July 2018 - cypherpunks-legacy

EDRi-gram newsletter - Number 8.17, 8 September 2010
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 8.17, 8 September 2010 ============================================================ Contents ============================================================ 1. Deleting illegal sites is more efficient than blocking them 2. France: Imminent "Humanitarian Fingerprinting" of Roma with OSCAR 3. INDECT - privacy ethics in a secret project 4. Germany wants a new law to protect employees' privacy 5. State of play for ID cards in Europe 6. YouTube guilty of its users' copyright infringement says a German court 7. UK: Harassing innocent users for copyright infringement 8. ENDitorial: ACTA endgame - The devil is in the detail 9. Recommended Reading 10. Agenda 11. About ============================================================ 1. Deleting illegal sites is more efficient than blocking them ============================================================ Eco, the Association of German Internet Economy, presented, in a press conference in Berlin on 1 September 2010, the situation related to fighting child pornography, reaching the conclusion that deleting was, in 98% of the cases, more efficient than blocking illegal sites. Thus, out of 197 child pornography sites reported at the Eco Internet Complaint during the first half of 2010, 194 were offline in a week. "The Websites that are hosted on the German servers were offline regularly within one business day." The main reason for this successful result is the establishment of "notice and takedown" procedures and the increase of national reporting offices. The hosting providers are more directly informed and they are more successful in deleting sites than the police. This report only comes to confirm what it has lately been constantly repeated by ISPs, Internet users, associations and specialists that blocking sites is an inefficient measure. Several associations such as EDRi or MOGiS have argued in several occasions (as it was the case of the draft directive proposed by European Commissioner Cecilia Malmstrvm to establish blocking at the European level) that blocking is a useless and costly measure that can be easily by-passed and which does not treat the problem, while causing censureship issues. Eco: Delete works up to 98% (only in German, 1.09.2010) http://www.netzpolitik.org:80/2010/eco-loschen-funktioniert-zu-98/ Germany: Deleting instead of blocking is more efficient (only in French, 2.09.2010) http://vasistas.wordpress.com:80/2010/09/02/allemagne-la-suppression-au-lie… Delete, don't block (30.03.2010) http://www.presseurop.eu/en/content/article/220161-delete-don-t-block EDRi-gram: EDRi sends open letter to EU Commissioners to oppose Internet blocking (10.03.2010) http://www.edri.org/edrigram/number8.5/edri-open-letter-internet-blocking ============================================================ 2. France: Imminent "Humanitarian Fingerprinting" of Roma with OSCAR ============================================================ The xenophobic anti-Roma campaign run by the French government following President Sarkozy's discourse at the end of July has led to the brutal dismantling of numerous Roma camps, and to the expulsion of 1 000 foreign Roma people from the country within the last month. How could this happen, given that most if not all of them are either from Romania or Bulgaria? As EU citizens since 1 January 2007, they should normally benefit from freedom of movement in the Union. The reality is that Romanians and Bulgarians are actually treated as 2nd class EU citizens in countries such as France, where restrictions have been imposed on their right to stay, even for a less than 3 month period. As a consequence, they can be expelled from the country inter alia in case they "threaten the public order" or they "constitute an unreasonable charge to the French social assistance system". Sarkozy's government suddenly decided that Roma settlements are highly threatening French public order. Courts disagree though, as recent annulment of expulsion decisions in Lille have shown. However, such legal recourse can seldom occur, when one only has 48 hours to file the case, not to mention the immense practical difficulties for this population to exercise such rights, even with the support of French NGOs. This highly publicized campaign has shed the light on a French database called OSCAR ( Tool for Repatriation Aid Statistics and Control - "Outil de Statistiques et de Contrtle de l'Aide au Retour" in French), created by decree in October 2009. OSCAR aims at collecting biometric data (digital photograph and 10 fingerprints) of foreigners expelled from the country or even leaving it voluntarily, with the benefit of a small grant. In the case of EU citizens, the grant takes the form of a "humanitarian repatriation help" of 300 Euro per person, with an additional 100 Euro for each accompanying child. In such case, if the child is more than 12 years old, his biometric data are also collected and stored in OSCAR. These data are stored during 5 years. It must be noted that, although this seems recent news to the general public, to the European Commission and to the international press, the French government decided to set up this "humanitarian repatriation help" for EU citizens at the end of 2006, anticipating the "consequences" of Romania and Bulgaria adhesion to the EU. This can be directly inferred from an inter-ministerial administrative document of 7 December 2006 and from a provision of the 2007 Immigration law authorizing the fingerprinting of the "repatriation grant" recipients. As official data shows, before 1 January 2007, Romanian and Bulgarian citizens formed 25% of the total number of expelled irregular migrants. After they became EU citizens, the number of "humanitarian repatriation help" grew from less than 400 in 2005 and 2006 to almost 3 000 in 2007, more than 10 000 in 2008 (81% of them granted to Romanians and 9% to Bulgarians) and more than 12 000 in 2009 (83% granted to Romanians and 7% to Bulgarians). As documented by many NGOs, the French government has been forcing Roma people to sign on the "humanitarian repatriation help", as this is the only really "legal" mean to expel them. The novelty thus resides in the spectacular Roma-bashing political campaign. Three French NGOs, among them EDRI member IRIS, have filed a complaint in December 2009 before the Conseil d'Etat, to obtain the annulment of the OSCAR database. Together with GISTI (an association defending the rights of migrants) and LDH (French Human Rights League), IRIS claims that the biometric nature of the data and the duration of its storage are arbitrary and disproportionate, given the purpose of the database, which is simply the management of the grant attribution in order to ensure that one cannot claim it twice. It is also disproportionate given the amount of the grant, which is minimal. The complaint also includes other legal arguments, such as the storage of the foreigners' addresses in their own country, and the possibility to interconnect OSCAR with AGDREF, the foreigners' register, containing a lot more information for different purposes, though no biometric data so far. While only non biometric data were stored in OSCAR till now, since the biometric fingerprints collecting system was not yet acquired and installed, Eric Besson, French minister of Immigration, recently announced in the framework of the current anti-Roma campaign, that biometrics will be in place in OSCAR starting on 1 October. In an immediate reaction, GISTI, IRIS and LDH have asked the Conseil d'Etat to process their complaint in emergency. The xenophobic anti-Roma campaign, which has been facing strong reactions from very diverse sources in the country and abroad, needs to be urgently stopped. The 3 NGOs also remind in their press release that the OSCAR database concerns an even larger public, that is, all foreigners, EU citizens or not, staying legally or illegally in France and likely to receive any form of "repatriation help". As stated by a member of the Parliament from the opposition in 2007, during the discussion of the latest Immigration law providing for fingerprinting this population: "So, even back to their country, foreigners would annoy us to the extent that we need to file them!". At least, they annoy Sarkozy and its supporters. EU questions legality of French Roma expulsions (01.09.2010) http://euobserver.com/9/30720 NGOs press release: "Biometric filing of Roma: the Conseil d'Etat Annulment of OSCAR file becomes urgent" (only in French,31.08.2010) http://www.iris.sgdg.org/info-debat/comm-oscar0810.html IRIS Dossier on OSCAR and related documents http://www.iris.sgdg.org/actions/fichiers/ (Contribution by Meryem Marzouki, EDRI-member IRIS - France) ============================================================ 3. INDECT - privacy ethics in a secret project ============================================================ A new document on ethical issues published by the INDECT European research project on public surveillance has once more attracted the scrutiny of the media. Previous allegations of secrecy were followed by an attempt to strengthen the project's Ethics Board. The new document however notes that addressing ethical concerns requires time that cannot be spent on research. It therefore recommends to simply stop disclosing any project deliverables that could negatively impact "organisational reputation" and other sensitive topics. The INDECT Project, funded with almost 11 million euros, aims to research on "Intelligent information system supporting observation, searching and detection for security of citizens in urban environment" but was qualified by The Telegraph last year as the "'Orwellian' artificial intelligence plan to monitor public for 'abnormal behaviour'". Following the article, a lot of public pressure was put from media, civil society and the European Parliament. MEPs addressed to the European Commission 10 questions in the past year related to the project and its privacy ethics. One of the answers of the European Commission was: "In order to further enhance the role of the project's Ethics Board, the Commission will recommend to the project to add an additional independent expert. This expert will have proven expertise in ethical and data protection issues", but, so far, the Ethics board has been dominated by Police Officers and no privacy experts. The project published in August 2010 a first public document that has as objective "to give an overview of activities relevant to ethical issues undertaken within INDECT during the first year of project work." One of the conclusions of the document shows in fact little consideration for the public interest: "What is discouraging for persons working in INDECT is that instead of making research a significant amount of the time is consumed for explaining what the project is NOT about." Moreover, as emphasized by Futurezone.orf.at, the document has also other shortcomings in terms of secrecy, as most of the documents developed within the project could remain away from the public eye: "In addressing the issue of public disclosure, as presently deliverables do not indicate any level of disclosure, it was agreed that: - No issues that could impact negatively upon o Law enforcement capability o National Security o Public Safety o Organisational Reputation should be published in the public domain - Summary documents of such deliverables should not be published." In fact, two of the documents that have been made publicly available on the project website, have disappeared from there. But they have re-appeared on other independant websites, as pointed by the Futurezone.orf.at investigation. Also, the initial video-presentation of the INDECT project, available on YouTube and receiving a lot of negative comments, has now become just a private video. INDECT - Ethical Issues 2009 (17.08.2010) http://www.indect-project.eu/files/deliverables/public/INDECT_Deliverable_D… EU Monitoring: INDECT keeping a low profile (only in German, 3.09.2010) http://futurezone.orf.at/stories/1659751/ INDECT: The missing papers (only in German, 8.09.2010) http://futurezone.orf.at/stories/1660457/ MEPs questions on INDECT project (2009-2010) http://bit.ly/ciy5Ot INDECT Ethics Board Members http://www.indect-project.eu/ethics-board-members EDRi-gram: Third PrivacyOS: More Privacy, Increased awareness (5.11.2009) http://www.edri.org/edrigram/number7.21/privacy-os-third-conference ============================================================ 4. Germany wants a new law to protect employees' privacy ============================================================ Following several scandals during the last years related to the surveillance of employees in several companies, the German government has recently tabled a draft bill that would forbid employers to use hidden cameras or social networking websites to spy on employees. Interior Minister Thomas de Maiziere said the new law would be beneficial for both parties. "It's a balanced compromise among the various interests and will foster more trust in the workplace between employer and employees". As many retailers in Germany have been using hidden cameras to catch employees believed to steal, one of the proposed measures is that employers can no longer use video surveillance on workers without their knowledge. They will be allowed to use video cameras in public areas such as around the cash register or the entrance to a supermarket to prevent shop-lifting but video surveillance will be forbidden in private areas such as changing rooms, break rooms and bathrooms. The bill also regulates phone, email and Internet surveillance at the workplace. The bill will forbid employers to gather private information of candidate employees from networks such as Facebook and MySpace, but they will still be able to get information by means of publicly accessible sources on search engines and professional social networks, such as LinkedIn. An employer getting friends with a prospective employee or hacking his (her) Facebook account to get personal information will be punished with a fine of up to 300 000 euro, acts which will be however difficult to prove. The bill is to be debated and approved by the German Parliament this Autumn and if passed, Germany will become the first country to place restrictions on the use of personal information found on social networking sites such as Facebook. France has also played with the idea of "the right to oblivion" but without a final result. In UK, the law is not restrictive regarding searching of personal data on the Internet for employers. "I know a lot of employers will put an applicant's name into Google to see what comes up, and nothing in UK law prevents that. In terms of how employers use the information they find, they have to be conscious of a person's rights, particularly under the Data Protection Act," said Kirsty Ayre, a partner in Pinsent Masons law firm. An Employment Practices Code published by the UK Information Commissioner's Office says that during a recruitment process, employers have to: "Explain the nature of and sources from which information might be obtained about the applicant in addition to the information supplied directly by the applicant" and to "Ensure there is a clear statement on the application form or surrounding documents, explaining what information will be sought and from whom." According to Ayre, employers should avoid using information obtained from online sources in ways that might be discriminatory as an Internet search may reveal characteristics that are protected by anti-discrimination laws across the UK, such as a person's age, religion or sexual preferences. Germany weighs bill to outlaw spying on employees (25.08.2010) http://www.dw-world.de:80/dw/article/0,,5942077,00.html Germany to ban employers from snooping on Facebook (27.08.2010) http://euobserver.com/851/30685 German law bans Facebook research for hiring decisions (26.08.2010) http://www.out-law.com//default.aspx?page=11336 The German Law (only in German, 24.08.2010) http://www.bmi.bund.de/cae/servlet/contentblob/1286172/publicationFile/9529… ============================================================ 5. State of play for ID cards in Europe ============================================================ A new analysis was made public by Statewatch based on the answers to a questionnaire regarding the "state of play concerning electronic identity cards" in the EU Member States and countries that are members of the so-called "Mixed Committee" that is part of Schengen (Iceland, Lichtenstein, Norway and Switzerland). The 23 replies to the questionnaire show that: - 17 countries make it mandatory for their citizens to have an ID card, four do not; - 13 countries issue traditional ID cards, eight issue cards containing contact and/or RFID chips, two countries do not issue ID cards (Norway, UK). Of the eight countries that issue electronic ID cards with the capacity to store biometric data, six have chosen to do so (Belgium, Italy, Lithuania, Portugal, Spain and Sweden). Lithuania, Portugal and Spain store biometric data centrally, while Italy has a decentralised system. After the biometrics is already introduced by the Council of the European Union in Visas, resident third country nationals and the EU passports, now the national ID cards are on the table, claiming their scope as travel documents within the Schengen Area. The questionnaire had no questions regarding privacy issues and only one dealing indirectly with security issues (Did you detect any altered or forged data storage device in any identity card?). Statewatch concludes that "This is the start of a process of 'soft-law making' over which the European and national parliaments have no say", considering that the Council might adopt Conclusions of the national ID cards, that the EU members states will use to take joint common actions. Statewatch Briefing: ID Cards in the EU: Current state of play (09.2010) http://www.statewatch.org/analyses/no-107-national-ID-cards-questionnaire.p… EU Council - Questionnaire (26.03.2010) http://www.statewatch.org/news/2010/jun/eu-council-ID-cards-5299-1-10.pdf EU Council - Answers to Questionnaire State of play concerning the electronic identity cards in the EU Member States (31.05.2010) http://www.statewatch.org/news/2010/jun/eu-council-ID-cards-9949-10.pdf ============================================================ 6. YouTube guilty of its users' copyright infringement says a German court ============================================================ On 3 September 2010, the German Hamburg state court ruled that Google's subsidiary YouTube had to pay damages for not having prevented and blocked the upload by its users of several videos of Sarah Brightman's performances, thus violating its copyright. Although YouTube uses a standardized form to users regarding their right to publish materials, the court did not find this enough and considered YouTube as legally responsible for the content uploaded, especially as the platform can be used anonymously, in the court's opinion. YouTube uses Content ID, an anti-pirating technology to check out videos. Now the page for adding videos includes now a warning that uploading copyrighted content is not allowed unless the uploader is the right holder or has previously received the right holders' agreement. A prior verification of all the materials made available on the platform would however create a huge problem for YouTube as, according to last year's figures, 24h of video were uploaded every minute, which makes the measure impossible from the financial as well as personnel point of view. Also, this would be contrary to the EU E-commerce directive which specifically states that such an online service has not a general obligation to "monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity." YouTube must not publish those videos anymore and has to provide information to establish the amount of compensation for the uploading of the videos. Google will appeal the decision. In another case in Germany one week before, Google had a slight success in its trial with the German collective societies, when the court declined to issue a preliminary injunction against YouTube. But the court also estimated that the collective societies may have the right to ask for taking down of videos for which collective contributions haven't been paid, but this needs to be proven during the trial, not in an interim injunction. The court's decision is the result of a long battle between collective society GEMA, the German Society for musical performing and mechanical reproduction rights, and Google, who have been trying for over a year to renegotiate a license expired in March 2009. GEMA and other collective societies have failed so far to obtain in court the injunction of YouTube but what they actually want is to get paid for Internet broadcast of the videos. The negotiations have failed because there is a discrepancy between the payment expectations of the two sides. GEMA is used to the traditional method of royalty collection where a user pays at every broadcast of a copyrighted material, while YouTube, generating its revenues from advertising, does not charge users to watch videos. German court rules against YouTube over copyright (4.09.2010) http://www.google.com:80/hostednews/ap/article/ALeqM5iJ6jhspHQJ_JJyw3Ba0sWK… German judge chides Google over YouTube freeloading (31.08.2010) http://www.theregister.co.uk/2010/08/31/gema_youtube/ German battle over YouTube royalties wages on (27.08.2010) http://www.dw-world.de/dw/article/0,,5951245,00.html ============================================================ 7. UK: Harassing innocent users for copyright infringement ============================================================ ACS:Law having sent tens of thousands of cash demands to make supposed copyright infringement lawsuits go away, has been referred to the Solicitors Disciplinary Group for "bullying and excessive conduct". The referral was the result of a coordinated work of wrongly accused people and of consumers groups such as Which? and BeingThreatened.com. However, Andrew Crossley, the principal of ACS:Law, goes regularly to court against thousands of individuals he states are infringing his clients' copyrights, although he presents no solid proof for his allegations. The law says that in order to have infringed copyright, Internet subscribers must have either shared files themselves or explicitly authorized someone else to do it. ACS:Law cannot know who used a computer at a given time and wrongfully suggest that the bill payer is the infringer or that he (she) has the responsibility to say who did the alleged file-sharing. The company's actions seriously affect a lot of wrongly accused people. ACS:Law has been one of the most controversial law companies in the last years. The company has kept busy the Solicitors Regulatory Authority (SRA), a body regulating more than 110 000 solicitors in the UK, the regulatory body of the Law Society of England and Wales, which is meant to keep an eye on disreputable lawyers. According to TorrentFreak, in September 2009, the complaints made to the SRA about the conduct of ACS:Law constituted more than 16% of all complaints for the whole month. Since 8 July 2010, the SRA has received an unprecedented number of 418 official complaints against ACS:Law from members of the public, a record in the IP sector. In 2009, consumer group Which? filed a complaint against ACS:Law in which it accused the law firm of bullying recipients by its threatening letters. Finally, SRA has now referred Andrew Crossley to the Solicitors Disciplinary Tribunal which adjudicates upon breaches of professional conduct and is meant to protect the public by maintaining the reputation of the legal profession. Its powers include the ability to fine, reprimand or even strike off a lawyer, but the process will be long. "We also echo the comments of Which? that the process appears very drawn out and consumer unfriendly. We would also welcome clarification from the SRA as to whether a temporary hold has been enforced on the continued practice of ACS:Law in relation to filesharing cases or if they will be free to continue their campaign unabated until the Solicitors Disciplinary Tribunal has ruled," stated BeingThreatened.com's spokesman for TorrentFreak. A team of lawyers is offering to coordinate a group action in order to gather compensation for Crossley's harassed victims. "It can be incredibly upsetting for people to receive such letters and they may well have a claim for harassment against ACS Law so I am urging them to come forward," says Michael Forrester of Ralli's Intellectual Property and Harassment Law team. "Our aim is for the actions to cost claimants nothing," said Robert Illidge from Ralli's. "It depends on who is involved, how many claims and how the cases are presented. There are a number of ways of funding group action litigation such as the 'no win, no fee' basis." A success of the action may bring damage compensations for the participants for their "financial loss and anxiety the letters and other correspondence have caused. The law also allows individuals to obtain injunctions in certain specific circumstances, which, if obtained would prevent the harassment from continuing," added Illidge. Wrongfully Accused Of File-Sharing? File For Harassment (31.08.2010) http://torrentfreak.com:80/wrongfully-accused-of-file-sharing-file-for-hara… File-Sharing Lawyers To Face Disciplinary Tribunal (23.08.2010) http://torrentfreak.com/file-sharing-lawyers-to-face-disciplinary-tribunal-… File sharing: are you breaking the law? http://www.which.co.uk/campaigns/technology/file-sharing-are-you-breaking-t… Being Threatened? - Portal http://beingthreatened.yolasite.com/portal.php The Speculative Invoicing Handbook (2009) http://torrentfreak.com/static/The-Speculative-Invoicing-Handbook.pdf ============================================================ 8. ENDitorial: ACTA endgame - The devil is in the detail ============================================================ The last week has seen a flurry of activity surrounding ACTA, with the leak of the latest negotiating text, as well as the adoption of a Written Declaration by the European Parliament. Some parts of ACTA remain very problematic, such as the text related to statutory damages. Also, the text on the liability of online intermediaries and the extent to which they will be expected to police their clients is now shorter, but less clear than ever before. The current text reads as follows: "Each Party shall endeavor to promote cooperative efforts within the business community to effectively address [US: copyright and related rights][EU/J: intellectual property rights] infringement while preserving legitimate competition and consistent with each Party's law, preserving principles relating to freedom of expression, fair process, and privacy, [EU: among other [US: fundamental] principles]." The first point to note is that this is ostensibly a trade agreement. As a result, every party can claim a legitimate interest in ensuring the implementation of trade-related provisions (such as "cooperation" between ISPs and rightholders) and could, therefore, demand enforcement of this to some degree. However, no party would have an interest in, or a legal means of, ensuring the implementation of fundamental rights in other jurisdictions. As a result, the obligations part of this text is enforceable by parties, while the rights part is not, even though both seem equal in the text. Secondly, this approach, where ISPs are coerced into a policing role creates an entirely unpredictable environment. Due to the ongoing vertical integration, it is impossible to tell how "cooperation" or surveillance ISPs will feel motivated and justified to undertake. Already we see the British media provider/ISP Virgin planning to undertake deep packet inspection - a "beta test" that will give heart to every totalitarian regime in the world - on a test basis. If ISPs are blocking, filtering and carrying out surveillance to protect Mick Jagger, what will the EU say to Iran when it does the same thing to protect, as it would see it, the functioning of the state? Furthermore, and these are in EU law already, but with the limited privacy and human rights protection that the EU offers, the damages and intermediary injunctions proposed in the current text will help encourage ISPs to "volunteer" to collaborate with rightsholders. This gives rise to a third issue - where does this leave the European Union's legal obligations to promote and protect democracy and the rule of law in its international relations. Can active support for privatisation of law enforcement in third countries be considered compatible with the obligation in the Treaty on European Union to cooperate in all fields of international relations, in order to consolidate and support democracy and the rule of law? The European Parliament's Written Declaration is a huge step forward, setting clear limits for the European Commission with regard to harmonization, due process, coercion of ISPs to "voluntarily" undertake blocking/filtering/three strikes, etc. Importantly, it also asks for "all documents related to the ongoing negotiations publicly available" rather than simply the most recent texts. Preparatory texts will be essential for the Parliament and the public at large, to understand the real meaning of the Agreement. The weakening of some of the most egregious elements of ACTA's disregard for the rights of citizens is very welcome - but the devil is still in the detail. The fight goes on. Virgin Media to trial piracy-detection software (17.01.2010) http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article69… Treaty on European Union http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2010:083:0013:00… Written Declaration 12 on the lack of a transparent process for the Anti-Counterfeiting Trade Agreement (ACTA) and potentially objectionable content http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+WDECL+P… Adoption of anti-ACTA declaration - "a big victory" (7.09.2010) http://www.numerama.com/magazine/16698-adoption-de-la-declaration-anti-acta… European Parliament vs. ACTA: Rejection is the only option (8.09.2010) http://www.laquadrature.net/en/european-parliament-vs-acta-rejection-is-the… (Contribution by Joe McNamee - EDRi) ============================================================ 9. Recommended Reading ============================================================ Hadopi: rightholders want to convince Internet subscribers to accept DPI filtering (only in French, 2.09.2010) Since 2009 a series of interest groups have been discussing with the Internal Market DG in the European Commissionon on how to fight the illegal p2p usage. The internal documents presented by PcINpact show how these lobbists are pushing for a new European copyright implementation and how HADOPI will be used in France to test the Deep Packet Inspection with voluntary users. http://www.pcinpact.com/actu/news/59102-hadopi-bruxelles-filtrage-blocage-e… http://www.pcinpact.com/actu/news/59106-hadopi-dpi-vedicis-scpp-filtrage.htm UK: Understanding surveillance statistics by Tony Bunyan http://www.statewatch.org/news/2010/aug/05uk-understanding-surveillance-sta… Consumer Watchdog - "Don't Be Evil?" video - Final Version. http://www.youtube.com/watch?v=Ouof1OzhL8k Electronic Communication Industry: Joint Statement on the EU- South Korea FTA (09.2010) http://www.euroispa.org/files/joint_industry_statement_on_eu_korea_fta.pdf The Relationship Between IP, Technology Transfer, and Development (30.08.2010) http://www.ip-watch.org/weblog/2010/08/30/the-relationship-between-ip-techn… ============================================================ 10. Agenda ============================================================ 11 September 2010, Europe International action day "Freedom not Fear - Stop the Surveillance Mania!" http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2010 13-17 September 2010, Crete, Greece Privacy and Security in the Future Internet 3rd Network and Information Security (NIS'10) Summer School http://www.nis-summer-school.eu 14-16 September 2010, Vilnius, Lithuania Internet Governance Forum 2010 http://igf2010.lt/ 20-21 September 2010, Helsinki Finland Finnish Internet Forum http://internetforum.fi 8-9 October 2010, Berlin, Germany The 3rd Free Culture Research Conference http://wikis.fu-berlin.de/display/fcrc/Home 25-26 October 2010, Jerusalem, Israel OECD Conference on "Privacy, Technology and Global Data Flows", celebrating the 30th anniversary of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data http://www.oecd.org/sti/privacyanniversary 27-29 October 2010, Jerusalem, Israel The 32nd Annual International Conference of Data Protection and Privacy Commissioners http://www.privacyconference2010.org/ 28-31 October 2010, Barcelona, Spain oXcars and Free Culture Forum 2010, the biggest free culture event of all time http://exgae.net/oxcars10 http://fcforum.net/10 3-5 November 2010, Barcelona, Spain The Fifth International Conference on Legal, Security and Privacy Issues in IT Law. Call for papers deadline: 10 September 2010 http://www.lspi.net/ 5-7 November 2010, Cologne, Germany Transparency, Work, Surveillance Joint Annual Meeting of FIfF and DVD http://fiff.de/veranstaltungen/fiff-jahrestagungen/JT2010/jt2010_uebersicht 17 November 2010, Gent, Belgium Big Brother Awards 2010 Belgium http://www.winuwprivacy.be/kandidaten ============================================================ 11. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 27 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

EDRi-gram newsletter - Number 8.17, 8 September 2010
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 8.17, 8 September 2010 ============================================================ Contents ============================================================ 1. Deleting illegal sites is more efficient than blocking them 2. France: Imminent "Humanitarian Fingerprinting" of Roma with OSCAR 3. INDECT - privacy ethics in a secret project 4. Germany wants a new law to protect employees' privacy 5. State of play for ID cards in Europe 6. YouTube guilty of its users' copyright infringement says a German court 7. UK: Harassing innocent users for copyright infringement 8. ENDitorial: ACTA endgame - The devil is in the detail 9. Recommended Reading 10. Agenda 11. About ============================================================ 1. Deleting illegal sites is more efficient than blocking them ============================================================ Eco, the Association of German Internet Economy, presented, in a press conference in Berlin on 1 September 2010, the situation related to fighting child pornography, reaching the conclusion that deleting was, in 98% of the cases, more efficient than blocking illegal sites. Thus, out of 197 child pornography sites reported at the Eco Internet Complaint during the first half of 2010, 194 were offline in a week. "The Websites that are hosted on the German servers were offline regularly within one business day." The main reason for this successful result is the establishment of "notice and takedown" procedures and the increase of national reporting offices. The hosting providers are more directly informed and they are more successful in deleting sites than the police. This report only comes to confirm what it has lately been constantly repeated by ISPs, Internet users, associations and specialists that blocking sites is an inefficient measure. Several associations such as EDRi or MOGiS have argued in several occasions (as it was the case of the draft directive proposed by European Commissioner Cecilia Malmstrvm to establish blocking at the European level) that blocking is a useless and costly measure that can be easily by-passed and which does not treat the problem, while causing censureship issues. Eco: Delete works up to 98% (only in German, 1.09.2010) http://www.netzpolitik.org:80/2010/eco-loschen-funktioniert-zu-98/ Germany: Deleting instead of blocking is more efficient (only in French, 2.09.2010) http://vasistas.wordpress.com:80/2010/09/02/allemagne-la-suppression-au-lie… Delete, don't block (30.03.2010) http://www.presseurop.eu/en/content/article/220161-delete-don-t-block EDRi-gram: EDRi sends open letter to EU Commissioners to oppose Internet blocking (10.03.2010) http://www.edri.org/edrigram/number8.5/edri-open-letter-internet-blocking ============================================================ 2. France: Imminent "Humanitarian Fingerprinting" of Roma with OSCAR ============================================================ The xenophobic anti-Roma campaign run by the French government following President Sarkozy's discourse at the end of July has led to the brutal dismantling of numerous Roma camps, and to the expulsion of 1 000 foreign Roma people from the country within the last month. How could this happen, given that most if not all of them are either from Romania or Bulgaria? As EU citizens since 1 January 2007, they should normally benefit from freedom of movement in the Union. The reality is that Romanians and Bulgarians are actually treated as 2nd class EU citizens in countries such as France, where restrictions have been imposed on their right to stay, even for a less than 3 month period. As a consequence, they can be expelled from the country inter alia in case they "threaten the public order" or they "constitute an unreasonable charge to the French social assistance system". Sarkozy's government suddenly decided that Roma settlements are highly threatening French public order. Courts disagree though, as recent annulment of expulsion decisions in Lille have shown. However, such legal recourse can seldom occur, when one only has 48 hours to file the case, not to mention the immense practical difficulties for this population to exercise such rights, even with the support of French NGOs. This highly publicized campaign has shed the light on a French database called OSCAR ( Tool for Repatriation Aid Statistics and Control - "Outil de Statistiques et de Contrtle de l'Aide au Retour" in French), created by decree in October 2009. OSCAR aims at collecting biometric data (digital photograph and 10 fingerprints) of foreigners expelled from the country or even leaving it voluntarily, with the benefit of a small grant. In the case of EU citizens, the grant takes the form of a "humanitarian repatriation help" of 300 Euro per person, with an additional 100 Euro for each accompanying child. In such case, if the child is more than 12 years old, his biometric data are also collected and stored in OSCAR. These data are stored during 5 years. It must be noted that, although this seems recent news to the general public, to the European Commission and to the international press, the French government decided to set up this "humanitarian repatriation help" for EU citizens at the end of 2006, anticipating the "consequences" of Romania and Bulgaria adhesion to the EU. This can be directly inferred from an inter-ministerial administrative document of 7 December 2006 and from a provision of the 2007 Immigration law authorizing the fingerprinting of the "repatriation grant" recipients. As official data shows, before 1 January 2007, Romanian and Bulgarian citizens formed 25% of the total number of expelled irregular migrants. After they became EU citizens, the number of "humanitarian repatriation help" grew from less than 400 in 2005 and 2006 to almost 3 000 in 2007, more than 10 000 in 2008 (81% of them granted to Romanians and 9% to Bulgarians) and more than 12 000 in 2009 (83% granted to Romanians and 7% to Bulgarians). As documented by many NGOs, the French government has been forcing Roma people to sign on the "humanitarian repatriation help", as this is the only really "legal" mean to expel them. The novelty thus resides in the spectacular Roma-bashing political campaign. Three French NGOs, among them EDRI member IRIS, have filed a complaint in December 2009 before the Conseil d'Etat, to obtain the annulment of the OSCAR database. Together with GISTI (an association defending the rights of migrants) and LDH (French Human Rights League), IRIS claims that the biometric nature of the data and the duration of its storage are arbitrary and disproportionate, given the purpose of the database, which is simply the management of the grant attribution in order to ensure that one cannot claim it twice. It is also disproportionate given the amount of the grant, which is minimal. The complaint also includes other legal arguments, such as the storage of the foreigners' addresses in their own country, and the possibility to interconnect OSCAR with AGDREF, the foreigners' register, containing a lot more information for different purposes, though no biometric data so far. While only non biometric data were stored in OSCAR till now, since the biometric fingerprints collecting system was not yet acquired and installed, Eric Besson, French minister of Immigration, recently announced in the framework of the current anti-Roma campaign, that biometrics will be in place in OSCAR starting on 1 October. In an immediate reaction, GISTI, IRIS and LDH have asked the Conseil d'Etat to process their complaint in emergency. The xenophobic anti-Roma campaign, which has been facing strong reactions from very diverse sources in the country and abroad, needs to be urgently stopped. The 3 NGOs also remind in their press release that the OSCAR database concerns an even larger public, that is, all foreigners, EU citizens or not, staying legally or illegally in France and likely to receive any form of "repatriation help". As stated by a member of the Parliament from the opposition in 2007, during the discussion of the latest Immigration law providing for fingerprinting this population: "So, even back to their country, foreigners would annoy us to the extent that we need to file them!". At least, they annoy Sarkozy and its supporters. EU questions legality of French Roma expulsions (01.09.2010) http://euobserver.com/9/30720 NGOs press release: "Biometric filing of Roma: the Conseil d'Etat Annulment of OSCAR file becomes urgent" (only in French,31.08.2010) http://www.iris.sgdg.org/info-debat/comm-oscar0810.html IRIS Dossier on OSCAR and related documents http://www.iris.sgdg.org/actions/fichiers/ (Contribution by Meryem Marzouki, EDRI-member IRIS - France) ============================================================ 3. INDECT - privacy ethics in a secret project ============================================================ A new document on ethical issues published by the INDECT European research project on public surveillance has once more attracted the scrutiny of the media. Previous allegations of secrecy were followed by an attempt to strengthen the project's Ethics Board. The new document however notes that addressing ethical concerns requires time that cannot be spent on research. It therefore recommends to simply stop disclosing any project deliverables that could negatively impact "organisational reputation" and other sensitive topics. The INDECT Project, funded with almost 11 million euros, aims to research on "Intelligent information system supporting observation, searching and detection for security of citizens in urban environment" but was qualified by The Telegraph last year as the "'Orwellian' artificial intelligence plan to monitor public for 'abnormal behaviour'". Following the article, a lot of public pressure was put from media, civil society and the European Parliament. MEPs addressed to the European Commission 10 questions in the past year related to the project and its privacy ethics. One of the answers of the European Commission was: "In order to further enhance the role of the project's Ethics Board, the Commission will recommend to the project to add an additional independent expert. This expert will have proven expertise in ethical and data protection issues", but, so far, the Ethics board has been dominated by Police Officers and no privacy experts. The project published in August 2010 a first public document that has as objective "to give an overview of activities relevant to ethical issues undertaken within INDECT during the first year of project work." One of the conclusions of the document shows in fact little consideration for the public interest: "What is discouraging for persons working in INDECT is that instead of making research a significant amount of the time is consumed for explaining what the project is NOT about." Moreover, as emphasized by Futurezone.orf.at, the document has also other shortcomings in terms of secrecy, as most of the documents developed within the project could remain away from the public eye: "In addressing the issue of public disclosure, as presently deliverables do not indicate any level of disclosure, it was agreed that: - No issues that could impact negatively upon o Law enforcement capability o National Security o Public Safety o Organisational Reputation should be published in the public domain - Summary documents of such deliverables should not be published." In fact, two of the documents that have been made publicly available on the project website, have disappeared from there. But they have re-appeared on other independant websites, as pointed by the Futurezone.orf.at investigation. Also, the initial video-presentation of the INDECT project, available on YouTube and receiving a lot of negative comments, has now become just a private video. INDECT - Ethical Issues 2009 (17.08.2010) http://www.indect-project.eu/files/deliverables/public/INDECT_Deliverable_D… EU Monitoring: INDECT keeping a low profile (only in German, 3.09.2010) http://futurezone.orf.at/stories/1659751/ INDECT: The missing papers (only in German, 8.09.2010) http://futurezone.orf.at/stories/1660457/ MEPs questions on INDECT project (2009-2010) http://bit.ly/ciy5Ot INDECT Ethics Board Members http://www.indect-project.eu/ethics-board-members EDRi-gram: Third PrivacyOS: More Privacy, Increased awareness (5.11.2009) http://www.edri.org/edrigram/number7.21/privacy-os-third-conference ============================================================ 4. Germany wants a new law to protect employees' privacy ============================================================ Following several scandals during the last years related to the surveillance of employees in several companies, the German government has recently tabled a draft bill that would forbid employers to use hidden cameras or social networking websites to spy on employees. Interior Minister Thomas de Maiziere said the new law would be beneficial for both parties. "It's a balanced compromise among the various interests and will foster more trust in the workplace between employer and employees". As many retailers in Germany have been using hidden cameras to catch employees believed to steal, one of the proposed measures is that employers can no longer use video surveillance on workers without their knowledge. They will be allowed to use video cameras in public areas such as around the cash register or the entrance to a supermarket to prevent shop-lifting but video surveillance will be forbidden in private areas such as changing rooms, break rooms and bathrooms. The bill also regulates phone, email and Internet surveillance at the workplace. The bill will forbid employers to gather private information of candidate employees from networks such as Facebook and MySpace, but they will still be able to get information by means of publicly accessible sources on search engines and professional social networks, such as LinkedIn. An employer getting friends with a prospective employee or hacking his (her) Facebook account to get personal information will be punished with a fine of up to 300 000 euro, acts which will be however difficult to prove. The bill is to be debated and approved by the German Parliament this Autumn and if passed, Germany will become the first country to place restrictions on the use of personal information found on social networking sites such as Facebook. France has also played with the idea of "the right to oblivion" but without a final result. In UK, the law is not restrictive regarding searching of personal data on the Internet for employers. "I know a lot of employers will put an applicant's name into Google to see what comes up, and nothing in UK law prevents that. In terms of how employers use the information they find, they have to be conscious of a person's rights, particularly under the Data Protection Act," said Kirsty Ayre, a partner in Pinsent Masons law firm. An Employment Practices Code published by the UK Information Commissioner's Office says that during a recruitment process, employers have to: "Explain the nature of and sources from which information might be obtained about the applicant in addition to the information supplied directly by the applicant" and to "Ensure there is a clear statement on the application form or surrounding documents, explaining what information will be sought and from whom." According to Ayre, employers should avoid using information obtained from online sources in ways that might be discriminatory as an Internet search may reveal characteristics that are protected by anti-discrimination laws across the UK, such as a person's age, religion or sexual preferences. Germany weighs bill to outlaw spying on employees (25.08.2010) http://www.dw-world.de:80/dw/article/0,,5942077,00.html Germany to ban employers from snooping on Facebook (27.08.2010) http://euobserver.com/851/30685 German law bans Facebook research for hiring decisions (26.08.2010) http://www.out-law.com//default.aspx?page=11336 The German Law (only in German, 24.08.2010) http://www.bmi.bund.de/cae/servlet/contentblob/1286172/publicationFile/9529… ============================================================ 5. State of play for ID cards in Europe ============================================================ A new analysis was made public by Statewatch based on the answers to a questionnaire regarding the "state of play concerning electronic identity cards" in the EU Member States and countries that are members of the so-called "Mixed Committee" that is part of Schengen (Iceland, Lichtenstein, Norway and Switzerland). The 23 replies to the questionnaire show that: - 17 countries make it mandatory for their citizens to have an ID card, four do not; - 13 countries issue traditional ID cards, eight issue cards containing contact and/or RFID chips, two countries do not issue ID cards (Norway, UK). Of the eight countries that issue electronic ID cards with the capacity to store biometric data, six have chosen to do so (Belgium, Italy, Lithuania, Portugal, Spain and Sweden). Lithuania, Portugal and Spain store biometric data centrally, while Italy has a decentralised system. After the biometrics is already introduced by the Council of the European Union in Visas, resident third country nationals and the EU passports, now the national ID cards are on the table, claiming their scope as travel documents within the Schengen Area. The questionnaire had no questions regarding privacy issues and only one dealing indirectly with security issues (Did you detect any altered or forged data storage device in any identity card?). Statewatch concludes that "This is the start of a process of 'soft-law making' over which the European and national parliaments have no say", considering that the Council might adopt Conclusions of the national ID cards, that the EU members states will use to take joint common actions. Statewatch Briefing: ID Cards in the EU: Current state of play (09.2010) http://www.statewatch.org/analyses/no-107-national-ID-cards-questionnaire.p… EU Council - Questionnaire (26.03.2010) http://www.statewatch.org/news/2010/jun/eu-council-ID-cards-5299-1-10.pdf EU Council - Answers to Questionnaire State of play concerning the electronic identity cards in the EU Member States (31.05.2010) http://www.statewatch.org/news/2010/jun/eu-council-ID-cards-9949-10.pdf ============================================================ 6. YouTube guilty of its users' copyright infringement says a German court ============================================================ On 3 September 2010, the German Hamburg state court ruled that Google's subsidiary YouTube had to pay damages for not having prevented and blocked the upload by its users of several videos of Sarah Brightman's performances, thus violating its copyright. Although YouTube uses a standardized form to users regarding their right to publish materials, the court did not find this enough and considered YouTube as legally responsible for the content uploaded, especially as the platform can be used anonymously, in the court's opinion. YouTube uses Content ID, an anti-pirating technology to check out videos. Now the page for adding videos includes now a warning that uploading copyrighted content is not allowed unless the uploader is the right holder or has previously received the right holders' agreement. A prior verification of all the materials made available on the platform would however create a huge problem for YouTube as, according to last year's figures, 24h of video were uploaded every minute, which makes the measure impossible from the financial as well as personnel point of view. Also, this would be contrary to the EU E-commerce directive which specifically states that such an online service has not a general obligation to "monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity." YouTube must not publish those videos anymore and has to provide information to establish the amount of compensation for the uploading of the videos. Google will appeal the decision. In another case in Germany one week before, Google had a slight success in its trial with the German collective societies, when the court declined to issue a preliminary injunction against YouTube. But the court also estimated that the collective societies may have the right to ask for taking down of videos for which collective contributions haven't been paid, but this needs to be proven during the trial, not in an interim injunction. The court's decision is the result of a long battle between collective society GEMA, the German Society for musical performing and mechanical reproduction rights, and Google, who have been trying for over a year to renegotiate a license expired in March 2009. GEMA and other collective societies have failed so far to obtain in court the injunction of YouTube but what they actually want is to get paid for Internet broadcast of the videos. The negotiations have failed because there is a discrepancy between the payment expectations of the two sides. GEMA is used to the traditional method of royalty collection where a user pays at every broadcast of a copyrighted material, while YouTube, generating its revenues from advertising, does not charge users to watch videos. German court rules against YouTube over copyright (4.09.2010) http://www.google.com:80/hostednews/ap/article/ALeqM5iJ6jhspHQJ_JJyw3Ba0sWK… German judge chides Google over YouTube freeloading (31.08.2010) http://www.theregister.co.uk/2010/08/31/gema_youtube/ German battle over YouTube royalties wages on (27.08.2010) http://www.dw-world.de/dw/article/0,,5951245,00.html ============================================================ 7. UK: Harassing innocent users for copyright infringement ============================================================ ACS:Law having sent tens of thousands of cash demands to make supposed copyright infringement lawsuits go away, has been referred to the Solicitors Disciplinary Group for "bullying and excessive conduct". The referral was the result of a coordinated work of wrongly accused people and of consumers groups such as Which? and BeingThreatened.com. However, Andrew Crossley, the principal of ACS:Law, goes regularly to court against thousands of individuals he states are infringing his clients' copyrights, although he presents no solid proof for his allegations. The law says that in order to have infringed copyright, Internet subscribers must have either shared files themselves or explicitly authorized someone else to do it. ACS:Law cannot know who used a computer at a given time and wrongfully suggest that the bill payer is the infringer or that he (she) has the responsibility to say who did the alleged file-sharing. The company's actions seriously affect a lot of wrongly accused people. ACS:Law has been one of the most controversial law companies in the last years. The company has kept busy the Solicitors Regulatory Authority (SRA), a body regulating more than 110 000 solicitors in the UK, the regulatory body of the Law Society of England and Wales, which is meant to keep an eye on disreputable lawyers. According to TorrentFreak, in September 2009, the complaints made to the SRA about the conduct of ACS:Law constituted more than 16% of all complaints for the whole month. Since 8 July 2010, the SRA has received an unprecedented number of 418 official complaints against ACS:Law from members of the public, a record in the IP sector. In 2009, consumer group Which? filed a complaint against ACS:Law in which it accused the law firm of bullying recipients by its threatening letters. Finally, SRA has now referred Andrew Crossley to the Solicitors Disciplinary Tribunal which adjudicates upon breaches of professional conduct and is meant to protect the public by maintaining the reputation of the legal profession. Its powers include the ability to fine, reprimand or even strike off a lawyer, but the process will be long. "We also echo the comments of Which? that the process appears very drawn out and consumer unfriendly. We would also welcome clarification from the SRA as to whether a temporary hold has been enforced on the continued practice of ACS:Law in relation to filesharing cases or if they will be free to continue their campaign unabated until the Solicitors Disciplinary Tribunal has ruled," stated BeingThreatened.com's spokesman for TorrentFreak. A team of lawyers is offering to coordinate a group action in order to gather compensation for Crossley's harassed victims. "It can be incredibly upsetting for people to receive such letters and they may well have a claim for harassment against ACS Law so I am urging them to come forward," says Michael Forrester of Ralli's Intellectual Property and Harassment Law team. "Our aim is for the actions to cost claimants nothing," said Robert Illidge from Ralli's. "It depends on who is involved, how many claims and how the cases are presented. There are a number of ways of funding group action litigation such as the 'no win, no fee' basis." A success of the action may bring damage compensations for the participants for their "financial loss and anxiety the letters and other correspondence have caused. The law also allows individuals to obtain injunctions in certain specific circumstances, which, if obtained would prevent the harassment from continuing," added Illidge. Wrongfully Accused Of File-Sharing? File For Harassment (31.08.2010) http://torrentfreak.com:80/wrongfully-accused-of-file-sharing-file-for-hara… File-Sharing Lawyers To Face Disciplinary Tribunal (23.08.2010) http://torrentfreak.com/file-sharing-lawyers-to-face-disciplinary-tribunal-… File sharing: are you breaking the law? http://www.which.co.uk/campaigns/technology/file-sharing-are-you-breaking-t… Being Threatened? - Portal http://beingthreatened.yolasite.com/portal.php The Speculative Invoicing Handbook (2009) http://torrentfreak.com/static/The-Speculative-Invoicing-Handbook.pdf ============================================================ 8. ENDitorial: ACTA endgame - The devil is in the detail ============================================================ The last week has seen a flurry of activity surrounding ACTA, with the leak of the latest negotiating text, as well as the adoption of a Written Declaration by the European Parliament. Some parts of ACTA remain very problematic, such as the text related to statutory damages. Also, the text on the liability of online intermediaries and the extent to which they will be expected to police their clients is now shorter, but less clear than ever before. The current text reads as follows: "Each Party shall endeavor to promote cooperative efforts within the business community to effectively address [US: copyright and related rights][EU/J: intellectual property rights] infringement while preserving legitimate competition and consistent with each Party's law, preserving principles relating to freedom of expression, fair process, and privacy, [EU: among other [US: fundamental] principles]." The first point to note is that this is ostensibly a trade agreement. As a result, every party can claim a legitimate interest in ensuring the implementation of trade-related provisions (such as "cooperation" between ISPs and rightholders) and could, therefore, demand enforcement of this to some degree. However, no party would have an interest in, or a legal means of, ensuring the implementation of fundamental rights in other jurisdictions. As a result, the obligations part of this text is enforceable by parties, while the rights part is not, even though both seem equal in the text. Secondly, this approach, where ISPs are coerced into a policing role creates an entirely unpredictable environment. Due to the ongoing vertical integration, it is impossible to tell how "cooperation" or surveillance ISPs will feel motivated and justified to undertake. Already we see the British media provider/ISP Virgin planning to undertake deep packet inspection - a "beta test" that will give heart to every totalitarian regime in the world - on a test basis. If ISPs are blocking, filtering and carrying out surveillance to protect Mick Jagger, what will the EU say to Iran when it does the same thing to protect, as it would see it, the functioning of the state? Furthermore, and these are in EU law already, but with the limited privacy and human rights protection that the EU offers, the damages and intermediary injunctions proposed in the current text will help encourage ISPs to "volunteer" to collaborate with rightsholders. This gives rise to a third issue - where does this leave the European Union's legal obligations to promote and protect democracy and the rule of law in its international relations. Can active support for privatisation of law enforcement in third countries be considered compatible with the obligation in the Treaty on European Union to cooperate in all fields of international relations, in order to consolidate and support democracy and the rule of law? The European Parliament's Written Declaration is a huge step forward, setting clear limits for the European Commission with regard to harmonization, due process, coercion of ISPs to "voluntarily" undertake blocking/filtering/three strikes, etc. Importantly, it also asks for "all documents related to the ongoing negotiations publicly available" rather than simply the most recent texts. Preparatory texts will be essential for the Parliament and the public at large, to understand the real meaning of the Agreement. The weakening of some of the most egregious elements of ACTA's disregard for the rights of citizens is very welcome - but the devil is still in the detail. The fight goes on. Virgin Media to trial piracy-detection software (17.01.2010) http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article69… Treaty on European Union http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2010:083:0013:00… Written Declaration 12 on the lack of a transparent process for the Anti-Counterfeiting Trade Agreement (ACTA) and potentially objectionable content http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+WDECL+P… Adoption of anti-ACTA declaration - "a big victory" (7.09.2010) http://www.numerama.com/magazine/16698-adoption-de-la-declaration-anti-acta… European Parliament vs. ACTA: Rejection is the only option (8.09.2010) http://www.laquadrature.net/en/european-parliament-vs-acta-rejection-is-the… (Contribution by Joe McNamee - EDRi) ============================================================ 9. Recommended Reading ============================================================ Hadopi: rightholders want to convince Internet subscribers to accept DPI filtering (only in French, 2.09.2010) Since 2009 a series of interest groups have been discussing with the Internal Market DG in the European Commissionon on how to fight the illegal p2p usage. The internal documents presented by PcINpact show how these lobbists are pushing for a new European copyright implementation and how HADOPI will be used in France to test the Deep Packet Inspection with voluntary users. http://www.pcinpact.com/actu/news/59102-hadopi-bruxelles-filtrage-blocage-e… http://www.pcinpact.com/actu/news/59106-hadopi-dpi-vedicis-scpp-filtrage.htm UK: Understanding surveillance statistics by Tony Bunyan http://www.statewatch.org/news/2010/aug/05uk-understanding-surveillance-sta… Consumer Watchdog - "Don't Be Evil?" video - Final Version. http://www.youtube.com/watch?v=Ouof1OzhL8k Electronic Communication Industry: Joint Statement on the EU- South Korea FTA (09.2010) http://www.euroispa.org/files/joint_industry_statement_on_eu_korea_fta.pdf The Relationship Between IP, Technology Transfer, and Development (30.08.2010) http://www.ip-watch.org/weblog/2010/08/30/the-relationship-between-ip-techn… ============================================================ 10. Agenda ============================================================ 11 September 2010, Europe International action day "Freedom not Fear - Stop the Surveillance Mania!" http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2010 13-17 September 2010, Crete, Greece Privacy and Security in the Future Internet 3rd Network and Information Security (NIS'10) Summer School http://www.nis-summer-school.eu 14-16 September 2010, Vilnius, Lithuania Internet Governance Forum 2010 http://igf2010.lt/ 20-21 September 2010, Helsinki Finland Finnish Internet Forum http://internetforum.fi 8-9 October 2010, Berlin, Germany The 3rd Free Culture Research Conference http://wikis.fu-berlin.de/display/fcrc/Home 25-26 October 2010, Jerusalem, Israel OECD Conference on "Privacy, Technology and Global Data Flows", celebrating the 30th anniversary of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data http://www.oecd.org/sti/privacyanniversary 27-29 October 2010, Jerusalem, Israel The 32nd Annual International Conference of Data Protection and Privacy Commissioners http://www.privacyconference2010.org/ 28-31 October 2010, Barcelona, Spain oXcars and Free Culture Forum 2010, the biggest free culture event of all time http://exgae.net/oxcars10 http://fcforum.net/10 3-5 November 2010, Barcelona, Spain The Fifth International Conference on Legal, Security and Privacy Issues in IT Law. Call for papers deadline: 10 September 2010 http://www.lspi.net/ 5-7 November 2010, Cologne, Germany Transparency, Work, Surveillance Joint Annual Meeting of FIfF and DVD http://fiff.de/veranstaltungen/fiff-jahrestagungen/JT2010/jt2010_uebersicht 17 November 2010, Gent, Belgium Big Brother Awards 2010 Belgium http://www.winuwprivacy.be/kandidaten ============================================================ 11. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 27 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

NTK now, 2003-11-14
by Dave Green 06 Jul '18

06 Jul '18

_ _ _____ _ __ <*the* weekly high-tech sarcastic update for the uk> | \ | |_ _| |/ / _ __ __2003-11-14_ o join! sign up at | \| | | | | ' / | '_ \ / _ \ \ /\ / / o http://lists.ntk.net/ | |\ | | | | . \ | | | | (_) \ v v / o website (+ archive) lives at: |_| \_| |_| |_|\_\|_| |_|\___/ \_/\_/ o http://www.ntk.net/ "Using 'k3wl' instead of 'cool' and making sure the 'a' is always replaced by '4' may seem insignificant habits any teenager living in an SMS world might do. But by talking the talk and virtually walking the walk, IS/Recon has gained the trust of nearly 100 different [hacker] groups..." http://news.bbc.co.uk/2/hi/technology/3246375.stm ...and literally gigabytes of 0-day warez and serialz! >> HARD NEWS << shuffling in the pews Think you had a bad week? Well, you did. You just didn't hear about it. First up: after extraordinary scenes in the House of Lords on Wednesday, the government managed to push through its five standing orders of the apocalypse - to let a smorgasbord of local authorities monitor email and phone traffic, plus proposals to force ISPs to retain traffic data. All the proposals have been watered down a little since they were first aired. But it's all still pretty bad, as was indicated by the Tories' desperate attempt to introduce a "fatal amendment". Fatal amendments - which basically add "This house believes the following law should be taken outside and shot:" - are the Nuke-From-Orbit of the Lords' arsenal. They haven't been successfully used in the House for thirty years. Taken aback by this approach, the government went on the offensive, threatening to use similiar tactics on future Tory administrations. It all got a bit nastily party-political from there on in. When the mist cleared, the Lib-Dems had caved on data retention, the Tories went off muttering about doing some angry squeaking in the Commons, and we got a fistful of bad law. Worse: you didn't know any of it was happening until it was far too late. http://qwer.org/idcards.html - (from Hansard) LORD RICHARD: You're doing *what*? http://www.stand.org.uk/ - "not just bad, but maybe illegal too" The ID cards roadshow that Blunkett launched this week had a little more warning: and perhaps their longer timetable (due in 2013) will allow them to be stopped. Especially if the government keep on getting over-excited about the biometric bits. The reason we need new cards is because of this exciting new technology, goes the current spin. Exciting new technology, such as retinal scans, which haven't been proven to work with large populations, and are *just* like passwords, only you can't change them when they're compromised, and with a long history of false negatives. Particularly impressive is Fiona McTaggart's current pitch. An ex-chairwoman for Liberty and now a Minister in the government, she attributes her entire volte-face on ID cards down to the marvels of biometric magic. "If I'm honest, one unstated reason why I have opposed ID cards is my fear that this is another thing for me to lose", she gushes, before explaining that, because she can't lose her eyes or fingerprints, these new ID cards must be okay. We have to say: if the government's so excited about new tech, why did the ID card consultation still mistake thousands of responses from the STAND relay as being automated responses from "an organised opposition campaign"? http://www.official-documents.co.uk/document/cm60/6020/6020.pdf - paragraph 11. That's your democratic contribution right there http://www.guardian.co.uk/comment/story/0,3604,1083804,00.html - "another thing to lose". As if we're not losing enough here http://www.sideshow.idps.co.uk/smay03.htm#23at1537 - why Liberty isn't http://www.ntk.net/2003/11/14/dohpiracy.gif - EU targeting "large scale privacy outfits" too >> ANTI-NEWS << berating the obvious Arnie's response to sexual harassment claims - "Bring on der dancing girls!": http://www.ntk.net/2003/11/14/dohrevue.gif ... kids today, eh?: http://www.ntk.net/2003/11/14/dohlit.gif ... that "Army macho" culture goes a little further than you thought: http://www.ntk.net/2003/11/14/dohbum.gif (actually one of those expressions that means something different in the US): http://www.google.com/search?q=%22going+to+be+bummed%22 ... meanwhile, "Inclarity" telco offers global net "foaming": http://www.inclarity.co.uk/Prices/Calling_Card_Instructions.htm#vo ... old thrill revisited - return of Widdecombe of the Week: http://www.moneydemon.co.uk/result/keyword/UTTERLY+useless ... banner ads: http://www.ntk.net/2003/11/14/dohsquat.gif staying nice and morbid: http://www.ntk.net/2003/11/14/dohdrown.gif ... "War On Terror" apparently having the exact opposite of intended effect: http://www.ntk.net/2003/11/14/dohscare.gif , http://www.ntk.net/2003/11/14/dohterror.gif ... >> EVENT QUEUE << goto's considered non-harmful Assuming you're not busy helping Tim Ireland create a site where you can SMS pictures of your arse to George Bush (or should that be the other way round?), hopefully you haven't already missed too much of the DMZ MEDIA ARTS FESTIVAL (11am- 6pm, today and Saturday 2003-11-14 & 15, Limehouse Town Hall, London E14, free) featuring a wide range of usual suspects such as MUTE MAGAZINE, CONSUME.NET and no doubt a couple of wireless psychogeographic film-making co-operatives based in Hoxton and Eastern Europe. And if you're looking for a few quirky Xmas gift ideas, maybe Thomson & Craighead will bring along some of their Google tea-towels, "Teach Birds 2 Sing" ringtone CDs, or Walkmans fitted with endless play cassettes of genuine mobile phone conversations from the mid 1990s. http://www.bloggerheads.com/ - vs http://www.stopwar.org.uk/ (not literally!) http://www.ntk.net/2003/11/14/dohbush.gif - for that, you could buy everyone in the UK an ID card http://dmz.spc.org/talks.html - not making this up: http://www.dot-store.com/system/ http://www.uklanparty.com/ - tomorrow: all-day (free?) LAN party in Luton pub http://www.gamesmeet.net/ - advance warning of another bunker bash at the end of Jan >> TRACKING << sufficiently advanced technology : the gathering Good Ideas To Steal From MacOS X Applications, No. 443: VOODOOPAD is another app that wins by flipping the runs-on-server/runs-on-desktop bit. It's a local Wiki masquerading as a free-form database. You type, and WikiInterCapped words are automatically turned into links to fresh pages. Images and links can be dropped into the text; unicode is supported. And in case you still crave the wilds of the Web, it can also act as a responsive frontend for wikis that support author Gus Mueller's simple XMLRPC wiki API. Oh, and you can dump all your thoughts to HTML - or an iPod, should you be so freaky. http://flyingmeat.com/voodoopad.html - $20! You pay $20! http://www.macdevcenter.com/pub/a/mac/developer/2003/09/05/innovators.html - it won an award and yet still does not suck >> MEMEPOOL << contains a source of http://snackspot.org/ now *we* want some of that Britney "has a level 14 Cleric" Googlejuice: http://www.six-something.org/projectbritney.php ... ftp://www.japan.steinberg.net/ tagged - you're it... you know you've "arrived" when: http://lordrich.newmail.ru/ican/ (and is the original hosted under www.bbc.co.uk/dna/ because it's "mostly harmless"?)... don't want to know what they're up to here: http://www.ntk.net/2003/11/14/dohgrif.gif ... "These BOFH stickers on my monitor? Well, they each signify one of my 'support kills'": http://www.ntk.net/2003/09/12/dohbofh.gif ... caution - one of these pics is not safe for work like the others: http://www.altavista.com/image/results?q=potatoes ... (comparatively) new thrill - amusingly (in)appropriate GOOGLE TEXT ADS: http://www.ntk.net/2003/11/14/dohshuck.gif ... http://www.google.com/search?q=bluejacking - "Did you mean 'barebacking'?" (now *that* would surprise a stranger)... >> GEEK MEDIA << get out less TV>> it's not clear whether it's the collision detection, the level design, or the terrible cheerleader non-choreography that really lets down CGI would-be "Robot Wars" FIGHTBOX (7pm, Fri, BBC2)... what if Robin Ince and resident Friday Thing Photoshop-wiz Charlie Skelton were the "real" victims of extended "Gotcha Oscar" format THE PILOT SHOW? (11.15pm, Fri, C4)... and implausible-odyssey fan Ray Mears apologises for the Monster-Manual-meets-road-movie structure of THE BIG READ: THE LORD OF THE RINGS (9.15pm, Sat, BBC2)... at least it's Miranda Sawyer - and not, say, Jonathan King - explaining SEX BEFORE 16: WHY THE LAW IS FAILING (9pm, Sun, C4)... part of an "Adult at 14" season that also includes *another* "The Real Lord Of The Flies" reality show 14 ALONE (9pm, Tue, C4), plus web filth roundup KIDS ON PORN (10.40pm, Tue, C4)... though note that it's a pesky 17 year-old who shoots his parents then claims THE MATRIX DEFENCE (10.40pm, Wed, C4) - presumably that the act was entirely justified if we live in a VR illusion: http://www.interiorcastle.net/chapel/morality_and_matrix.htm ... yes, you can laugh at the weirdoes in CHILD PRODIGIES (9.30pm, Wed, BBC2) - but really you're chuckling at yourself ...speaking of which, Joel "rathergood.com" Veitch's cult Flash animations "are intercut with memorable music videos" in RATHER GOOD VIDEOS (1.50am, Wed, C4)... then HORIZON (9pm, Thu, BBC2) shouldn't have too many problems poking holes in the statistical coincidences that make up "The Bible Code": http://politics.guardian.co.uk/print/0,3858,4561031-107865,00.html ... FILM>> lots of staggered-release schedules right now, which means you've got more chance of previewing Will "Old School" Ferrell in what the posters imply is a film called ELF JAMES CAAN ( http://www.capalert.com/capreports/elf.htm : Christmas without Jesus; repeated display of provocative women's underwear, once in an implication of perversion)... compared to Robert Downey Jr/ Katie Holmes intertextual musical itcher THE SINGING DETECTIVE (imdb: based-on-tv-series/ remake)... the closest thing to a national release is Jackie Chan/ Lee Evans CGI-heavy "Indiana Jones"-lite actioner THE MEDALLION ( http://www.screenit.com/movies/2003/the_medallion.html : [Chan] and [Claire "Press Gang" Forlani] do some brief passionate kissing; comedic and misinterpretation-based homosexual innuendo)... otherwise at least you get a choice of older women living it up in LA arthouse romp LAUREL CANYON ( http://www.cndb.com/movie.html?title=Laurel+Canyon+%282003%29 : Kate [Beckinsale] has more exposure in this movie then anything she has done in 4-5 years)... or London comedy THE MOTHER ( http://www.cndb.com/movie.html?title=Mother%2C+The : Born 1935 Anne ["Dinnerladies"] Reid, in the title role, has two sex scenes with a young carpenter in which she's naked, but largely concealed by fancy editing)... >> SMALL PRINT << Need to Know is a useful and interesting UK digest of things that happened last week or might happen next week. You can read it on Friday afternoon or print it out then take it home if you have nothing better to do. It is compiled by NTK from stuff they get sent. Registered at the Post Office as "ntk.*net* Richard - if you don't mind" http://news.google.com/news?q=ntk.org NEED TO KNOW THEY STOLE OUR REVOLUTION. NOW WE'RE STEALING IT BACK. Archive - http://www.ntk.net/ Unsubscribe or subscribe at http://lists.ntk.net/ NTK now is supported by UNFORTU.NET, and by you: http://www.ntkmart.com/ (K) 2003 Special Projects. Copying is fine, but include URL: http://www.ntk.net/ Full license at: http://creativecommons.org/licenses/by/1.0 Tips, news and gossip to tips(a)spesh.com All communication is for publication, unless you beg. Remember: Your work email may be monitored if sending sensitive material. Sending >500KB attachments is forbidden by the Geneva Convention. Your country may be at risk if you fail to comply. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 0.97c removed an attachment of type application/pgp-signature]

1 0

Re: [linux-elitists] Monday 15 Dec: first all-Open Source System-on-Chip
by Jason Spence 06 Jul '18

06 Jul '18

On Thu, Dec 11, 2003 at 07:07:01PM -0800, Karsten M. Self wrote: > on Thu, Dec 11, 2003 at 04:49:11PM -0800, Jason Spence (jspence(a)lightconsulting.com) wrote: > > On Thu, Dec 11, 2003 at 01:23:33PM -0600, D. Joe Anderson wrote: > > > > > > w00t! Here's a good start to the the back-up plan if > > > TCPA/Longhorn/Palladium/"Fritz-chips"* get out of hand. > > > > You know, the black hat community is drooling over the possibility of > > a secure execution environment that would allow applications to run in > > a secure area which cannot be attached to via debuggers and such. > > Any more background on that? Excellent sig material, BTW ;-) TCPA and friends have a few core objectives driven by different parties in the standards bodies: - Provide secure audio playback with license management, self-destructing licenses, etc - Uniquely identify hardware instances for software license management and software activation type schemes - Provide a trusted "hypervisor" or "ring -1" environment from which authorized code can spy on the operating system and make sure it's not running any reverse engineering tools or known cracks before the authorized code can install itself or download privileged data like strictly licensed content or restricted documents, etc - Really fast PKI crypto on a dedicated processor for ipsec type stuff - Protected cert store in hardware that is somehow immune or resistent to tampering (I don't completely understand how this can't be attacked by patching the nexus on the hard disk; I'm learning more about it) <scenario class="evil"> I write a worm. It's a nasty little bugger. It pokes around your machine and your network for anything that looks like a credit card number. It's allowed to install itself in the protected memory area because it's ostensibly a popup blocker or spam blocker or something and I got it certified by NGSCB or whoever'll be in charge of handing out signatures. It joins a p2p network of other worms which can't be spied upon because the crypto keys are located in curtained memory and since your debugger doesn't have access to curtained memory, you can't get a copy of them. You can't get a copy of the destination addresses that your credit card numbers are being sent to either, because those are also located in curtained memory. Oh yeah, and it'll fire up your modem and wardial for fax machines and randomly fax the credit card numbers around too, just because I like to be a pain in the ass. So one of these nodes is not like the others, and I'm sitting on it collecting credit card numbers all day long. Anyone who tries to break my scheme is going to get their ass thrown in jail by everyone with an interest in keeping the scheme secure, like software vendors who want to lock you in to their file formats, governments out to censor you, the media industries, etc. So I scam a million dollars through credit card fraud and fencing stolen goods and retire in Cabo. </scenario> But those are just the black hats. What if the governments didn't like you saying naughty things about them? Or generic megacorp wants to take your little business out just because? Or what if the megacorps start fighting over file formats and interoperability using this stuff? Here's a bunch of even more fun scenarios: http://www.againsttcpa.com/tcpa-faq-en.html And here's the MS document outlining their strategy: http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc Locke, the Vikings, and a bunch of others throughout history have had a lot to say about individual responsibility and assigning rights to the state, because they were worried about tyrants doing Bad Things to them. So Jefferson and those other guys wrote things like freedom of speech and certain other rights right into the constitution and bill of rights. So we trust the federal government to enforce those rights because otherwise we'll yank the officials which make it up right out of office during the next election. Or at least that's the way it's supposed to be... but the people are becoming increasingly apathetic about it. Voter turnout continues to decline, and so that last ditch safety mechanism won't be very effective if someone decides to take control of the trusted component we know as the federal government and use things like TCPA and friends to literally take over the world. I understand the vendors' point of view that sometimes you just can't trust the users, but this is the wrong way to implement protection against them. The people who implement this stuff should be unbiased towards either the software vendors or the people, and that's just not the case here. The people who are implementing these ideas are the software vendors and the media companies, and they're pretty upset about pirates and music thieves. If I were them, I'd exact some kind of retribution or competitive advantage out of this thing I'm designing to make up for all the pirated software and stolen music and annoying competitors I've had to put up with in the past. -- - Jason Last known location: 2.5 miles northwest of MOUNTAIN VIEW, CA Take everything in stride. Trample anyone who gets in your way. _______________________________________________ linux-elitists http://zgp.org/mailman/listinfo/linux-elitists ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 0.97c removed an attachment of type application/pgp-signature]

1 0

Re: Random chaff [was: more work for Grobbages]
by Paul Syverson 06 Jul '18

06 Jul '18

On Wed, Sep 23, 2009 at 10:01:07AM -0400, Brian Mearns wrote: > > So, if I understand this correctly, a correlation attack works (on a > very basic level) by noticing that Alice sent a message to Bob (a > known Tor node) at time X, and Dave (another known Tor node) sent a > message to Wally (a web server) at time X+e, where e is about how long > we would expect it to take for the onion to be routed. Is that more or > less the idea? Yes. But packet counting can also play a role. Cf, "Passive Attack Analysis for Connection-Based Anonymity Systems" at http://freehaven.net/anonbib/index.html#SS03 > > It seems like determining e (time to route the packet) with any degree > of precision would be pretty difficult, so is this really a big > problem? (or is that still being debated?) It's not. Cf. my "Locating Hidden Servers" http://freehaven.net/anonbib/index.html#hs-attack06 wherein we had zero false positives on any timing attacks conducted in finding hidden services, which generally was very quick. (That such attacks existed were known for years. That they were not just possible but so fast and effective using merely a single node in the network was the reason that guard nodes were introduced into the Tor network.) And building on that see, "Low-Resource Routing Attacks Against Tor" http://freehaven.net/anonbib/index.html#bauer:wpes2007 where timing attacks with epsilon false positives were based simply on circuit setup and were shown on general Tor circuits, not just for hidden services. > On the other hand, if an attacker could monitor a good number of > nodes, wouldn't it be fairly easy to determine each three-node > circuit segment (like Alice, to Bob, to Charlie) and trace the whole > thing end-to-end? It seems like this could be defeated with a more > intelligent type of "chaff", where the receiving relay generates N > random dummy onions (with an appreciable circuit length) for each > onion it receives, and then sends all N+1 into the network in a > random order. > There's been a lot of research on this. I think Nick pointed at some. Cf. the anonbib. Research against timing attacks continues. (I'm doing some myself.) But so far, any "chaff" strategy in the literature is both too expensive and not at all effective against active attacks on general low-latency systems for wide use, such as Tor. HTH, Paul ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: Random chaff [was: more work for Grobbages]
by Paul Syverson 06 Jul '18

06 Jul '18

On Wed, Sep 23, 2009 at 10:01:07AM -0400, Brian Mearns wrote: > > So, if I understand this correctly, a correlation attack works (on a > very basic level) by noticing that Alice sent a message to Bob (a > known Tor node) at time X, and Dave (another known Tor node) sent a > message to Wally (a web server) at time X+e, where e is about how long > we would expect it to take for the onion to be routed. Is that more or > less the idea? Yes. But packet counting can also play a role. Cf, "Passive Attack Analysis for Connection-Based Anonymity Systems" at http://freehaven.net/anonbib/index.html#SS03 > > It seems like determining e (time to route the packet) with any degree > of precision would be pretty difficult, so is this really a big > problem? (or is that still being debated?) It's not. Cf. my "Locating Hidden Servers" http://freehaven.net/anonbib/index.html#hs-attack06 wherein we had zero false positives on any timing attacks conducted in finding hidden services, which generally was very quick. (That such attacks existed were known for years. That they were not just possible but so fast and effective using merely a single node in the network was the reason that guard nodes were introduced into the Tor network.) And building on that see, "Low-Resource Routing Attacks Against Tor" http://freehaven.net/anonbib/index.html#bauer:wpes2007 where timing attacks with epsilon false positives were based simply on circuit setup and were shown on general Tor circuits, not just for hidden services. > On the other hand, if an attacker could monitor a good number of > nodes, wouldn't it be fairly easy to determine each three-node > circuit segment (like Alice, to Bob, to Charlie) and trace the whole > thing end-to-end? It seems like this could be defeated with a more > intelligent type of "chaff", where the receiving relay generates N > random dummy onions (with an appreciable circuit length) for each > onion it receives, and then sends all N+1 into the network in a > random order. > There's been a lot of research on this. I think Nick pointed at some. Cf. the anonbib. Research against timing attacks continues. (I'm doing some myself.) But so far, any "chaff" strategy in the literature is both too expensive and not at all effective against active attacks on general low-latency systems for wide use, such as Tor. HTH, Paul ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

<nettime> Julian Assange Captured by World's Dating Police
by almost＠riseup.net 06 Jul '18

06 Jul '18

http://www.huffingtonpost.com/naomi-wolf/interpol-the-worlds-datin_b_793033… Dear Interpol: As a longtime feminist activist, I have been overjoyed to discover your new commitment to engaging in global manhunts to arrest and prosecute men who behave like narcissistic jerks to women they are dating. I see that Julian Assange is accused of having consensual sex with two women, in one case using a condom that broke. I understand, from the alleged victims' complaints to the miedia[1] , that Assange is also accused of texting and tweeting in the taxi on the way to one of the women's apartments while on a date, and, disgustingly enough, 'reading stories about himself online' in the cab. Both alleged victims are also upset that he began dating a second woman while still being in a relationship with the first. (Of course, as a feminist, I am also pleased that the alleged victims are using feminist-inspired rhetoric and law to assuage what appears to be personal injured feelings. That's what our brave suffragette foremothers intended!). Thank you again, Interpol. I know you will now prioritize the global manhunt for 1.3 million guys I have heard similar complaints about personally in the US alone -- there is an entire fraternity at the University of Texas you need to arrest immediately. I also have firsthand information that John Smith in Providence, Rhode Island, went to a stag party -- with strippers! -- that his girlfriend wanted him to skip, and that Mark Levinson in Corvallis, Oregon, did not notice that his girlfriend got a really cute new haircut -- even though it was THREE INCHES SHORTER. Yours gratefully, Naomi Wolf [1] http://www.dailymail.co.uk/news/article-1336291/Wikileaks-Julian-Assanges-2… # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mail.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: nettime(a)kein.org ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

<nettime> Julian Assange Captured by World's Dating Police
by almost＠riseup.net 06 Jul '18

06 Jul '18

http://www.huffingtonpost.com/naomi-wolf/interpol-the-worlds-datin_b_793033… Dear Interpol: As a longtime feminist activist, I have been overjoyed to discover your new commitment to engaging in global manhunts to arrest and prosecute men who behave like narcissistic jerks to women they are dating. I see that Julian Assange is accused of having consensual sex with two women, in one case using a condom that broke. I understand, from the alleged victims' complaints to the miedia[1] , that Assange is also accused of texting and tweeting in the taxi on the way to one of the women's apartments while on a date, and, disgustingly enough, 'reading stories about himself online' in the cab. Both alleged victims are also upset that he began dating a second woman while still being in a relationship with the first. (Of course, as a feminist, I am also pleased that the alleged victims are using feminist-inspired rhetoric and law to assuage what appears to be personal injured feelings. That's what our brave suffragette foremothers intended!). Thank you again, Interpol. I know you will now prioritize the global manhunt for 1.3 million guys I have heard similar complaints about personally in the US alone -- there is an entire fraternity at the University of Texas you need to arrest immediately. I also have firsthand information that John Smith in Providence, Rhode Island, went to a stag party -- with strippers! -- that his girlfriend wanted him to skip, and that Mark Levinson in Corvallis, Oregon, did not notice that his girlfriend got a really cute new haircut -- even though it was THREE INCHES SHORTER. Yours gratefully, Naomi Wolf [1] http://www.dailymail.co.uk/news/article-1336291/Wikileaks-Julian-Assanges-2… # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mail.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: nettime(a)kein.org ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

NTK now, 2003-11-14
by Dave Green 06 Jul '18

06 Jul '18

_ _ _____ _ __ <*the* weekly high-tech sarcastic update for the uk> | \ | |_ _| |/ / _ __ __2003-11-14_ o join! sign up at | \| | | | | ' / | '_ \ / _ \ \ /\ / / o http://lists.ntk.net/ | |\ | | | | . \ | | | | (_) \ v v / o website (+ archive) lives at: |_| \_| |_| |_|\_\|_| |_|\___/ \_/\_/ o http://www.ntk.net/ "Using 'k3wl' instead of 'cool' and making sure the 'a' is always replaced by '4' may seem insignificant habits any teenager living in an SMS world might do. But by talking the talk and virtually walking the walk, IS/Recon has gained the trust of nearly 100 different [hacker] groups..." http://news.bbc.co.uk/2/hi/technology/3246375.stm ...and literally gigabytes of 0-day warez and serialz! >> HARD NEWS << shuffling in the pews Think you had a bad week? Well, you did. You just didn't hear about it. First up: after extraordinary scenes in the House of Lords on Wednesday, the government managed to push through its five standing orders of the apocalypse - to let a smorgasbord of local authorities monitor email and phone traffic, plus proposals to force ISPs to retain traffic data. All the proposals have been watered down a little since they were first aired. But it's all still pretty bad, as was indicated by the Tories' desperate attempt to introduce a "fatal amendment". Fatal amendments - which basically add "This house believes the following law should be taken outside and shot:" - are the Nuke-From-Orbit of the Lords' arsenal. They haven't been successfully used in the House for thirty years. Taken aback by this approach, the government went on the offensive, threatening to use similiar tactics on future Tory administrations. It all got a bit nastily party-political from there on in. When the mist cleared, the Lib-Dems had caved on data retention, the Tories went off muttering about doing some angry squeaking in the Commons, and we got a fistful of bad law. Worse: you didn't know any of it was happening until it was far too late. http://qwer.org/idcards.html - (from Hansard) LORD RICHARD: You're doing *what*? http://www.stand.org.uk/ - "not just bad, but maybe illegal too" The ID cards roadshow that Blunkett launched this week had a little more warning: and perhaps their longer timetable (due in 2013) will allow them to be stopped. Especially if the government keep on getting over-excited about the biometric bits. The reason we need new cards is because of this exciting new technology, goes the current spin. Exciting new technology, such as retinal scans, which haven't been proven to work with large populations, and are *just* like passwords, only you can't change them when they're compromised, and with a long history of false negatives. Particularly impressive is Fiona McTaggart's current pitch. An ex-chairwoman for Liberty and now a Minister in the government, she attributes her entire volte-face on ID cards down to the marvels of biometric magic. "If I'm honest, one unstated reason why I have opposed ID cards is my fear that this is another thing for me to lose", she gushes, before explaining that, because she can't lose her eyes or fingerprints, these new ID cards must be okay. We have to say: if the government's so excited about new tech, why did the ID card consultation still mistake thousands of responses from the STAND relay as being automated responses from "an organised opposition campaign"? http://www.official-documents.co.uk/document/cm60/6020/6020.pdf - paragraph 11. That's your democratic contribution right there http://www.guardian.co.uk/comment/story/0,3604,1083804,00.html - "another thing to lose". As if we're not losing enough here http://www.sideshow.idps.co.uk/smay03.htm#23at1537 - why Liberty isn't http://www.ntk.net/2003/11/14/dohpiracy.gif - EU targeting "large scale privacy outfits" too >> ANTI-NEWS << berating the obvious Arnie's response to sexual harassment claims - "Bring on der dancing girls!": http://www.ntk.net/2003/11/14/dohrevue.gif ... kids today, eh?: http://www.ntk.net/2003/11/14/dohlit.gif ... that "Army macho" culture goes a little further than you thought: http://www.ntk.net/2003/11/14/dohbum.gif (actually one of those expressions that means something different in the US): http://www.google.com/search?q=%22going+to+be+bummed%22 ... meanwhile, "Inclarity" telco offers global net "foaming": http://www.inclarity.co.uk/Prices/Calling_Card_Instructions.htm#vo ... old thrill revisited - return of Widdecombe of the Week: http://www.moneydemon.co.uk/result/keyword/UTTERLY+useless ... banner ads: http://www.ntk.net/2003/11/14/dohsquat.gif staying nice and morbid: http://www.ntk.net/2003/11/14/dohdrown.gif ... "War On Terror" apparently having the exact opposite of intended effect: http://www.ntk.net/2003/11/14/dohscare.gif , http://www.ntk.net/2003/11/14/dohterror.gif ... >> EVENT QUEUE << goto's considered non-harmful Assuming you're not busy helping Tim Ireland create a site where you can SMS pictures of your arse to George Bush (or should that be the other way round?), hopefully you haven't already missed too much of the DMZ MEDIA ARTS FESTIVAL (11am- 6pm, today and Saturday 2003-11-14 & 15, Limehouse Town Hall, London E14, free) featuring a wide range of usual suspects such as MUTE MAGAZINE, CONSUME.NET and no doubt a couple of wireless psychogeographic film-making co-operatives based in Hoxton and Eastern Europe. And if you're looking for a few quirky Xmas gift ideas, maybe Thomson & Craighead will bring along some of their Google tea-towels, "Teach Birds 2 Sing" ringtone CDs, or Walkmans fitted with endless play cassettes of genuine mobile phone conversations from the mid 1990s. http://www.bloggerheads.com/ - vs http://www.stopwar.org.uk/ (not literally!) http://www.ntk.net/2003/11/14/dohbush.gif - for that, you could buy everyone in the UK an ID card http://dmz.spc.org/talks.html - not making this up: http://www.dot-store.com/system/ http://www.uklanparty.com/ - tomorrow: all-day (free?) LAN party in Luton pub http://www.gamesmeet.net/ - advance warning of another bunker bash at the end of Jan >> TRACKING << sufficiently advanced technology : the gathering Good Ideas To Steal From MacOS X Applications, No. 443: VOODOOPAD is another app that wins by flipping the runs-on-server/runs-on-desktop bit. It's a local Wiki masquerading as a free-form database. You type, and WikiInterCapped words are automatically turned into links to fresh pages. Images and links can be dropped into the text; unicode is supported. And in case you still crave the wilds of the Web, it can also act as a responsive frontend for wikis that support author Gus Mueller's simple XMLRPC wiki API. Oh, and you can dump all your thoughts to HTML - or an iPod, should you be so freaky. http://flyingmeat.com/voodoopad.html - $20! You pay $20! http://www.macdevcenter.com/pub/a/mac/developer/2003/09/05/innovators.html - it won an award and yet still does not suck >> MEMEPOOL << contains a source of http://snackspot.org/ now *we* want some of that Britney "has a level 14 Cleric" Googlejuice: http://www.six-something.org/projectbritney.php ... ftp://www.japan.steinberg.net/ tagged - you're it... you know you've "arrived" when: http://lordrich.newmail.ru/ican/ (and is the original hosted under www.bbc.co.uk/dna/ because it's "mostly harmless"?)... don't want to know what they're up to here: http://www.ntk.net/2003/11/14/dohgrif.gif ... "These BOFH stickers on my monitor? Well, they each signify one of my 'support kills'": http://www.ntk.net/2003/09/12/dohbofh.gif ... caution - one of these pics is not safe for work like the others: http://www.altavista.com/image/results?q=potatoes ... (comparatively) new thrill - amusingly (in)appropriate GOOGLE TEXT ADS: http://www.ntk.net/2003/11/14/dohshuck.gif ... http://www.google.com/search?q=bluejacking - "Did you mean 'barebacking'?" (now *that* would surprise a stranger)... >> GEEK MEDIA << get out less TV>> it's not clear whether it's the collision detection, the level design, or the terrible cheerleader non-choreography that really lets down CGI would-be "Robot Wars" FIGHTBOX (7pm, Fri, BBC2)... what if Robin Ince and resident Friday Thing Photoshop-wiz Charlie Skelton were the "real" victims of extended "Gotcha Oscar" format THE PILOT SHOW? (11.15pm, Fri, C4)... and implausible-odyssey fan Ray Mears apologises for the Monster-Manual-meets-road-movie structure of THE BIG READ: THE LORD OF THE RINGS (9.15pm, Sat, BBC2)... at least it's Miranda Sawyer - and not, say, Jonathan King - explaining SEX BEFORE 16: WHY THE LAW IS FAILING (9pm, Sun, C4)... part of an "Adult at 14" season that also includes *another* "The Real Lord Of The Flies" reality show 14 ALONE (9pm, Tue, C4), plus web filth roundup KIDS ON PORN (10.40pm, Tue, C4)... though note that it's a pesky 17 year-old who shoots his parents then claims THE MATRIX DEFENCE (10.40pm, Wed, C4) - presumably that the act was entirely justified if we live in a VR illusion: http://www.interiorcastle.net/chapel/morality_and_matrix.htm ... yes, you can laugh at the weirdoes in CHILD PRODIGIES (9.30pm, Wed, BBC2) - but really you're chuckling at yourself ...speaking of which, Joel "rathergood.com" Veitch's cult Flash animations "are intercut with memorable music videos" in RATHER GOOD VIDEOS (1.50am, Wed, C4)... then HORIZON (9pm, Thu, BBC2) shouldn't have too many problems poking holes in the statistical coincidences that make up "The Bible Code": http://politics.guardian.co.uk/print/0,3858,4561031-107865,00.html ... FILM>> lots of staggered-release schedules right now, which means you've got more chance of previewing Will "Old School" Ferrell in what the posters imply is a film called ELF JAMES CAAN ( http://www.capalert.com/capreports/elf.htm : Christmas without Jesus; repeated display of provocative women's underwear, once in an implication of perversion)... compared to Robert Downey Jr/ Katie Holmes intertextual musical itcher THE SINGING DETECTIVE (imdb: based-on-tv-series/ remake)... the closest thing to a national release is Jackie Chan/ Lee Evans CGI-heavy "Indiana Jones"-lite actioner THE MEDALLION ( http://www.screenit.com/movies/2003/the_medallion.html : [Chan] and [Claire "Press Gang" Forlani] do some brief passionate kissing; comedic and misinterpretation-based homosexual innuendo)... otherwise at least you get a choice of older women living it up in LA arthouse romp LAUREL CANYON ( http://www.cndb.com/movie.html?title=Laurel+Canyon+%282003%29 : Kate [Beckinsale] has more exposure in this movie then anything she has done in 4-5 years)... or London comedy THE MOTHER ( http://www.cndb.com/movie.html?title=Mother%2C+The : Born 1935 Anne ["Dinnerladies"] Reid, in the title role, has two sex scenes with a young carpenter in which she's naked, but largely concealed by fancy editing)... >> SMALL PRINT << Need to Know is a useful and interesting UK digest of things that happened last week or might happen next week. You can read it on Friday afternoon or print it out then take it home if you have nothing better to do. It is compiled by NTK from stuff they get sent. Registered at the Post Office as "ntk.*net* Richard - if you don't mind" http://news.google.com/news?q=ntk.org NEED TO KNOW THEY STOLE OUR REVOLUTION. NOW WE'RE STEALING IT BACK. Archive - http://www.ntk.net/ Unsubscribe or subscribe at http://lists.ntk.net/ NTK now is supported by UNFORTU.NET, and by you: http://www.ntkmart.com/ (K) 2003 Special Projects. Copying is fine, but include URL: http://www.ntk.net/ Full license at: http://creativecommons.org/licenses/by/1.0 Tips, news and gossip to tips(a)spesh.com All communication is for publication, unless you beg. Remember: Your work email may be monitored if sending sensitive material. Sending >500KB attachments is forbidden by the Geneva Convention. Your country may be at risk if you fail to comply. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 0.97c removed an attachment of type application/pgp-signature]

1 0

Re: [linux-elitists] Monday 15 Dec: first all-Open Source System-on-Chip
by Jason Spence 06 Jul '18

06 Jul '18

On Thu, Dec 11, 2003 at 07:07:01PM -0800, Karsten M. Self wrote: > on Thu, Dec 11, 2003 at 04:49:11PM -0800, Jason Spence (jspence(a)lightconsulting.com) wrote: > > On Thu, Dec 11, 2003 at 01:23:33PM -0600, D. Joe Anderson wrote: > > > > > > w00t! Here's a good start to the the back-up plan if > > > TCPA/Longhorn/Palladium/"Fritz-chips"* get out of hand. > > > > You know, the black hat community is drooling over the possibility of > > a secure execution environment that would allow applications to run in > > a secure area which cannot be attached to via debuggers and such. > > Any more background on that? Excellent sig material, BTW ;-) TCPA and friends have a few core objectives driven by different parties in the standards bodies: - Provide secure audio playback with license management, self-destructing licenses, etc - Uniquely identify hardware instances for software license management and software activation type schemes - Provide a trusted "hypervisor" or "ring -1" environment from which authorized code can spy on the operating system and make sure it's not running any reverse engineering tools or known cracks before the authorized code can install itself or download privileged data like strictly licensed content or restricted documents, etc - Really fast PKI crypto on a dedicated processor for ipsec type stuff - Protected cert store in hardware that is somehow immune or resistent to tampering (I don't completely understand how this can't be attacked by patching the nexus on the hard disk; I'm learning more about it) <scenario class="evil"> I write a worm. It's a nasty little bugger. It pokes around your machine and your network for anything that looks like a credit card number. It's allowed to install itself in the protected memory area because it's ostensibly a popup blocker or spam blocker or something and I got it certified by NGSCB or whoever'll be in charge of handing out signatures. It joins a p2p network of other worms which can't be spied upon because the crypto keys are located in curtained memory and since your debugger doesn't have access to curtained memory, you can't get a copy of them. You can't get a copy of the destination addresses that your credit card numbers are being sent to either, because those are also located in curtained memory. Oh yeah, and it'll fire up your modem and wardial for fax machines and randomly fax the credit card numbers around too, just because I like to be a pain in the ass. So one of these nodes is not like the others, and I'm sitting on it collecting credit card numbers all day long. Anyone who tries to break my scheme is going to get their ass thrown in jail by everyone with an interest in keeping the scheme secure, like software vendors who want to lock you in to their file formats, governments out to censor you, the media industries, etc. So I scam a million dollars through credit card fraud and fencing stolen goods and retire in Cabo. </scenario> But those are just the black hats. What if the governments didn't like you saying naughty things about them? Or generic megacorp wants to take your little business out just because? Or what if the megacorps start fighting over file formats and interoperability using this stuff? Here's a bunch of even more fun scenarios: http://www.againsttcpa.com/tcpa-faq-en.html And here's the MS document outlining their strategy: http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc Locke, the Vikings, and a bunch of others throughout history have had a lot to say about individual responsibility and assigning rights to the state, because they were worried about tyrants doing Bad Things to them. So Jefferson and those other guys wrote things like freedom of speech and certain other rights right into the constitution and bill of rights. So we trust the federal government to enforce those rights because otherwise we'll yank the officials which make it up right out of office during the next election. Or at least that's the way it's supposed to be... but the people are becoming increasingly apathetic about it. Voter turnout continues to decline, and so that last ditch safety mechanism won't be very effective if someone decides to take control of the trusted component we know as the federal government and use things like TCPA and friends to literally take over the world. I understand the vendors' point of view that sometimes you just can't trust the users, but this is the wrong way to implement protection against them. The people who implement this stuff should be unbiased towards either the software vendors or the people, and that's just not the case here. The people who are implementing these ideas are the software vendors and the media companies, and they're pretty upset about pirates and music thieves. If I were them, I'd exact some kind of retribution or competitive advantage out of this thing I'm designing to make up for all the pirated software and stolen music and annoying competitors I've had to put up with in the past. -- - Jason Last known location: 2.5 miles northwest of MOUNTAIN VIEW, CA Take everything in stride. Trample anyone who gets in your way. _______________________________________________ linux-elitists http://zgp.org/mailman/listinfo/linux-elitists ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 0.97c removed an attachment of type application/pgp-signature]

1 0