting Trade Agreement (ACTA) publicly available." The new regulation considers that the basic principle of the new policy on access to documents should be: "No legislative documents should be kept secret." MEPs adopted amendments to the draft proposal but postponed the vote on the legislative resolution, leaving the door open for further negotiations and a first-reading agreement. The regulation foresees also the disclosure of the documents originating from a Member State and received by the EU institutions, after the consultation of the Member state, but without giving it a right of veto. Also Member States shall seek to ensure that an equivalent level of transparency is granted in relation to national measures implementing normative acts of the EU. The MEPs concluded that transparency should be extended also to the international agreements where EU is participating. Special reference was made to the agreement with the USA on the PNR that "must not give a non-EU country or an international organisation the right to prevent the European Parliament from accessing confidential information." Also, MEPs asked the Commission to make available all the documents related to ACTA that might create a new international benchmark on intellectual property right enforcement. This decision came as a breath of fresh air for all international civil rights activists that have asked several times for the publication of the documents related to this international treaty. Especially after in US a Freedom of Information Act request by Jamie Love, director of the non-profit group Knowledge Ecology International, was denied by the chief FOIA officer in the White House's Office of the U.S. Trade Representative. The subject of the request were 7 specific documents, referenced by their exact title and date. These documents are the proposals for ACTA text. The requested documents "are being widely circulated to corporate lobbyists in Europe, Japan, and the U.S. There is no reason for them to be secret from the American public." However, the answer of the Obama administration was that the discussion draft of the Anti-Counterfeiting Trade Agreement and related materials are "classified in the interest of national security pursuant to Executive Order 12958." A document published by Michael Geist in Canada reveals that also the Canadian Government might be favourable to an early release of draft ACTA ".. the Canadian delegation plans to argue for a transparent approach. . . This approach would result in an earlier release of the text, which would serve to alleviate domestic concerns about the scope of the agreement and the perceived secrecy surrounding the process. The draft text could then serve as the basis for broad-based public consultations. " Proposal for a regulation of the European Parliament and of the Council regarding public access to European Parliament, Council and Commission documents (11.03.2009) http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P6-TA-2… Access to documents: The European Parliament demands more transparency (11.03.2009) http://www.europarl.europa.eu/news/expert/infopress_page/019-51409-068-03-1… Copyright treaty is classified for 'national security' (12.03.2009) http://news.cnet.com/8301-13578_3-10195547-38.html Obama Administration Rules Texts of New IPR Agreement are State Secrets (12.03.2009) http://www.huffingtonpost.com/james-love/obama-administration-rule_b_174450… Canada Favours Early Release of ACTA Text (14.03.2009) http://www.michaelgeist.ca/content/view/3751/125/ EDRi-gram: EU pushes for an international Anti-Counterfeiting Trade Agreement (7.11.2007) http://www.edri.org/edrigram/number5.21/acta-eu EDRi-gram: BitTorrent tracker sites threatened by draft ACTA agreement (4.06.2008) http://www.edri.org/edrigram/number6.11/bittorent-acta-agreement ============================================================ 7. Germany: Data retention is disproportionate ============================================================ The German Working Group on Data Retention (AK Vorrat) announced that the Administrative Court of Wiesbaden found the blanket recording of the entire population's traffic data on telephone, mobile phone, e-mail and Internet usage is disproportionate. The decision of the court is "that data retention violates the fundamental right to privacy. It is not necessary in a democratic society. The individual does not provoke the interference but can be intimidated by the risks of abuse and the feeling of being under surveillance (...) The directive (on data retention) does not respect the principle of proportionality guaranteed in Article 8 ECHR, which is why it is invalid." AK Vorrat, that has also initiated the Constitutional complaint against the German Data retention law, used this opportunity to address another digital civil rights fear: a government project to allow Internet service providers to record everybody's Internet surfing habits. The project was debated on 19 March by the German Bundestag in the first reading. Started as a project to better protect the computer networks against any cyber-attacks, the new draft has been criticized by the Privacy Commissioner of the Federal Government, Peter Schaar, who considered that the draft needed to be revised and several law provisions needed to be clarified. The draft also contains an amendment to the Telemedia Act, which allows service providers, using data they are allowed to store and process for legal purposes, to use the information for identifying surfing habits. The amendemnt is justified by the necessity of the protection against malicious software and other similar threats. "We call on all citizens to contact their MPs now in order to protest against the proposed retention of web surfing habits," says Werner H|lsmann, member of the board of the forum of computer scientists for peace and social responsibility, actively working in the Working Group on Data Retention. "The recent criticism by Federal Minister of the Interior Wolfgang Schduble (CDU) of the Constitutional Court's preliminary decision on data retention proves that his surveillance mania is limitless", criticizes Patrick Breyer of the Working Group on Data Retention. "It is not 'a matter for the legislature' to keep eroding our constitutional guarantees protecting us from errors and abuses by the authorities. We urgently need to establish a Fundamental Rights Agency to have all existing powers and programs of the security authorities systematically and scientifically reviewed as to their effectiveness, cost, adverse effects, alternatives and compatibility with our fundamental rights." Despite all the different European attempts to stop data retention, the day of 15 March 2009, imposed by the EU data retention directive, marks the starting point for ISPs to collect and store traffic data in several European countries. Administrative Court: Data retention is "invalid" (16.03.2009) http://www.vorratsdatenspeicherung.de/content/view/301/1/lang,en/ Video: Bundestag debates draft law (only in German, 25.03.2009) http://www.vorratsdatenspeicherung.de/content/view/302/1/lang,de/ Protection against hackers, surveillance fears (only in German, 19.03.2009) http://www.tagesschau.de/inland/ueberwachung/bsigesetz100.html ============================================================ 8. Irish ISP Association rejects the copyright industry threats ============================================================ After several weeks of silence in the the Eircom deal with IRMA (Irish Recorded Music Association), the Irish ISP Association (ISPAI) has reacted considering the legal threats as spurious and that there is no evidence of wrong-doing by Internet Service Providers. The Irish ISP scandal has started with the major Irish ISP Eircom agreement to a "three strikes" approach, following the settlement of the court case with IRMA. In terms of this agreement, the evidence of illegal downloads will be provided by IRMA and Eircom will take action without a court hearing. The agreement also means that Eircom is not to oppose any application blocking file-sharing websites from their network. IRMA tried to extend the agreement to other ISPs by sending them letters threatening legal action from solicitors representing four major music recording companies. ISPAI, where Eircom is also a member, published a statement approved by "a majority" of its members that claims that two years ago they initiated meetings with the music representatives to explore these aspects, but the matter was not followed up by the industry. "The ISPAI and its members have never condoned the use of its members' services for theft of copyrighted works of any kind, and continue to operate within the existing legal framework which has provisions for taking action where appropriate," says the statement explaining that the present Irish copyright law provides remedies and means of action for breaching copyright through the courts and that "ISPAI members will continue to co-operate fully within these existing legal parameters." ISPAI also supports the privacy of its users' communications and underlines its importance through this statement: "Privacy of user communications is protected in European and Irish legislation. ISPs can not be expected to ignore these merely because it does not suit another private party. To do so would breach the privacy of our users as well as having serious implications for the continued location of international e-business in this country and the jobs these generate. " ISPAI - Position statement (13.03.2009) http://www.ispai.ie/docs/20090313copyright.pdf Irish ISPs rally against record label anti-piracy threat (17.03.2009) http://www.theregister.co.uk/2009/03/17/irish_isps_rally_against_irma_threa… Irish ISPs reject music industry's file-sharer demands (18.03.2009) http://www.out-law.com//default.aspx?page=9887 EDRi-gram: Irish ISP settled to introduce 3 strikes (11.02.2009) http://www.edri.org/edri-gram/number7.3/3-strikes-ireland EDRi-gram: IRMA tries to block websites (11.03.2009) http://www.edri.org/edri-gram/number7.5/irma-blocks-websites ============================================================ 9. Coalition of musicians against criminalizing downloaders ============================================================ On 11 March 2009, during its inaugural meeting, the Featured Artists Coalition (FAC) including 140 of UK biggest rock and pop stars, expressed concern about actions taken against fans involved in file-sharing. FAC expressed the intention to fight for a fairer deal for musicians "at a time when they can use the internet to forge direct links with their fans." The members of the coalition want to campaign for effective laws and regulations and for transparent and equitable business practices. They believe that companies such as MySpace and YouTube should be required to remunerate the artists when using their music for advertising. At the same time, they want to dissociate themselves from the industry in its move to criminalize individuals for illegally downloaded music. The artists discussed on a response to the interim version of the Digital Britain report which proposes a Rights Agency to enforce anti-piracy measures. Although the interim report does not propose a three-strikes system like in France, it proposes measures requiring ISPs to give up information about customers sharing music on P2P networks to rights-holders. This would make it easier to take actions against the most significant infringers. "What I said at the meeting was that the record industry in Britain is still going down the road of criminalising our audience for downloading illegal MP3s," said musician Billy Bragg who added that "Artists should own their own rights and they should decide when their music should be used for free, or when they should have payment." Ed O'Brien, member of Radiohand band, considered that during a "defining time for the industry (...) a lot of the rights and revenue streams are being carved up, and we need a voice... I think all the major players want to hear what we have to say." It's not a crime to download, say musicians (12.03.2009) http://www.independent.co.uk/arts-entertainment/music/news/its-not-a-crime-… Featured Artists Opposed To Cutting Off File-Sharers (12.03.2009) http://www.billboard.biz/bbbiz/content_display/industry/e3iffcfe0c0b0255a5a… ============================================================ 10. Recommended Action ============================================================ Document Freedom Day - 25.03.2009 For the second time, in 2009, the Document Freedom Day is orgganized as a global day for Document Liberation with the participation of roughly 250 active teams worldwide. It is a day of grassroots effort around the world to promote and build awareness for the relevance of Free Document Formats in particular and Open Standards in general. http://www.documentfreedom.org/ ============================================================ 11. Recommended Reading ============================================================ Database State - a comprehensive map of UK government databases By Ross Anderson, Ian Brown, Terri Dowty, Philip Inglesant, William Heath, Angela Sasse, Foundation for Information Policy Research (March 2009) Database State - full report http://www.jrrt.org.uk/uploads/Database%20State.pdf Database State - Executive Summary http://www.jrrt.org.uk/uploads/Database%20State%20-%20Executive%20Summary.p… ============================================================ 12. Agenda ============================================================ 26-27 March 2009, London, UK 5th Communia Workshop: Accessing, Using, Reusing Public Sector Content and Data http://www.communia-project.eu/ws05 27-29 March 2009, Manchester, UK Oekonux Conference: Free Software and Beyond The World of Peer Production http://www.oekonux-conference.org/ 28 March 2009, London, UK Open Knowledge Conference (OKCon) 2009 http://www.okfn.org/okcon/ 29-31 March 2009, Edinburgh, UK Governance Of New Technologies: The Transformation Of Medicine, Information Technology And Intellectual Property - An International Interdisciplinary Conference http://www.law.ed.ac.uk/ahrc/conference09/ 1-3 April 2009, Berlin, Germany re:publica 2009 "Shift happens" http://www.re-publica.de/09/ Subconference: 2nd European Privacy Open Space http://www.privacyos.eu/ 4 April 2009, Paris, France French 2009 Big Brother Awards http://bigbrotherawards.eu.org/ 21-23 April 2009, Winchester, UK BILETA 2009 Annual Conference http://www.winchester.ac.uk/?page=9871 23-24 April 2009, Brussels, Belgium The future of intellectual property - Creativity and innovation in the digital era http://www.intellectualproperty-conference.eu 23-24 April 2009, Amsterdam, Netherlands Second European Licensing and Legal Workshop organized by Free Software Foundation Europe http://www.fsfeurope.org/news/2009/news-20090323-01.en.html 11 May 2009, Brussels, Belgium GigaNet is organizing the 2nd international academic workshop on Global Internet Governance: An Interdisciplinary Research Field in Construction. Deadline for abstracts submissions is 20 March 2009. http://giganet.igloogroups.org/publiclibr/giganetcos/2009brusse 13-14 May 2009 Uppsala, Sweden Mashing-up Culture: The Rise of User-generated Content http://www.counter2010.org/workshop_call 19-20 May 2009, Brussels, Belgium European Commission organizes a personal data protection conference to look at new challenges for privacy http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_03_03_09_en.pdf 24-28 May 2009, Venice, Italy ICIMP 2009, The Fourth International Conference on Internet Monitoring and Protection http://www.iaria.org/conferences2009/ICIMP09.html 1-4 June 2009, Washington, DC, USA Computers Freedom and Privacy 2009 http://www.cfp2009.org/ 5 June 2009, London, UK The Second Multidisciplinary Workshop on Identity in the Information Society (IDIS 09): "Identity and the Impact of Technology" http://is2.lse.ac.uk/idis/2009/ 28-30 June 2009, Torino, Italy COMMUNIA Conference 2009: Global Science & Economics of Knowledge-Sharing Institutions http://www.communia-project.eu/conf2009 2-3 July 2009, Padova, Italy 3rd FLOSS International Workshop on Free/Libre Open Source Software Paper submission by 31 March 2009 http://www.decon.unipd.it/personale/curri/manenti/floss/floss09.html 13-16 August 2009, Vierhouten, The Netherlands Hacking at Random http://www.har2009.org/ 23-27 August 2009, Milan, Italy World Library and Information Congress: 75th IFLA General Conference and Council: "Libraries create futures: Building on cultural heritage" http://www.ifla.org/IV/ifla75/index.htm 10-12 September 2009, Potsdam, Germany 5th ECPR General Conference, Potsdam Section: Protest Politics Panel: The Contentious Politics of Intellectual Property http://www.ecpr.org.uk/potsdam/default.asp 16-18 September 2009, Crete, Greece World Summit on the Knowledge Society WSKS 2009 http://www.open-knowledge-society.org/ October 2009, Istanbul, Turkey eChallenges 2009 http://www.echallenges.org/e2009/default.asp 16 October 2009, Bielefeld, Germany 10th German Big Brother Awards Deadline for nominations: 15 July 2009 http://www.bigbrotherawards.de/ 15-18 November 2009, Sharm El Sheikh, Egypt UN Internet Governance Forum http://www.intgovforum.org/ ============================================================ 13. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 29 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

[p2p-hackers] Ideas for an opensource Skype lookalike
by Enzo Michelangeli 06 Jul '18

06 Jul '18

Hello everybody, I just joined this list after lurking for a while on its archive at http://zgp.org/pipermail/p2p-hackers/. I'd like to gather opinions about using P2P techniques to support a type of application that never managed to become really popular: a secure internet phone. I have recently begun to monitor the development of Speakfreely on Sourceforge (http://speak-freely.sourceforge.net/ ) after its creator John Walker decided that the future of Internet was an inhospitable environment for it and abandoned further development (http://www.fourmilab.ch/speakfree/ ). I think that John overlooked the possibilities offered by P2P architectures, in two critical areas: - Directories for location and presence. Nothing fancy here, already done before for P2P chat systems. - Working around NAT routers. John says of implementing third-party reflectors: "[...] no non-commercial site like mine could possibly afford the unlimited demands on bandwidth that would require. It's one thing to provide a central meeting point like a Look Who's Listening server, which handles a packet every five minutes or so from connected sites, but a server that's required to forward audio in real-time between potentially any number of simultaneously connected users is a bandwidth killer." However, what a centralized system can't do, is a piece of cake for a distributed system ("_One_ can't, perhaps," said Humpty Dumpty, "but two can.[...]"). The fact that something like Skype does exist, works, and may claim an average of more than 150,000 users online at any given time, looks like a proof of feasibility to me! Unfortunately, Skype is closed-source (which is a showstopper for a crypto application), and Windows-only to boot. However, nothing prevents borrowing some ideas at http://www.skype.com/skype_p2pexplained.html for an opensource alternative. Speakfreely might not represent the best starting point, but it usually works out of the box (which is more than can be said for most other Internet phones), it's multi-platform, and already contains an RTP stack and bulk encryption code. As an alternative to Speakfreely's code, one could assemble together an RTP stack such as oRTP (http://www.linphone.org/ortp/) a bulk encryption and authentication layer such as SRTP (http://srtp.sourceforge.net/srtp.html) a portable audio abstraction layer such as Portaudio (www.portaudio.com) and an unencumbered codec such as Speex (www.speex.org) It would be nice if all the components were or could be ported to WinCE, for use on wireless PDA's. What Speakfreely sorely lacks is a sensible session initiation protocol, and access to non-NATted reflectors to help NATted peers to find each other and exchange UDP traffic. That's where a P2P network (especially one supporting the concept of non-NATted "ultrapeers") can save the day. In my opinion, traditional server-based (i.e., non-P2P) session initiation protocols like SIP -not to mention H.323- represent a poor choice for a consumer-friendly application: they require an arsenal of infrastructural applications (directories, proxies, gatekeepers etc.) which make them attractive only to telcos and hardware vendors (hence Cisco's support for SIP, and the venom liberally spilled on Skype at http://www.voxilla.com/modules.php?op=modload&name=News&file=article&sid=18… ode=thread). Besides, as I wrote on speak-freely-devel(a)lists.sourceforge.net, "the mechanisms that SIP/SDP use for session key negotiation range from the pathetic (key sent in cleartext!!) to the impractical (S/MIME CMS, which is a monster built on the clay feet of a PKI that isn't quite there)". Skype claims to use RSA-based key exchange, which is good for multi-party conferencing but does not preserve forward secrecy. Maybe some variant of ephemeral D-H authenticated by RSA signatures, with transparent renegotiation every time someone joins the conference, could do the job better. But the thing I particularly would like to discuss here is if, and how, to leverage on existing P2P networks. One could always implement a brand new network, using Distributed Hash Table algorithms such as Chord or Kademlia, but it would be much easier to rely from the very beginning upon a large number of nodes (at least for directory and presence functionality, if not for the reflectors which require specific UDP code). That would somehow repeat the approach initially adopted by Vocaltec when, in 1995, they launched their Iphone making use of IRC servers to publish dynamic IP addresses. Incidentally, the IRC users community didn't particularly appreciate ;-), triggering the Great Iphone War, which quickly led Vocaltec to set up its own dedicated IRC servers. >From what I see, Gnutella is pretty hopeless for that purpose because searches are only based on flooding, and therefore full-network searches are nearly impossible; on the other hand, Overnet (which relies upon the Kademlia algorithm) could perhaps be used as a sort of distributed presence/location "server", and also key server (perhaps it would be wise to use an OpenPGP key format to enjoy WoT features from day one). The Overnet protocol is unpublished, but it's been reverse-engineered at least in part by the mldonkey team. Alternatively, Freenet or Entropy could perhaps provide similar services, but with a large code overhead (I'd like to keep the code small enough to be ported, one day, to a PDA) and perhaps slower propagation (?). Comments, as I said, are much welcome. Enzo _______________________________________________ p2p-hackers mailing list p2p-hackers(a)zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]

1 0

[Freedombox-discuss] ISC.org announces "Open Home Gateway Forum", funded by Comcast
by John Gilmore 06 Jul '18

06 Jul '18

https://www.isc.org/wordpress/isc-launches-open-home-gateway-forum/ http://openhomegateway.org/ Internet Systems Consortium (ISC) is delighted to announce the launch of the Open Home Gateway Forum with an initial grant from Comcast. The OHGF is a Forum of ISPs and vendors and Internet development organizations, initiated and spearheaded by ISC, that aims to improve the rollout of new Internet technologies to home networks by providing stable, quality-assured reference Open Source software to be used in home gateways. Home gateways are the means by which a residential customer connects to an Internet service provider. ISC is serious folks, who have maintained the core DNS implementation for decades and who run the "F" root server. John _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss(a)lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: Random chaff [was: more work for Grobbages]
by Paul Syverson 06 Jul '18

06 Jul '18

On Wed, Sep 23, 2009 at 11:12:07AM -0700, Jon McLachlan wrote: > *sigh* > > See below :) I did, but I don't get the sigh. > > > On Sep 23, 2009, at 8:29 AM, Paul Syverson wrote: > >> On Wed, Sep 23, 2009 at 11:11:29AM -0400, Praedor Atrebates wrote: >>> It would appear that the tor network should include some timing >>> randomization and reordering of packets to thwart such analysis. >>> Not so much to really slow things down but enough to throw up >>> uncertainty in the packet analyses. >> >> >> You're trying to turn it into a mix network. > > That's something that exists in "that box" over there, not "Tor's box" ;) I was trying to succinctly say that this is a component of a different system architecture with different assumptions. In the second generation onion routing system we developed, i.e., the one before Tor, we actually included mixing for experimental purposes. The lessons so far has been that it isn't worth it and we did not bother to put that in Tor. That could change, but so far there are no positive indications from the research. > >> The order uncertainty >> doesn't matter at this level of latency. > > AKA, as little of latency as possible... which is still quite a bit > actually, thank you bittorrent :( > >> The Bauer et al. research I >> mentioned showed how to do timing attacks based just on setting >> up the circuit. You don't even need to send any data. > > *shrugs* > > If all clients in the network created Tor circuits of the same length, all > at the same time, wouldn't that mangle that analysis of who's telescoping > circuit-extension request is who's? I know that's not what cover traffic > does... but if Tor has some sort of "heart beat" that would make it more > difficult to distinguish between which circuit-extension request is > who's... that's only feasible because all clients have a stake in circuits, > not the same for external-to-to requests, like webpages etc etc... > Yes of course. You say that like it's trivial (to design, implement, etc.) rather than huge. Plus, keeping the existing network nodes synched even just to the point that things don't actually break has not been 100 percent successful, and this would imply much tighter synchronization not just across the nodes but across all the clients as well. And the synchronization is not just to keep things running but now becomes security-critical. Wah! More importantly, it is trivial to beat this with an active attack. Just delay circuit setup packets slightly and watch for the pattern at the other end. Or if the circuit is established, stomp some bits at one end and see if the other end has junk come out shortly thereafter. I'm not saying it's forever hopeless. The things I've mentioned and more have been considered and people have design and evaluated countermeasures to them and continue to do so. As Nick said, the problem isn't that padding doesn't work. It's that it doesn't work nearly well enough (at least so far). >> >> Whatever solution (if one even exists) is out there, most of >> the straightforward ideas and many of the not so straightforward >> ideas have already been extensively researched. > > But not necessarily tested in the wild... Even the Bauer et al. > demonstrates those ideas in a fake Tor network, yes, on recommendation from > Tor not to do the experiment in Tor, but still. And on PL, the VM > environment is particularly prone to latency, so of course timing analysis > attacks will stick out like a sore thumb... Ermm. The stuff that Lasse and I did _was_ on the deployed Tor network. Now that is not today's network. The network then was much smaller, it didn't have guard nodes, etc. Testing in the wild in general is very tricky because Tor _is_ an operational network, and you don't want to do anything that would inadvertently create problems. This is also an ongoing research challenge. We would like to understand and improve performance by gathering data but without doing anything to increase risk to users or operators. Karsten and others have been working on that. > > so there might actually be something to deploying that exp on the real > network... > Yes. There might be. But you would first have to justify the overhead cost to the network by giving at least some reasonable argument that it might work reasonably well, at least better than anything that's been considered to date. "Hey we don't know this won't work unless we try," is not an adequate justification. Vetting ideas through the research community seems like a reasonable first step. You would also have to adequately analyze the impact on client and relay performance and security before deploying. Again, nobody's discouraging research into these questions. They just want answers before deploying. So far none of the research has been giving encouraging answers. >> Cf. > > what does that mean? :) > Sorry. I thought that was standard. It means 'Cf.' means _confer_, i.e., see here. Woops, "i.e." stands for 'id est' which means _that is_. HTH, Paul *********************************************************************** To unsubscribe, send an e-mail to majordomo(a)torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: Random chaff [was: more work for Grobbages]
by Paul Syverson 06 Jul '18

06 Jul '18

On Wed, Sep 23, 2009 at 11:12:07AM -0700, Jon McLachlan wrote: > *sigh* > > See below :) I did, but I don't get the sigh. > > > On Sep 23, 2009, at 8:29 AM, Paul Syverson wrote: > >> On Wed, Sep 23, 2009 at 11:11:29AM -0400, Praedor Atrebates wrote: >>> It would appear that the tor network should include some timing >>> randomization and reordering of packets to thwart such analysis. >>> Not so much to really slow things down but enough to throw up >>> uncertainty in the packet analyses. >> >> >> You're trying to turn it into a mix network. > > That's something that exists in "that box" over there, not "Tor's box" ;) I was trying to succinctly say that this is a component of a different system architecture with different assumptions. In the second generation onion routing system we developed, i.e., the one before Tor, we actually included mixing for experimental purposes. The lessons so far has been that it isn't worth it and we did not bother to put that in Tor. That could change, but so far there are no positive indications from the research. > >> The order uncertainty >> doesn't matter at this level of latency. > > AKA, as little of latency as possible... which is still quite a bit > actually, thank you bittorrent :( > >> The Bauer et al. research I >> mentioned showed how to do timing attacks based just on setting >> up the circuit. You don't even need to send any data. > > *shrugs* > > If all clients in the network created Tor circuits of the same length, all > at the same time, wouldn't that mangle that analysis of who's telescoping > circuit-extension request is who's? I know that's not what cover traffic > does... but if Tor has some sort of "heart beat" that would make it more > difficult to distinguish between which circuit-extension request is > who's... that's only feasible because all clients have a stake in circuits, > not the same for external-to-to requests, like webpages etc etc... > Yes of course. You say that like it's trivial (to design, implement, etc.) rather than huge. Plus, keeping the existing network nodes synched even just to the point that things don't actually break has not been 100 percent successful, and this would imply much tighter synchronization not just across the nodes but across all the clients as well. And the synchronization is not just to keep things running but now becomes security-critical. Wah! More importantly, it is trivial to beat this with an active attack. Just delay circuit setup packets slightly and watch for the pattern at the other end. Or if the circuit is established, stomp some bits at one end and see if the other end has junk come out shortly thereafter. I'm not saying it's forever hopeless. The things I've mentioned and more have been considered and people have design and evaluated countermeasures to them and continue to do so. As Nick said, the problem isn't that padding doesn't work. It's that it doesn't work nearly well enough (at least so far). >> >> Whatever solution (if one even exists) is out there, most of >> the straightforward ideas and many of the not so straightforward >> ideas have already been extensively researched. > > But not necessarily tested in the wild... Even the Bauer et al. > demonstrates those ideas in a fake Tor network, yes, on recommendation from > Tor not to do the experiment in Tor, but still. And on PL, the VM > environment is particularly prone to latency, so of course timing analysis > attacks will stick out like a sore thumb... Ermm. The stuff that Lasse and I did _was_ on the deployed Tor network. Now that is not today's network. The network then was much smaller, it didn't have guard nodes, etc. Testing in the wild in general is very tricky because Tor _is_ an operational network, and you don't want to do anything that would inadvertently create problems. This is also an ongoing research challenge. We would like to understand and improve performance by gathering data but without doing anything to increase risk to users or operators. Karsten and others have been working on that. > > so there might actually be something to deploying that exp on the real > network... > Yes. There might be. But you would first have to justify the overhead cost to the network by giving at least some reasonable argument that it might work reasonably well, at least better than anything that's been considered to date. "Hey we don't know this won't work unless we try," is not an adequate justification. Vetting ideas through the research community seems like a reasonable first step. You would also have to adequately analyze the impact on client and relay performance and security before deploying. Again, nobody's discouraging research into these questions. They just want answers before deploying. So far none of the research has been giving encouraging answers. >> Cf. > > what does that mean? :) > Sorry. I thought that was standard. It means 'Cf.' means _confer_, i.e., see here. Woops, "i.e." stands for 'id est' which means _that is_. HTH, Paul *********************************************************************** To unsubscribe, send an e-mail to majordomo(a)torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [cryptography] "Meet the groundbreaking new encryption app set to revolutionize privacy..."
by Jon Callas 06 Jul '18

06 Jul '18

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for your comments, Ian. I think they're spot on. At the time that the so-called Arab Spring was going on, I was invited to a confab where there were a bunch of activists and it's always interesting to talk to people who are on the ground. One of the things that struck me was their commentary on how we can help them. A thing that struck me was one person who said, "Don't patronize us. We know what we're doing, we're the ones risking our lives." Actually, I lied. That person said, "don't fucking patronize us" so as to make the point stronger. One example this person gave was that they talked to people providing some social meet-up service and they wanted that service to use SSL. They got a lecture how SSL was flawed and that's why they weren't doing it. In my opinion, this was just an excuse -- they didn't want to do SSL for whatever reason (very likely just the cost and annoyance of the certs), and the imperfection was an excuse. The activists saw it as being patronizing and were very, very angry. They had people using this service, and it would be safer with SSL. Period. This resonates with me because of a number of my own peeves. I have called this the "the security cliff" at times. The gist is that it's a long way from no security to the top -- what we'd all agree on as adequate security. The cliff is the attitude that you can't stop in the middle. If you're not going to go all the way to the top, then you might as well not bother. So people don't bother. This effect is also the same thing as the best being the enemy of the good, and so on. We're all guilty of it. It's one of my major peeves about security, and I sometimes fall into the trap of effectively arguing against security because something isn't perfect. Every one of us has at one time said that some imperfect security is worse than nothing because it might lull people into thinking it's perfect -- or something like that. It's a great rhetorical flourish when one is arguing against some bit of snake oil or cargo-cult security. Those things really exist and we have to argue against them. However, this is precisely being patronizing to the people who really use them to protect themselves. Note how post-Diginotar, no one is arguing any more for SSL Everywhere. Nothing helps the surveillance state more than blunting security everywhere. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: us-ascii wj8DBQFRFVFhsTedWZOD3gYRAjX5AKCw+SBcR1TDlDuPorgri2makt30wACgs3iI 2f+SwEqjbAVyPhf9SH67Aa8= =tB7/ -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography(a)randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

[Freedombox-discuss] Processors without visual serial numbers exist
by freebirds＠hushmail.com 06 Jul '18

06 Jul '18

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim Schmidt wrote: "The Ben Nanonote uses a CPU designed and made in China. For which there's not terribly much documentation. Just saying..." True but not for long. When AMD or Google buy out MIPS, there will be a global monopoly on processors. I need to purchase a MIPS as soon as possible! See: "AMD and Google in Race to Buy Out MIPS" http://www.techpowerup.com/164394/AMD-and-Google-in-Race-to-Buy-Out- MIPS.html?cp=2 Tim Schmidt, I think the entire Ben Nanonote is manufactured in China, not just the Ingenic JZ4720 processor. You are correct there is not much documentation from Ingenic. Ingenic has not responded to my two emails. The Qi forum is practically dead. No responses to my posts. There is another open hardware project I just read about today, OpenHardware.org. I will check them out. There are a few SoC without a visual processor serial number. Great news: DreamPlug is one of them. ARM Forum answered: "The ARM CPU itself doesn't have a unique identifier, although someone building an SoC using an ARM CPU could add one at the system level." http://forums.arm.com Yuri at Freescale technical support, support(a)freescale.com, answered that devices of i.MXS or i.MXL series do not have PSN. http://www.freescale.com/webapp/sps/site/overview. jsp?code=IMXS_FAMILY > On June 29, 2012, Globalscale Technologies answered my question whether the DreamPlug has a visual PSN. Sales(a)globalscaletechnologies.com wrote: "For our current production, we do not burn device ID in OTP memory, this ID is not visible to the internet." I just Globalscale whether DreamPlug has ARM FreeZone or out of band monitoring. -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wsBcBAEBAgAGBQJP7gqvAAoJEMry4TZLOfxmyDQH/RDO2soFV7r4hYR3M2v3A68g63vm 8w6TTdCiaXo2iTrCxAyAOLkYEpH9UqqMhZTDrnuGcvFrUDmojhq5dJdmWKxjHR87dKYa ymdKdBjCzwazsdINzS/picd9Kvn/3Fyj2wnBc8iC4rqfn6ZuNVZdxwJuZ8Ec10Dh7Q1a Qd5NENCrvZEbyMxfiriw0yOrXvqHCcWBGSmGyBKSkFiHRicDuwFn1Bu3HkEkU8YKnwed /BHiP5zQA66LciSDwEuH3fenLxgPehNTGtOwJ0K+URhDd0sgymNyUkUbMWg5Wh/aZ9VY mNdbqIW3soGm/Bv1Pu73XzeGKWxPKMphJE/BMGehdrw= =5Inm -----END PGP SIGNATURE----- _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss(a)lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0