cypherpunks-legacy
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
July 2018
- 1371 participants
- 9656 discussions
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.12, 15 June 2011
============================================================
Contents
============================================================
1. European Commission consults with civil society on data retention
2. Irish "three strikes" system investigated by Data Protection Commissioner
3. European Commission consultation on IPR enforcement
4. UK: The Home Office's Prevent Strategy includes Internet filtering
5. Facebook's face recognition raises privacy complaints
6. Germany: Police statistics prove data retention superfluous
7. Big Brother Awards Italy 2011
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
9. Recommended Action. Smart meters: Let's be clever and team up
10. Recommended Reading
11. Agenda
12. About
============================================================
1. European Commission consults with civil society on data retention
============================================================
Last week, the European Commission held the first of its series of
consultation meetings with different groups of stakeholders on the revision
of the infamous Data Retention Directive. The first meeting was with the
"civil society", including representatives of industry and one lobbying
company representing unspecified clients.
The meeting was originally intended to address the details of the Directive.
However, civil society representatives broadly took the view that it was
impossible to have a coherent discussion on the Directive itself, if the
Member States were going to fail to provide credible data to the Commission
for its decision-making process. As evidenced by the Commission's
Implementation Report, there is simply not enough data available from the
Member States to show that the Directive is "necessary" (the minimum
requirement for it to be legal).
Participants at the meeting felt that if the Commission was going to be
forced to defend the Directive using anecdotes about the use of data that
would have been retained even in the absence of the Directive, the whole
process, including the consultations, would be undermined. In particular,
participants requested that the Commission only used information from Member
States related to data stored under the Directive. Also older data should be
considered "necessary" only if the delay in accessing the data could have
been avoided through better police cooperation.
The Commission asked for an expert from the Council of Europe to present a
law enforcement view of the relative merits of data retention and data
preservation. The expert, from the Serbian police, explained that long-term
retention of data is the only solution and compared the proportionality of
retaining vast amounts of data in relation to innocent and unsuspected
citizens to trawling the Danube to find a dead body. The fact that the river
is big is not a reason not to find the body. It was unclear who he was
representing at the meeting.
Despite that, the overall feeling is that the meeting was productive. The
concerns raised appear to have been taken on board by the Commission, which
will take our demands to their meeting with the law enforcement authorities
and the communications industry. Participants also appreciated the
willingness of the Commission to acknowledge the fact that political
decisions have already been taken on the dossier and the Commission's
promise that a serious evaluation of data preservation would be included in
the upcoming impact assessment.
The Commission has the unenviable task of trying to
extract the necessary data from the Member States and the probably
impossible task of producing a revised legislative proposal which is both
legal and which will not end up gathering dust on a shelf in the Council of
Ministers after being vetoed by certain large Member States.
European Commission Data Retention Evaluation Report (18.04.2011)
http://ec.europa.eu/commission_2010-2014/malmstrom/archive/20110418_data_re…
EDRi Shadow Report (17.04.2011)
http://www.edri.org/files/shadow_drd_report_110417.pdf
Panoptykon Foundation article on the meeting (only in Polish, 10.06.2011)
http://www.panoptykon.org/wiadomosc/pomieszanie-jezykow-komisja-europejska-…
(Contribution by Joe McNamee - EDRi )
============================================================
2. Irish "three strikes" system investigated by Data Protection Commissioner
============================================================
The Irish Data Protection Commissioner is investigating the Eircom / music
industry three strikes system, a report in the Sunday Times has revealed.
According to the story by Mark Tighe, predictions that Eircom would end up
falsely accusing innocent users have now proved correct, with over 300 users
wrongfully being sent a "first strike" letter accusing them of sharing
music.
Eircom have admitted to the mistakes, stating that "this was due to a
software failure caused when the clocks went back last October". However,
far from being a technical sounding "software failure", this appears to show
up failings in relation to a very basic aspect of network management - i.e.
making sure that the server clock reflects daylight savings time. As a
result, it seems that users found themselves being accused on the basis of
what somebody else did from the same IP address either an hour earlier or an
hour later. Consequently, the users who were wrongfully accused should
consider themselves lucky that this incompetence did not lead to their being
accused of a serious crime - for example, being arrested and having their
homes searched due to the wrong time being used (as has previously happened
e.g. to a number of Indian users).
The significance of this case goes well beyond simple technical failings
however, as the complaint to the Data Protection Commissioner has triggered
a wider investigation of the legality of the entire three strikes system.
According to the Sunday Times, "the DPC said it was investigating the
complaint 'including whether the subject matter gives rise to any questions
as to the proportionality of the graduated response system operated by
Eircom and the music industry'."
This is unsurprising. When the Eircom / music industry three strikes
settlement was being agreed, the Data Protection Commissioner identified
significant data protection problems with it. These problems remain,
notwithstanding the deeply flawed High Court judgement which permitted the
parties to operate the system - a judgement which, for example, decided on
the question of whether or not IP addresses are personal data without once
considering the views of the Article 29 Working Party. The Data Protection
Commissioner was not convinced by that judgement (it was
problematic at least in part because the Commissioner was not represented -
the only parties before the court had a vested interest in the system being
implemented). However, until a concrete complaint arose no further action
could be taken.
The complaint in this case has now triggered that action, and it seems
likely that the Commissioner will reach a decision reflecting his previous
views that using IP addresses to cut off customers' internet connections is
disproportionate and does not constitute "fair use" of personal information.
If so, the Commissioner has the power and indeed the duty to issue an
enforcement notice which would prevent Eircom from using personal data for
this purpose - an outcome which would derail the three strikes system unless
Eircom successfully challenges that notice before the courts, or unless the
music industry were to succeed in its campaign to secure legislation
introducing three strikes into Irish law.
Eircom investigated after falsely accusing customers of piracy (5.05.2011)
http://www.thesundaytimes.co.uk/sto/news/ireland/article642095.ece
Data Protection Commissioner investigating Eircom's "three strikes" system
(11.06.2011)
http://www.tjmcintyre.com/2011/06/300-false-accusations-data-protection.html
(Contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)
============================================================
3. European Commission consultation on IPR enforcement
============================================================
Last week, the European Commission organised an open consultation on
"Directive 2004/48/EC on the enforcement of intellectual property rights:
Challenges posed by the digital environment". The meeting opened with
initial presentations from Jonathan Faull, Director General of the Internal
Market Directorate General of the Commission, Margot Frvhlinger, Director of
the Copyright Directorate of the Commission and Bryan Cassidy of the
Economic and Social Committee.
The Commission then made a presentation of the not yet final summary of the
consultation on the IPR Enforcement Directive. The consultation generated
165 replies from individual citizens and 297 replies from organisations were
received within the deadline. The main trends were that:
- Member States were divided between wanting the Directive to be updated and
believing that the legislation has not been in place long enough to be
properly analysed. Eight believe that ISP liability should be increased
while seven believe that it should not change;
- Rightsholders are keen to separate liability from the right to impose
injunctions (as a method of circumventing the safeguards in the E-Commerce
Directive, which are restricted to situations where ISPs are subject to
liability for content).
Oddly, the Commission's view of all of the replies from user
groups was that end users did not like increased ISP liability because of
fears regarding costs (and not the dangers that this creates for privacy,
freedom of expression, net neutrality, innovation and competition)
During the presentations, rightsholder groups variously suggested
comprehensive policing of the Internet by ISPs, extra-judicial blocking and
takedown of content, mass surveillance via deep packet inspection and using
the domain name system to police and "remove" content.
Various consumer and citizens' organisations, including EDRi, raised a
variety of questions about the approach of the rightholder groups, in
particular:
- the appropriateness of permitting, encouraging or coercing
Internet intermediaries to police online communications;
- the extent to which the legitimacy of current copyright law is
definitively broken, as indicated by the apocalyptic levels of infringements
described by the rightholders;
- the wider costs (also for rightholders) for openness and
innovation on the Internet as a result of ISPs being forced into a
"gatekeeper" role;
- the fact that rightholders groups are simultaneously fighting
against measures that would lead to more legal offers, such as a "one stop
shop" for rights clearance and then complaining about the infringements that
are caused by a lack of legal offers;
- the over-reliance on dubious studies on the impact of
infringements, which often use questionable methodology and overlook
numerous credible studies that present a very different picture including
the report from the HADOPI authority itself, which shows that "pirates"
spend the most money on cultural goods;
- the need to address the issue of exceptions and limitations to
copyright to ensure a more balanced and innovative environment.
None of these points were addressed to any significant extent by the
rightholder groups. This, together with the very clear message to the
Commission that work on a revision of the Directive must take account all
the available research, left a very positive impression that the outcome of
the meeting had been a forceful communication of the views of civil society
and a better awareness of the lack of balance of the approach to date.
EDRi response to the IPRED consultation
http://www.edri.org/files/edri_ipred_110331.pdf
European Commission web page on IPR enforcement
http://ec.europa.eu/internal_market/iprenforcement/directives_en.htm
EDRi study on the side from self-regulation to corporate censorship
http://www.edri.org/files/EDRI_selfreg_final_20110124.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
4. UK: The Home Office's Prevent Strategy includes Internet filtering
============================================================
The UK Home Office has recently published its new version of the Prevent
Strategy aimed at countering terrorism, which includes worrying suggestions
about the necessity of Internet filtering.
Besides the fact that one can read in the Prevent Strategy that "Internet
filtering across the public estate is essential", the document also suggests
the Home Office's intention to consider "the potential for violent and
unlawful URL lists to be voluntarily incorporated into independent national
blocking lists, including the list operated by the Internet Watch
Foundation".
The document seems to ignore issues related to transparency, censorship or
accountability as well as the technical and financial consequences, in one
more attempt to solve a series of social problems by blocking access to
the Internet as the source of all evils.
The strategy takes no consideration of the fact that, as UN Special
Rapporteur Frank La Rue pointed out in his Report on the promotion and
protection of the right to freedom of opinion and expression, website
blocking would be a violation of rights to freedom of expression.
Furthermore, what is even more worrying is the tendency towards ignoring
legal means in establishing the unlawfulness of a site and blocking it. The
strategy says nothing about the legal process leading to blocking the access
to a site - quite the contrary, there seems to suggest the need for
collaboration between law enforcement authorities and the Internet industry
that would result in voluntary removal on Internet content.
"This work will require effective dialogue with the private sector and in
particular the internet industry. It will also require collaboration with
international partners: the great majority of the websites and chat rooms
which concern us in the context of radicalisation are hosted overseas," says
the strategy report.
Moreover, according to the strategy report, TACT (the Terrorism Act) allows
the Government to charge website owners with encouraging terrorism and
publishing terrorist information if they do not remove unlawful content.
"TACT provides that those served with notices who fail to remove, without
reasonable excuse, the material that is unlawful and terrorism-related
within a specified period are treated as endorsing it."
As many freedom advocates have several times emphasised, blocking access to
Internet sites is no real solution in preventing harms, while affecting, at
the same time, the users' rights to freedom of expression and access to
information.
Censorship of the Internet is also suggested by Reg Bailey, Chief Executive
of the UK Mothers Union, who has recently published a series of worrying
recommendations for privacy and confidentiality of communications.
In his "Letting Children be Children - Report of an Independent Review of
the Commercialisation and Sexualisation of Childhood", Bailey suggests
making it easier for parents to block adult and age-restricted material from
the Internet by providing "a consistent level of protection across all
media" and that, "as a matter of urgency, the internet industry should
ensure that customers must make an active choice over what sort of content
they want to allow their children to access".
The implication of Bailey's report, which seems to entirely disregard the
censorship issues and the technical implications of the measures proposed,
is that the entire UK telecom industry should impose communications
surveillance, with Internet users forced to "opt out" of the censorship.
"Specifically, we would like to see industry agreeing ... that when a new
device or service is purchased or contract entered into, customers would be
asked to make an active choice about whether filters should be switched off
or on: they would be given the opportunity to choose to activate the
solution immediately, whether it be network-level filtering by an ISP or
pre-installed software on a new laptop."
Again, the most unrealistic measures are being considered because they are,
apparently, the simplest, in an attempt to eliminate the symptoms and not
the causes. Real measures such as the education and supervision of children
by their parents don't really seem to be encouraged.
Home Office - Prevent Strategy
http://www.homeoffice.gov.uk/counter-terrorism/review-of-prevent-strategy/
Home Office Prevent strategy claims: 'Internet filtering is essential'
(10.06.2011)
http://www.openrightsgroup.org/blog/2011/prevent-strategy-claims:-internet-…
UK 'blacklist' of terrorist-supporting websites should be developed,
Government says (8.06.2011)
http://www.out-law.com/page-11988
Media industry relaxed over Bailey report on sexualisation of children
(7.06.2011)
http://www.guardian.co.uk/media/2011/jun/07/media-industry-bailey-report-se…
Mothers Crawl Into Bed with Big Brother (7.06.2011)
https://nodpi.org/2011/06/07/mothers-crawl-into-bed-with-big-brother/
UN - Human Rights Council - Report of the Special Rapporteur on thepromotion
and protection of the right to freedom of opinion and expression, Frank La
Rue (16.05.2011)
http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_e…
============================================================
5. Facebook's face recognition raises privacy complaints
============================================================
Facebook has again been criticised by privacy advocates for its facial
recognition feature that has recently been added to the social networking
service, world-wide, without any previous announcement to its users.
Facebook users have the possibility to 'tag' themselves and their friends in
the photos they upload to the site with pop-up captions that identify the
people in the respective pictures. The new face recognition feature, which
was launched in 2010 in US, now suggests automatically the names of people
featured in photos uploaded by users.
"Once again, Facebook seems to be sharing personal information by default,"
said Graham Cluley of IT security firm Sophos who added: "Many people feel
distinctly uncomfortable about a site like Facebook learning what they look
like, and using that information without their permission. (...) Most
Facebook users still don't know how to set their privacy options safely,
finding the whole system confusing. It's even harder though to keep control
when Facebook changes the settings without your knowledge. (...) The onus
should not be on Facebook users having to 'opt-out' of the facial
recognition feature, but instead on users having to 'opt-in'. Yet again, it
feels like Facebook is eroding the online privacy of its users by stealth."
Facebook replied that the users could alter their settings so that their
name would not be suggested for tagging. Beth Givens, director of the
Privacy Rights Clearinghouse, considered that Facebook should have rather
included an "opt-in" system for its users rather than applying an automatic
tagging, letting them decide if they wanted the feature in the first place.
The Electronic Privacy International Center (EPIC) has organised a complaint
to the Federal Trade Commission in the US and asked several other privacy
groups to sign it. Marc Rotenberg, president of EPIC, said the system raised
questions related to personally identifiable information, such as email
addresses, that would be associated with the photos in Facebook's database.
The UK Data Protection Authority (Information Commissioner's Office - ICO)
also made an official statement on the matter asking Facebook to tell users
how they use personal information stored about them. "The privacy issues
that this new software might raise are obvious and users should be given as
much information as possible to give them the opportunity to make an
informed choice about whether they wish to use it. We are speaking to
Facebook about the privacy implications of this technology," the ICO said.
Facebook's new feature will be studied by ICO, but also by the Article 29
Working Party.
"Tags of people on pictures should only happen based on people's prior
consent and it can't be activated by default," said Girard Lommel, a
Luxembourg member of the Working Party who added that automatic tagging
suggestions "can bear a lot of risks for users" and the European data
protection officials would "clarify to Facebook that this can't happen like
this."
Having in view the reactions, Facebook admitted it had not handled the
situation properly. "We should have been more clear with people during the
roll-out process when this became available to them," was the company
statement of 8 June. The company has added an option letting users opt out
of the new feature, though it did not alert them when the new feature took
effect or when the option was added.
Facebook hit by privacy complaints (9.06.2011)
http://www.ft.com/cms/s/2/00b50d52-9253-11e0-9e00-00144feab49a,dwp_uuid=9a3…
Data protection watchdogs to probe Facebook about its use of facial
recognition technology (9.06.2011)
http://www.out-law.com/page-11992
Facebook 'Face Recognition' Feature Draws Privacy Scrutiny (8.06.2011)
http://www.nytimes.com/2011/06/09/technology/09facebook.html?_r=2&partner=r…
Facebook criticised for not telling users about new facial recognition
feature (8.06.2011)
http://www.out-law.com/page-11987
Facebook in new privacy row over facial recognition feature (8.06.2011)
http://www.guardian.co.uk/technology/2011/jun/08/facebook-privacy-facial-re…
============================================================
6. Germany: Police statistics prove data retention superfluous
============================================================
The national crime statistics recently published by Germany's Federal Crime
Agency reveal that after the policy of blanket telecommunications data
retention was discontinued in Germany due to a Constitutional Court ruling
on 3 March 2010, registered crime continued to decline and the crime
clearance rate was the highest ever recorded (56,0%). Indiscriminate and
blanket telecommunications data retention had no statistically relevant
effect on crime or crime clearance trends. These findings confirm the
position of more than 100 organisations in Europe that are opposing the EU
policy of mass retention of telecommunications data, calling it unnecessary
and disproportionate.
The statistics refute the myth spread by certain politicians and police
representatives that the Internet is "a lawless space" in the absence of
mass retention of telecommunications data of non-suspects. Even without such
a policy of blanket data retention, the German police achieved a clearance
rate of nearly three out of four Internet offences (71%) in 2010, exceeding
by far the average clearance rate for crimes committed without any use of
the Internet (55%).
Regarding other European countries, the Scientific Services of the German
Parliament have recently analysed "the practical effects of data retention
on crime clearance rates in EU Member States" and have come to the following
conclusion: "In most States crime clearance rates have not changed
significantly between 2005 and 2010. Only in Latvia did the crime clearance
rate rise significantly in 2007. However, this is related to a new Criminal
Procedure Law and is not reported to be connected to the transposition of
the EU Data Retention Directive."
"Since crime clearance trends are completely unaffected by the retention of
communications data of non-suspects, there is no justification for the EU's
"big brother" policy of collecting telecommunications data on all 500
million EU citizens", explains Florian Altherr, member of the German Working
Group on Data Retention. "Ninety-eight percent of citizens are never
suspected of any wrongdoing. The right of protection of their personal data
from unjustified suspicion, data abuse and data loss due to data retention
policies must prevail. The EU must respect its Charter of Fundamental Rights
and give up its failed experiment of total data retention immediately."
"In light of these new crime statistics, the irresponsible campaign of fear
and continued scaremongering by some politicians after the annulment of the
German data retention law finds no justification in reality", says Michael
Ebeling of the German Working Group on Data Retention. "The truth is that
with targeted investigations of suspects we live just as safely as we would
with a policy of indiscriminate retention of all communications data. The
endless exaggeration and emotionally charged descriptions of isolated cases
combined with a massive media campaign is both misleading and unethical. In
my view this is nothing less than a populist defence of the most privacy
invasive and unpopular surveillance measure ever adopted by the EU."
German police statistics prove telecommunications data retention superfluous
(6.06.2011)
http://www.vorratsdatenspeicherung.de/content/view/455/79/lang,en/
EDRi-gram: German study finds the data retention ineffective (9.02.2011)
http://www.edri.org/edrigram/number9.3/telecom-data-retention-ineffective-g…
(Thanks to AK Vorrat - Germany)
============================================================
7. Big Brother Awards Italy 2011
============================================================
The winners of the Big Brother Awards Italy 2011 were designated on 3 June
2011, in Florence, on the occasion of the e-privacy conference 2011.
Facebook was the "star" of the awards being nominated for several categories
and won the price for the "Most Invasive Technology".
The "Lament of the People" award was not given this year, as the votes were
equally split between Telecom Italia, Facebook and the Ministry of Internal
Affairs. "Worst Public Agency" was again a tie between Facebook and Sony
Entertainment Systems which received an equal number of votes.
PEC and CEC-PAC (certified electronic mail), as normative and legal
obligation, received the award for the "Worst Public Agency" as the most
damaging for people's privacy.
The positive "Winston Smith - Privacy Hero" price was received by Stefano
Rodota for his work to the legislative proposal for the modification of
Constitution Article 21.
Big Brother Awards Italy 2011 (only in Italian)
http://bba.winstonsmith.org/
Big Brother Awards Italy: all the winners (only in Italian, 6.06.2011)
http://punto-informatico.it/3182022/PI/News/big-brother-awards-italia-tutti…
============================================================
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
============================================================
Late in 2010, with the issue of web blocking still being discussed in the
European Parliament, the European Commission decided, with complete
disregard for the outcome of the democratic process on this issue, to invest
a further 324 059 Euro in the COSPOL Internet Related Child Abuse Project
(CIRCAMP). The purpose of the CIRCAMP project is to lobby for internet
blocking in the European Union, both at an EU and a national level and to
support its implementation.
CIRCAMP promotes the use of blocking at a domain level (blocking a full
domain such as yahoo.com rather than, for example
yahoo.com/personalpage).The danger to innocent websites from this approach
is growing, as a result of a trend identified by the Internet Watch
Foundation of "individual offenders increasingly exploiting legitimate
hosting services to publish images.".
The inevitable blocking of innocent and entirely unrelated material as a
result of such a primitive approach is sold as a positive advantage on the
CIRCAMP website, which explains that "if a domain owner places, accidental
or willingly, child abuse material on his/her domain, and it is blocked by
the police, the blocking will not be lifted until the material is removed.
We believe that this will motivate content providers on the Internet to
actively make an effort to avoid files with child sexual abuse on their
systems/services." Despite this overt support for domain-level blocking, in
response to a parliamentary question, the Commission was mysteriously
unaware of the activities of the project it has been funding for years and
stated "the CIRCAMP project did not promote a specific level of blocking."
CIRCAMP appears either unaware or indifferent to the fact that its analysis
of its activities confuses basic concepts. Content providers (such
asbloggers) and domain name owners (such as blogger.com) are entirely
different. In a commercial environment, therefore, it is generally not the
domain owner that is putting content on his/her domain, it is the company's
customers. This leaves hosting companies with the threat of being blocked
unless they seek to achieve an impossible level of permanent surveillance of
their customers and delete anything that would risk the blocking system from
being implemented - innocent or not. Therefore, in addition to entirely
innocent material being deliberately blocked by the CIRCAMP system, it is
highly likely that completely innocent material will be deleted to avoid an
entire service from being blocked.
As the Commission and pro-blocking lobbyists have explained, most people
would hit the "blocking page" set up in such circumstances by accident.
Thereforeo there's no need to worry if you happen to find yourself on such a
page - the police, as usual, have no intention of undertaking
investigations, the activity is kept at a purely superficial level. That
said, despite the fact that the stop page is there to fight the unquantified
problem of accidental access, the CIRCAMP website explains that, in most
countries involved in CIRCAMP, ISPs hand over log files related to the
end-users that "hit" the blocking page (once directly personally
identifiable data has been removed).
In particular, the CIRCAMP website explains that "the statistics from these
logs will also provide an overview of the Internet usage related to child
sexual abusive material in addition to information about search words, type
of operating system, browser, time of day that most Internet users are
redirected to the "stop page" etc. This will provide the police with the
opportunity to have a qualified opinion about what their population look and
search for, where on the Internet they originate, what time of day is most
active and what kind of equipment they use." This volume of data means that,
in the absence of directly identifiable data, there are still numerous ways
that this data could be exploited to identify the individuals that are
assumed innocent - such as via the search provider.
It is difficult to imagine how it is possible for the European Commission to
put such an amount of money into a process described this month by the UN,
IACR, OSCE and ACHPR as an "extreme action that should only be taken in
accordance with international standards" (which is clearly not the case in
relation to CIRCAMP.
It is difficult to imagine how the Commission can give a response to a
parliamentary question on this issue which suggest that it either does not
know or does not care about the collateral damage caused by CIRCAMP's
support of domain level blocking.
It is difficult to imagine why the Commission invests so much money in
promoting and lobbying for blocking rather than investing in international
efforts to investigate and prosecute the crimes directly. This does,
however, explain why it is strongly opposing the European Parliament's
proposal of a reporting obligation for the Commission to explain what it is
doing internationally to deal with these crimes.
International Human Rights organisations statement on blocking (1.06.2011)
http://www.cidh.oas.org/relatoria/showarticle.asp?artID=848&lID=1
Internet Watch Foundation 2010 report
http://www.iwf.org.uk/assets/media/annual-reports/Internet%20Watch%20Founda…
Parliamentary question: Internet blocking and child pornography (26.10.2010)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+WQ+E-2010-…
EDRi blocking booklet
http://www.edri.org/files/blocking_booklet.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
9. Recommended Action. Smart meters: Let's be clever and team up
============================================================
The European Union decided that 80% of all users are to have a smart meter
in 2020. These instruments will then measure the consumption of gas and
electricity. They can be integrated in a smart grid, a network of users and
producers that ensures better tuning of supply and demand. When solar
generators produce electricity, the washing machine can best do its work.
This part sounds good? What about civil and digital rights? The issue is
related since there are also potentially some undesirable effects attached
to this new technology:
Privacy: The government, electricity producers and/or others may gain access
to detailed information about our energy use. The government may use this
information for investigations about when you were home, if you have a new
partner, if you lead a healthy life. You name it. Energy companies may
decide to target you with specific advertisements or sell the information.
In California, the energy company PG&E, smart meter producer GE and Google
work together. Also, criminals can use the information to build a profile
and ultimately use it for identity-theft, a once science fiction nightmare
that for many became a reality. Look it up if identity-theft is an abstract
word for you.
Security: This is closely linked to privacy. A leaky system will reveal
privacy data. In addition, the smart meter might give access to equipment
inside the house like the connected PC. Hacking the smart grid can also give
access to the light switch for the grid. By the way: smart meters can cut
off your energy remotely.
Electrosmog: With the authorities (WHO, Council of Europe) warning against
electromagnetic radiation, the dangers of wireless technology might finally
be taken seriously. Might. A smart meter can be equipped with wireless
technology, like GPRS, "RF-meshed" or a separate, more secure
protocol/frequency. Depending on the type of network and the information
exchange rate, the radiation can be more or less serious for the health of
humans, animals and plants. There is an alternative using wired technology.
It's called PLC or Power Line Carrier. Italy has already implemented this
system.
These are a few of the issues that surround smart meters. We're in the early
stages still. In Brussels, the representatives from all EU countries meet to
decide on the technology and the demands for smart meters, including the
rules and regulations.
The zeal to implement the smart grid is staggering. For the Netherlands the
whole issue started with a law proposal that would force every user to
accept the smart meter. This came out when Vrijbit, a Dutch privacy
organisation, and the Dutch Consumer NGO (Consumentenbond) read the small
print. Those who would refuse the smart meter could face up to 6 months
imprisonment. This brutal force was reason for the Senate to reject the law
proposal. The revised law passed early this year.
Now the Dutch pilot-implementation is planned by the start of 2012,
comprising 400 000 smart meters in 2 years. After the evaluation in the
parliament (end 2013), the final roll-out would comprise 7 million smart
meters. If it all satisfies the needs, i.e. a lot can still change.
In a recent meeting with people from the Ministry of Economic Affairs we
discussed privacy aspects of the smart meter. They made it clear that if
issues like privacy are to be taken seriously, European privacy
organisations need to team up. If pressure is applied now, if
representatives are compelled to take this issue seriously, then this
increases the chance for a better smart meter. From a manufacturing
viewpoint, special wishes will only be turned into actual product features
if there is sufficient market for these.
I am already member of Vrijbit, a Dutch privacy organisation. Other EDRi
members are also interested in smart meters as well. Are you a member of a
privacy organisation and interested in smart meters? Do you know people who
are? Let us establish a network to ensure our demands on privacy are known
in Brussels. Let's team up!
Contact me by Twitter: Mr_Communicator or eMail:
smitentertainment[ed]hotmail_com (Subject: Let's team up!)
Dutch government public message 'What is a smart meter?' (only in Dutch)
http://www.rijksoverheid.nl/onderwerpen/energie-en-kleinverbruikers/slimme-…
Vrijbit: File on Smart Meters (only in Dutch)
https://www.vrijbit.nl/dossier/financien/dossier-slimme-meters.html
The dark side of 'smart' meters (1.11.2010)
http://www.youtube.com/watch?v=FLeCTaSG2-U
The dark side of the smart electrical grid (24.10.2010)
http://www.plusultratech.com/2010/10/dark-side-of-smart-electrical-grid.html
Article 29 Working Party Opinion 12/2011 on smart metering (4.04.2011)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp183_en.pdf
(Contribution by Hendrick Smit, Utrecht, The Netherlands)
============================================================
10. Recommended Reading
============================================================
EDPS Annual report 2010 (15.06.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/…
New Brussels Lobbying Group Communia Works For A Stronger Public Domain
(13.06.2011)
http://www.ip-watch.org/weblog/2011/06/13/new-brussels-lobbying-group-commu…
Michael Geist: Europe Considers Using CETA To Create "Anti-Counterfeiting
Trade Agreement Plus" (13.06.2011)
http://www.michaelgeist.ca/content/view/5853/125/
Statewatch Analysis: Rethinking the EU Security Research Programme (pdf) by
Ben Hayes (06.2011)
http://www.statewatch.org/analyses/no-133-esrp-consultation-response.pdf
Policy brief: Protection of Personal Data in Republic of Moldova (9.06.2011)
http://www.soros.md/files/publications/documents/policy-brief-eng_final%20v…
============================================================
11. Agenda
============================================================
12-15 June 2011, Bled, Slovenia
24th Bled eConference, eFuture: Creating Solutions for the Individual,
Organisations and Society
http://www.bledconference.org/index.php/eConference/2011
14-16 June 2011, Washington DC, USA
CFP 2011 - Computers, Freedom & Privacy
"The Future is Now"
http://www.cfp.org/2011/wiki/index.php/Main_Page
25 June 2011, London, UK
Statewatching Europe: Civil liberties, the state and the EU
European Conference marking Statewatch's 20th anniversary
http://www.statewatch.org/conference/conference.pdf
30 June - 1 July 2011, Berlin, Germany
OKCon 2011 - annual open knowledge conference of the Open Knowledge
Foundation
http://okcon.org/2011
5-6 July 2011, Gvttingen, Germany
International Social Networking Summit
Organized by CONSENT consortium
http://consent.law.muni.cz/view.php?cisloclanku=2011050001
11-12 July 2011, Barcelona, Spain
7th International Conference on Internet, Law & Politics (IDP 2011): Net
Neutrality and other challenges for the future of the Internet
http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en
24-30 July 2011, Meissen, Germany
European Summer School on Internet Governance 2011
http://www.euro-ssig.eu/
11 October 2011, Brussels, Belgium
ePractice Workshop: Addressing evolving needs for cross-border eGovernment
services
http://www.epractice.eu/en/events/epractice-workshop-cross-border-services
27 - 30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/
============================================================
12. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.12, 15 June 2011
============================================================
Contents
============================================================
1. European Commission consults with civil society on data retention
2. Irish "three strikes" system investigated by Data Protection Commissioner
3. European Commission consultation on IPR enforcement
4. UK: The Home Office's Prevent Strategy includes Internet filtering
5. Facebook's face recognition raises privacy complaints
6. Germany: Police statistics prove data retention superfluous
7. Big Brother Awards Italy 2011
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
9. Recommended Action. Smart meters: Let's be clever and team up
10. Recommended Reading
11. Agenda
12. About
============================================================
1. European Commission consults with civil society on data retention
============================================================
Last week, the European Commission held the first of its series of
consultation meetings with different groups of stakeholders on the revision
of the infamous Data Retention Directive. The first meeting was with the
"civil society", including representatives of industry and one lobbying
company representing unspecified clients.
The meeting was originally intended to address the details of the Directive.
However, civil society representatives broadly took the view that it was
impossible to have a coherent discussion on the Directive itself, if the
Member States were going to fail to provide credible data to the Commission
for its decision-making process. As evidenced by the Commission's
Implementation Report, there is simply not enough data available from the
Member States to show that the Directive is "necessary" (the minimum
requirement for it to be legal).
Participants at the meeting felt that if the Commission was going to be
forced to defend the Directive using anecdotes about the use of data that
would have been retained even in the absence of the Directive, the whole
process, including the consultations, would be undermined. In particular,
participants requested that the Commission only used information from Member
States related to data stored under the Directive. Also older data should be
considered "necessary" only if the delay in accessing the data could have
been avoided through better police cooperation.
The Commission asked for an expert from the Council of Europe to present a
law enforcement view of the relative merits of data retention and data
preservation. The expert, from the Serbian police, explained that long-term
retention of data is the only solution and compared the proportionality of
retaining vast amounts of data in relation to innocent and unsuspected
citizens to trawling the Danube to find a dead body. The fact that the river
is big is not a reason not to find the body. It was unclear who he was
representing at the meeting.
Despite that, the overall feeling is that the meeting was productive. The
concerns raised appear to have been taken on board by the Commission, which
will take our demands to their meeting with the law enforcement authorities
and the communications industry. Participants also appreciated the
willingness of the Commission to acknowledge the fact that political
decisions have already been taken on the dossier and the Commission's
promise that a serious evaluation of data preservation would be included in
the upcoming impact assessment.
The Commission has the unenviable task of trying to
extract the necessary data from the Member States and the probably
impossible task of producing a revised legislative proposal which is both
legal and which will not end up gathering dust on a shelf in the Council of
Ministers after being vetoed by certain large Member States.
European Commission Data Retention Evaluation Report (18.04.2011)
http://ec.europa.eu/commission_2010-2014/malmstrom/archive/20110418_data_re…
EDRi Shadow Report (17.04.2011)
http://www.edri.org/files/shadow_drd_report_110417.pdf
Panoptykon Foundation article on the meeting (only in Polish, 10.06.2011)
http://www.panoptykon.org/wiadomosc/pomieszanie-jezykow-komisja-europejska-…
(Contribution by Joe McNamee - EDRi )
============================================================
2. Irish "three strikes" system investigated by Data Protection Commissioner
============================================================
The Irish Data Protection Commissioner is investigating the Eircom / music
industry three strikes system, a report in the Sunday Times has revealed.
According to the story by Mark Tighe, predictions that Eircom would end up
falsely accusing innocent users have now proved correct, with over 300 users
wrongfully being sent a "first strike" letter accusing them of sharing
music.
Eircom have admitted to the mistakes, stating that "this was due to a
software failure caused when the clocks went back last October". However,
far from being a technical sounding "software failure", this appears to show
up failings in relation to a very basic aspect of network management - i.e.
making sure that the server clock reflects daylight savings time. As a
result, it seems that users found themselves being accused on the basis of
what somebody else did from the same IP address either an hour earlier or an
hour later. Consequently, the users who were wrongfully accused should
consider themselves lucky that this incompetence did not lead to their being
accused of a serious crime - for example, being arrested and having their
homes searched due to the wrong time being used (as has previously happened
e.g. to a number of Indian users).
The significance of this case goes well beyond simple technical failings
however, as the complaint to the Data Protection Commissioner has triggered
a wider investigation of the legality of the entire three strikes system.
According to the Sunday Times, "the DPC said it was investigating the
complaint 'including whether the subject matter gives rise to any questions
as to the proportionality of the graduated response system operated by
Eircom and the music industry'."
This is unsurprising. When the Eircom / music industry three strikes
settlement was being agreed, the Data Protection Commissioner identified
significant data protection problems with it. These problems remain,
notwithstanding the deeply flawed High Court judgement which permitted the
parties to operate the system - a judgement which, for example, decided on
the question of whether or not IP addresses are personal data without once
considering the views of the Article 29 Working Party. The Data Protection
Commissioner was not convinced by that judgement (it was
problematic at least in part because the Commissioner was not represented -
the only parties before the court had a vested interest in the system being
implemented). However, until a concrete complaint arose no further action
could be taken.
The complaint in this case has now triggered that action, and it seems
likely that the Commissioner will reach a decision reflecting his previous
views that using IP addresses to cut off customers' internet connections is
disproportionate and does not constitute "fair use" of personal information.
If so, the Commissioner has the power and indeed the duty to issue an
enforcement notice which would prevent Eircom from using personal data for
this purpose - an outcome which would derail the three strikes system unless
Eircom successfully challenges that notice before the courts, or unless the
music industry were to succeed in its campaign to secure legislation
introducing three strikes into Irish law.
Eircom investigated after falsely accusing customers of piracy (5.05.2011)
http://www.thesundaytimes.co.uk/sto/news/ireland/article642095.ece
Data Protection Commissioner investigating Eircom's "three strikes" system
(11.06.2011)
http://www.tjmcintyre.com/2011/06/300-false-accusations-data-protection.html
(Contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)
============================================================
3. European Commission consultation on IPR enforcement
============================================================
Last week, the European Commission organised an open consultation on
"Directive 2004/48/EC on the enforcement of intellectual property rights:
Challenges posed by the digital environment". The meeting opened with
initial presentations from Jonathan Faull, Director General of the Internal
Market Directorate General of the Commission, Margot Frvhlinger, Director of
the Copyright Directorate of the Commission and Bryan Cassidy of the
Economic and Social Committee.
The Commission then made a presentation of the not yet final summary of the
consultation on the IPR Enforcement Directive. The consultation generated
165 replies from individual citizens and 297 replies from organisations were
received within the deadline. The main trends were that:
- Member States were divided between wanting the Directive to be updated and
believing that the legislation has not been in place long enough to be
properly analysed. Eight believe that ISP liability should be increased
while seven believe that it should not change;
- Rightsholders are keen to separate liability from the right to impose
injunctions (as a method of circumventing the safeguards in the E-Commerce
Directive, which are restricted to situations where ISPs are subject to
liability for content).
Oddly, the Commission's view of all of the replies from user
groups was that end users did not like increased ISP liability because of
fears regarding costs (and not the dangers that this creates for privacy,
freedom of expression, net neutrality, innovation and competition)
During the presentations, rightsholder groups variously suggested
comprehensive policing of the Internet by ISPs, extra-judicial blocking and
takedown of content, mass surveillance via deep packet inspection and using
the domain name system to police and "remove" content.
Various consumer and citizens' organisations, including EDRi, raised a
variety of questions about the approach of the rightholder groups, in
particular:
- the appropriateness of permitting, encouraging or coercing
Internet intermediaries to police online communications;
- the extent to which the legitimacy of current copyright law is
definitively broken, as indicated by the apocalyptic levels of infringements
described by the rightholders;
- the wider costs (also for rightholders) for openness and
innovation on the Internet as a result of ISPs being forced into a
"gatekeeper" role;
- the fact that rightholders groups are simultaneously fighting
against measures that would lead to more legal offers, such as a "one stop
shop" for rights clearance and then complaining about the infringements that
are caused by a lack of legal offers;
- the over-reliance on dubious studies on the impact of
infringements, which often use questionable methodology and overlook
numerous credible studies that present a very different picture including
the report from the HADOPI authority itself, which shows that "pirates"
spend the most money on cultural goods;
- the need to address the issue of exceptions and limitations to
copyright to ensure a more balanced and innovative environment.
None of these points were addressed to any significant extent by the
rightholder groups. This, together with the very clear message to the
Commission that work on a revision of the Directive must take account all
the available research, left a very positive impression that the outcome of
the meeting had been a forceful communication of the views of civil society
and a better awareness of the lack of balance of the approach to date.
EDRi response to the IPRED consultation
http://www.edri.org/files/edri_ipred_110331.pdf
European Commission web page on IPR enforcement
http://ec.europa.eu/internal_market/iprenforcement/directives_en.htm
EDRi study on the side from self-regulation to corporate censorship
http://www.edri.org/files/EDRI_selfreg_final_20110124.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
4. UK: The Home Office's Prevent Strategy includes Internet filtering
============================================================
The UK Home Office has recently published its new version of the Prevent
Strategy aimed at countering terrorism, which includes worrying suggestions
about the necessity of Internet filtering.
Besides the fact that one can read in the Prevent Strategy that "Internet
filtering across the public estate is essential", the document also suggests
the Home Office's intention to consider "the potential for violent and
unlawful URL lists to be voluntarily incorporated into independent national
blocking lists, including the list operated by the Internet Watch
Foundation".
The document seems to ignore issues related to transparency, censorship or
accountability as well as the technical and financial consequences, in one
more attempt to solve a series of social problems by blocking access to
the Internet as the source of all evils.
The strategy takes no consideration of the fact that, as UN Special
Rapporteur Frank La Rue pointed out in his Report on the promotion and
protection of the right to freedom of opinion and expression, website
blocking would be a violation of rights to freedom of expression.
Furthermore, what is even more worrying is the tendency towards ignoring
legal means in establishing the unlawfulness of a site and blocking it. The
strategy says nothing about the legal process leading to blocking the access
to a site - quite the contrary, there seems to suggest the need for
collaboration between law enforcement authorities and the Internet industry
that would result in voluntary removal on Internet content.
"This work will require effective dialogue with the private sector and in
particular the internet industry. It will also require collaboration with
international partners: the great majority of the websites and chat rooms
which concern us in the context of radicalisation are hosted overseas," says
the strategy report.
Moreover, according to the strategy report, TACT (the Terrorism Act) allows
the Government to charge website owners with encouraging terrorism and
publishing terrorist information if they do not remove unlawful content.
"TACT provides that those served with notices who fail to remove, without
reasonable excuse, the material that is unlawful and terrorism-related
within a specified period are treated as endorsing it."
As many freedom advocates have several times emphasised, blocking access to
Internet sites is no real solution in preventing harms, while affecting, at
the same time, the users' rights to freedom of expression and access to
information.
Censorship of the Internet is also suggested by Reg Bailey, Chief Executive
of the UK Mothers Union, who has recently published a series of worrying
recommendations for privacy and confidentiality of communications.
In his "Letting Children be Children - Report of an Independent Review of
the Commercialisation and Sexualisation of Childhood", Bailey suggests
making it easier for parents to block adult and age-restricted material from
the Internet by providing "a consistent level of protection across all
media" and that, "as a matter of urgency, the internet industry should
ensure that customers must make an active choice over what sort of content
they want to allow their children to access".
The implication of Bailey's report, which seems to entirely disregard the
censorship issues and the technical implications of the measures proposed,
is that the entire UK telecom industry should impose communications
surveillance, with Internet users forced to "opt out" of the censorship.
"Specifically, we would like to see industry agreeing ... that when a new
device or service is purchased or contract entered into, customers would be
asked to make an active choice about whether filters should be switched off
or on: they would be given the opportunity to choose to activate the
solution immediately, whether it be network-level filtering by an ISP or
pre-installed software on a new laptop."
Again, the most unrealistic measures are being considered because they are,
apparently, the simplest, in an attempt to eliminate the symptoms and not
the causes. Real measures such as the education and supervision of children
by their parents don't really seem to be encouraged.
Home Office - Prevent Strategy
http://www.homeoffice.gov.uk/counter-terrorism/review-of-prevent-strategy/
Home Office Prevent strategy claims: 'Internet filtering is essential'
(10.06.2011)
http://www.openrightsgroup.org/blog/2011/prevent-strategy-claims:-internet-…
UK 'blacklist' of terrorist-supporting websites should be developed,
Government says (8.06.2011)
http://www.out-law.com/page-11988
Media industry relaxed over Bailey report on sexualisation of children
(7.06.2011)
http://www.guardian.co.uk/media/2011/jun/07/media-industry-bailey-report-se…
Mothers Crawl Into Bed with Big Brother (7.06.2011)
https://nodpi.org/2011/06/07/mothers-crawl-into-bed-with-big-brother/
UN - Human Rights Council - Report of the Special Rapporteur on thepromotion
and protection of the right to freedom of opinion and expression, Frank La
Rue (16.05.2011)
http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_e…
============================================================
5. Facebook's face recognition raises privacy complaints
============================================================
Facebook has again been criticised by privacy advocates for its facial
recognition feature that has recently been added to the social networking
service, world-wide, without any previous announcement to its users.
Facebook users have the possibility to 'tag' themselves and their friends in
the photos they upload to the site with pop-up captions that identify the
people in the respective pictures. The new face recognition feature, which
was launched in 2010 in US, now suggests automatically the names of people
featured in photos uploaded by users.
"Once again, Facebook seems to be sharing personal information by default,"
said Graham Cluley of IT security firm Sophos who added: "Many people feel
distinctly uncomfortable about a site like Facebook learning what they look
like, and using that information without their permission. (...) Most
Facebook users still don't know how to set their privacy options safely,
finding the whole system confusing. It's even harder though to keep control
when Facebook changes the settings without your knowledge. (...) The onus
should not be on Facebook users having to 'opt-out' of the facial
recognition feature, but instead on users having to 'opt-in'. Yet again, it
feels like Facebook is eroding the online privacy of its users by stealth."
Facebook replied that the users could alter their settings so that their
name would not be suggested for tagging. Beth Givens, director of the
Privacy Rights Clearinghouse, considered that Facebook should have rather
included an "opt-in" system for its users rather than applying an automatic
tagging, letting them decide if they wanted the feature in the first place.
The Electronic Privacy International Center (EPIC) has organised a complaint
to the Federal Trade Commission in the US and asked several other privacy
groups to sign it. Marc Rotenberg, president of EPIC, said the system raised
questions related to personally identifiable information, such as email
addresses, that would be associated with the photos in Facebook's database.
The UK Data Protection Authority (Information Commissioner's Office - ICO)
also made an official statement on the matter asking Facebook to tell users
how they use personal information stored about them. "The privacy issues
that this new software might raise are obvious and users should be given as
much information as possible to give them the opportunity to make an
informed choice about whether they wish to use it. We are speaking to
Facebook about the privacy implications of this technology," the ICO said.
Facebook's new feature will be studied by ICO, but also by the Article 29
Working Party.
"Tags of people on pictures should only happen based on people's prior
consent and it can't be activated by default," said Girard Lommel, a
Luxembourg member of the Working Party who added that automatic tagging
suggestions "can bear a lot of risks for users" and the European data
protection officials would "clarify to Facebook that this can't happen like
this."
Having in view the reactions, Facebook admitted it had not handled the
situation properly. "We should have been more clear with people during the
roll-out process when this became available to them," was the company
statement of 8 June. The company has added an option letting users opt out
of the new feature, though it did not alert them when the new feature took
effect or when the option was added.
Facebook hit by privacy complaints (9.06.2011)
http://www.ft.com/cms/s/2/00b50d52-9253-11e0-9e00-00144feab49a,dwp_uuid=9a3…
Data protection watchdogs to probe Facebook about its use of facial
recognition technology (9.06.2011)
http://www.out-law.com/page-11992
Facebook 'Face Recognition' Feature Draws Privacy Scrutiny (8.06.2011)
http://www.nytimes.com/2011/06/09/technology/09facebook.html?_r=2&partner=r…
Facebook criticised for not telling users about new facial recognition
feature (8.06.2011)
http://www.out-law.com/page-11987
Facebook in new privacy row over facial recognition feature (8.06.2011)
http://www.guardian.co.uk/technology/2011/jun/08/facebook-privacy-facial-re…
============================================================
6. Germany: Police statistics prove data retention superfluous
============================================================
The national crime statistics recently published by Germany's Federal Crime
Agency reveal that after the policy of blanket telecommunications data
retention was discontinued in Germany due to a Constitutional Court ruling
on 3 March 2010, registered crime continued to decline and the crime
clearance rate was the highest ever recorded (56,0%). Indiscriminate and
blanket telecommunications data retention had no statistically relevant
effect on crime or crime clearance trends. These findings confirm the
position of more than 100 organisations in Europe that are opposing the EU
policy of mass retention of telecommunications data, calling it unnecessary
and disproportionate.
The statistics refute the myth spread by certain politicians and police
representatives that the Internet is "a lawless space" in the absence of
mass retention of telecommunications data of non-suspects. Even without such
a policy of blanket data retention, the German police achieved a clearance
rate of nearly three out of four Internet offences (71%) in 2010, exceeding
by far the average clearance rate for crimes committed without any use of
the Internet (55%).
Regarding other European countries, the Scientific Services of the German
Parliament have recently analysed "the practical effects of data retention
on crime clearance rates in EU Member States" and have come to the following
conclusion: "In most States crime clearance rates have not changed
significantly between 2005 and 2010. Only in Latvia did the crime clearance
rate rise significantly in 2007. However, this is related to a new Criminal
Procedure Law and is not reported to be connected to the transposition of
the EU Data Retention Directive."
"Since crime clearance trends are completely unaffected by the retention of
communications data of non-suspects, there is no justification for the EU's
"big brother" policy of collecting telecommunications data on all 500
million EU citizens", explains Florian Altherr, member of the German Working
Group on Data Retention. "Ninety-eight percent of citizens are never
suspected of any wrongdoing. The right of protection of their personal data
from unjustified suspicion, data abuse and data loss due to data retention
policies must prevail. The EU must respect its Charter of Fundamental Rights
and give up its failed experiment of total data retention immediately."
"In light of these new crime statistics, the irresponsible campaign of fear
and continued scaremongering by some politicians after the annulment of the
German data retention law finds no justification in reality", says Michael
Ebeling of the German Working Group on Data Retention. "The truth is that
with targeted investigations of suspects we live just as safely as we would
with a policy of indiscriminate retention of all communications data. The
endless exaggeration and emotionally charged descriptions of isolated cases
combined with a massive media campaign is both misleading and unethical. In
my view this is nothing less than a populist defence of the most privacy
invasive and unpopular surveillance measure ever adopted by the EU."
German police statistics prove telecommunications data retention superfluous
(6.06.2011)
http://www.vorratsdatenspeicherung.de/content/view/455/79/lang,en/
EDRi-gram: German study finds the data retention ineffective (9.02.2011)
http://www.edri.org/edrigram/number9.3/telecom-data-retention-ineffective-g…
(Thanks to AK Vorrat - Germany)
============================================================
7. Big Brother Awards Italy 2011
============================================================
The winners of the Big Brother Awards Italy 2011 were designated on 3 June
2011, in Florence, on the occasion of the e-privacy conference 2011.
Facebook was the "star" of the awards being nominated for several categories
and won the price for the "Most Invasive Technology".
The "Lament of the People" award was not given this year, as the votes were
equally split between Telecom Italia, Facebook and the Ministry of Internal
Affairs. "Worst Public Agency" was again a tie between Facebook and Sony
Entertainment Systems which received an equal number of votes.
PEC and CEC-PAC (certified electronic mail), as normative and legal
obligation, received the award for the "Worst Public Agency" as the most
damaging for people's privacy.
The positive "Winston Smith - Privacy Hero" price was received by Stefano
Rodota for his work to the legislative proposal for the modification of
Constitution Article 21.
Big Brother Awards Italy 2011 (only in Italian)
http://bba.winstonsmith.org/
Big Brother Awards Italy: all the winners (only in Italian, 6.06.2011)
http://punto-informatico.it/3182022/PI/News/big-brother-awards-italia-tutti…
============================================================
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
============================================================
Late in 2010, with the issue of web blocking still being discussed in the
European Parliament, the European Commission decided, with complete
disregard for the outcome of the democratic process on this issue, to invest
a further 324 059 Euro in the COSPOL Internet Related Child Abuse Project
(CIRCAMP). The purpose of the CIRCAMP project is to lobby for internet
blocking in the European Union, both at an EU and a national level and to
support its implementation.
CIRCAMP promotes the use of blocking at a domain level (blocking a full
domain such as yahoo.com rather than, for example
yahoo.com/personalpage).The danger to innocent websites from this approach
is growing, as a result of a trend identified by the Internet Watch
Foundation of "individual offenders increasingly exploiting legitimate
hosting services to publish images.".
The inevitable blocking of innocent and entirely unrelated material as a
result of such a primitive approach is sold as a positive advantage on the
CIRCAMP website, which explains that "if a domain owner places, accidental
or willingly, child abuse material on his/her domain, and it is blocked by
the police, the blocking will not be lifted until the material is removed.
We believe that this will motivate content providers on the Internet to
actively make an effort to avoid files with child sexual abuse on their
systems/services." Despite this overt support for domain-level blocking, in
response to a parliamentary question, the Commission was mysteriously
unaware of the activities of the project it has been funding for years and
stated "the CIRCAMP project did not promote a specific level of blocking."
CIRCAMP appears either unaware or indifferent to the fact that its analysis
of its activities confuses basic concepts. Content providers (such
asbloggers) and domain name owners (such as blogger.com) are entirely
different. In a commercial environment, therefore, it is generally not the
domain owner that is putting content on his/her domain, it is the company's
customers. This leaves hosting companies with the threat of being blocked
unless they seek to achieve an impossible level of permanent surveillance of
their customers and delete anything that would risk the blocking system from
being implemented - innocent or not. Therefore, in addition to entirely
innocent material being deliberately blocked by the CIRCAMP system, it is
highly likely that completely innocent material will be deleted to avoid an
entire service from being blocked.
As the Commission and pro-blocking lobbyists have explained, most people
would hit the "blocking page" set up in such circumstances by accident.
Thereforeo there's no need to worry if you happen to find yourself on such a
page - the police, as usual, have no intention of undertaking
investigations, the activity is kept at a purely superficial level. That
said, despite the fact that the stop page is there to fight the unquantified
problem of accidental access, the CIRCAMP website explains that, in most
countries involved in CIRCAMP, ISPs hand over log files related to the
end-users that "hit" the blocking page (once directly personally
identifiable data has been removed).
In particular, the CIRCAMP website explains that "the statistics from these
logs will also provide an overview of the Internet usage related to child
sexual abusive material in addition to information about search words, type
of operating system, browser, time of day that most Internet users are
redirected to the "stop page" etc. This will provide the police with the
opportunity to have a qualified opinion about what their population look and
search for, where on the Internet they originate, what time of day is most
active and what kind of equipment they use." This volume of data means that,
in the absence of directly identifiable data, there are still numerous ways
that this data could be exploited to identify the individuals that are
assumed innocent - such as via the search provider.
It is difficult to imagine how it is possible for the European Commission to
put such an amount of money into a process described this month by the UN,
IACR, OSCE and ACHPR as an "extreme action that should only be taken in
accordance with international standards" (which is clearly not the case in
relation to CIRCAMP.
It is difficult to imagine how the Commission can give a response to a
parliamentary question on this issue which suggest that it either does not
know or does not care about the collateral damage caused by CIRCAMP's
support of domain level blocking.
It is difficult to imagine why the Commission invests so much money in
promoting and lobbying for blocking rather than investing in international
efforts to investigate and prosecute the crimes directly. This does,
however, explain why it is strongly opposing the European Parliament's
proposal of a reporting obligation for the Commission to explain what it is
doing internationally to deal with these crimes.
International Human Rights organisations statement on blocking (1.06.2011)
http://www.cidh.oas.org/relatoria/showarticle.asp?artID=848&lID=1
Internet Watch Foundation 2010 report
http://www.iwf.org.uk/assets/media/annual-reports/Internet%20Watch%20Founda…
Parliamentary question: Internet blocking and child pornography (26.10.2010)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+WQ+E-2010-…
EDRi blocking booklet
http://www.edri.org/files/blocking_booklet.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
9. Recommended Action. Smart meters: Let's be clever and team up
============================================================
The European Union decided that 80% of all users are to have a smart meter
in 2020. These instruments will then measure the consumption of gas and
electricity. They can be integrated in a smart grid, a network of users and
producers that ensures better tuning of supply and demand. When solar
generators produce electricity, the washing machine can best do its work.
This part sounds good? What about civil and digital rights? The issue is
related since there are also potentially some undesirable effects attached
to this new technology:
Privacy: The government, electricity producers and/or others may gain access
to detailed information about our energy use. The government may use this
information for investigations about when you were home, if you have a new
partner, if you lead a healthy life. You name it. Energy companies may
decide to target you with specific advertisements or sell the information.
In California, the energy company PG&E, smart meter producer GE and Google
work together. Also, criminals can use the information to build a profile
and ultimately use it for identity-theft, a once science fiction nightmare
that for many became a reality. Look it up if identity-theft is an abstract
word for you.
Security: This is closely linked to privacy. A leaky system will reveal
privacy data. In addition, the smart meter might give access to equipment
inside the house like the connected PC. Hacking the smart grid can also give
access to the light switch for the grid. By the way: smart meters can cut
off your energy remotely.
Electrosmog: With the authorities (WHO, Council of Europe) warning against
electromagnetic radiation, the dangers of wireless technology might finally
be taken seriously. Might. A smart meter can be equipped with wireless
technology, like GPRS, "RF-meshed" or a separate, more secure
protocol/frequency. Depending on the type of network and the information
exchange rate, the radiation can be more or less serious for the health of
humans, animals and plants. There is an alternative using wired technology.
It's called PLC or Power Line Carrier. Italy has already implemented this
system.
These are a few of the issues that surround smart meters. We're in the early
stages still. In Brussels, the representatives from all EU countries meet to
decide on the technology and the demands for smart meters, including the
rules and regulations.
The zeal to implement the smart grid is staggering. For the Netherlands the
whole issue started with a law proposal that would force every user to
accept the smart meter. This came out when Vrijbit, a Dutch privacy
organisation, and the Dutch Consumer NGO (Consumentenbond) read the small
print. Those who would refuse the smart meter could face up to 6 months
imprisonment. This brutal force was reason for the Senate to reject the law
proposal. The revised law passed early this year.
Now the Dutch pilot-implementation is planned by the start of 2012,
comprising 400 000 smart meters in 2 years. After the evaluation in the
parliament (end 2013), the final roll-out would comprise 7 million smart
meters. If it all satisfies the needs, i.e. a lot can still change.
In a recent meeting with people from the Ministry of Economic Affairs we
discussed privacy aspects of the smart meter. They made it clear that if
issues like privacy are to be taken seriously, European privacy
organisations need to team up. If pressure is applied now, if
representatives are compelled to take this issue seriously, then this
increases the chance for a better smart meter. From a manufacturing
viewpoint, special wishes will only be turned into actual product features
if there is sufficient market for these.
I am already member of Vrijbit, a Dutch privacy organisation. Other EDRi
members are also interested in smart meters as well. Are you a member of a
privacy organisation and interested in smart meters? Do you know people who
are? Let us establish a network to ensure our demands on privacy are known
in Brussels. Let's team up!
Contact me by Twitter: Mr_Communicator or eMail:
smitentertainment[ed]hotmail_com (Subject: Let's team up!)
Dutch government public message 'What is a smart meter?' (only in Dutch)
http://www.rijksoverheid.nl/onderwerpen/energie-en-kleinverbruikers/slimme-…
Vrijbit: File on Smart Meters (only in Dutch)
https://www.vrijbit.nl/dossier/financien/dossier-slimme-meters.html
The dark side of 'smart' meters (1.11.2010)
http://www.youtube.com/watch?v=FLeCTaSG2-U
The dark side of the smart electrical grid (24.10.2010)
http://www.plusultratech.com/2010/10/dark-side-of-smart-electrical-grid.html
Article 29 Working Party Opinion 12/2011 on smart metering (4.04.2011)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp183_en.pdf
(Contribution by Hendrick Smit, Utrecht, The Netherlands)
============================================================
10. Recommended Reading
============================================================
EDPS Annual report 2010 (15.06.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/…
New Brussels Lobbying Group Communia Works For A Stronger Public Domain
(13.06.2011)
http://www.ip-watch.org/weblog/2011/06/13/new-brussels-lobbying-group-commu…
Michael Geist: Europe Considers Using CETA To Create "Anti-Counterfeiting
Trade Agreement Plus" (13.06.2011)
http://www.michaelgeist.ca/content/view/5853/125/
Statewatch Analysis: Rethinking the EU Security Research Programme (pdf) by
Ben Hayes (06.2011)
http://www.statewatch.org/analyses/no-133-esrp-consultation-response.pdf
Policy brief: Protection of Personal Data in Republic of Moldova (9.06.2011)
http://www.soros.md/files/publications/documents/policy-brief-eng_final%20v…
============================================================
11. Agenda
============================================================
12-15 June 2011, Bled, Slovenia
24th Bled eConference, eFuture: Creating Solutions for the Individual,
Organisations and Society
http://www.bledconference.org/index.php/eConference/2011
14-16 June 2011, Washington DC, USA
CFP 2011 - Computers, Freedom & Privacy
"The Future is Now"
http://www.cfp.org/2011/wiki/index.php/Main_Page
25 June 2011, London, UK
Statewatching Europe: Civil liberties, the state and the EU
European Conference marking Statewatch's 20th anniversary
http://www.statewatch.org/conference/conference.pdf
30 June - 1 July 2011, Berlin, Germany
OKCon 2011 - annual open knowledge conference of the Open Knowledge
Foundation
http://okcon.org/2011
5-6 July 2011, Gvttingen, Germany
International Social Networking Summit
Organized by CONSENT consortium
http://consent.law.muni.cz/view.php?cisloclanku=2011050001
11-12 July 2011, Barcelona, Spain
7th International Conference on Internet, Law & Politics (IDP 2011): Net
Neutrality and other challenges for the future of the Internet
http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en
24-30 July 2011, Meissen, Germany
European Summer School on Internet Governance 2011
http://www.euro-ssig.eu/
11 October 2011, Brussels, Belgium
ePractice Workshop: Addressing evolving needs for cross-border eGovernment
services
http://www.epractice.eu/en/events/epractice-workshop-cross-border-services
27 - 30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/
============================================================
12. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
> Sergio,
>
> This indicator looks pretty neat. Thanks for sharing this on tahoe-dev!
It is my pleasure to post here. Tahoe-LAFS is a truly unique piece of
free software, cryptography for the masses. I should be the one to
thank you guys for that.
>
> The demo video shows you using a
> commandline tool called filefm, which I have hot heard of before as well.
>
> A quick search on the tahoe trac did not yield any results about that
> either. Would you mind explaining this tool, its advantages over
> standard tahoe cli and your setup as well?
Yeah, it's still under heavy development and unreleased (the Tahoe
bits). It's pretty much like 'tahoe cp' I guess, you can upload and
download files and directories (recursively). The main difference is
that it's both a CLI command and a library, and also supports
OpenStack Swift and Rackspace Cloudfiles using a uniform API, with AWS
S3 support comm coming ing soon.
I'm a Swift cluster maintainer myself (day job) and I used to run a
Swift cluster for myself too, now being replaced with Tahoe, since I
like to host my servers with different providers world wide and I love
my data to be encrypted there.
Currently I'm running a small Tahoe cluster with 5 storage nodes (2
@home, 3 elsewhere, ~1TB of storage) with a public SFTP gateway and a
private HTTP one (in my laptop). The easy of setup and maintenance
(compared to Swift) and the built-in encryption just blows my mind
away. As I said before, a truly unique piece of software.
I'm currently interested in making Tahoe-LAFS easier to use for some
folks who don't like CLI that much but still wanna join my network and
share stuff, so I created the AppIndicator. Currently pretty dumb, but
I plan to add some more features to it, so they can setup the whole
thing without having to resort to the CLI (local gateway setup via
wizard, easy creation and upload of files/folders, preferences GUI to
customize tahoce.cfg, etc). I've got plans to create a roadmap for it
and share it here, if that's of interest to you guys.
Thanks for the kind words.
> Thanks!
> Frederik
_______________________________________________
tahoe-dev mailing list
tahoe-dev(a)tahoe-lafs.org
https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
06 Jul '18
Autonet is a project to create a wireless, global internet that can
provide more reliability than corporate phone companies by being
community based and freely licensed.
Autonet is a project to create a wireless, global internet that can
provide more reliability than corporate phone companies by being
community based and freely licensed.
The cutting off access to The Pirate Bay by BT in the UK (
http://www.pcpro.co.uk/news/251609/bt-blocks-off-pirate-bay.html ) is
just another sign of the beginning of the end. The fact that the Great
Firewall of China exists signals that the internet is already obsolete
and that the Great Firewall of the US is just around the corner. While
moves against net neutrality began years ago and have been fought,
nasty laws such as HR4437 and the Total Information Awareness program
have a way of coming into existence later in the future, slightly
modified, under different names. The internet as we know it, as a
place for free exchange of information, as the center of what has been
called a second 17th century with new ideas, creativity and innovation
emerging daily, is rapidly coming to an end. We must use these last
gasps of freedom to route around the disaster and create a truly free
network.
How? Advances in wireless technology such as ubiquitous wireless
routers, community mesh networks which are easily expandable and
self-healing as well as long range wireless efforts such as HPWREN
indicate a possible future for a community based internet free of the
centralized control of telephone corporations and governments. While
this is definitely a fork, more forks are to come and we can only hope
that a few networks will emerge which can be broad enough to span most
of the globe.
Major questions remain to be solved, such as speed issues, routing
issues, DNS control, splits and neutrality. The Autonet, or Autonomous
Internet project seems to begin to address this rapidly changing
situation, where today Germany (
http://www.nettime.org/Lists-Archives/nettime-l-0906/msg00023.html )
has installed internet filtering as well and more countries are to
come. While today those cut off are defying copyright laws, tomorrow
any other political issue may be the cause for being denied access to
global networks. While today the FBI is content to steal servers from
information providers like Indymedia, perhaps tomorrow they will not
be happy until indymedia is completely cut off of the network, or
other open sources of information such as blogs, twitter accounts and
social networks of dissident groups.
The popular revolt in Iran and subsequent disruption of network access
by the Iranian government is only a glimpse of what is to come in the
US and around the world, where the first line of attack against
political resistance is to cut off network access. By establishing a
community based, wireless, global network we can allow groups of
individuals, not corporations, to maintain freedom of communication;
We can create out right to communicate instead of asking for it, and
continue to route around obsolete intellectual property laws which
restrict our dreams and our creativity. Join this effort by going to
http://alt-bit.org and contributing to this research, lets start
outlining the problems, finding the technical solutions and work out
the issues, collectively, as a Free Software / Open Hardware project,
using open licensing.
Another urgent reason for Autonet is one that has motivated Free
Software hackers for so long: Technological progress without a
reliance on corporate support. Given the current financial and
economic crises, how long can we expect dinosaurs like phone companies
to survive? If one of these crises turns into disaster, the
consequence is likely to be the disruption or collapse of the global
networks on which we rely. I am not ready to give up what has been
gained from these networks, including a worldwide communication
between political actors empowered through fast information flows. We
must start this long, difficult project today so that we may be ready
for unexpected dangers which threaten our capability to communicate as
a multitude, globally.
To add to the project, go to http://trac.alt-bit.org/wiki/projects/autonet
To sign up to participate, go to http://trac.alt-bit.org/register
_______________________________________________
p2presearch mailing list
p2presearch(a)listcultures.org
http://listcultures.org/mailman/listinfo/p2presearch_listcultures.org
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
It's a shame that the distinct concepts of "friend-to-friend net" [1] and
"blacknet" [2, 3, 4, 5] are being munged together in the media under the
rubric
"darknet".
The word "darknet" was coined, as far as I know, by Biddle, England, Peinado,
Willman [6]. Last time I read their paper, it appeared to me to describe a
system like Tim May's Blacknet -- an anonymous, secure, decentralized network
which is used to transfer information illegally. It didn't mention anything
about using friend-to-friend techniques to build such a network.
However, the media seems to have started using the word "Darknet" to mean a
friend-to-friend net and/or a blacknet [7, 8], thus simultaneously making it
harder for people to think about blacknets which are based on other than
friend-to-friend architectures and making it harder for people to think about
friend-to-friend networks which are used for other than illegal information
sharing.
I place some of the blame for this development on the Freenet folks, who may
be
the first to promulgate this munging, and if they aren't the first they're
certainly the most effective.
Of course, courting controversy in the mass media is part of the Freenet
strategy, and I'm not saying it's a bad strategy.
But oh well. It is too late to change media usage, and it isn't a good idea
to
maintain technical jargon which is related to but subtly different from media
terminology, so how about us technical folks, when we wish to denote a
network-used-for-illegal-information-trading, use the original term
"blacknet",
and when we wish to denote a network-built-on-friend-to-friend, use
"friend-to-friend net" or "f2f", and when we wish to refer to both of them
together or to confuse visiting reporters, we use "darknet".
Regards,
Zooko
[1] http://en.wikipedia.org/wiki/Friend-to-friend
[2] http://www.privacyexchange.org/iss/confpro/cfpuntraceable.html
[3] http://www.ussrback.com/crypto/misc/blacknet.html
[4] http://www-personal.umich.edu/~ludlow/worries.txt
[5] http://cypherpunks.venona.com/date/1993/08/msg00538.html
[6] http://www.bearcave.com/misl/misl_tech/msdrm/darknet.htm
[7] http://www.darknet.com/
[8] http://en.wikipedia.org/wiki/Darknet
_______________________________________________
p2p-hackers mailing list
p2p-hackers(a)zgp.org
http://zgp.org/mailman/listinfo/p2p-hackers
_______________________________________________
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
1
0
[Politech] More revelations about Bush and NSA domestic surveillance: a roundup [priv]
by Declan McCullagh 06 Jul '18
by Declan McCullagh 06 Jul '18
06 Jul '18
Tangentially-related article about judge approving cell phone monitoring
without requiring prosecutors to show evidence of probable cause:
http://news.com.com/Police+blotter+Judge+lets+Feds+track+cell+phones/2100-1…
8_3-6006453.html
How extensive is NSA's spy program:
http://news.com.com/Just+how+extensive+is+NSAs+spy+program/2100-1028_3-6006…
6.html
An earlier roundup of blog posts:
http://www.concurringopinions.com/archives/2005/12/nsa_surveillanc.html
Articles asking whether President Bush commited an impeachable offense:
http://www.cnsnews.com/news/viewstory.asp?Page=%5CPolitics%5Carchive%5C2005…
%5CPOL20051220a.html
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2005/12/24/MNGBOGD4FF1.DTL
http://www.foxnews.com/story/0,2933,179323,00.html
Previous Politech message:
http://www.politechbot.com/2005/12/20/transcript-of-briefing/
http://www.politechbot.com/2005/12/20/two-submissions-on/
http://www.politechbot.com/2005/12/21/democrats-scramble-to/
-Declan
-------- Original Message --------
Subject: HAVE YOU SEEN THIS? NY Times on NSA data mining
Date: Sat, 24 Dec 2005 00:27:35 -0800
From: Philip Merrill <veyr(a)earthlink.net>
To: Fred von Lohmann EFF <fred(a)eff.org>, Cory Doctorow <cory(a)eff.org>,
Declan McCullagh <declan(a)well.com>
Fred, Cory, Declan,
http://nytimes.com/2005/12/24/politics/24spy.html
Spy Agency Mined Vast Data Trove, Officials Report
By ERIC LICHTBLAU and JAMES RISEN
Published: December 24, 2005
...
A former technology manager at a major telecommunications company said
that since the Sept. 11 attacks, the leading companies in the industry
have been storing information on calling patterns and giving it to the
federal government to aid in tracking possible terrorists.
"All that data is mined with the cooperation of the government and
shared with them, and since 9/11, there's been much more active
involvement in that area," said the former manager, a telecommunications
expert who did not want his name or that of his former company used
because of concern about revealing trade secrets.
Such information often proves just as valuable to the government as
eavesdropping on the calls themselves, the former manager said.
"If they get content, that's useful to them too, but the real plum is
going to be the transaction data and the traffic analysis," he said.
"Massive amounts of traffic analysis information - who is calling whom,
who is in Osama Bin Laden's circle of family and friends - is used to
identify lines of communication that are then given closer scrutiny."
...
Phil Karn, a computer engineer and technology expert at a major West
Coast telecommunications company, said access to such switches would be
significant. "If the government is gaining access to the switches like
this, what you're really talking about is the capability of an enormous
vacuum operation to sweep up data," he said.
[BY THE WAY guys, here is an e-mail I just sent about this: "This is
truly interesting and not surprising from a technical point of view. As
someone who looks at how ISPs are treated, it explains things I already
knew. In terms of any positive potential for the future, it just shows
what a different world we are now living in that this is even possible.
My MUSIC bias is to try to figure out how musicians can get paid based
on today's technology. Puts the attached-below news article in a
different light."]
-------- Original Message --------
Subject: Reliability of information from telephone wiretaps
Date: Wed, 21 Dec 2005 10:09:48 -0800
From: Alan Barclay <barclay(a)rtda.com>
Organization: Runtime Design Automation
To: declan(a)well.com
CC: bankston(a)eff.org
Hello Declan:-
I came across a very interesting paper on wiretap evasion by
Matt Blaze (UPenn) at the following URL.
http://www.doxpara.com/?q=node&from=0
I particularly think that the legal implications on the
reliability of information obtained by phone wiretaps may
be far-reaching, and of interest to Politech readers.
Especially given the current administration's demonstrated
record of vindictiveness, I agree with Dan's conjecture
about Matt's cojones.
News article (incorrectly attributed to NY Times in above):
http://www.iht.com/articles/2005/11/30/business/taps.php
Summary of paper:
http://www.crypto.com/papers/wiretapping/
Full paper
http://www.crypto.com/papers/wiretap.pdf
Best wishes for the holiday season and for the New Year.
Thanks again for running Politech.
Regards,
Alan Barclay
--
--Alan Barclay-- barclay(a)rtda.com (408) 492-0942 direct
www.rtda.com (408) 492-0940 main
-------- Original Message --------
Subject: Re: [Politech] Democrats scramble to say they didn't tacitly
approve Bush's NSA surveillance [priv]
Date: Wed, 21 Dec 2005 12:21:27 -0800
From: Benjamin SMITH <b3smith(a)mac.com>
To: Declan McCullagh <declan(a)well.com>
References: <43A99CEB.4010509(a)well.com>
Uh, Declan, the handful of Congresspeople who were even able to
see the Administration's plans with the NSA were barred from discussing
it even with their staffs, and others (like Senator Graham of FL) said
that the briefings were much less informative than what was revealed in
Friday's article in the NYT. Cherry-picked information, limited
access... wait a minute, that sounds familiar... -b3n
-------- Original Message --------
Subject: Re: [Politech] Democrats scramble to say they didn't tacitly
approve Bush's NSA surveillance [priv]
Date: Wed, 21 Dec 2005 14:33:06 -0500
From: Eric Gasior <eric(a)tastysnackcracker.com>
To: Declan McCullagh <declan(a)well.com>
References: <43A99CEB.4010509(a)well.com>
Declan,
In fairness it should be pointed out that the briefings were classified
therefore the ability of Rockefeller and Pelosi to inform others was
limited.
>From Sen. Rockefeller's statement on 12/19:
"The limited members who were told of the program were prohibited by
the Administration from sharing any information about it with our
colleagues, including other members of the Intelligence Committees."
http://rockefeller.senate.gov/news/2005/pr121905a.html
Eric Gasior
"First of all, let me assert my firm belief that the only thing we have
to fear is fear itself - nameless, unreasoning, unjustified terror
which paralyzes needed efforts to convert retreat into advance."
-- Franklin D. Roosevelt, First Inaugural Address, Mar. 4, 1933
-------- Original Message --------
Subject: Re: [Politech] One more submission on Bush authorizing secret
surveillance
Date: Wed, 21 Dec 2005 16:02:18 EST
From: MarkKernes(a)aol.com
To: declan(a)well.com
http://www.avn.com/index.php?Primary_Navigation=Articles&Action=View_Articl…
Content_ID=251800
News Analysis:
Why You Should Be Worried About Bush's Illegal Wiretaps
By Mark Kernes
12-19-2005
WASHINGTON, D.C. ? In his annual end-of-the-year speech delivered on
Saturday, President Bush admitted to having committed at least 30
federal crimes by
having issued an executive order authorizing the National Security
Agency to
intercept the international communications of people, including U.S.
citizens
(known in the law as "United States persons"), with known links to Al
Qaeda and
related terrorist organizations, and renewing that order, according to one
report, more than 36 times. Each renewal could be considered by a court to
constitute a separate crime.
[snip]
Mark Kernes, AVN
"Those who fail to learn the lessons of history are doomed to have them
repeated for them." ? Me
-------- Original Message --------
Subject: Re: [Politech] Two submissions on Bush authorizing secret
surveillance by National Security Agency [priv]
Date: Wed, 21 Dec 2005 23:38:20 -0500 (EST)
From: Dean Anderson <dean(a)av8.com>
To: Declan McCullagh <declan(a)well.com>
CC: politech(a)politechbot.com
FYI, its my read of the news on this issue the Whitehouse is claiming
that the
authorization to 'use any and all means appropriate to fight terrorism'
supercedes the FISA and all other laws governing wiretapping, and indeed, I
think they interpret it to be authorization to supercede all other laws
governing anything else as well. This interpretation, if actually the
position
of the Whitehouse, is far more disturbing than tapping Americans
talking/emailing foriegners internationally.
In the case of tapping international calls and emails, there is
ambiguity as to
whether FISA applies anyway. In 1978, tapping was done on wires. It had
to be
done on the caller or the called. That is, in the US or outside the US.
Suppose we tapped Osama's phone, physically in Afghanistan, and an American
contact was made, FISA wouldn't apply. However, if we tapped the
American (or
more likely, a foriegner) physically in the US, hopping a contact would
be made,
FISA would apply. But modern surveillance is done differently because
telecom
is also different, now.
In the case of modern international call, the tapping is probably done from
space, using a satellite, or an undersea cable. And modern tapping can
essentially scan all calls/emails for keywords. FISA covers surveillance
done in
the US. If the surveillance is done outside the US then FISA doesn't
apply.
Arguably, these interceptions might occur outside the US. But---I don't
think
this argument has been raised in this case. Rather, the Whitehouse seems
to be
claiming that it has congressional authorization for carte blanch
superceding
all prior laws incluing FISA.
--Dean
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
1
0
06 Jul '18
Autonet is a project to create a wireless, global internet that can
provide more reliability than corporate phone companies by being
community based and freely licensed.
Autonet is a project to create a wireless, global internet that can
provide more reliability than corporate phone companies by being
community based and freely licensed.
The cutting off access to The Pirate Bay by BT in the UK (
http://www.pcpro.co.uk/news/251609/bt-blocks-off-pirate-bay.html ) is
just another sign of the beginning of the end. The fact that the Great
Firewall of China exists signals that the internet is already obsolete
and that the Great Firewall of the US is just around the corner. While
moves against net neutrality began years ago and have been fought,
nasty laws such as HR4437 and the Total Information Awareness program
have a way of coming into existence later in the future, slightly
modified, under different names. The internet as we know it, as a
place for free exchange of information, as the center of what has been
called a second 17th century with new ideas, creativity and innovation
emerging daily, is rapidly coming to an end. We must use these last
gasps of freedom to route around the disaster and create a truly free
network.
How? Advances in wireless technology such as ubiquitous wireless
routers, community mesh networks which are easily expandable and
self-healing as well as long range wireless efforts such as HPWREN
indicate a possible future for a community based internet free of the
centralized control of telephone corporations and governments. While
this is definitely a fork, more forks are to come and we can only hope
that a few networks will emerge which can be broad enough to span most
of the globe.
Major questions remain to be solved, such as speed issues, routing
issues, DNS control, splits and neutrality. The Autonet, or Autonomous
Internet project seems to begin to address this rapidly changing
situation, where today Germany (
http://www.nettime.org/Lists-Archives/nettime-l-0906/msg00023.html )
has installed internet filtering as well and more countries are to
come. While today those cut off are defying copyright laws, tomorrow
any other political issue may be the cause for being denied access to
global networks. While today the FBI is content to steal servers from
information providers like Indymedia, perhaps tomorrow they will not
be happy until indymedia is completely cut off of the network, or
other open sources of information such as blogs, twitter accounts and
social networks of dissident groups.
The popular revolt in Iran and subsequent disruption of network access
by the Iranian government is only a glimpse of what is to come in the
US and around the world, where the first line of attack against
political resistance is to cut off network access. By establishing a
community based, wireless, global network we can allow groups of
individuals, not corporations, to maintain freedom of communication;
We can create out right to communicate instead of asking for it, and
continue to route around obsolete intellectual property laws which
restrict our dreams and our creativity. Join this effort by going to
http://alt-bit.org and contributing to this research, lets start
outlining the problems, finding the technical solutions and work out
the issues, collectively, as a Free Software / Open Hardware project,
using open licensing.
Another urgent reason for Autonet is one that has motivated Free
Software hackers for so long: Technological progress without a
reliance on corporate support. Given the current financial and
economic crises, how long can we expect dinosaurs like phone companies
to survive? If one of these crises turns into disaster, the
consequence is likely to be the disruption or collapse of the global
networks on which we rely. I am not ready to give up what has been
gained from these networks, including a worldwide communication
between political actors empowered through fast information flows. We
must start this long, difficult project today so that we may be ready
for unexpected dangers which threaten our capability to communicate as
a multitude, globally.
To add to the project, go to http://trac.alt-bit.org/wiki/projects/autonet
To sign up to participate, go to http://trac.alt-bit.org/register
_______________________________________________
p2presearch mailing list
p2presearch(a)listcultures.org
http://listcultures.org/mailman/listinfo/p2presearch_listcultures.org
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
[tahoe-announce] Announcing Tahoe, the Least-Authority File System, v1.8.1
by David-Sarah Hopwood 06 Jul '18
by David-Sarah Hopwood 06 Jul '18
06 Jul '18
ANNOUNCING Tahoe, the Least-Authority File System, v1.8.1
The Tahoe-LAFS team is pleased to announce the immediate
availability of version 1.8.1 of Tahoe-LAFS, an extremely
reliable distributed storage system. Get it here:
http://tahoe-lafs.org/source/tahoe/trunk/docs/quickstart.html
Tahoe-LAFS is the first distributed storage system to offer
"provider-independent security" b meaning that not even the
operators of your storage servers can read or alter your data
without your consent. Here is the one-page explanation of its
unique security and fault-tolerance properties:
http://tahoe-lafs.org/source/tahoe/trunk/docs/about.html
The previous stable release of Tahoe-LAFS was v1.8.0, which was
released September 23, 2010 [1].
v1.8.1 is a stable bugfix release correcting a number of minor
issues. It also includes a modest performance improvement in
downloading, and a fix for a security issue involving HTTP
proxies. See the NEWS file [2] for details.
WHAT IS IT GOOD FOR?
With Tahoe-LAFS, you distribute your filesystem across
multiple servers, and even if some of the servers fail or are
taken over by an attacker, the entire filesystem continues to
work correctly, and continues to preserve your privacy and
security. You can easily share specific files and directories
with other people.
In addition to the core storage system itself, volunteers
have built other projects on top of Tahoe-LAFS and have
integrated Tahoe-LAFS with existing systems, including
Windows, JavaScript, iPhone, Android, Hadoop, Flume, Django,
Puppet, bzr, mercurial, perforce, duplicity, TiddlyWiki, and
more. See the Related Projects page on the wiki [3].
We believe that strong cryptography, Free and Open Source
Software, erasure coding, and principled engineering practices
make Tahoe-LAFS safer than RAID, removable drive, tape,
on-line backup or cloud storage.
This software is developed under test-driven development, and
there are no known bugs or security flaws which would
compromise confidentiality or data integrity under recommended
use. (For all important issues that we are currently aware of
please see the known_issues.txt file [4].)
COMPATIBILITY
This release is compatible with the version 1 series of
Tahoe-LAFS. Clients from this release can write files and
directories in the format used by clients of all versions back
to v1.0 (which was released March 25, 2008). Clients from this
release can read files and directories produced by clients of
all versions since v1.0. Servers from this release can serve
clients of all versions back to v1.0 and clients from this
release can use servers of all versions back to v1.0.
This is the eleventh release in the version 1 series. This
series of Tahoe-LAFS will be actively supported and maintained
for the forseeable future, and future versions of Tahoe-LAFS
will retain the ability to read and write files compatible
with this series.
LICENCE
You may use this package under the GNU General Public License,
version 2 or, at your option, any later version. See the file
"COPYING.GPL" [5] for the terms of the GNU General Public
License, version 2.
You may use this package under the Transitive Grace Period
Public Licence, version 1 or, at your option, any later
version. (The Transitive Grace Period Public Licence has
requirements similar to the GPL except that it allows you to
delay for up to twelve months after you redistribute a derived
work before releasing the source code of your derived work.)
See the file "COPYING.TGPPL.html" [6] for the terms of the
Transitive Grace Period Public Licence, version 1.
(You may choose to use this package under the terms of either
licence, at your option.)
INSTALLATION
Tahoe-LAFS works on Linux, Mac OS X, Windows, Cygwin, Solaris,
*BSD, and probably most other systems. Start with
"docs/quickstart.html" [7].
HACKING AND COMMUNITY
Please join us on the mailing list [8]. Patches are gratefully
accepted -- the RoadMap page [9] shows the next improvements
that we plan to make and CREDITS [10] lists the names of people
who've contributed to the project. The Dev page [11] contains
resources for hackers.
SPONSORSHIP
Tahoe-LAFS was originally developed by Allmydata, Inc., a
provider of commercial backup services. After discontinuing
funding of Tahoe-LAFS R&D in early 2009, they continued
to provide servers, bandwidth, small personal gifts as tokens
of appreciation, and bug reports.
Google, Inc. sponsored Tahoe-LAFS development as part of the
Google Summer of Code 2010. They awarded four sponsorships to
students from around the world to hack on Tahoe-LAFS that
summer.
Thank you to Allmydata and Google for their generous and
public-spirited support.
HACK TAHOE-LAFS!
If you can find a security flaw in Tahoe-LAFS which is serious
enough that we feel compelled to warn our users and issue a fix,
then we will award you with a customized t-shirts with your
exploit printed on it and add you to the "Hack Tahoe-LAFS Hall
Of Fame" [12].
ACKNOWLEDGEMENTS
This is the fifth release of Tahoe-LAFS to be created solely
as a labor of love by volunteers. Thank you very much to the
team of "hackers in the public interest" who make Tahoe-LAFS
possible.
David-Sarah Hopwood and Zooko Wilcox-O'Hearn
on behalf of the Tahoe-LAFS team
November 28, 2010
Rainhill, Merseyside, UK and Boulder, Colorado, USA
[1] http://tahoe-lafs.org/trac/tahoe/browser/relnotes.txt?rev=4747
[2] http://tahoe-lafs.org/trac/tahoe/browser/NEWS?rev=4854
[3] http://tahoe-lafs.org/trac/tahoe/wiki/RelatedProjects
[4] http://tahoe-lafs.org/trac/tahoe/browser/docs/known_issues.txt
[5] http://tahoe-lafs.org/trac/tahoe/browser/COPYING.GPL
[6] http://tahoe-lafs.org/source/tahoe/trunk/COPYING.TGPPL.html
[7] http://tahoe-lafs.org/source/tahoe/trunk/docs/quickstart.html
[8] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
[9] http://tahoe-lafs.org/trac/tahoe/roadmap
[10] http://tahoe-lafs.org/trac/tahoe/browser/CREDITS?rev=4797
[11] http://tahoe-lafs.org/trac/tahoe/wiki/Dev
[12] http://tahoe-lafs.org/hacktahoelafs/
--
David-Sarah Hopwood b% http://davidsarah.livejournal.com
_______________________________________________
tahoe-announce mailing list
tahoe-announce(a)tahoe-lafs.org
http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-announce
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
[tahoe-announce] Announcing Tahoe, the Least-Authority File System, v1.8.1
by David-Sarah Hopwood 06 Jul '18
by David-Sarah Hopwood 06 Jul '18
06 Jul '18
ANNOUNCING Tahoe, the Least-Authority File System, v1.8.1
The Tahoe-LAFS team is pleased to announce the immediate
availability of version 1.8.1 of Tahoe-LAFS, an extremely
reliable distributed storage system. Get it here:
http://tahoe-lafs.org/source/tahoe/trunk/docs/quickstart.html
Tahoe-LAFS is the first distributed storage system to offer
"provider-independent security" b meaning that not even the
operators of your storage servers can read or alter your data
without your consent. Here is the one-page explanation of its
unique security and fault-tolerance properties:
http://tahoe-lafs.org/source/tahoe/trunk/docs/about.html
The previous stable release of Tahoe-LAFS was v1.8.0, which was
released September 23, 2010 [1].
v1.8.1 is a stable bugfix release correcting a number of minor
issues. It also includes a modest performance improvement in
downloading, and a fix for a security issue involving HTTP
proxies. See the NEWS file [2] for details.
WHAT IS IT GOOD FOR?
With Tahoe-LAFS, you distribute your filesystem across
multiple servers, and even if some of the servers fail or are
taken over by an attacker, the entire filesystem continues to
work correctly, and continues to preserve your privacy and
security. You can easily share specific files and directories
with other people.
In addition to the core storage system itself, volunteers
have built other projects on top of Tahoe-LAFS and have
integrated Tahoe-LAFS with existing systems, including
Windows, JavaScript, iPhone, Android, Hadoop, Flume, Django,
Puppet, bzr, mercurial, perforce, duplicity, TiddlyWiki, and
more. See the Related Projects page on the wiki [3].
We believe that strong cryptography, Free and Open Source
Software, erasure coding, and principled engineering practices
make Tahoe-LAFS safer than RAID, removable drive, tape,
on-line backup or cloud storage.
This software is developed under test-driven development, and
there are no known bugs or security flaws which would
compromise confidentiality or data integrity under recommended
use. (For all important issues that we are currently aware of
please see the known_issues.txt file [4].)
COMPATIBILITY
This release is compatible with the version 1 series of
Tahoe-LAFS. Clients from this release can write files and
directories in the format used by clients of all versions back
to v1.0 (which was released March 25, 2008). Clients from this
release can read files and directories produced by clients of
all versions since v1.0. Servers from this release can serve
clients of all versions back to v1.0 and clients from this
release can use servers of all versions back to v1.0.
This is the eleventh release in the version 1 series. This
series of Tahoe-LAFS will be actively supported and maintained
for the forseeable future, and future versions of Tahoe-LAFS
will retain the ability to read and write files compatible
with this series.
LICENCE
You may use this package under the GNU General Public License,
version 2 or, at your option, any later version. See the file
"COPYING.GPL" [5] for the terms of the GNU General Public
License, version 2.
You may use this package under the Transitive Grace Period
Public Licence, version 1 or, at your option, any later
version. (The Transitive Grace Period Public Licence has
requirements similar to the GPL except that it allows you to
delay for up to twelve months after you redistribute a derived
work before releasing the source code of your derived work.)
See the file "COPYING.TGPPL.html" [6] for the terms of the
Transitive Grace Period Public Licence, version 1.
(You may choose to use this package under the terms of either
licence, at your option.)
INSTALLATION
Tahoe-LAFS works on Linux, Mac OS X, Windows, Cygwin, Solaris,
*BSD, and probably most other systems. Start with
"docs/quickstart.html" [7].
HACKING AND COMMUNITY
Please join us on the mailing list [8]. Patches are gratefully
accepted -- the RoadMap page [9] shows the next improvements
that we plan to make and CREDITS [10] lists the names of people
who've contributed to the project. The Dev page [11] contains
resources for hackers.
SPONSORSHIP
Tahoe-LAFS was originally developed by Allmydata, Inc., a
provider of commercial backup services. After discontinuing
funding of Tahoe-LAFS R&D in early 2009, they continued
to provide servers, bandwidth, small personal gifts as tokens
of appreciation, and bug reports.
Google, Inc. sponsored Tahoe-LAFS development as part of the
Google Summer of Code 2010. They awarded four sponsorships to
students from around the world to hack on Tahoe-LAFS that
summer.
Thank you to Allmydata and Google for their generous and
public-spirited support.
HACK TAHOE-LAFS!
If you can find a security flaw in Tahoe-LAFS which is serious
enough that we feel compelled to warn our users and issue a fix,
then we will award you with a customized t-shirts with your
exploit printed on it and add you to the "Hack Tahoe-LAFS Hall
Of Fame" [12].
ACKNOWLEDGEMENTS
This is the fifth release of Tahoe-LAFS to be created solely
as a labor of love by volunteers. Thank you very much to the
team of "hackers in the public interest" who make Tahoe-LAFS
possible.
David-Sarah Hopwood and Zooko Wilcox-O'Hearn
on behalf of the Tahoe-LAFS team
November 28, 2010
Rainhill, Merseyside, UK and Boulder, Colorado, USA
[1] http://tahoe-lafs.org/trac/tahoe/browser/relnotes.txt?rev=4747
[2] http://tahoe-lafs.org/trac/tahoe/browser/NEWS?rev=4854
[3] http://tahoe-lafs.org/trac/tahoe/wiki/RelatedProjects
[4] http://tahoe-lafs.org/trac/tahoe/browser/docs/known_issues.txt
[5] http://tahoe-lafs.org/trac/tahoe/browser/COPYING.GPL
[6] http://tahoe-lafs.org/source/tahoe/trunk/COPYING.TGPPL.html
[7] http://tahoe-lafs.org/source/tahoe/trunk/docs/quickstart.html
[8] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
[9] http://tahoe-lafs.org/trac/tahoe/roadmap
[10] http://tahoe-lafs.org/trac/tahoe/browser/CREDITS?rev=4797
[11] http://tahoe-lafs.org/trac/tahoe/wiki/Dev
[12] http://tahoe-lafs.org/hacktahoelafs/
--
David-Sarah Hopwood b% http://davidsarah.livejournal.com
_______________________________________________
tahoe-announce mailing list
tahoe-announce(a)tahoe-lafs.org
http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-announce
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
> I would imagine this sort of thing to be useful for, say, NGOs and people in the field to have
> a secure decentralised email infrastructure.
You don't need mail servers for such an infrastructure over networks
like Tor and I2P, where nodes can have persistent addresses b see
cables communication in LibertC) Linux, which sends messages directly
between hidden services / eepsites: http://dee.su/cables.
--
Maxim Kammerer
LibertC) Linux (discussion / support: http://dee.su/liberte-contribute)
_______________________________________________
tor-talk mailing list
tor-talk(a)lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0