cypherpunks-legacy
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
July 2018
- 1371 participants
- 9656 discussions
Hello,
On Tue, Nov 29, 2011 at 1:31 AM, WenZhan Song <wenzhan.song(a)gmail.com> wrote:
> We are new to Android and thank Paul help us to make Serval work on
> our Android device LG GT540.
It has been my pleasure to help.
> We decide to try serval as a starting point to extend BATMAN mesh
> network for 4D volcano tomography:
> http://sensorweb.cs.gsu.edu/?q=VolcanoSRI. We do not necessarily need
> VOIP functionality, but utilize Android device's computation and mesh
> networking capability for collaborative sensing and computing.
>
> We are also looking for (1) documentation of Serval software
> architecture - core serval team, please consider documentation as a
> very important part to attract more people to particpate, as it has
> significant impact on learning curve;
Increasing the documentation is something that we are critically aware
that we need to do, and we are working on this, but our available
resources are limited. We would certainly welcome any assistance that
people may be inclined to provide on this. For example, it would be
great for people to choose a particular aspect of the Serval
technology, e.g., DNA, and begin documenting it by examining the code,
asking lots of questions and grabbing material from the wiki (which we
apologise is being reinstalled this week).
> (2) low-cost customized android
> devices - replacing with high-gain wifi radio and accelerometer.
So the Huawei IDEOS U8150/U8180 phones do have an accelerometer as I
recall, and are certainly cheap, being as cheap as AUD$60.
That just leaves the antenna gain, or more precisely, the maximum
range between devices as the issue.
Increasing the gain will only work to a limited extent, as that gain
comes at the expense of omnidirectionality, and given that volcanoes
are not generally flat (I forget which type of cone your volcano has),
will present some difficulties to very directional links. My estimate
is that you need about 9db gain if using ordinary wifi gear.
As I recall, you are looking for ~500m range between nodes. WiFi
typically does ~200m fine, but it can certainly do 500m in ideal
conditions, such as when the Fresnel zones are clear, which can be
achieved by mounting antennas on ~8m poles. Of course that is a
problem if the antenna is in the phone and also is supposed to be
measuring ground movement... So no immediate solution there using off
the shelf equipment.
It may be worth trying a few different models of phones to see if any
have better wifi antennas than others.
Otherwise, I guess you will have no choice but to make custom hardware
of some sort, whether phone based, Arduino based or otherwise.
Paul.
> We
> also look for MS/PhD research assistants or POSTDOC research
> associates to work on VolcanoSRI project, if anyone in serval
> community is interested to participate, we warmly welcome.
>
> If anyone has those related information, please provide and/or forward
> to someone who might be interested. Thanks!
>
> WenZhan
> http://sensorweb.cs.gsu.edu/~song/
>
> On Mon, Nov 28, 2011 at 12:44 AM, Paul Gardner-Stephen
> <paul(a)servalproject.org> wrote:
>> Hello Ben,
>>
>> On Mon, Nov 28, 2011 at 12:30 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>> So getting DNA working on a non-mesh network would still be a useful
>>> starting point?
>>
>> Absolutely that would be valuable. While you wait for a handset, you
>> can try it out on windows machines, which will also be useful.
>>
>>> I should be able to keep DNA coupled loosely to the
>>> routing layer, so we can swap other routing logic in in the future. I
>>> haven't looked closely at the java source yet to see exactly how much
>>> DNA relies on batman, but I'll keep messing around and see how I go.
>>
>> DNA doesn't depend on BATMAN at all -- it makes use of it if it is
>> running to get a list of peers, but that is all.
>>
>>> I'm happy to document things as I find them, but it looks like the
>>> wiki is in some sort of error state:
>>> http://developer.servalproject.org/twiki/
>>
>> Sorry about that, the wiki is getting re-installed while I type.
>> Hopefully it should be back up in a day or two.
>>
>>> As an aside - I'm yet to get my hands on a WP7 handset - I'm keeping
>>> an eye on ebay but if anyone sees one available relatively cheaply
>>> please let me know.
>>
>> Will do. Sign up as a Nokia developer and you can get one of theirs
>> half price, I think.
>>
>> Paul.
>>
>>> Cheers,
>>>
>>> Ben
>>>
>>> On Sun, Nov 27, 2011 at 10:40 PM, Paul Gardner-Stephen
>>> <paul(a)servalproject.org> wrote:
>>>> Hi Ben,
>>>>
>>>> A WP7 port is actually very useful. As Jeremy mentions, we can still
>>>> do a pile of stuff, just sub-optimally in some cases. It also gives
>>>> us greater traction, e.g., for partnering with a handset vendor to
>>>> make a patched firmware that provides full support.
>>>>
>>>> Paul.
>>>>
>>>> On Sun, Nov 27, 2011 at 8:40 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>>>> Thanks Jeremy, that's helpful.
>>>>>
>>>>> I had just assumed that WP7 could connect to ad-hoc networks, but from
>>>>> what I've been reading it looks like support is somewhere between very
>>>>> flakey and non-existent. So that kinda kills the idea of any sort of
>>>>> useful port, at least until MS fix it.
>>>>>
>>>>> I'm still interested in contributing to the project though so I guess
>>>>> I'll take a look at the big tracker and see if there's anything I can
>>>>> wrap my head around :)
>>>>>
>>>>> Ben
>>>>>
>>>>> On 27/11/2011, at 8:11 PM, Jeremy Lakeman <jeremy(a)servalproject.org> wrote:
>>>>>
>>>>>> Yes we currently default to using BATMAN to generate the route's
>>>>>> between nodes on the network. We also support olsr as the underlying
>>>>>> mesh routing protocol. And we can run our software with a network of
>>>>>> just an access point and its clients, mainly to support clients that
>>>>>> don't allow the right wifi modes for mesh networking. And longer term
>>>>>> we intend to replace the mesh routing layer with our own protocol
>>>>>> layer.
>>>>>>
>>>>>> Our long term goals also include removing the need for running a full
>>>>>> blown asterisk installation, and SIP client, on a phone with
>>>>>> effectively only one extension. This would also drastically reduce our
>>>>>> installation size.
>>>>>>
>>>>>> The main pieces of work that will need to be done for any port as I see them;
>>>>>> - see if we can connect to, or start, an adhoc wifi network. May be impossible.
>>>>>> - compile and run dna for number -> network address resolution.
>>>>>> - minimal VOIP server, perhaps with simplified network protocol, to
>>>>>> handle in/out call state. Porting asterisk might work, but is
>>>>>> overkill.
>>>>>> - UI layer for user interaction, dialing, answering and configuration.
>>>>>>
>>>>>> On Sun, Nov 27, 2011 at 6:21 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>>>>>> This is my basic understanding of the Serval architecture, please let me
>>>>>>> know if it's misguided:
>>>>>>>
>>>>>>> - BATMAN is the underlying protocol that is used to connect nodes on the
>>>>>>> mesh
>>>>>>> - DNA is a layer on top of batman that lets you use claimed numbers (and a
>>>>>>> public/private key pair) to identify nodes on the batman mesh
>>>>>>> - when you make a mesh call, DNA resolves the number to a batman ip, and
>>>>>>> then attempts to establish a SIP connection (via asterix) to that address
>>>>>>>
>>>>>>> I know that there's more to it than that (social verification of claimed
>>>>>>> numbers, bridging networks, DID etc) but is that basically correct?
>>>>>>>
>>>>>>> If so, batman seems as though it's a vital (and complex) component in the
>>>>>>> stack. And from what I can tell, it seems pretty tied to *nix.
>>>>>>>
>>>>>>> If I'm looking to port DNA to WP7, do I first need to port batman? Or put
>>>>>>> another way: is there any value in a batman-less DNA?
>>>>>>>
>>>>>>> Cheers,
>>>>>>>
>>>>>>> Ben
>>>>>>>
>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google Groups
>>>>>>> "Serval Project Developers" group.
>>>>>>> To post to this group, send email to
>>>>>>> serval-project-developers(a)googlegroups.com.
>>>>>>> To unsubscribe from this group, send email to
>>>>>>> serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>>>> For more options, visit this group at
>>>>>>> http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>>
>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>
>>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>
>>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>
>>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>
>>
>
> --
> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
> To post to this group, send email to serval-project-developers(a)googlegroups.com.
> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
To post to this group, send email to serval-project-developers(a)googlegroups.com.
To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
http://washingtontimes.com/national/20031010-112733-8086r.htm
4 Jewish Web sites deemed 'terrorist'
By Jerry Seper
THE WASHINGTON TIMES
Four Internet Web sites operated by two extremist Jewish groups have
been
included by the State Department on its list of "foreign terrorist
organizations" the first time the list has been extended to include
Internet sites.
The four Web sites are: www.newkach.org, www.Kahane.org,
www.Kahane.net
and www.Kahanetzadak.com, the department said in a notice in the Federal
Register. They offer news, commentary and links to other sites of
interest to
followers of Meir Kahane.
The impact of the listing was not immediately clear, since all four
sites
exist in cyberspace.
The designation makes it illegal for persons in the United States to
donate
money or other material support to the Web sites. The three accessible
sites
yesterday included information on where contributions could be sent,
what
items could be donated and offered a number items for sale, including
pendants and books.
1
0
* Christopher Morrow (morrowc.lists(a)gmail.com) wrote:
> On Thu, Aug 11, 2011 at 2:32 AM, Charles N Wyble
> <charles(a)knownelement.com> wrote:
> > http://seclists.org/fulldisclosure/2011/Aug/76
> >
> > Wondering what folks think about this? If this was true then we just
> > entered a whole new era of mass WAN exploitation.
> >
>
> This isn't really all that new is it? haven't people been able to buy
> 3g/pcs/etc antennae and such off ebay for a while and intercept
> conversations/data/etc for a long time? GSM was 'hacked' (decrypted
> via some rainbow tables) several years ago as well.
>
> If you ship it over the air and there isn't a reasonable encryption
> scheme in place, don't you expect it to be seen?
GSM and GPRS are vulnerable to MitM due to lack of two factor authentication etc. WCDMA (3G) and LTE (4G) should be safe as they have much better security. Not sure about 3GPP2 (CDMA) or WiMAX systems, perhaps early version of CDMA has similar problems as GSM. But saying that '4G' is vulnerable is a pretty broad statement as it consists of at least LTE and WiMAX, and some US operators also refer to their WCDMA HSPA as 4G. There is also a difference between 'the standard has security flaws' and 'the operator has deployed an insecure network' as operators might run their network with security features turned off.
Anyway, the paranoid should turn of GSM and run WCDMA instead.
/Joakim
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
Hello,
On Tue, Nov 29, 2011 at 1:31 AM, WenZhan Song <wenzhan.song(a)gmail.com> wrote:
> We are new to Android and thank Paul help us to make Serval work on
> our Android device LG GT540.
It has been my pleasure to help.
> We decide to try serval as a starting point to extend BATMAN mesh
> network for 4D volcano tomography:
> http://sensorweb.cs.gsu.edu/?q=VolcanoSRI. We do not necessarily need
> VOIP functionality, but utilize Android device's computation and mesh
> networking capability for collaborative sensing and computing.
>
> We are also looking for (1) documentation of Serval software
> architecture - core serval team, please consider documentation as a
> very important part to attract more people to particpate, as it has
> significant impact on learning curve;
Increasing the documentation is something that we are critically aware
that we need to do, and we are working on this, but our available
resources are limited. We would certainly welcome any assistance that
people may be inclined to provide on this. For example, it would be
great for people to choose a particular aspect of the Serval
technology, e.g., DNA, and begin documenting it by examining the code,
asking lots of questions and grabbing material from the wiki (which we
apologise is being reinstalled this week).
> (2) low-cost customized android
> devices - replacing with high-gain wifi radio and accelerometer.
So the Huawei IDEOS U8150/U8180 phones do have an accelerometer as I
recall, and are certainly cheap, being as cheap as AUD$60.
That just leaves the antenna gain, or more precisely, the maximum
range between devices as the issue.
Increasing the gain will only work to a limited extent, as that gain
comes at the expense of omnidirectionality, and given that volcanoes
are not generally flat (I forget which type of cone your volcano has),
will present some difficulties to very directional links. My estimate
is that you need about 9db gain if using ordinary wifi gear.
As I recall, you are looking for ~500m range between nodes. WiFi
typically does ~200m fine, but it can certainly do 500m in ideal
conditions, such as when the Fresnel zones are clear, which can be
achieved by mounting antennas on ~8m poles. Of course that is a
problem if the antenna is in the phone and also is supposed to be
measuring ground movement... So no immediate solution there using off
the shelf equipment.
It may be worth trying a few different models of phones to see if any
have better wifi antennas than others.
Otherwise, I guess you will have no choice but to make custom hardware
of some sort, whether phone based, Arduino based or otherwise.
Paul.
> We
> also look for MS/PhD research assistants or POSTDOC research
> associates to work on VolcanoSRI project, if anyone in serval
> community is interested to participate, we warmly welcome.
>
> If anyone has those related information, please provide and/or forward
> to someone who might be interested. Thanks!
>
> WenZhan
> http://sensorweb.cs.gsu.edu/~song/
>
> On Mon, Nov 28, 2011 at 12:44 AM, Paul Gardner-Stephen
> <paul(a)servalproject.org> wrote:
>> Hello Ben,
>>
>> On Mon, Nov 28, 2011 at 12:30 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>> So getting DNA working on a non-mesh network would still be a useful
>>> starting point?
>>
>> Absolutely that would be valuable. While you wait for a handset, you
>> can try it out on windows machines, which will also be useful.
>>
>>> I should be able to keep DNA coupled loosely to the
>>> routing layer, so we can swap other routing logic in in the future. I
>>> haven't looked closely at the java source yet to see exactly how much
>>> DNA relies on batman, but I'll keep messing around and see how I go.
>>
>> DNA doesn't depend on BATMAN at all -- it makes use of it if it is
>> running to get a list of peers, but that is all.
>>
>>> I'm happy to document things as I find them, but it looks like the
>>> wiki is in some sort of error state:
>>> http://developer.servalproject.org/twiki/
>>
>> Sorry about that, the wiki is getting re-installed while I type.
>> Hopefully it should be back up in a day or two.
>>
>>> As an aside - I'm yet to get my hands on a WP7 handset - I'm keeping
>>> an eye on ebay but if anyone sees one available relatively cheaply
>>> please let me know.
>>
>> Will do. Sign up as a Nokia developer and you can get one of theirs
>> half price, I think.
>>
>> Paul.
>>
>>> Cheers,
>>>
>>> Ben
>>>
>>> On Sun, Nov 27, 2011 at 10:40 PM, Paul Gardner-Stephen
>>> <paul(a)servalproject.org> wrote:
>>>> Hi Ben,
>>>>
>>>> A WP7 port is actually very useful. As Jeremy mentions, we can still
>>>> do a pile of stuff, just sub-optimally in some cases. It also gives
>>>> us greater traction, e.g., for partnering with a handset vendor to
>>>> make a patched firmware that provides full support.
>>>>
>>>> Paul.
>>>>
>>>> On Sun, Nov 27, 2011 at 8:40 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>>>> Thanks Jeremy, that's helpful.
>>>>>
>>>>> I had just assumed that WP7 could connect to ad-hoc networks, but from
>>>>> what I've been reading it looks like support is somewhere between very
>>>>> flakey and non-existent. So that kinda kills the idea of any sort of
>>>>> useful port, at least until MS fix it.
>>>>>
>>>>> I'm still interested in contributing to the project though so I guess
>>>>> I'll take a look at the big tracker and see if there's anything I can
>>>>> wrap my head around :)
>>>>>
>>>>> Ben
>>>>>
>>>>> On 27/11/2011, at 8:11 PM, Jeremy Lakeman <jeremy(a)servalproject.org> wrote:
>>>>>
>>>>>> Yes we currently default to using BATMAN to generate the route's
>>>>>> between nodes on the network. We also support olsr as the underlying
>>>>>> mesh routing protocol. And we can run our software with a network of
>>>>>> just an access point and its clients, mainly to support clients that
>>>>>> don't allow the right wifi modes for mesh networking. And longer term
>>>>>> we intend to replace the mesh routing layer with our own protocol
>>>>>> layer.
>>>>>>
>>>>>> Our long term goals also include removing the need for running a full
>>>>>> blown asterisk installation, and SIP client, on a phone with
>>>>>> effectively only one extension. This would also drastically reduce our
>>>>>> installation size.
>>>>>>
>>>>>> The main pieces of work that will need to be done for any port as I see them;
>>>>>> - see if we can connect to, or start, an adhoc wifi network. May be impossible.
>>>>>> - compile and run dna for number -> network address resolution.
>>>>>> - minimal VOIP server, perhaps with simplified network protocol, to
>>>>>> handle in/out call state. Porting asterisk might work, but is
>>>>>> overkill.
>>>>>> - UI layer for user interaction, dialing, answering and configuration.
>>>>>>
>>>>>> On Sun, Nov 27, 2011 at 6:21 PM, Ben Hughes <ben(a)benrhughes.com> wrote:
>>>>>>> This is my basic understanding of the Serval architecture, please let me
>>>>>>> know if it's misguided:
>>>>>>>
>>>>>>> - BATMAN is the underlying protocol that is used to connect nodes on the
>>>>>>> mesh
>>>>>>> - DNA is a layer on top of batman that lets you use claimed numbers (and a
>>>>>>> public/private key pair) to identify nodes on the batman mesh
>>>>>>> - when you make a mesh call, DNA resolves the number to a batman ip, and
>>>>>>> then attempts to establish a SIP connection (via asterix) to that address
>>>>>>>
>>>>>>> I know that there's more to it than that (social verification of claimed
>>>>>>> numbers, bridging networks, DID etc) but is that basically correct?
>>>>>>>
>>>>>>> If so, batman seems as though it's a vital (and complex) component in the
>>>>>>> stack. And from what I can tell, it seems pretty tied to *nix.
>>>>>>>
>>>>>>> If I'm looking to port DNA to WP7, do I first need to port batman? Or put
>>>>>>> another way: is there any value in a batman-less DNA?
>>>>>>>
>>>>>>> Cheers,
>>>>>>>
>>>>>>> Ben
>>>>>>>
>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google Groups
>>>>>>> "Serval Project Developers" group.
>>>>>>> To post to this group, send email to
>>>>>>> serval-project-developers(a)googlegroups.com.
>>>>>>> To unsubscribe from this group, send email to
>>>>>>> serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>>>> For more options, visit this group at
>>>>>>> http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>>
>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>>
>>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>>
>>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>>
>>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
>> To post to this group, send email to serval-project-developers(a)googlegroups.com.
>> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
>> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>>
>>
>
> --
> You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
> To post to this group, send email to serval-project-developers(a)googlegroups.com.
> To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups "Serval Project Developers" group.
To post to this group, send email to serval-project-developers(a)googlegroups.com.
To unsubscribe from this group, send email to serval-project-developers+unsubscribe(a)googlegroups.com.
For more options, visit this group at http://groups.google.com/group/serval-project-developers?hl=en.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
On Feb 20, 2013, at 1:33 PM, valdis.kletnieks(a)vt.edu wrote:
> On Wed, 20 Feb 2013 15:39:42 +0900, Randy Bush said:
>> boys and girls, all the cyber-capable countries are cyber-culpable. you
>> can bet that they are all snooping and attacking eachother, the united
>> states no less than the rest. news at eleven.
>
> The scary part is that so many things got hacked by a bunch of people
> who made the totally noob mistake of launching all their attacks from
> the same place....
This strongly suggests that it's not their A-team, for whatever value of
"their" you prefer. (My favorite mistake was some of them updating their
Facebook pages when their work took them outside the Great Firewall.) They
just don't show much in the way of good operational security.
Aside: A few years ago, a non-US friend of mine mentioned a conversation
he'd had with a cyber guy from his own country's military. According to
this guy, about 130 countries had active military cyberwarfare units. I
don't suppose that the likes of Ruritania has one, but I think it's a safe
assumption that more or less every first and second world country, and not
a few third world ones are in the list.
The claim here is not not that China is engaging in cyberespionage. That
would go under the heading of "I'm shocked, shocked to find that there's
spying going on here." Rather, the issue that's being raised is the target:
commercial firms, rather than the usual military and government secrets.
That is what the US is saying goes beyond the usual rules of the game. In
fact, the US has blamed not just China but also Russia, France, and Israel
(see http://www.israelnationalnews.com/News/News.aspx/165108 -- and note
that that's an Israeli news site) for such activities. France was notorious
for that in the 1990s; there were many press reports of bugged first class
seats on Air France, for example.
The term for what's going on is "cyberexploitation", as opposed to "cyberwar".
The US has never come out against it in principle, though it never likes it
when aimed at the US. (Every other nation feels the same way about its
companies and networks, of course.) For a good analysis of the legal aspects,
see http://www.lawfareblog.com/2011/08/what-is-the-government%E2%80%99s-strateg…
--Steve Bellovin, https://www.cs.columbia.edu/~smb
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.15, 27 July 2011
============================================================
Contents
============================================================
1. Draft Council conclusions on Net Neutrality
2. EU countries to explain lack of implementation of the Telecoms Package
3. Germany's salaries database bites the dust
4. Slovakia: Court asks website to filter public procurement open data
5. Voluntary agreements on blocking are interfering with human rights
6. Belgium: Francophone press goes out and back in Google Search
7. Britain: Government reneges on DNA privacy promise
8. ENDitorial: Phone hacking and self regulation
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About
============================================================
1. Draft Council conclusions on Net Neutrality
============================================================
On 15 July 2011, the Council (of the EU Member States) published Draft
"Conclusions" (a policy statement) on Net Neutrality. In the document, the
Council underlined the need to preserve the open and neutral character of
the Internet and established net neutrality as "a policy objective."
While this seems - and is - positive at first reading, the document also
refers to "affordable and secure high bandwidth communications and rich and
diverse content and services" as "an important policy objective" -
apparently establishing net neutrality as a somewhat secondary priority. In
summary, therefore, the Council indicates its willingness to embrace the
concept of "net neutrality" in further regulatory activities without being
entirely clear on what status this "policy objective" has in the hierarchy
of its communications policy.
Nonetheless, the importance of net neutrality for the economy is spelled out
in some detail, with the document pointing to the fundamental role of
telecommunications and broadband development for investment, job creation
and economic recovery. The document points to "the need to maintain the
openness of Internet while ensuring that it can continue to provide
high-quality services in a framework that promotes and respects fundamental
rights such as freedom of expression and freedom to conduct business."
This appears to diverge very positively from more extremist and populist
views expressed recently about "civilising" the Internet and, in the US
environment, experimenting with the fundamental building blocks of the
Internet in order to protect the perceived needs of a narrow range of
stakeholders. The draft Conclusions take a further step away from this
approach when it refers to "the importance of ensuring that users can
create, distribute and access content and services of their choice," moving
away from the implicit support for policing of content by Internet
intermediaries in the OECD Communiqui on Principles for Internet
Policy-Making which made repeated references to the right to access
"legitimate" content and "legitimate" sharing of information.
The biggest challenge facing the Council when seeking to defend this
positive approach is the range of demands for Internet intermediaries to
interfere with traffic to protect narrow vested interests such as
intellectual property owners and the willingness of certain intermediaries
to "voluntarily" engage in such interferences as an underhand means of
"normalising" interferences by access providers in citizens' communications.
It will be increasingly difficult for Member States (as indeed it is already
beginning to be the case for the European Commission) to demand that
Internet intermediaries meddle with citizens' communications for the
perceived benefit of certain vested interests and, simultaneously, demand
that the same intermediaries not meddle with citizens' communications for
their own business interests.
Draft Council conclusions on Net Neutrality (15.07.2011)
http://register.consilium.europa.eu/pdf/en/11/st12/st12950.en11.pdf
Consolidated EU telecoms regulatory framework (12.2009)
http://ec.europa.eu/information_society/policy/ecomm/doc/library/regframefo…
OECD Communiqui on Principles for Internet Policy-Making (28-29.06.2011)
http://www.oecd.org/dataoecd/40/21/48289796.pdf
(Contribution by Joe McNamee and Daniel Dimov - EDRi)
============================================================
2. EU countries to explain lack of implementation of the Telecoms Package
============================================================
The European Commission has sent letters of formal notice requesting
information from 20 EU countries regarding the reasons why they have not yet
fully implemented the EU Telecoms Package.
The EU member states were supposed to produce national legislation that
would implement, by 25 May 2011, the EU Telecoms Package, adopted late 2009,
but only seven states have fully complied until now.
The Telecoms Package includes amendments to the EU's Privacy and
Electronic Communications Directive providing a new requirement for website
owners to obtain consent from users to track their online behaviour through
"cookies".
According to the EU Directive, storing and accessing information on users'
computers was lawful provided "the subscriber or user concerned has given
his or her consent, having been provided with clear and comprehensive
information about the purposes of the processing".
The 20 member states have begun the process of drawing up new laws and some
have even implemented some of the new telecoms laws requirements but not the
entire Telecoms Package. In June, EU Commissioner Neelie Kroes warned the
member states that the Commission would use its "full powers" against those
countries that would not comply with the Directive.
Yet, Peter Hustinx, the European Data Protection Supervisor (EDPS), stated
that the Commission has not offered consistent guidance on how the EU states
should comply with the new legislation. Hustinx also criticised Kroes for
supporting self-regulatory methods undertaken by the online advertising
industry and for her support for the US "do not track" measures allowing
users to request websites not to monitor their activity, as the system
relies on websites reacting to the users' requests.
The formal letter sent by the Commission to the 20 countries represent a
first legal stage in the identification of infringements from countries that
have not enacted EU laws and could be referred to the European courts.
The 20 state members are supposed to reply to the letters within two months.
"If they fail to reply or if it is not satisfied with the answer, the
Commission can send the member states concerned a formal request to
implement the legislation, and ultimately refer them to the European Court
of Justice (ECJ)," the Commission said.
The ECJ can order EU member countries to implement EU Directives and fine
them if they do not.
European Commission begins legal action against countries that have still to
implement telecoms laws (20.07.2011)
http://www.out-law.com/page-12098
Digital Agenda: Commission starts legal action against 20 Member States on
late implementation of telecoms rules (19.07.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/905&format=HT…
============================================================
3. Germany's salaries database bites the dust
============================================================
The German government announced, in a press release on 18 July 2011,
that it was going to abandon its central database and registration
procedure for salaries, ELENA ("Elektronischer Entgeltnachweis"/
"electronic salary record"), as soon as possible.
With this decision, German civil rights group and EDRi-member FoeBuD can
celebrate the successful outcome of a complaint they had handed in at
Germany's Federal Constitutional Court even before the court came to
consider its ruling. The complaint has been signed by more than 22 000
petitioners. In FoeBuD's analysis, the government finally had to pull the
plug on this ill-fated project after more than a year of procrastination.
A joint press statement by the Federal Ministries of Economics and of
Labour points to an insufficient uptake of the "qualified electronic
signature" as the reason to abandon the project. FoeBuD and their
lawyers call it regrettable that technical issues were highlighted and
no mention was made of the doubtful constitutional legality of the
procedure, which required all employers to transmit data on all salaries
to a central database operated by Germany's state pension insurance.
More than 400 million records of employee salaries have already been
collected, although most of this data was not even required for the
intended electronic records.
The press release gives reason to suspect that the government has by no
means given up on their idea to establish an electronic register of
employee data. As the statement says, "the Federal Ministry for Labour
and Social Affairs will formulate a concept on how the infrastructure
and know-how established through ELENA can be used for a simpler and
less bureaucratic procedure to record social security data."
As the intention to collect all German citizens' sensitive data in
central databases lingers on, there is reason to stay alert after the
current success regarding ELENA. FoeBuD will continue to monitor future
developments to guard against a replacement for this disproportionate
procedure being introduced through the back door.
Press statement by the Federal Ministry of Economics and Technology and
the Federal Ministry of Labour and Social Affairs (only in German,
18.07.2011)
http://www.bmwi.de/BMWi/Navigation/Presse/pressemitteilungen,did=424742.html
In-depth response by one of the lawyers in FoeBuD's Constitutional
Complaint, Meinhard Starostik (only in German, 19.07.2011)
https://www.foebud.org/datenschutz-buergerrechte/arbeitnehmerdatenschutz/el…
(Contribution by Sebastian Lisken, EDRi member FoeBuD / redacted
translation of FoeBuD's German press release)
============================================================
4. Slovakia: Court asks website to filter public procurement open data
============================================================
Fair-Play Alliance (AFP), a Slovak non-governmental organization operating
znasichdani.sk site, was required by a Bratislava District Court to take
down from the website information related to certain public procurement
contracts.
The website was created in March 2011 in order to provide "a tool that would
enable journalists and watchdogs to cross-check information about companies
successful in public procurements with influential persons in these
companies".
The basic idea was to connect the information on the Public Procurement
bulletin with that in the database of Business register of the Slovak
republic "in a way that would match persons with the names of companies in
which these persons are or once were active, and with financial volume of
the companies' state contracts," stated Eva Vozarova from AFP.
Recently, the District Court of Bratislava II has issued a preliminary
injunction, ordering Fair-Play Alliance to withdraw from the website any
information related to a particular private individual, the statutory
representative of the large construction company Strabag which had won good
contracts paid with public money. The decision of the court is that AFP
must remove the financial totals of public procurement orders won by
Strabag, and all other companies in which this person was involved. This
preliminary ruling had no detailed explanation on why this was necessary.
AFP considers the decision of the court inappropriate, unconstitutional and
threatens the right to freedom of speech. Moreover, the website only puts
together already publicly available data. It contains a register of people
known to be behind companies that have benefited from state orders. When
searching for a particular person, the site lists the companies to which the
name of the respective person is or was related to and the state orders
those companies have won, as well as the amounts received from public funds.
The court's decision is also unclear as, normally, it should instruct on how
to perform the action required. AFP was supposed to refrain from
publishing the persons' name, surname and title from the website
znasichdani.sk which could directly connect the claimant's person with
the financial value gained from public procurement. The site however makes
no connections of financial values to the claimant's name but only filters
information showing the results side by side. The total of occurrences of
the claimant's name can hardly be technically erased without compromising
the rest of the service.
"The alliance has done nothing else but make possible simultaneous searches
in two publicly accessible databases," stated lawyer Vladimmr Sarnik who
added that the preliminary decision of the court contains both formal and
factual mistakes.
The court decision was issued even before the plaintiff had submitted her
complaint (as the Slovak legal system makes this possible), which could lead
to a paradoxical situation when the preliminary decision may remain in place
for an indefinite period without a formal complaint being submitted.
Ironically, a few days ahead, on 17 June 2011, the Znasichdani.sk site was
awarded first prize at Open Data Challenge, a European competition sponsored
by the Open Knowledge Foundation and backed by the European Commission.
AFP has immediately appealed the court's preliminary decision.
Court orders removal of public procurement data (4.07.2011)
http://spectator.sme.sk/articles/view/43180/2/court_orders_removal_of_publi…
Why censoring Slovak spending app means bad news for open data (18.07.2011)
http://blog.okfn.org/2011/07/18/why-censoring-slovak-spending-app-means-bad…
Fair-play Watchdog Angered by Court ruling (29.06.2011)
http://www.thedaily.sk/2011/06/29/top-news/fair-play-watchdog-angered-by-co…
============================================================
5. Voluntary agreements on blocking are interfering with human rights
============================================================
Following the agreement of the EU institutions on a web blocking compromise
text which fails to adequately address the lawless blocking which is
undertaken in several EU countries, a careful reading of recent research on
the legality of this approach is called for.
Last month, Professor Yaman Akdeniz (Istanbul Bilgi University, Turkey)
prepared a report on Freedom of Expression on the Internet for the
Organisation for Security and Cooperation in Europe (OSCE). The report
contained an investigation on legal provisions and practices related to
freedom of expression, the free flow of information and media pluralism on
the Internet in OSCE participating States.
In his study, Professor Yaman Akdeniz observed that blocking measures in the
OSCE region are not always provided for by law nor were they always subject
to due process principles. In particular, he noted that blocking decisions
were not necessarily taken by the courts of law, but by administrative
bodies or Internet hotlines run by the private sector. They decided which
content, website or platform should be blocked. In many cases, such
"voluntary" blocking procedures lacked transparency and accountability. In
addition, the appeal in such procedures were either not in place or, where
they were in place, they were often not efficient. That is why the
compatibility of blocking with the fundamental right of freedom of
expression must be questioned.
In particular, in the absence of a legal basis for blocking access to online
content, the compatibility of "voluntary" blocking agreements and systems
with OSCE commitments, Article 19 of the Universal Declaration and Article
10 of the European Convention on Human Rights was problematic. Also, such a
"voluntary interference" might be contradictory to the conclusions of the
Final Document of the Moscow Meeting of the Conference on the Human
Dimension of the CSCE.
With regard to the compatibility of blocking with the fundamental right of
freedom of expression, Professor Akdeniz also pointed out that both the
1994 Budapest OSCE Summit Document and the European Court of Human Rights
reiterated the importance of freedom of expression as one of the
preconditions for a functioning democracy. In Budapest, "(t)he participating
States reaffirm(ed) that freedom of expression is a fundamental human right
and a basic component of a democratic society. In this respect, independent
and pluralistic media were essential to a free and open society and
accountable systems of government." According to Akdeniz, an "effective"
exercise of this freedom does not depend merely on the state's duty not to
interfere, but might require positive measures to protect this fundamental
freedom. Consequently, a blocking system relying exclusively on
self-regulation or "voluntary agreements" could be in a non-legitimate
interference with fundamental rights.
Yaman A.: Report on Freedom of Expression on the Internet
http://www.osce.org/fom/80723
The Final Document of the Moscow Meeting of the Conference on the Human
Dimension of the CSCE
http://www.osce.org/odihr/elections/14310
1994 Budapest OSCE Summit Document
http://www.osce.org/mc/39554
The Universal Declaration of Human Rights
http://www.un.org/en/documents/udhr/
The European Convention on Human Rights
http://www.hri.org/docs/ECHR50.html
EDRi-gram: OSCE: Access to the Internet should be a human right (13.07.2011)
http://www.edri.org/edrigram/number9.14/oecd-study-internet-freedom
(Contribution by Daniel Dimov - EDRi)
============================================================
6. Belgium: Francophone press goes out and back in Google Search
============================================================
As a result of Google's conflict with Copiepresse, the search engine
announced on 15 July 2011 that it would not index titles from the Belgium
francophone press.
Google stated that in doing so, it only complied with the decision of the
Appeal Court of 5 May 2011 that backed a court decision of February 2011
forbidding Google to publish Belgium press articles on Google News and
Google Search, with a fine reaching 25 000 euro in case of non-compliance.
Google's reaction looked like a punishment that would put some pressure on
Belgium's francophone press as the measure actually went beyond the
court's decision which only asked for the removal of Copiepresse articles
and not their complete erasing from the search engine.
The measure was however successful. "We would be happy to re-include
Copiepresse if they would indicate their desire to appear in Google Search
and waive the potential penalties," said Google spokesman William Echikson.
Which, Copiepress did on 18 July 2011.
Le Soir and La Libre Belgique stated on their sites that an agreement had
been reached with Google that would re-index the excluded sites. "It is
necessary to distinguish the Google search engine from the Google news
service," said an article on La Libre website adding: "The news editors do
not oppose having their content referenced by the Google search engine, they
refuse on the other hand for their informational content to be included in
Google News."
Google censures the Francophone press (only in French, 15.07.2011)
http://www.lecho.be/actualite/entreprises_technologie/Google_censure_la_pre…
Google re-indexes the Belgium press on its engine (up-date) (only in French,
18.07.2011)
http://www.01net.com/editorial/536000/google-supprime-la-presse-belge-de-so…
Google will re-index the francophone press (only in French, 18.07.2011)
http://www.lecho.be/actualite/entreprises_media/Google_va_reindexer_la_pres…
EDRi-gram: Google found guilty in Belgium for newspapers' copyright
infringement (18.05.2011)
http://www.edri.org/edrigram/number9.10/google-looses-copiepresse-case
============================================================
7. Britain: Government reneges on DNA privacy promise
============================================================
In Britain, the Conservative-Liberal Democrat coalition government has
announced that it will not delete the DNA records of suspects who were
arrested but subsequently acquitted or never charged. It had promised
to delete them following the Marper judgement, where the European
Court of Human Rights found it was unlawful to keep the DNA of
acquitted people indefinitely; this promise was enshrined in the
Coalition Agreement that set up the Government after the indecisive
2010 election.
But the Government now says it will rely on "anonymisation". The DNA records
of innocent people will be retained by the forensic service without the
suspect's names and addresses. When a match is found with crime-scene DNA in
the future, the innocent former suspect can be identified by matching the
sample bar code with the records of the police force that arrested him last
time. The Government may argue that this complies with UK data protection
law, which is a defective implementation of the Data Protection Directive.
However it fails to satisfy European and human-rights law.
The announcement was made quietly on Monday, 25 July 2011, while the press's
focus was on the killings in Norway.
Innocent people's DNA profiles won't be deleted after all, minister admits
(26.07.2011)
http://www.telegraph.co.uk/news/uknews/law-and-order/8660821/Innocent-peopl…
Database State (2009)
http://www.cl.cam.ac.uk/~rja14/Papers/database-state.pdf
(Contribution by Ross Anderson - EDRi-member FIPR - UK)
============================================================
8. ENDitorial: Phone hacking and self regulation
============================================================
The self-regulatory authority for the British press, the Press Complaints
Commission (PCC), has itself become one of the victims of the "phone
hacking" scandal, as self-regulation failed to not alone prevent but even
identify problems now believed to be endemic among UK newspapers.
Phone hacking - guessing or brute-force attacking voicemail accounts to
access messages - is a criminal offence in the UK. Cases at the News of the
World (NoW) were prosecuted under the Regulation of Investigatory Powers Act
(RIPA), and could also be offences under the Computers Misuse Act. In 2007,
private investigator Glen Mulcaire and NoW royal editor Clive Goodman were
convicted and imprisoned for RIPA interception offences. Thus to date, the
prosecutions have focused on reporters and investigators, rather than their
employers at News International.
In May 2007, the PCC found that there was no evidence of widespread phone
hacking at News of the World. Since that date, further allegations,
investigations by Parliamentary committees and threats of private legal
action have put pressure on the police to re-open the investigations.
Allegations of the excessively close relationships between the police and
News International and NoW, including possible payments, have meant that
senior police officials at the Metropolitan (London) Police have now
resigned.
One question that needs to be addressed is the extent to which "self
regulation" has failed in this arena. With strong motivations from their
members not to look at the behaviour of those same being regulated, the PCC
might well be expected to fail. But this wasn't obvious when the PCC was set
up.
The reasoning behind press self-regulation was at least more principled than
that behind Internet "self regulation". The press, it was argued, needs to
be strong and free. The methodology is also more coherent - it is, to a
large extent, "self-"regulation, unlike much Internet "self-regulation",
which is actually regulation of content or consumers by the Internet
industry. Thus it was thought better for the press to impose their own
rules, rather than relying on legislation and politicians, who have an
inbuilt desire to control and limit their activities. Yet, it has
comprehensively failed. A combination of high pressure for more sales in a
declining market, an unsafe technology and malleable or inattentive
enforcement let citizens' interests be ignored.
As it is often stated, but rarely politically accepted, once privacy is
stripped away, the ability of those threatened with privacy abuses to speak
out is vastly reduced. Thus, it was those who had already suffered exposure
by the News of the World who had to be brave enough to speak out. The UK's
political leadership was frequently too frightened to comment.
We may well ask why, if the PCC cannot balance the public interest, free
speech, privacy and business interests, the behavioural advertisers and
Internet Service Providers should be expected to do a better job. Purely
pragmatically, self-regulation may be expected to work where the interests
of end users are well-aligned with those doing the regulation: but where
those are strongly divergent, they are unlikely to. Unfortunately, as the
PCC has shown, the balance of interests can quickly shift with technology.
Thus we are left to conclude that, in the absence of procedures and
structures that are fit to cope with such shifts, legal protections and
official regulators are in fact the more important part of public
protection.
A second lesson just how politicians completely misunderstand the
complexities of industry "self-regulation." If the PCC could fail so badly
in the comparatively straightforward task of regulating its own industry,
why on earth can politicians feel that they can speak so blithely and
simplistically about private internet intermediaries "self-"regulating the
key democratic fundamental rights of our society - privacy and freedom of
communication?
Phone Hacking articles at The Guardian
http://www.guardian.co.uk/media/phone-hacking
News of the World phone hacking scandal investigations
http://en.wikipedia.org/wiki/News_of_the_World_phone_hacking_scandal_invest…
The UK phone hacking scandal: there's worse to come - much worse
(23.07.2011)
https://www.privacyinternational.org/blog/uk-phone-hacking-scandal-theres-w…
The Government still wants to hack your phone (14.07.2011)
http://www.openrightsgroup.org/blog/2011/the-government-still-wants-to-hack…
(Contribution by Jim Killock - EDRi-member Open Rights Group - UK)
============================================================
9. Recommended Action
============================================================
Public consultation on personal data breach notifications under ePrivacy
Directive. Deadline: 9 September 2011
http://ec.europa.eu/information_society/policy/ecomm/library/public_consult…
EU - Open access to scientific information - Commission seeks views
A public consultation on access to, and preservation of, digital
scientific information has been launched by the European Commission.
Deadline: 9 September 2011
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/890
============================================================
10. Recommended Reading
============================================================
Article 29 Data Protection Working Party - Opinion on Consent (14.07.2011)
http://ec.europa.eu/justice/policies/privacy/news/docs/press_release%20opin…
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp187_en.pdf
86 cents for one year without blanket telecommunications data retention
(25.07.2011)
http://www.vorratsdatenspeicherung.de/content/view/471/79/lang,en/
============================================================
11. Agenda
============================================================
10-14 August 2011, Finowfurt near Berlin, Germany
Chaos Communication Camp 2011
http://events.ccc.de/camp/2011
25-27 August 2011, Washington DC, USA
Global Congress on Public Interest Intellectual Property Law
http://infojustice.org/public-events/global-congress
7 September 2011, Berlin, Germany
Balancing the interests in the context of data retention
Registration by 15 August 2011
http://www.uni-kassel.de/einrichtungen/iteg/forschung/invodas/invodas-absch…
10-17 September 2011
Freedom Not Fear - International Action Week
http://www.freedomnotfear.org
16-18 September 2011, Warsaw, Poland
Creative Commons Global Summit 2011
http://wiki.creativecommons.org/Global_Summit_2011
27-30 September 2011, Nairobi, Kenya
Sixth Annual IGF Meeting: Internet as a catalyst for change: access,
development, freedoms and innovation
http://www.intgovforum.org/cms/nairobipreparatory
11 October 2011, Brussels, Belgium
ePractice Workshop: Addressing evolving needs for cross-border eGovernment
services
http://www.epractice.eu/en/events/epractice-workshop-cross-border-services
13-14 October 2011, Lisbon, Portugal
2nd International Graduate Conference in Communication and Culture: The
Culture of Remix
http://blogs.nyu.edu/projects/materialworld/2011/05/cfp_the_culture_of_remi…
20-21 October 2011, Warsaw, Poland
Open Govrenment Data Camp
http://opengovernmentdata.org/camp2011/
27-30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/
9 November 2011, Bucharest, Romania
Inet Conference: Access, Trust and Freedom: Coordinates for future Internet
http://www.isoc.org/isoc/conferences/inet/11/bucharest-agenda.shtml
11-13 November 2011, Gothenburg, Sweden
FSCONS is the Nordic countries' largest gathering for free culture, free
software and a free society.
http://fscons.org/
25-27 January 2012, Brussels, Belgium
Computers, Privacy and Data Protection 2012
http://www.cpdpconferences.org/
============================================================
12. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.15, 27 July 2011
============================================================
Contents
============================================================
1. Draft Council conclusions on Net Neutrality
2. EU countries to explain lack of implementation of the Telecoms Package
3. Germany's salaries database bites the dust
4. Slovakia: Court asks website to filter public procurement open data
5. Voluntary agreements on blocking are interfering with human rights
6. Belgium: Francophone press goes out and back in Google Search
7. Britain: Government reneges on DNA privacy promise
8. ENDitorial: Phone hacking and self regulation
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About
============================================================
1. Draft Council conclusions on Net Neutrality
============================================================
On 15 July 2011, the Council (of the EU Member States) published Draft
"Conclusions" (a policy statement) on Net Neutrality. In the document, the
Council underlined the need to preserve the open and neutral character of
the Internet and established net neutrality as "a policy objective."
While this seems - and is - positive at first reading, the document also
refers to "affordable and secure high bandwidth communications and rich and
diverse content and services" as "an important policy objective" -
apparently establishing net neutrality as a somewhat secondary priority. In
summary, therefore, the Council indicates its willingness to embrace the
concept of "net neutrality" in further regulatory activities without being
entirely clear on what status this "policy objective" has in the hierarchy
of its communications policy.
Nonetheless, the importance of net neutrality for the economy is spelled out
in some detail, with the document pointing to the fundamental role of
telecommunications and broadband development for investment, job creation
and economic recovery. The document points to "the need to maintain the
openness of Internet while ensuring that it can continue to provide
high-quality services in a framework that promotes and respects fundamental
rights such as freedom of expression and freedom to conduct business."
This appears to diverge very positively from more extremist and populist
views expressed recently about "civilising" the Internet and, in the US
environment, experimenting with the fundamental building blocks of the
Internet in order to protect the perceived needs of a narrow range of
stakeholders. The draft Conclusions take a further step away from this
approach when it refers to "the importance of ensuring that users can
create, distribute and access content and services of their choice," moving
away from the implicit support for policing of content by Internet
intermediaries in the OECD Communiqui on Principles for Internet
Policy-Making which made repeated references to the right to access
"legitimate" content and "legitimate" sharing of information.
The biggest challenge facing the Council when seeking to defend this
positive approach is the range of demands for Internet intermediaries to
interfere with traffic to protect narrow vested interests such as
intellectual property owners and the willingness of certain intermediaries
to "voluntarily" engage in such interferences as an underhand means of
"normalising" interferences by access providers in citizens' communications.
It will be increasingly difficult for Member States (as indeed it is already
beginning to be the case for the European Commission) to demand that
Internet intermediaries meddle with citizens' communications for the
perceived benefit of certain vested interests and, simultaneously, demand
that the same intermediaries not meddle with citizens' communications for
their own business interests.
Draft Council conclusions on Net Neutrality (15.07.2011)
http://register.consilium.europa.eu/pdf/en/11/st12/st12950.en11.pdf
Consolidated EU telecoms regulatory framework (12.2009)
http://ec.europa.eu/information_society/policy/ecomm/doc/library/regframefo…
OECD Communiqui on Principles for Internet Policy-Making (28-29.06.2011)
http://www.oecd.org/dataoecd/40/21/48289796.pdf
(Contribution by Joe McNamee and Daniel Dimov - EDRi)
============================================================
2. EU countries to explain lack of implementation of the Telecoms Package
============================================================
The European Commission has sent letters of formal notice requesting
information from 20 EU countries regarding the reasons why they have not yet
fully implemented the EU Telecoms Package.
The EU member states were supposed to produce national legislation that
would implement, by 25 May 2011, the EU Telecoms Package, adopted late 2009,
but only seven states have fully complied until now.
The Telecoms Package includes amendments to the EU's Privacy and
Electronic Communications Directive providing a new requirement for website
owners to obtain consent from users to track their online behaviour through
"cookies".
According to the EU Directive, storing and accessing information on users'
computers was lawful provided "the subscriber or user concerned has given
his or her consent, having been provided with clear and comprehensive
information about the purposes of the processing".
The 20 member states have begun the process of drawing up new laws and some
have even implemented some of the new telecoms laws requirements but not the
entire Telecoms Package. In June, EU Commissioner Neelie Kroes warned the
member states that the Commission would use its "full powers" against those
countries that would not comply with the Directive.
Yet, Peter Hustinx, the European Data Protection Supervisor (EDPS), stated
that the Commission has not offered consistent guidance on how the EU states
should comply with the new legislation. Hustinx also criticised Kroes for
supporting self-regulatory methods undertaken by the online advertising
industry and for her support for the US "do not track" measures allowing
users to request websites not to monitor their activity, as the system
relies on websites reacting to the users' requests.
The formal letter sent by the Commission to the 20 countries represent a
first legal stage in the identification of infringements from countries that
have not enacted EU laws and could be referred to the European courts.
The 20 state members are supposed to reply to the letters within two months.
"If they fail to reply or if it is not satisfied with the answer, the
Commission can send the member states concerned a formal request to
implement the legislation, and ultimately refer them to the European Court
of Justice (ECJ)," the Commission said.
The ECJ can order EU member countries to implement EU Directives and fine
them if they do not.
European Commission begins legal action against countries that have still to
implement telecoms laws (20.07.2011)
http://www.out-law.com/page-12098
Digital Agenda: Commission starts legal action against 20 Member States on
late implementation of telecoms rules (19.07.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/905&format=HT…
============================================================
3. Germany's salaries database bites the dust
============================================================
The German government announced, in a press release on 18 July 2011,
that it was going to abandon its central database and registration
procedure for salaries, ELENA ("Elektronischer Entgeltnachweis"/
"electronic salary record"), as soon as possible.
With this decision, German civil rights group and EDRi-member FoeBuD can
celebrate the successful outcome of a complaint they had handed in at
Germany's Federal Constitutional Court even before the court came to
consider its ruling. The complaint has been signed by more than 22 000
petitioners. In FoeBuD's analysis, the government finally had to pull the
plug on this ill-fated project after more than a year of procrastination.
A joint press statement by the Federal Ministries of Economics and of
Labour points to an insufficient uptake of the "qualified electronic
signature" as the reason to abandon the project. FoeBuD and their
lawyers call it regrettable that technical issues were highlighted and
no mention was made of the doubtful constitutional legality of the
procedure, which required all employers to transmit data on all salaries
to a central database operated by Germany's state pension insurance.
More than 400 million records of employee salaries have already been
collected, although most of this data was not even required for the
intended electronic records.
The press release gives reason to suspect that the government has by no
means given up on their idea to establish an electronic register of
employee data. As the statement says, "the Federal Ministry for Labour
and Social Affairs will formulate a concept on how the infrastructure
and know-how established through ELENA can be used for a simpler and
less bureaucratic procedure to record social security data."
As the intention to collect all German citizens' sensitive data in
central databases lingers on, there is reason to stay alert after the
current success regarding ELENA. FoeBuD will continue to monitor future
developments to guard against a replacement for this disproportionate
procedure being introduced through the back door.
Press statement by the Federal Ministry of Economics and Technology and
the Federal Ministry of Labour and Social Affairs (only in German,
18.07.2011)
http://www.bmwi.de/BMWi/Navigation/Presse/pressemitteilungen,did=424742.html
In-depth response by one of the lawyers in FoeBuD's Constitutional
Complaint, Meinhard Starostik (only in German, 19.07.2011)
https://www.foebud.org/datenschutz-buergerrechte/arbeitnehmerdatenschutz/el…
(Contribution by Sebastian Lisken, EDRi member FoeBuD / redacted
translation of FoeBuD's German press release)
============================================================
4. Slovakia: Court asks website to filter public procurement open data
============================================================
Fair-Play Alliance (AFP), a Slovak non-governmental organization operating
znasichdani.sk site, was required by a Bratislava District Court to take
down from the website information related to certain public procurement
contracts.
The website was created in March 2011 in order to provide "a tool that would
enable journalists and watchdogs to cross-check information about companies
successful in public procurements with influential persons in these
companies".
The basic idea was to connect the information on the Public Procurement
bulletin with that in the database of Business register of the Slovak
republic "in a way that would match persons with the names of companies in
which these persons are or once were active, and with financial volume of
the companies' state contracts," stated Eva Vozarova from AFP.
Recently, the District Court of Bratislava II has issued a preliminary
injunction, ordering Fair-Play Alliance to withdraw from the website any
information related to a particular private individual, the statutory
representative of the large construction company Strabag which had won good
contracts paid with public money. The decision of the court is that AFP
must remove the financial totals of public procurement orders won by
Strabag, and all other companies in which this person was involved. This
preliminary ruling had no detailed explanation on why this was necessary.
AFP considers the decision of the court inappropriate, unconstitutional and
threatens the right to freedom of speech. Moreover, the website only puts
together already publicly available data. It contains a register of people
known to be behind companies that have benefited from state orders. When
searching for a particular person, the site lists the companies to which the
name of the respective person is or was related to and the state orders
those companies have won, as well as the amounts received from public funds.
The court's decision is also unclear as, normally, it should instruct on how
to perform the action required. AFP was supposed to refrain from
publishing the persons' name, surname and title from the website
znasichdani.sk which could directly connect the claimant's person with
the financial value gained from public procurement. The site however makes
no connections of financial values to the claimant's name but only filters
information showing the results side by side. The total of occurrences of
the claimant's name can hardly be technically erased without compromising
the rest of the service.
"The alliance has done nothing else but make possible simultaneous searches
in two publicly accessible databases," stated lawyer Vladimmr Sarnik who
added that the preliminary decision of the court contains both formal and
factual mistakes.
The court decision was issued even before the plaintiff had submitted her
complaint (as the Slovak legal system makes this possible), which could lead
to a paradoxical situation when the preliminary decision may remain in place
for an indefinite period without a formal complaint being submitted.
Ironically, a few days ahead, on 17 June 2011, the Znasichdani.sk site was
awarded first prize at Open Data Challenge, a European competition sponsored
by the Open Knowledge Foundation and backed by the European Commission.
AFP has immediately appealed the court's preliminary decision.
Court orders removal of public procurement data (4.07.2011)
http://spectator.sme.sk/articles/view/43180/2/court_orders_removal_of_publi…
Why censoring Slovak spending app means bad news for open data (18.07.2011)
http://blog.okfn.org/2011/07/18/why-censoring-slovak-spending-app-means-bad…
Fair-play Watchdog Angered by Court ruling (29.06.2011)
http://www.thedaily.sk/2011/06/29/top-news/fair-play-watchdog-angered-by-co…
============================================================
5. Voluntary agreements on blocking are interfering with human rights
============================================================
Following the agreement of the EU institutions on a web blocking compromise
text which fails to adequately address the lawless blocking which is
undertaken in several EU countries, a careful reading of recent research on
the legality of this approach is called for.
Last month, Professor Yaman Akdeniz (Istanbul Bilgi University, Turkey)
prepared a report on Freedom of Expression on the Internet for the
Organisation for Security and Cooperation in Europe (OSCE). The report
contained an investigation on legal provisions and practices related to
freedom of expression, the free flow of information and media pluralism on
the Internet in OSCE participating States.
In his study, Professor Yaman Akdeniz observed that blocking measures in the
OSCE region are not always provided for by law nor were they always subject
to due process principles. In particular, he noted that blocking decisions
were not necessarily taken by the courts of law, but by administrative
bodies or Internet hotlines run by the private sector. They decided which
content, website or platform should be blocked. In many cases, such
"voluntary" blocking procedures lacked transparency and accountability. In
addition, the appeal in such procedures were either not in place or, where
they were in place, they were often not efficient. That is why the
compatibility of blocking with the fundamental right of freedom of
expression must be questioned.
In particular, in the absence of a legal basis for blocking access to online
content, the compatibility of "voluntary" blocking agreements and systems
with OSCE commitments, Article 19 of the Universal Declaration and Article
10 of the European Convention on Human Rights was problematic. Also, such a
"voluntary interference" might be contradictory to the conclusions of the
Final Document of the Moscow Meeting of the Conference on the Human
Dimension of the CSCE.
With regard to the compatibility of blocking with the fundamental right of
freedom of expression, Professor Akdeniz also pointed out that both the
1994 Budapest OSCE Summit Document and the European Court of Human Rights
reiterated the importance of freedom of expression as one of the
preconditions for a functioning democracy. In Budapest, "(t)he participating
States reaffirm(ed) that freedom of expression is a fundamental human right
and a basic component of a democratic society. In this respect, independent
and pluralistic media were essential to a free and open society and
accountable systems of government." According to Akdeniz, an "effective"
exercise of this freedom does not depend merely on the state's duty not to
interfere, but might require positive measures to protect this fundamental
freedom. Consequently, a blocking system relying exclusively on
self-regulation or "voluntary agreements" could be in a non-legitimate
interference with fundamental rights.
Yaman A.: Report on Freedom of Expression on the Internet
http://www.osce.org/fom/80723
The Final Document of the Moscow Meeting of the Conference on the Human
Dimension of the CSCE
http://www.osce.org/odihr/elections/14310
1994 Budapest OSCE Summit Document
http://www.osce.org/mc/39554
The Universal Declaration of Human Rights
http://www.un.org/en/documents/udhr/
The European Convention on Human Rights
http://www.hri.org/docs/ECHR50.html
EDRi-gram: OSCE: Access to the Internet should be a human right (13.07.2011)
http://www.edri.org/edrigram/number9.14/oecd-study-internet-freedom
(Contribution by Daniel Dimov - EDRi)
============================================================
6. Belgium: Francophone press goes out and back in Google Search
============================================================
As a result of Google's conflict with Copiepresse, the search engine
announced on 15 July 2011 that it would not index titles from the Belgium
francophone press.
Google stated that in doing so, it only complied with the decision of the
Appeal Court of 5 May 2011 that backed a court decision of February 2011
forbidding Google to publish Belgium press articles on Google News and
Google Search, with a fine reaching 25 000 euro in case of non-compliance.
Google's reaction looked like a punishment that would put some pressure on
Belgium's francophone press as the measure actually went beyond the
court's decision which only asked for the removal of Copiepresse articles
and not their complete erasing from the search engine.
The measure was however successful. "We would be happy to re-include
Copiepresse if they would indicate their desire to appear in Google Search
and waive the potential penalties," said Google spokesman William Echikson.
Which, Copiepress did on 18 July 2011.
Le Soir and La Libre Belgique stated on their sites that an agreement had
been reached with Google that would re-index the excluded sites. "It is
necessary to distinguish the Google search engine from the Google news
service," said an article on La Libre website adding: "The news editors do
not oppose having their content referenced by the Google search engine, they
refuse on the other hand for their informational content to be included in
Google News."
Google censures the Francophone press (only in French, 15.07.2011)
http://www.lecho.be/actualite/entreprises_technologie/Google_censure_la_pre…
Google re-indexes the Belgium press on its engine (up-date) (only in French,
18.07.2011)
http://www.01net.com/editorial/536000/google-supprime-la-presse-belge-de-so…
Google will re-index the francophone press (only in French, 18.07.2011)
http://www.lecho.be/actualite/entreprises_media/Google_va_reindexer_la_pres…
EDRi-gram: Google found guilty in Belgium for newspapers' copyright
infringement (18.05.2011)
http://www.edri.org/edrigram/number9.10/google-looses-copiepresse-case
============================================================
7. Britain: Government reneges on DNA privacy promise
============================================================
In Britain, the Conservative-Liberal Democrat coalition government has
announced that it will not delete the DNA records of suspects who were
arrested but subsequently acquitted or never charged. It had promised
to delete them following the Marper judgement, where the European
Court of Human Rights found it was unlawful to keep the DNA of
acquitted people indefinitely; this promise was enshrined in the
Coalition Agreement that set up the Government after the indecisive
2010 election.
But the Government now says it will rely on "anonymisation". The DNA records
of innocent people will be retained by the forensic service without the
suspect's names and addresses. When a match is found with crime-scene DNA in
the future, the innocent former suspect can be identified by matching the
sample bar code with the records of the police force that arrested him last
time. The Government may argue that this complies with UK data protection
law, which is a defective implementation of the Data Protection Directive.
However it fails to satisfy European and human-rights law.
The announcement was made quietly on Monday, 25 July 2011, while the press's
focus was on the killings in Norway.
Innocent people's DNA profiles won't be deleted after all, minister admits
(26.07.2011)
http://www.telegraph.co.uk/news/uknews/law-and-order/8660821/Innocent-peopl…
Database State (2009)
http://www.cl.cam.ac.uk/~rja14/Papers/database-state.pdf
(Contribution by Ross Anderson - EDRi-member FIPR - UK)
============================================================
8. ENDitorial: Phone hacking and self regulation
============================================================
The self-regulatory authority for the British press, the Press Complaints
Commission (PCC), has itself become one of the victims of the "phone
hacking" scandal, as self-regulation failed to not alone prevent but even
identify problems now believed to be endemic among UK newspapers.
Phone hacking - guessing or brute-force attacking voicemail accounts to
access messages - is a criminal offence in the UK. Cases at the News of the
World (NoW) were prosecuted under the Regulation of Investigatory Powers Act
(RIPA), and could also be offences under the Computers Misuse Act. In 2007,
private investigator Glen Mulcaire and NoW royal editor Clive Goodman were
convicted and imprisoned for RIPA interception offences. Thus to date, the
prosecutions have focused on reporters and investigators, rather than their
employers at News International.
In May 2007, the PCC found that there was no evidence of widespread phone
hacking at News of the World. Since that date, further allegations,
investigations by Parliamentary committees and threats of private legal
action have put pressure on the police to re-open the investigations.
Allegations of the excessively close relationships between the police and
News International and NoW, including possible payments, have meant that
senior police officials at the Metropolitan (London) Police have now
resigned.
One question that needs to be addressed is the extent to which "self
regulation" has failed in this arena. With strong motivations from their
members not to look at the behaviour of those same being regulated, the PCC
might well be expected to fail. But this wasn't obvious when the PCC was set
up.
The reasoning behind press self-regulation was at least more principled than
that behind Internet "self regulation". The press, it was argued, needs to
be strong and free. The methodology is also more coherent - it is, to a
large extent, "self-"regulation, unlike much Internet "self-regulation",
which is actually regulation of content or consumers by the Internet
industry. Thus it was thought better for the press to impose their own
rules, rather than relying on legislation and politicians, who have an
inbuilt desire to control and limit their activities. Yet, it has
comprehensively failed. A combination of high pressure for more sales in a
declining market, an unsafe technology and malleable or inattentive
enforcement let citizens' interests be ignored.
As it is often stated, but rarely politically accepted, once privacy is
stripped away, the ability of those threatened with privacy abuses to speak
out is vastly reduced. Thus, it was those who had already suffered exposure
by the News of the World who had to be brave enough to speak out. The UK's
political leadership was frequently too frightened to comment.
We may well ask why, if the PCC cannot balance the public interest, free
speech, privacy and business interests, the behavioural advertisers and
Internet Service Providers should be expected to do a better job. Purely
pragmatically, self-regulation may be expected to work where the interests
of end users are well-aligned with those doing the regulation: but where
those are strongly divergent, they are unlikely to. Unfortunately, as the
PCC has shown, the balance of interests can quickly shift with technology.
Thus we are left to conclude that, in the absence of procedures and
structures that are fit to cope with such shifts, legal protections and
official regulators are in fact the more important part of public
protection.
A second lesson just how politicians completely misunderstand the
complexities of industry "self-regulation." If the PCC could fail so badly
in the comparatively straightforward task of regulating its own industry,
why on earth can politicians feel that they can speak so blithely and
simplistically about private internet intermediaries "self-"regulating the
key democratic fundamental rights of our society - privacy and freedom of
communication?
Phone Hacking articles at The Guardian
http://www.guardian.co.uk/media/phone-hacking
News of the World phone hacking scandal investigations
http://en.wikipedia.org/wiki/News_of_the_World_phone_hacking_scandal_invest…
The UK phone hacking scandal: there's worse to come - much worse
(23.07.2011)
https://www.privacyinternational.org/blog/uk-phone-hacking-scandal-theres-w…
The Government still wants to hack your phone (14.07.2011)
http://www.openrightsgroup.org/blog/2011/the-government-still-wants-to-hack…
(Contribution by Jim Killock - EDRi-member Open Rights Group - UK)
============================================================
9. Recommended Action
============================================================
Public consultation on personal data breach notifications under ePrivacy
Directive. Deadline: 9 September 2011
http://ec.europa.eu/information_society/policy/ecomm/library/public_consult…
EU - Open access to scientific information - Commission seeks views
A public consultation on access to, and preservation of, digital
scientific information has been launched by the European Commission.
Deadline: 9 September 2011
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/890
============================================================
10. Recommended Reading
============================================================
Article 29 Data Protection Working Party - Opinion on Consent (14.07.2011)
http://ec.europa.eu/justice/policies/privacy/news/docs/press_release%20opin…
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp187_en.pdf
86 cents for one year without blanket telecommunications data retention
(25.07.2011)
http://www.vorratsdatenspeicherung.de/content/view/471/79/lang,en/
============================================================
11. Agenda
============================================================
10-14 August 2011, Finowfurt near Berlin, Germany
Chaos Communication Camp 2011
http://events.ccc.de/camp/2011
25-27 August 2011, Washington DC, USA
Global Congress on Public Interest Intellectual Property Law
http://infojustice.org/public-events/global-congress
7 September 2011, Berlin, Germany
Balancing the interests in the context of data retention
Registration by 15 August 2011
http://www.uni-kassel.de/einrichtungen/iteg/forschung/invodas/invodas-absch…
10-17 September 2011
Freedom Not Fear - International Action Week
http://www.freedomnotfear.org
16-18 September 2011, Warsaw, Poland
Creative Commons Global Summit 2011
http://wiki.creativecommons.org/Global_Summit_2011
27-30 September 2011, Nairobi, Kenya
Sixth Annual IGF Meeting: Internet as a catalyst for change: access,
development, freedoms and innovation
http://www.intgovforum.org/cms/nairobipreparatory
11 October 2011, Brussels, Belgium
ePractice Workshop: Addressing evolving needs for cross-border eGovernment
services
http://www.epractice.eu/en/events/epractice-workshop-cross-border-services
13-14 October 2011, Lisbon, Portugal
2nd International Graduate Conference in Communication and Culture: The
Culture of Remix
http://blogs.nyu.edu/projects/materialworld/2011/05/cfp_the_culture_of_remi…
20-21 October 2011, Warsaw, Poland
Open Govrenment Data Camp
http://opengovernmentdata.org/camp2011/
27-30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/
9 November 2011, Bucharest, Romania
Inet Conference: Access, Trust and Freedom: Coordinates for future Internet
http://www.isoc.org/isoc/conferences/inet/11/bucharest-agenda.shtml
11-13 November 2011, Gothenburg, Sweden
FSCONS is the Nordic countries' largest gathering for free culture, free
software and a free society.
http://fscons.org/
25-27 January 2012, Brussels, Belgium
Computers, Privacy and Data Protection 2012
http://www.cpdpconferences.org/
============================================================
12. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
06 Jul '18
Nick M. Daly writes:
> I've actually been reading similar concerns (about hardware-based
> tracking) on the FreedomBox list, and I have no basis for validating the
> claims. Wondering if anybody could shed some light on just how serious
> these claims are and how they'd impact Tor users (or privacy generally)?
> The mail seems full of generalizations, but the author seems genuine:
>
> http://lists.alioth.debian.org/pipermail/freedombox-discuss/2012-June/00404…
I find this message misleading in various ways. The basic thing that
I've been telling people is that there are few situations in which
either PSN or TPM uniqueness makes things qualitatively worse.
There are lots of hardware unique IDs. On Linux, try "sudo lshw" and
be surprised at all the things that have unique serial numbers. There
are also things that are unique about your machine that are not
hardware serial numbers, like filesystem serial numbers and observed
combinations of software configurations.
These can be bad for privacy because software can tell which computer
it's running on. If the software has an adversarial relationship with
you, it can then use that information in a way that you don't like.
We would be better off in some regards if operating systems let us
hide local uniqueness from software so that the software couldn't tell
what machine it was running on, or set fake values for these unique
identifiers.
Some proprietary software including Microsoft Windows already makes
a sophisticated profile of the local machine, including many kinds of
observations, to tie a copy of the software (or an "activation") to a
particular device (!).
The only substantive difference with the TPM uniqueness is that the TPM
uniqueness lets you prove (like a smartcard) to a remote system that
you're running some software on the same machine as before. Even if
the OS did let you set fake values when software tried to examine the
system it was running on, the remote system could see that the
TPM-related values were fake. That's useful for some applications,
including but not limited to DRM-like ones.
I've argued that this is bad in some ways, but at least you can still
turn off the TPM. Then your system can't attempt to offer that kind
of proof. As far as I know, turning off the TPM is pretty robust:
it really is turned off.
All of these things are anonymity problems in particular when some
software on your computer is actively _trying_ to tell someone else
what machine you're running on, either because it's programmed to do
so or because someone has broken into your computer and installed
spyware and is trying to use it to monitor you. If you're not in
that situation, there is nothing especially magical about having
unique hardware IDs in your machine, because everyone's machine has
some uniqueness, and (for the most part) that uniqueness isn't part
of standard network protocols like TCP/IP and doesn't automatically
leak out to anyone and everyone you communicate with over the
Internet. (There is a possible exception about clock skew, which you
can read about in Steven Murdoch's paper from 2006.)
Similarly, having a GPS receiver in your phone does not mean that
everyone you send an SMS to or everyone you call will learn your
exact physical location. However, it does mean that if there's
spyware on your phone, that spyware is able to use the GPS to learn
your location and leak it. If you're worried about spyware threats
on your phone, which can be quite a realistic concern, the GPS
itself isn't necessarily the unique core of the threat, because
there are also lots of other things in the phone that can be read to
help physically locate you (like wifi base station MAC addresses,
taking photographs of your surroundings with the phone's camera,
recording the identities and signal strengths of the GSM base
stations your phone sees...). So a more fundamental question might
be whether your phone operating system is able to either prevent
you from getting malware or prevent the malware from accessing the
sensors on your phone.
In the case of a desktop PC, the hardware uniqueness is _there to
be read by software_, and if it's in a TPM it _may be able to give
the software remotely verifiable cryptographic proof that the
software is really running on the machine containing that particular
TPM_. In neither case does the hardware uniqueness directly
broadcast itself to other machines, and in neither case does the
hardware uniqueness prevent the operating system from preventing
other software from reading it.
If you do have some kind of software running on your machine that's
trying to track you or trying to help other people track you,
hardware uniqueness is one thing that the software might look at.
But if you're a Tor user, a more basic thing for the software to
try to do is make network connections to leak your real IP address
in order to associate your Tor-based network activity with your
non-Tor-based network activity. That might be even easier because
the tracking software could just try to make a direct network
connection.
If you're not using Tor, at least not at a particular moment, but
are still concerned about tracking, there's another problem, which
is that all existing browsers _already_ reveal a great deal of
software-based uniqueness to any interested web site, usually enough
to make your browser unique. See
https://panopticlick.eff.org/browser-uniqueness.pdf
This is important because it doesn't require there to be any
malicious software on your computer, just a traditional web browser.
One of the defenses people have talked about against hardware
fingerprinting is running inside a virtual machine. Normally,
software inside the virtual machine, even if it's malicious,
doesn't learn much about the physical machine that hosts the VM.
If you always use Tor inside a VM, then even if there's a bug
that lets someone take over your computer (or if they trick you
into installing spyware), the malicious software won't be able
to read much real uniqueness from the host hardware, unless
there's also a bug in the VM software.
Running in a VM isn't exactly a defense against software
fingerprinting (like browser fingerprinting) if you use the VM
for various non-Tor activities that you don't want to be linked
to one another, because the software configuration inside the VM
might be, or become, sufficiently different from others that it
can be recognized. There's probably more research to be done
about the conditions under which VMs can be uniquely identified
both "from the inside" by malware, and remotely by remote
software fingerprinting, absent VM bugs that give unintended
access to the host.
--
Seth Schoen <schoen(a)eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107
_______________________________________________
tor-talk mailing list
tor-talk(a)lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
[IP] When police ask your name, you must give it, Supreme Court says
by daveï¼ farber.net 06 Jul '18
by daveï¼ farber.net 06 Jul '18
06 Jul '18
___
Dave Farber +1 412 726 9889
...... Forwarded Message .......
From: Kurt Albershardt <kurt(a)nv.net>
To: dave(a)farber.net
Date: Mon, 21 Jun 2004 16:44:00 -0700
Subj: When police ask your name, you must give it, Supreme Court says
By GINA HOLLAND, Associated Press Writer
WASHINGTON - A sharply divided Supreme Court ruled Monday that people who
refuse to give their names to police can be arrested, even if they've done
nothing wrong.
The court previously had said police may briefly detain people they suspect
of wrongdoing, without any proof. But until now, the justices had never held
that during those encounters a person must reveal their identity.
The court's 5-4 decision upholds laws in at least 21 states giving police
the right to ask people their name and jail those who don't cooperate. Law
enforcement officials say identification requests are a routine part of
detective work.
Privacy advocates say the decision gives police too much power. Once
officers have a name, they can use computer databases to learn all kinds of
personal information about the person.
The loser in Monday's decision was Nevada cattle rancher Larry "Dudley"
Hiibel, who was arrested and convicted of a misdemeanor after he told a
deputy that he didn't have to give out his name or show an ID.
The encounter happened after someone called police to report arguing between
Hiibel and his daughter in a truck parked along a road. An officer asked him
11 times for his identification or his name.
Hiibel repeatedly refused, at one point saying, "If you've got something,
take me to jail" and "I don't want to talk. I've done nothing. I've broken
no laws."
In fighting the arrest, Hiibel became an unlikely constitutional privacy
rights crusader. He wore a cowboy hat, boots and a bolo tie to the court
this year when justices heard arguments in his appeal.
"A Nevada cowboy courageously fought for his right to be left alone, but
lost," said his attorney, Harriet Cummings.
The court ruled that forcing someone to give police their name does not
violate their Fourth Amendment protection from unreasonable searches. The
court also said name requests do not violate the Fifth Amendment right
against self-incrimination, except in rare cases.
"One's identity is, by definition, unique; yet it is, in another sense, a
universal characteristic. Answering a request to disclose a name is likely
to be so insignificant in the scheme of things as to be incriminating only
in unusual circumstances," Justice Anthony M. Kennedy wrote for the
majority.
"A name can provide the key to a broad array of information about the
person, particularly in the hands of a police officer with access to a range
of law enforcement databases," he wrote in a dissent. Justices David H.
Souter, Ruth Bader Ginsburg (news - web sites) and Stephen Breyer (news -
web sites) also disagreed with the ruling.
Crime-fighting and justice groups had argued that a ruling the other way
would have protected terrorists and encouraged people to refuse to cooperate
with police.
"The constant danger of renewed terrorist activity places enormous pressure
on law enforcement to identify suspected terrorists before they strike,"
said Charles Hobson, an attorney with the Sacramento-based Criminal Justice
Legal Foundation.
But Tim Lynch, an attorney with the libertarian-oriented think tank Cato
Institute, said the court "ruled that the government can turn a person's
silence into a criminal offense."
"Ordinary Americans will be hopelessly confused about when they can assert
their right to remain silent without being jailed like Mr. Hiibel," said
Lynch, who expects the ruling will lead more cities and states, and possibly
Congress, to consider laws like the one in Nevada.
Justices had been told that at least 20 states have similar laws to the
Nevada statute: Alabama, Arkansas, California, Colorado, Delaware, Florida,
Georgia, Illinois, Kansas, Louisiana, Massachusetts, Montana, Nebraska, New
Hampshire, New Mexico, New York, North Dakota, Rhode Island, Utah, Vermont,
and Wisconsin.
The ruling was a follow up to a 1968 decision that said police may briefly
detain someone on reasonable suspicion of wrongdoing, without the stronger
standard of probable cause, to get more information. Justices said that
during such brief detentions, known as Terry stops after the 1968 ruling,
people must answer questions about their identities.
Marc Rotenberg, head of the Electronic Privacy Information Center, said
America is different 36 years after the Terry decision. "In a modern era,
when the police get your identification, they are getting an extraordinary
look at your private life."
The case is Hiibel v. Sixth Judicial District Court of the state of Nevada,
03-5554.
-------------------------------------
You are subscribed as eugen(a)leitl.org
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
[demime 1.01d removed an attachment of type application/pgp-signature]
1
0
06 Jul '18
I have 2 items of note for this list.
1. The web site is updated with program and the times.
http://www.iacr.org/conferences/crypto2004/rump.html
2. I was typing fast, and mistyped my title. I am General Chair this
year, not 2002 as was stated.
Enjoy.
On Aug 17, 2004, at 1:39 PM, james hughes wrote:
> Yes, my mistake. the link has an 'o' at the end.
>
> mms://128.111.55.99/crypto
>
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0