Brindle

While T-Mobile has certainly done some good things for the wireless industry, the company's ongoing tone deafness on net neutrality isn't doing the carrier any favors. T-Mobile fought against real net neutrality rules, then, once passed anyway, got right to work trying to find creative ways around the rules using zero rating (exempting only some content from usage caps). When net neutrality advocates and scholars repeatedly pointed out T-Mobile was violating net neutrality and being a bit hypocritical ("we're edgy and love consumers but not real net neutrality!"), the company dug a deeper hole by attacking groups like the EFF.

Last week T-Mobile upped the ante with new plans that promise "unlimited" data, but are not only more expensive, they throttle tethering, throttle overall consumption at 26 GB, and throttle all video to 1.5 Mbps or 480p. Users who want HD video to actually work correctly can apparently pony up $25 more per month. Emboldened by T-Mobile and a (so far) apathetic FCC, Sprint revealed similar "unlimited" data plans of its own, which throttle all video, games and music to 1.5 Mbps, 2 Mbps, and 500 kbps respectively, unless you pony up another $25 per month.

Groups like the EFF were quick to point out that installing ISPs as middlemen who get to determine how well your services work based on how much you pay in a marginally-competitive broadband market sets a horrible precedent. If regulators allow T-Mobile to charge more money for HD video to work, what stops Comcast from charging you more if you want 4K Netflix streams to work? Or AT&T deciding it can charge you more if you want your Steam games to download at full bitrate? This is a door that, once opened, won't be easily closed. And once this practice is a standard, it will be abused.

T-Mobile, for whatever it's worth, continues to be annoyingly tone deaf about the slippery slope it's dragging the entire industry toward. However bad zero rating was, the act of throttling entire classes of traffic unless you pay your ISP more money is notably worse. Highlighting how video conferencing isn't throttled but YouTube is, The Verge tried to get T-Mobile to define "video" and "data" but came away stymied:

"I asked T-Mobile for the company’s definition of "data" and a spokesperson said "that’s not something I could give you," but suggested that the company was on "the right side of history," and that the goal was to make "unlimited sustainable for the mass market." That’s an admirable goal! But let’s not dance around the fundamentals of the situation. Net neutrality is the law of the land, and T-Mobile has aggressively pushed the boundaries of net neutrality by manipulating the traffic on its network."

But again, violating net neutrality principles isn't the same as violating net neutrality rules, and the FCC's rules were carved out with numerous exeptions that allow all manner of throttling -- provided ISPs claim it's for the health of the network. That's why T-Mobile frames this as a matter of "sustainability," even though it's really about adhering to basic dictionary definitions and not selling an "unlimited" service if you're not actually willing to offer it. For a company that markets itself as a pro-consumer alternative to traditional wireless carriers, T-Mobile seems increasingly hell bent on continuing some of the industry's worst habits.

Permalink | Comments | Email This Story

Chainfire is back at it again with his development chops. The man is creating a new app that serves one simple purpose: to allow root detection apps to run. The problem is even he isn't convinced that it's possibe to keep up down the line.

The ongoing saga that is the monkey selfie lawsuit has continued to move forward, with the lawyers for photographer David Slater filing their brief in response to PETA's. As you probably recall, PETA had teamed up with a primatologist named Antje Engelhardt claiming to be "next friends" for the Indonesian macaque monkey named Naruto, who is alleged to have taken the following selfie with David Slater's camera. Slater has claimed to hold the copyright on the photo for a long time, though he's wrong. But PETA is much more wrong in arguing that it can step in and claim both (a) that there is a copyright on the image and (b) that the monkey holds it. Slater is just wrong about the copyright existing.

Either way, the PETA case was easily tossed out of the district court based on the fact that monkeys can't get copyrights under US law (US laws don't apply to animals unless specifically stated -- this is why farms aren't legally considered murder camps, no matter what some vegetarians might say). And, of course, PETA appealed. And we expect it will go about as well as the district court case. But it may go even worse.

That's because in the reply, Slater's lawyer points out that not only can a monkey not hold a copyright, but also that PETA has even less standing than before, because the primatologist, Antje Engelhardt, has decided she's no longer a next friend of our buddy Naruto, the smiling monkey.

On appeal, the crazy got crazier. Dr. Engelhardt withdrew from the case. That leaves PETA, which does not allege any relationship with the monkey, as the monkey’s sole next friend.

[....]

Two putative next friends filed this action: PETA and Dr. Engelhardt, a primatologist who alleged that she has “known, monitored, and studied Naruto since his birth.” ER 23. It may well be that the relationship with Naruto Dr. Engelhardt alleged is “significant” under Coalition of Clergy v. Bush. However, Dr. Engelhardt moved to withdraw from the case, informing the Court that she “will not continue as a next friend to Appellant in this proceeding.” This Court granted Dr. Engelhardt’s motion, thus leaving PETA as Naruto’s lone putative next friend.

This is a fairly big problem for PETA and its big time (seriously) lawyers from the (previously respectable) law firm of Irell & Manella.

Unlike Dr. Engelhardt, PETA did not allege any relationship with Naruto, much less a significant one. That is a problem on appeal. PETA is now in a position very much like the ballot initiative defenders in Hollingsworth v. Perry, 133 S. Ct. 2652 (2013): a party necessary for standing at the district court is not participating in the appeal. “[S]tanding must be met by persons seeking appellate review, just as it must be met by persons appearing in courts of first instance.” Id. at 2661 (internal quotation marks and citation omitted).

All of the Naruto relationship allegations in the Complaint concern Dr. Engelhardt; none involve PETA.... PETA alleges no connection to Naruto, an Indonesian monkey who lives roughly 10,000 miles from PETA’s headquarters in Virginia.

In other words, even if Engelhardt had standing, PETA doesn't.

The filing also contains its fair share of monkey jokes, so we'll just end this post with a few of those:

Under controlling Ninth Circuit precedent, monkey see, monkey sue is not good law under any Act of Congress unless the legislative text plainly grants non-human animals standing to sue.

[....]

The only pertinent fact in this case is that Naruto is a monkey suing for copyright infringement.

Either way, one hopes that the court makes quick work of this case as well, but it is 9th Circuit, which perhaps deserves copyright on its... creative interpretations of copyright law at times. Hopefully this isn't one of those cases.

Permalink | Comments | Email This Story

The Kim Dotcom extradition appeal is now under way, with the first question being whether or not the courtroom drama could be livestreamed on the internet for a global public to watch. The request was originally made by Kim Dotcom and his lawyers, but the lawyers for the US government opposed... because... well, just because.

"US defends mass surveillance programs with 'If you have nothing to hide, you have nothing to fear' but opposes live streaming of my hearing," Dotcom, who attended some of the hearing, said on Twitter.

Honestly, it's not at all clear why the government lawyers are opposing this other than to just oppose stuff and be generally obstructionist. However, it doesn't appear to have worked. A little while ago, Dotcom's lawyer Ira Rothken announced that the court had agreed to allow live streaming: And Kim Dotcom himself tweeted that it would begin tomorrow, once a cameraman was set up: This should be an interesting hearing to watch no matter what. If you want a preview of some of the points, check out our podcast interview with Dotcom's lawyer, Ira Rothken from last week.

Permalink | Comments | Email This Story

Background

By:Simone Margaritelli
Follow Simone Margaritelli (@evilsocket)        Zimperium zLabs
Follow Zimperium zLabs (@zLabsProeject)

During the last weeks we’ve been investigating multiple aspects of GSM security such as protocol vulnerabilities as well as source auditing the world’s most common open source software products that run GSM networks. In this post we’ll share the details about multiple vulnerabilities in such software which allow an attacker to compromise a BTS station, crash it, or takeover its transceiver module remotely.

A BTS (base transceiver station) is composed of software and radio equipment that allows mobile stations (cellular phones) to connect to the GSM, UMTS, and LTE networks. They are the equivalent of wireless access points for Wi-Fi networks and handle the “Um”[1] layer/interface as shown in Figure 1.

Figure 1: A mobile station connecting to a BTS ( GNURadio OpenBTS documentation ).

The lower level software behind any BTS is the transceiver, which is the direct interface to the radio hardware. It is responsible for frequency tuning and handling GMSK (Gaussian Minimum Shift Keying) data modulation/demodulation. In short, it digitizes the radio waves. All the communication and synchronization with the rest of the logical units of the BTS is handled through three UDP sockets as shown in Figure 2.

Figure 2: The transceiver module and the three UDP sockets used to communicate with the rest of the BTS.

The clock socket is used for timing synchronization. The command socket is used by the BTS to send commands to the transceiver module. Finally, the data socket is used to transmit GSM “bursts” (data packets) from the BTS to the radio and receive responses back.

The UDPSocket class is used by the transceiver to handle all the three channels in Figure 2.

Our research shows that all of the most commonly available BTS software shares the same (or a very similar) transceiver code base. Thus, all of them are affected by the same vulnerabilities. The following reports are valid for all products listed below.

Such vulnerabilities would allow a malicious party to remotely control the transceiver module, thus compromising the BTS functionalities, impersonating a parallel BTS communicating with it.

Moreover, it is possible for the attacker to send GSM data bursts to the transceiver itself and perform a wide range of attacks such as IMSI detaching, encryption downgrading, denial of service, etc against mobile subscribers.

In order to be accepted by the transceiver module, UDP packets sent to the data channel socket must respect the following format:

Once the transceiver receives these packets it will decode and modulate them using GMSK (Gaussian Minimum Shift Keying). Eventually, the bursts will be transmitted to the connected mobile stations accordingly to their contents.

Even if the following products are GSM and UMTS only, the transceiver (which is a standalone component) itself is universal. Chances are that other (proprietary) BTS software uses the very same code base in order to serve LTE connectivity as well.

Affected Products

• YateBTS <= 5.0.0
• OpenBTS <= 4.0.0
• OpenBTS-UMTS <= 1.0.0
• Osmo-TRX/Osmo-BTS <= 0.1.10
• Other products that share the same transceiver code base.

Vendors

• Legba Incorporated (YateBTS)
• Range Networks (OpenBTS and OpenBTS-UMTS)
• OsmoCOM (Osmo-TRX and Osmo-BTS)

Issue 1: Overly Exposed Service Binding

Summary

There’s a bug in the network library of the aforementioned products which makes the transceiver UDP sockets bind to INADDR_ANY instead of the user configured value (127.0.0.1 by default). This allows any attacker with IP connectivity to the BTS system to receive and send packets from/to the transceiver. Moreover, access to the services exposed on these UDP network sockets is not protected by any authentication mechanism whatsoever.

Figure 3: The three transceiver sockets bound to 0.0.0.0

Impact

An attacker with IP connectivity could send UDP traffic to exercise any functionality provided. This could allow remote control takeover, GSM traffic hijacking, various information disclosure, DoS, or worse.

Details

The root cause of this vulnerability (and the reason why the following vulnerabilities can be reached remotely) can be found in the UDPSocket constructor and the UDPSocket::open method in the source file CommonLibs/Sockets.cpp. This source file is present in all affected products. The following excerpt shows the vulnerable code.

256 UDPSocket::UDPSocket(unsigned short wSrcPort,
 257 const char * wDestIP, unsigned short wDestPort )
 258 :DatagramSocket()
 259 {
 260 open(wSrcPort);
 261 destination(wDestPort, wDestIP);
 262 }
 ...
 266 void UDPSocket::destination( unsigned short wDestPort, const char * wDestIP )
 267 {
 268 resolveAddress((sockaddr_in*)mDestination, wDestIP, wDestPort );
 269 }

In the above snippet we can see that the desired bind address is saved into the mDestination class member variable, but here’s how the UDPSocket::open method is implemented:

271 address.sin_family = AF_INET;
 272 address.sin_addr.s_addr = INADDR_ANY;
 273 address.sin_port = htons(localPort);
 274 if (bind(mSocketFD,(struct sockaddr*)&address,length)<0) {

Despite the fact that the UDPSocket class provides a constructor argument to specify the address to which to bind the server, this information is ignored. As show on line 272, the socket is bound to INADDR_ANY instead of using the mDestination address variable.

Issue 2: Remote Stack-Based Buffer Overflow

Summary

An attacker can overflow a stack buffer by sending an oversized UDP packet to the control channel.

Impact

An attacker may be able to achieve remote code execution (RCE) or cause a denial of service (DoS) condition.

Details

The control channel is handled by the Transceiver::driveControl method in the Transceiver.cpp source file. The first lines follow.

694 void Transceiver::driveControl(size_t chan)
695 {
696   int MAX_PACKET_LENGTH = 100;
697   
698   // check control socket
699   char buffer[MAX_PACKET_LENGTH];
700   int msgLen = -1;
701   buffer[0] = '\0';
702    
703   msgLen = mCtrlSockets[chan]->read(buffer);

Note that the packet buffer, which resides on the method’s stack, is defined to be 100 bytes (from MAX_PACKET_LENGTH).

If we analyze the DatagramSocket::read method (the DatagramSocket class is the parent class of UDPSocket) declared in the Sockets.cpp source file, we see the following.

194 int DatagramSocket::read(char* buffer)
195 {
196   socklen_t temp_len = sizeof(mSource);
197   int length = recvfrom(mSocketFD, (void*)buffer, MAX_UDP_LENGTH, 0,

Here we see that MAX_UDP_LENGTH bytes are read instead of MAX_PACKET_LENGTH. This value is defined in the Sockets.h file as follows.

#define MAX_UDP_LENGTH 1500 /* (or 8000 for OpenBTS-UMTS) */

Therefore, it’s possible to cause a stack overflow in the transceiver process simply by sending a UDP packet larger than 100 bytes. Figure 4 shows the result of a debugging session when this occurs.

Figure 4: Segmentation fault caused by a large UDP packet.

Mitigation

1. RCE can be mitigated when the appropriate flags are applied in compile time. History shows that these mitigations can be bypassed given the right vulnerability or chain of vulnerabilities (e.g. with an infoleak). Furthermore, since this software is compiled by various parties, it is likely that some of these builds do not contain sufficient mitigations (ASLR, Stack canaries, etc).
2. If there is no impact or usage of the transceiver interface, we advise blocking this port from external connections on the firewall.

Issue 3: Remote Unauthenticated Control

Summary

The control channel does not implement any type of authentication. Since it is exposed to the outer network due to Issue 1, this fact can be used by any malicious party to control the transceiver module remotely.

Impact

An attacker could…

• …deny service by turning the module off.
• …jam frequencies by tuning the TX radio to the wrong frequency.
• …hijack BTS identity remotely using the SETBSIC command to change the BTS identity to another one.

Details

The control channel implements a simple text over UDP protocol handled by the Transceiver::driveControl method in the Transceiver.cpp source file. Some of the features this protocol exposes include (remember, there is no authentication):

• Turning the TRX module on or off: CMD POWERON / CMD POWEROFF
• Tuning the TRX to other frequencies: CMD RXTUNE frequency / CMD TXTUNE frequency
• Setting the GSM cell identity: CMD SETBSIC value

An attacker can execute such commands (and others) by simply sending UDP packets to port 5701 of the server. The full protocol specification can be found inside the TRXManager/README.TRXManager file.

Conclusions, Additional Mitigations & Recommendations:

We’ve demonstrated how the complete lack of any form of authentication and code bugs make the aforementioned BTS products vulnerable to a wide range of attack.

We highly recommend vendors to apply the following mitigations in order to make their products safer:

1. Update your BTS software when a patch is available.
2. Bind the sockets used for control and data exchange only to the local interface (127.0.0.1).
3. Firewall: Block traffic coming from external networks to ports 5701 ( control port ) and 5702 ( data port), or other ports as used by your BTS software.
4. Be sure to apply compile time mitigations (ASLR + DEP)
5. Implement an authentication system for such channels to deny an unprivileged attacker logged on the same machine, or on the same network, from communicating with BTS control ports.
6. Fix buffer handling by using correct sizes.
7. Perform additional code audits.

For security and mobility professionals concerned about implications of similar attacks to corporate or BYOD devices, consider leveraging a Mobile Threat Prevention solution such as Zimperium zIPS to detect active manipulation by an unauthorized third party.

Disclosure Timeline

• 26 April 2016: Initial disclosure email sent to vendors.
• 29 April 2016: Contact from OsmoBB
• 30 April 2016 : OsmoBB: follow up
• 06 May 2016: Initial notification to Zimperium Handset Alliance (ZHA).
• 06 May 2016: OpenBTS: bugs fixed [1] [2]
• 07 June 2016: Follow up with vendors
• 07 June 2016: OsmoBB: bug fixed
• 06 July 2016: Release to ZHA partners
• 06 July 2016: OpenBTS: Reverted overflow fix (!!) [3]
• 13 July 2016: OpenBTS: Reverted bind fix (!!) [4]
• 10 August 2016 : Commented on both “Why are you deliberately reintroducing severe security issues in your software?” (OpenBTS)
• 15 August 2016: OpenBTS – Follow up, no response
• 23 August 2016: Public Disclosure

Over the last few weeks there's been plenty of controversy over plans on the Côte d’Azur in the south of France to ban burkinis -- a kind of full body bathing suit favored by some Muslim women. As the Guardian pointed out recently, the whole thing seems like a "bizarre inversion" of Muslim countries where making sure women are covered is enforced:

The burkini row may seem banal, and to some a surreal inversion of laws in Islamic countries, but it has become yet another flame in the murderous tinderbox of Islamism in France, invoking issues of control over the body, religious freedom, racism, provocation, terrorism, Islam and Islamophobia, republicanism and what the French call laïcité. Lïïcité is the hardest for people outside France to understand: our words “laity” and “secularism” fail to express the depth of allergy to all things theocratic, which is endemic to French societal fabric since the revolution.

Others are pointing out the absurdities when compared to what's allowed. I've seen several versions of this, but this one is my favorite: Either way, the story blew up again last night as the Daily Mail reported on actual instances of women on a beach in Nice being forced to remove clothing and pay fines. While the Daily Mail is not particularly trustworthy on news, a number of other publications have now confirmed the story as well, and pictures are floating around on social media of police forcing women to remove clothing, including one where it's pretty clearly not a burkini at all, but just a large shirt or muumuu of some sort. This seems pretty ridiculous on all sorts of levels, but never think things are so ridiculous that some politicians can't make them worse. Guillaume Champeau from the excellent French site Numerama alerts me to the news that the deputy mayor of Nice, Christian Estrosi is threatening to sue those who share these images over social media. Yup, France, a country that claims to pride itself on freedom is not just telling women that they can't cover themselves up too much on the beach, but that it's also illegal to report on the police following through on that. Here's is the awkward Google translation of the French report:

Christian Estrosi ... has published a press release by the city of Nice, to announce that he would file a complaint against those who would broadcast pictures of municipal police verbalize women guilty of exercising what they believed to be their freedom to dress from head to feet on the beaches.

" Photos showing municipal police of Nice in the exercise of their functions have been circulating this morning on social networks and raise defamation and threats against these agents ," the statement said.

Wait. Showing accurate photos creates defamation against the police? How's that work? Estrosi apparently says that legal actions have already been filed, though Numerama was unable to confirm any legal actions as yet. The article also notes that despite Estrosi implying otherwise, police do not have any sort of special protections that say they cannot be photographed while in public.

Either way, it's not clear what this kind of move will accomplish other than making France appear intolerant and petty towards all sorts of freedoms, including religious freedoms and freedom of speech.

Permalink | Comments | Email This Story

A former Defense Intelligence Agency officer has taken to LinkedIn to point out to all of us griping about the broken Vulnerability Equities Process -- exposed by hackers holding NSA zero-days -- have it all wrong. Michael Tanji says the NSA isn't here to protect developers from malicious attacks. It never was and it's never going to be.

Intelligence agencies exist to gather information, analyze it, and deliver their findings to policymakers so that they can make decisions about how to deal with threats to the nation. Period. You can, and agencies often do, dress this up and expand on it in order to motivate the workforce, or more likely grab more money and authority, but when it comes down to it, stealing and making sense of other people’s information is the job. Doing code reviews and QA for Cisco is not the mission.

Suck it up, Cisco. That gaping hole uncovered by the Shadow Brokers was discovered at least three years ago by the NSA and if it chose not to tell you about it, it had its reasons. Namely: national security.

The Obama administration made sympathetic noises in the wake of the Snowden leaks, suggesting the NSA err on the side of disclosure. It simultaneously gave the agency no reason to ever do that by appending "unless national security, etc." to the statement.

But part of the phrase "national security" is the word "security." (And the other part -- "national" -- suggests this directive also covers protecting US companies from attacks, not just the more amorphous "American public.") Allowing tech companies who provide network security software and hardware to other prime hacking targets to remain unaware of security holes doesn't exactly serve the nation or its security. So, while Tanji may claim the NSA isn't in the QA business, it sort of is. The thing is the NSA prefers to exploit QA issues, rather than give affected developers a chance to patch them.

And if an NSA operative left behind a bag of tech tools in a compromised server, it really doesn't do much for the argument that the government can be trusted with encryption backdoors -- the sort of thing FBI Director James Comey is still hoping will materialize as a result of his never ending "going dark" sales pitch. Julian Sanchez, writing for Cato, points out the NSA's mistake should lead to some pretty severe trust issues.

This hack also ought to give pause to anyone swayed by the government’s assurances that we can mandate government backdoors in encryption software and services, allowing the “good guys” (law enforcement and intelligence agencies) to access the communications of criminals and terrorists without compromising the security of millions of innocent users. If even the NSA’s most closely guarded hacking tools cannot be secured, why would any reasonable person believe that keys to cryptographic backdoors could be adequately protected by far less sophisticated law enforcement agencies? The Equation Group hack is a disturbingly concrete demonstration of what network security experts have been saying all along: Once you create a backdoor, there is no realistic way to guarantee that only the good guys will be able to walk through it.

So, that's one huge problem with both the hoarding of exploits and the NSA's refusal to actually participate in the Vulnerability Equities Process. The definition the NSA has chosen for "national security" doesn't mesh with statements made by its cybersecurity overseers.

Back in 2014, federal cybersecurity coordinator Michael Daniel insisted in a post on the White House blog that the process is strongly weighted in favor of disclosure. The government, he assured the public, understands that “[b]uilding up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest.”

Maybe things have changed in the past couple of years, but they haven't changed as much as Michael Tanji claims. He states that the NSA is no longer charged with playing cyber-defense.

The one element in the intelligence community that was charged with supporting defense is no more. I didn’t like it then, and it seems pretty damn foolish now, but there you are, all in the name of “agility.” NSA’s IAD had the potential to do the things that all the security and privacy pundits imagine should be done for the private sector, but their job was still keeping Uncle Sam secure, not Wal-Mart.

That's simply not true. The NSA may secretly wish it had been completely rerouted to "attack" mode. That would more easily justify the hoarding of vulnerabilities and its ongoing refusal to hand over info to affected developers. But it's still supposed to be playing defense -- which means it has an obligation to both the American public who use software/hardware the NSA would rather see left unpatched, as well as the developers it's purposefully leaving open to malicious attacks.

The NSA has decided the best way to handle these competing directives is to muddy the waters by making them inseparable.

Because computers are now the easiest way to spy on people, and because everyone — even U.S. adversaries — uses the same Internet, there has long been what officials like to call a "healthy" or "creative" tension between the foreign espionage mission and the information assurance mission of the NSA.

Crudely put, the IA's cyber mission is to find security holes in Internet infrastructure and common software and patch them; the signals intelligence mission is to find the same holes and keep them open as long as possible so they can be used to spy on foreigners.

When the two directorates merge, some fear that the much larger and better funded signals intelligence mission will simply absorb the IA mission.

As it stands now, the offensive side of the NSA's cybersquad is roughly twice the size of its defensive team -- which clearly indicates which end of the equation the NSA believes is more important to its national security mission.

The NSA's actions in regards to the Vulnerability Equities Process shows it believes some forms of national security are more equal than others. It's far more interested in ensuring its collections continue to be fed than it is with patching security holes -- holes it has often created -- that affect millions of US citizens and dozens of hacker-tempting firms.

It also shows the government is not to be trusted when it demands "good guy only" access. It can't protect the backdoors it's already created and it has only the slightest interest in protecting the nation from the bad guys that will inevitably find its secret entrances.

Permalink | Comments | Email This Story

The Disruptive Competition Project is detailing yet another bad copyright law change in Europe -- France, in particular, this time. Called the Freedom of Creation Act, it actually passed a few months ago, but people are just beginning to understand and comprehend the full horror of what's happening. Basically, it will now require any site that indexes images on the internet (i.e., any image search engine) to pay royalties for each image to a collection society.

How would this work? When an image is published online, the reproduction right and the right of communication to the public of this image shall be transferred to one or more collecting societies appointed by the French government. Online communication services “reproducing and communicating to the public images for search and indexing purposes” shall have to obtain a license from those collecting societies to index images legally. The license fee will either be based on the revenue accruing from the exploitation of the service or be a lump sum fee.

Of course, this makes no sense. In the US, thankfully, multiple cases on things like Google Images have found that indexing the images and showing thumbnails is clearly fair use. But that's not how it's going to work in France.

This seems particularly pointless on any number of levels. First, image search engines aren't "publishing" any works, they're just indexing what's already online and showing people where those images are. Second, if people creating works don't want them indexed they can just use robots.txt. And, yes, someone else might post those images elsewhere, but that's no reason to blame and charge a search engine. But the bigger issue, honestly, is that it's hard to see how this sort of system actually helps content creators at all. Does anyone honestly believe that the money this collection society collects will go to the people who created the indexed images? Remember, copyright collection societies have a very long and very detailed history of abuse and corruption. They collect lots of money, but they're not so great about paying it back out. And, as the Disruptive Competition Project points out, this is particularly problematic in this case, where both jurisdictional questions and just basic logistics make it almost impossible for the collection society to accurately distribute funds:

Moreover, the territorial scope of this measure is unclear. Are the rights of reproduction and communication to the public transferred to a collecting society when an image is published on a French website or on any website? Is the measure based on the nationality of the works? In practice, this measure may claim ownership of the billions of pictures uploaded everyday globally – even though the huge majority of those pictures are published today for personal use by the close-to-3-billion smartphones’ owners, not expecting any revenue. It is also worth noting that a sizable number of those pictures is published under a Creative Commons license that usually refuse remuneration in return, for example, for attribution. Therefore, this measure would override the choice made by users publishing under such a license – and more generally, would deprive rightsholders of the choice between licensing their pictures or not.

Even worse, there is no realistic way for collecting societies to redistribute the revenues from the license fees accurately and fairly to billions of rightsholders all over the world. The relevant collecting societies won’t attempt to contact all French rightsholders (when close to 70% of French citizens above 15 years old have a smartphone!), let alone all global rightsholders. In practice, the money will be split between the relevant collecting societies and the few rightsholders affiliated to those societies, who – as we say in France – won the “Jackpot”.

It will be worth following to see how this plays out. If France does follow through and a collection society actually goes after Google, it does make me wonder if Google might pull out the nuclear option yet again and shut down Google Images in France as it did with Google News in Spain, when the Spanish government passed a similar tax on news aggregation.

Once again, like so many of these laws, this seems to not be so much about copyright as it is about taxing Google.

Permalink | Comments | Email This Story

Ahmed Mansoor is an internationally recognized human rights defender, based in the United Arab Emirates (UAE), and recipient of the Martin Ennals Award (sometimes referred to as a “Nobel Prize for human rights”). On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management. The ensuing investigation, a collaboration between researchers from Citizen Lab and from Lookout Security, determined that the links led to a chain of zero-day exploits (“zero-days”) that would have remotely jailbroken Mansoor’s stock iPhone 6 and installed sophisticated spyware. We are calling this exploit chain Trident. Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.

Facebook is, primarily, an advertising business. It doesn’t just want you to grudgingly put up with its ads, and it certainly doesn’t want you to block them. No, it wants you to love its ads, to embrace its ads, and to beg to be targeted to selectively.

Ads have been a particularly touchy subject for Facebook in recent weeks. First, the company reworked its code to circumvent ad-blockers, couching it to users as an educational move. Because they give you tools to manage your experience (within their boundaries), Facebook said, you wouldn’t need your pesky little ad-blocker anymore!

Ad-blocking companies responded swiftly and predictably: within 48 hours, they announced a work-around and had it up and ready for users to implement. And so the arms race continues.

Of course, the game of cat-and-mouse coding can (and probably will) continue infinitely. So the biggest tool in Facebook’s toolbox is this: to make you not want to block their ads at all. And to that end, they’re continuing their campaign of relentlessly optimistic education, to teach 1.7 billion people how great it is to be selectively advertised to.

Facebook’s new, updated ad education portal basically gives users a high-level rundown of the data points that Facebook assembles and then sells to advertisers in order to make you a target. These include things you do on Facebook, like…

• Pages you like
• Pages your friends like
• Information from your profile (age, affiliations)
• Places you check in
• Places your friends check you in

Facebook, however, also has a huge, robust network of ways it cam track you across the web and on your phone. So it can also make judgements about you based on, for example:

• Pages you’ve viewed on any device
• Other apps you’ve got on your phone
• Places your devices have been online
• Purchases you’ve made online
• Purchases you’ve made offline
• Information about you from loyalty/rewards programs

The full list of data points Facebook can assemble, across the entire internet and every device you use on it is, frankly, huge. The Washington Post threw together a list of 98 such points, which is far from comprehensive but begins to give you the idea.

You can view your own ad preferences to see what it is Facebook thinks will interest you, and you can clear them out as often as you want. (Like Prometheus‘s liver, they will regenerate based on your continuing activity online and off.)

As you view them, Facebook will tell you why it thinks they interest you. Some will be on target: That yours truly should appear to have an interest in “Consumerist” based on internet activity is, well, to be expected. Likewise for “history,” which is in my profile as my undergraduate major.

Others, not so much, as we’ve seen amongst ourselves and from readers. Perhaps you are one of the 56 million people apparently interested in “Delaware’s At-Large Congressional District”? (Delaware, overall, has just under one million residents.)

Likewise, when you see an ad on Facebook, you can click the little X in the upper right-hand corner to see how you were chosen for that ad. Some of these are, again, more targeted and more informative than others. For example, on my work computer this morning Facebook showed me ads for AT&T small business services, and said about it:

You can also choose, on an individual basis, to opt out of certain business affiliations and displayed ads.

However, realistically, there is almost nothing you can do to opt out of being part of Facebook’s ad machine. Everything you block is only a thing you no longer see, not a thing you no longer get tracked by. Even if you do not have a Facebook account and do not use the app or website on any device, they’re still using their tracking tech on you online.

Unless you live off the grid in a cave and use only cash, you are part of this network. And that’s why, although Facebook would really prefer you embrace that fact, it doesn’t even matter to them that much if you don’t. They’re already there.

When the only thing standing between law enforcement and a suspect they're seeking is a person's home, well… the home's got to go.

As seen previously here at Techdirt, police officers pretty much razed a residence to the ground searching for a shoplifting suspect. In another case, law enforcement spent nineteen hours engaged in a tense standoff with an empty residence before deciding to send in a battering ram.

Another standoff -- currently the center of a federal lawsuit -- stands somewhere in between these two cases. The house wasn't completely empty or completely destroyed. But that still doesn't make the Caldwell (ID) police look any more heroic… or any less destructive.

The lawsuit's [PDF] opening paragraph lays it all out.

On August 11, 2014, after registering her child for first grade, Ms. West returned to her home to find multiple City of Caldwell police officers in her yard searching for a Fabian Salinas. Wanting to cooperate, and uncertain whether Salinas was in her house, Ms. West gave the police a key to her house and gave them permission to use it to enter her house to arrest him. During a ten hour long standoff, police repeatedly exceeded the authority Ms. West had given them, breaking windows, crashing through ceilings, and riddling the home with holes from shooting canisters of tear gas destroying most of Ms. West and her children’s personal belongings. The only occupant of the house was Ms. West’s dog. Ms. West’s home remained uninhabitable for two months.

Here's one photo of the home, taken by officers and provided to the Idaho Statesman in response to a public records request. (More photos can be found at the link.)

If you'd like to see some pictures of the standoff with the family pet that include the Caldwell Police's impressive armored personnel carrier (presumably able to withstand even the nastiest of dog bites), those can be found here.

According to Courthouse News Service's interview with Shariz West's lawyer, the documentation he's viewed gives no explanation why it took a small army of SWAT officers 10 hours to discover the suspect wasn't in the home.

"I have no idea," he said. "I've read the police reports and debriefing, and it's my recollection that someone heard a deadbolt activate, which was impossible, and saw the curtains move, which is possible because there was a pit bull in the house at the time. Basically, they had a standoff with a dog."

And that some remedial attic-traversing training might be in order.

Fisher said some of the damage to the house was caused when an officer slipped off a truss while crawling in the attic and fell through the ceiling.

So, when given a key and consent from the occupant, officers instead chose to grab an armored vehicle and go through several windows and the attic. Even if they believed the suspect might be dangerous, there has to be some middle ground between full-scale assault and simply unlocking the door and stepping inside.

This happened back in 2014 but there's been no coverage of the Caldwell cops' 10-hour, one-dog standoff until now. Thomas Johnson of Fault Lines suggests that might have something to do with the local paper of record.

If you’re wondering why it took a couple of years for this event to make news outside of Idaho, it’s because the local paper apparently only checks court records or their exclusive police source, resulting in some very incomplete reporting. Why bother getting out there and talking to the homeowner or neighbors when you can sit on your chunk?

The "coverage" Johnson points to opens with some severe law enforcement spin:

A man who escaped a police standoff last August in Caldwell, only to be captured in Meridian about a week later, pleaded guilty in 3rd District Court to felony eluding and felony rioting.

That's a pretty generous depiction of what actually happened. From all appearances, the suspect was never in the home during the 10-hour standoff. And when someone's not actually where you think they are, it's a huge stretch to refer to their non-presence as an "escape." If that's the spin the PD's using, they can just claim any person with an outstanding warrant not found at Shariz West's home on that long day in August 2014 also "escaped" the same standoff.

In any event, the city and PD are now facing a lawsuit. The police did give her a three-week stay in a hotel. Too bad it took more than two months for her to be able to return to her residence. This raid on a house containing nothing more than a dog is the natural side effect of police militarization, which encourages law enforcement to escalate in questionable situations, rather than use more measured tactics to ensure occupants aren't deprived of a place to live simply because a suspect might be hiding somewhere behind closed doors.

Permalink | Comments | Email This Story

Intel has entered into a new licensing agreement with competitor ARM to produce ARM-based chips in Intel factories. The deal, announced today at the Intel Developer Forum, is a strategic move from the Santa Clara, CA company to offer its large-scale custom chip manufacturing facilities, which include 10-nanometer production lines, to third-parties, including those using its rival's technology. I have a ton of Intel ARM devices already. Perhaps Intel could call these new chips "XScale". Just thought that up. I'm kind of proud of it.

The DEA -- along with several other law enforcement agencies -- has shown, over the years, that civil asset forfeiture is the tail wagging the dog. It may have been put in place to separate criminals from their cash, but is now used mainly to pad agency budgets and increase discretionary spending.

This attitude is summed up by the former DEA supervisor quoted in Brad Heath's (USA Today) investigation into the agency's forfeiture activities.

“They count on this as part of the budget,” said Louis Weiss, a former supervisor of the DEA group assigned to Hartsfield-Jackson Atlanta International Airport. “Basically, you’ve got to feed the monster.”

The monster is insatiable. The DEA loves taking cash from travelers so much it has hired TSA screeners as informants, asking them to look for cash when scanning luggage. It routinely stops and questions rail passengers in hopes of stumbling across money it can take from them.

But it goes further than just hassling random travelers and paying government employees to be government informants. As the USA Today's article points out, the DEA is datamining traveler info to streamline its forfeiture efforts.

DEA agents have profiled passengers on Amtrak trains and nearly every major U.S. airline, drawing on reports from a network of travel-industry informants that extends from ticket counters to back offices, a USA TODAY investigation has found. Agents assigned to airports and train stations singled out passengers for questioning or searches for reasons as seemingly benign as traveling one-way to California or having paid for a ticket in cash.

The DEA's cash-seizing efforts add another layer of surveillance to the traveling experience. It's not just multiple agencies looking for terrorists. It's also at least one agency looking for nothing more than cash. And it works. Heath notes that the DEA's surveillance apparatus has resulted in at least $209 million seized from over 5,000 passengers over the last decade.

This is wonderful news if you believe the DEA's job is to take cash off the streets. Not so much if you believe it should be taking criminals off the street.

In most cases, records show the agents gave the suspected couriers a receipt for the cash — sometimes totaling $50,000 or more, stuffed into suitcases or socks — and sent them on their way without ever charging them with a crime.

Case in point: the DEA seized $25,000 from a traveler after profiling her as a suspected drug courier, based on her itinerary and a past conviction for smuggling. But even though the DEA suspected her of being part of a trafficking operation, it seemed entirely uninterested in doing anything more than taking the cash.

Agents seized the money, and let Tillerson go. Her lawyer, Cyril Hall, said she was never arrested, or even questioned about whether she could give agents information about traffickers.

A year later, Tillerson produced paperwork showing the cash the DEA seized was lawfully obtained. The government agreed to give it back -- minus $4,000 prosecutors decided to keep just because.

The DEA, of course, claims that seizing cash (without pursuing indictments) is an essential part of its efforts to cripple drug trafficking operations. But after several decades of interdiction and forfeitures, most drug cartels seem to be every bit as financially healthy as the DEA is.

The perverse incentives of asset forfeiture don't just corrupt the DEA. They infect everyone involved in the process.

Five current and former agents said the DEA has cultivated a wide network of such informants, who are taught to be on the lookout for suspicious itineraries and behavior. Some are paid a percentage if their tips lead to a significant seizure.

[...]

[A]mtrak’s inspector general revealed that agents had paid a secretary $854,460 over nearly two decades in exchange for passenger information. A later investigation by the Justice Department’s inspector general found that the secretary initially looked up reservations only at agents’ request, but quickly “began making queries on his own initiative, looking for indicators that a person might be planning to transport illegal drugs or money on a train,” according to a report obtained under the Freedom of Information Act.

Airlines refuse to work directly with the DEA, but that hasn't stopped the agency from finding airline employees willing to peruse itineraries -- or pass them on to the DEA -- for a cut of the cash. The DEA can't use info from terrorist databases, so it has created an ad hoc network of informants to create a cash-focused surveillance network. Cash is king. Everything else about the drug war -- indictments, convictions, etc. -- is just a sideline.

“We want the cash. Good agents chase cash,” said George Hood, who supervised a drug task force assigned to O’Hare International Airport in Chicago before he retired in 2007. “It was just easier to get the asset, and that’s where you make a dent in the criminal organization.”

Welcome to the Drug War, where whatever's "easiest" is the government's focus.

Permalink | Comments | Email This Story

We know what automatic license plate readers are good for: collecting massive amounts (billions of records) of plate/location data housed by private companies and accessed by law enforcement for indefinite periods of time. What we don't know is how effective ALPRs are at fighting/investigating crime.

George Joseph at Citylab has done some digging into the effectiveness of license plate readers and hasn't found much that justifies the expense, much less the constant compilation of plate info.

Last month, the Bay Area’s UASI released ALPR data from the Central Marin Police Authority showing that only .02% of the nearly 4 million license plates tracked over October of 2015 through April of this year resulted in matches to any police “hot list” databases. The data indicate that zero “known or suspected terrorists” have been tracked using ALPRs, and that only a handful of other matches related to other hot-list criteria.

Why the mention of "terrorists?" Well, like most other high-tech law enforcement gear, the funding and deployment of these tools relies heavily on a narrative that never pans out: the neverending War on Terror. UASI stands for "Urban Areas Security Initiative" -- a DHS grant program meant to better equip law enforcement for handling terrorism/terrorists. To secure grants to pay for ALPRs, Stingrays, 1033 program supplies, etc., all law enforcement has to do is insert "because terrorism" somewhere in the requisition form. Existential angst -- and every government agency's natural desire to stay well-funded -- takes care of the rest.

But in reality, ALPRs aren't catching terrorists. They're not even catching dangerous criminals. Use of ALPRs has increased dramatically over the past decade, but there's not much to show for it other than millions upon millions of "non-hit" snapshots. Instead of bringing down terrorists, drug traffickers, auto theft rings, and kidnappers, ALPRs are being used to troll low-income neighborhoods. (Oakland, CA: Picture/data by Dave Maass, Jeremy Gillula, and EFF.)

Law enforcement officials continue to claim ALPRs are being used to target "major criminal activities." Maybe so, but there's been a troubling push by municipalities and private companies to turn plate readers into roaming revenue generators.

As the Electronic Frontier Foundation found, several municipalities in Texas... have sparked controversy for allowing police to team up with private-sector companies to work like mobile debt collectors.

In places like Guadalupe County, the City of Orange, and the City of Kyle, Vigilant, a for-profit technology firm, gives police free license-plate readers and creates its own “hot list” for police, using police records on individuals with outstanding court fines. In exchange, police with license-plate readers identify drivers with outstanding fines during their patrols, offering them a trip to jail or the option to pay the original court fee (plus a 25 percent markup, all of which goes to Vigilant).

This budget/profit-driven approach leads directly to ALPRs spending a disproportionate amount of time roaming low-income neighborhoods where unpaid fines and fees are often more prevalent. What's touted as a high-tech solution to serious criminal activity is being used to collect on unpaid parking tickets and unregistered vehicles. DHS anti-terrorism dollars are being converted into city budget enhancers. The "hot lists" used to direct law enforcement activity are routing officers away from dangerous criminal activity and turning them into glorified meter maids and revenue agents. Who needs to worry about terrorists when low-level scofflaws with unpaid parking tickets are more likely to generate income on the spot?

This is what's being done with millions of records controlled by private companies and governed by a patchwork collection of inadequate minimization and data destruction policies. Rather than make cities safer, they're only serving to make cities slightly richer. And in doing so, ALPRs are making policing -- especially the sort that actually serves the community -- a dusty relic of a bygone era.

Permalink | Comments | Email This Story

Microsoft has inadvertently demonstrated the intrinsic security problem of including a universal backdoor in its software after it accidentally leaked its so-called "golden key" - which allows users to unlock any device that's supposedly protected by Secure Boot, such as phones and tablets. The key basically allows anyone to bypass the provisions Microsoft has put in place ostensibly to prevent malicious versions of Windows from being installed, on any device running Windows 8.1 and upwards with Secure Boot enabled. I am out of snarky remarks. Yes, it's possible.

The fallout from the FBI's surreptitious bugging of county courthouses in California has coalesced into two motions to suppress -- with two very different outcomes. What makes this even more interesting is that both decisions were issued in the same judicial district.

Judge Phyllis Hamilton denied a motion to suppress last week. While she had concerns about the location of the bugs used in the FBI's investigation of property auction price fixing, she reached the conclusion that the recording of conversations that occurred in a public area did not violate the defendants' expectation of privacy. The decision hinted Judge Hamilton would be hard pressed to find any conversation in public -- no matter what attempts were made to prevent bystanders from listening in -- worthy of an expectation of privacy.

Judge Charles Breyer, however, has reached the opposite conclusion. Breyer dug deeper into the location of the recording devices and questioned whether the FBI was crossing a line by placing them in areas where privileged conversations might occur.

In a decision [PDF] handed down on August 1, Judge Breyer has tossed 200 hours of recordings made by the FBI on the grounds that the eavesdropping violated the defendants' expectation of privacy. (via Joe Mullin at Ars Technica)

The volume of oral communications is relevant to whether the speaker has a reasonable expectation of privacy, as is the proximity or potential of other individuals to overhear the conversation. The key inquiry here, however, “is not whether it is conceivable that someone could eavesdrop on a conversation but whether it is reasonable to expect privacy.” The evidentiary record here confirms that Defendants did not speak at a volume loud enough for an undercover agent or an FBI cooperator to overhear them. Feb. 11 Tr. at 155:7–12 (reflecting that the lead FBI agent testified that “the key observation made in the early part of the case” was that the cooperator and undercover agent “could not hear” Defendants’ conversations).

[...]

The Court thus finds no evidence in the record establishing that bystanders overheard the conversations surreptitiously recorded on the twenty-eight days in question; it does, however, find ample evidence in the record that bystanders could not overhear those conversations. See, e.g., Feb. 11 Tr. at 155:7–12. This factor thus supports a reasonable expectation of privacy.

Unlike Judge Hamilton's case, the defendants took active steps to avoid being overheard -- something that should have been expected, considering the presence of competitors hoping to acquire foreclosed property as cheaply as possible. Not only that, but the FBI testified that its undercover informant somehow managed to get booted from the inside circle, meaning that the government's own man had some idea bidders weren't loudly proclaiming their bidding strategies to all and sundry.

Away goes 200 hours of recordings -- a lot of which apparently captured stuff the FBI didn't care about. Along with it might go the rest of the evidence, if the court comes to the conclusion it's been tainted by the government's bugs.

The court concludes that zero expectation of privacy Judge Hamilton hinted at in her decision may be the new normal in the future, but we aren't there quite yet.

With continuing advances in technology, private conversations may become anachronistic rituals reducing intimate encounters to silent exchanges of notes. But that day has not arrived. Until it does, our Fourth Amendment protections should be defined by traditional circumstances. The Court concludes that Defendants had (1) a subjective expectation of privacy in the conversations recorded by the stationary microphones at the San Mateo County Courthouse, and (2) that expectation was objectively reasonable.

Whether or not efforts to carve out privacy expectations in public spaces will be successful appears to come down to the judge presiding over the case. Hamilton's decision made some scary assumptions about communicating in public areas, but she also had testimony and recordings showing the defendants she dealt with made less effort to keep their conversations secret than those in front of Judge Breyer. This may have been the key difference between the two cases, but Hamilton would have raised fewer privacy concerns if she hadn't expanded her thought process to declare that the privacy-less future Judge Breyer only hinted at has already arrived.

Permalink | Comments | Email This Story

A few years back, we noted how AT&T had begun charging broadband users a significant premium if they wanted to opt out of the company's Internet Essentials advertising program. Under that program, AT&T uses deep packet inspection to track consumer browsing behavior around the Internet -- down to the second. By default, AT&T users are opted in to the program. If they want to opt out of this data collection, consumers need to not only navigate a confusing array of options, but they also need to pay $44 to $62 more per month. AT&T, in typical fashion, has actually claimed this is a "discount."

With the FCC's Title II and net neutrality rules upheld, the agency is now considering new basic broadband privacy protections primarily focused on two things: ensuring ISPs properly disclose what's being collected and sold, and ensuring that ISPs provide customers with clear, working opt-out tools. But the agency is also considering banning ISPs from turning your privacy into an expensive luxury option.

Needless to say, Comcast isn't too pleased with this decision. In a new filing with the FCC (pdf) documenting a meeting at the agency, everybody's least liked cable company argues that stopping them from charging more for privacy would, amusingly, hurt consumers by making services more expensive:

"We also urged that the Commission allow business models offering discounts or other value to consumers in exchange for allowing ISPs to use their data. As Comcast and others have argued, the FCC has no authority to prohibit or limit these types of programs. Moreover, such a prohibition would harm consumers by, among other things, depriving them of lower-priced offerings, and as FTC Commissioner Ohlhausen points out, “such a ban may prohibit ad supported broadband services and thereby eliminate a way to increase broadband adoption."

Yes, that's Comcast actually trying to argue that charging customers more money for privacy is a good thing because it will lower rates and improve broadband adoption. Except as we all know, it's the lack of competition in the broadband space that sets broadband pricing and adoption. And there's yet to be an ISP that has seriously embraced the idea of offering a lower-priced service if consumers agree to have their behavior monetized. All AT&T is doing is taking an already expensive broadband service and tacking a very steep privacy surcharge on top of it.

In addition to trying to argue that the FCC doesn't have the authority to police such behavior (not true, it's simply updating existing Title II privacy rules governing phone network CPNI and applying them to broadband), Comcast said that making privacy a luxury option is simply a "bargained-for exchange of information for service":

"A bargained-for exchange of information for service is a perfectly acceptable and widely used model throughout the U.S. economy, including the Internet ecosystem, and is consistent with decades of legal precedent and policy goals related to consumer protection and privacy."

Again though, the implementation of this idea at AT&T is unique because in the broadband market, users can't switch providers if they don't like their privacy practices. Meanwhile, AT&T not only makes opting out expensive, it makes it incredibly cumbersome and confusing -- ensuring that the least number of users actually take the option. These ISPs consistently argue that they should be treated just like Google and Facebook when it comes to privacy regulations, intentionally ignoring the lack of competition in last mile broadband.

As they push harder into content and ads, Comcast, AT&T, and Verizon have all repeatedly tried to argue that there should be absolutely no privacy rules governing broadband because they can self-regulate in the absence of meaningful competition. But as we saw when Verizon was busted for covertly modifying wireless packets to track consumers (one of the things that drove the FCC to take this route to begin with), it's abundantly clear that's simply not the case.

Permalink | Comments | Email This Story

While I don't play Pokemon Go, I've still found the public hysteria surrounding the game to be endlessly entertaining. I've laughed as "get off my lawn" types bitch and moan simply because people are having harmless fun in ways they don't understand. I've chuckled as Pokemon Go players forget that the rules of reality still apply while in augmented reality. And I've laughed at the absurd new lawsuits popping up to try and cash in on the phenomenon.

Continuing the trend of hysterical reactions to a relatively simple game, New York Governor Andrew Cuomo this week took the step of making online games a violation of parole for sex offenders. Not just Pokemon Go....all "similar games," whatever that winds up meaning. In a prepared statement by the Governor, Cuomo insisted that Pokemon Go was a dangerous new avenue allowing sexual predators to prey on helpless tots:

"Protecting New York’s children is priority number one and, as technology evolves, we must ensure these advances don't become new avenues for dangerous predators to prey on new victims," Governor Cuomo said. "These actions will provide safeguards for the players of these augmented reality games and help take one more tool away from those seeking to do harm to our children."

Cuomo also sent a letter to Pokemon Go creator Niantic (pdf) urging the company to help keep Pokemon Go out of the hands of sexual predators:

"The State has taken action to prohibit sex offenders from using this game, but we need your assistance to make certain that sex offenders will not continue to use Pokémon GO by technologically barring their use. Working together, we can ensure that this danger today does not escalate into a tragedy tomorrow."

So yeah, there's obviously a number of huge problems with this. Sex offender registries are already seen as highly controversial and potentially ineffective. The majority of people on them aren't the kind of scary "sexual predators" out to grab kids that the media and politicians like to suggest. In some cases they include people who were caught urinating in public or having consensual sex in semi-public areas. In other words, the vast majority of people on the list have zero interest or likelihood of using the game to go hunting for victims.

On top of that, banning the playing of all online games is a pretty major step in potentially ruining the lives of people trying to get back on track. Banning a specific subset of people from playing Pokemon Go alone would be incredibly difficult, but banning the playing of all online games in an age when even single player games often have an online component? It's quite frankly impossible.

Meanwhile, such a ban would do nothing to stop a child molester from simply hanging out near obvious "pokestops" without ever having to fire up the game.

Cuomo's reaction appears driven by a new report by New York State Senators Jeffrey D. Klein and Diane J. Savino. The report took a list of 100 registered sex offenders across New York City, and compared it to locations where Pokemon Go players gather to fight monsters or collect in-game items. They found 59 instances where a pokéstop or "gym" was within half a block of a sex offenders' home. Granted this being the dense grid that is Manhattan, your chance of being near a sex offender's residence at any given moment is already arguably very high.

In short we're talking about potentially demolishing a life for playing games, using new rules that won't be enforceable anyway. That's before you even get to the potential constitutional questions about the freedom of assembly and due process. All so, let's be honest, Cuomo and other politicians can piggyback on the Pokemon Go phenomenon in order to promote themselves as selfless defenders of tots and toddlers.

Permalink | Comments | Email This Story

The United States Olympic Committee (USOC) must spend a majority of the four-year break between Olympics thinking up new, spectacularly petty demands to make of everyone when the next event rolls around. It's always been overbearing and thuggish, but it seems determined to top itself with each new iteration of its sports-related boondoggle.

In the run-up to this year's particularly dystopian Olympic games, being hosted in a city without clean water or a clean police force, the USOC has already demanded:

- That a company take down Olympic-related social media posts pertaining to the Olympic athlete the company is sponsoring

- That no non-official commercial entities are allowed to use certain hashtags in tweets

- That no "non-media" companies are allowed to refer to the Olympic games, outcomes of events, or even share/repost content posted by official Olympic media accounts

It's these last two that are being challenged -- not by a megacorporation unable to buy its way into the USOC's good graces, but a Minnesota-located franchise of the Zerorez carpet cleaning business.

A small business in Minnesota is suing over the US Olympic Committee’s ban on tweeting about the Olympic games. The Committee announced last month that non-sponsors are banned from even using hashtags like #Rio2016 or #TeamUSA. Zerorez, a carpet cleaning business in Minnesota, will file suit in U.S. District Court on Thursday.

So why is this seemingly random floor cleaning business in Minnesota the one suing? They simply want to root for the home team.

“They’re very engaged with social media,” Aaron Hall, CEO of the JUX Law firm, told me over the phone. “They felt concerned about being censored on social media, especially at a time when we’re going through a time of pain and negativity.”

The JUX Law firm filed its lawsuit [PDF] Thursday, angling for declaratory judgment that would give it permission to do all the things the USOC seems to feel no businesses should be allowed to do when the Olympics roll around. (h/t to JUX Law for sending me a copy of the filing before it hit PACER.)

Under 28 U.S.C. § 2201 and Minn. Stat. ch 555 (Uniform Declaratory Judgments Act), Zerorez seeks a declaratory judgment regarding its rights to discuss the Olympics in social media and other online forms of public discourse as follows:

a. The examples of social media posts in paragraph 11 do not violate the Ted Stevens Olympic and Amateur Sports Act nor the trademark rights of the USOC;

b. Businesses, including those that are not official Olympic sponsors, are not entirely precluded from engaging in conversation about the Olympics, Olympic results, and Olympic athletes on social media;

c. It is possible for businesses, including those that are not official Olympic sponsors, to mention the Olympics, Olympic results, and Olympic athletes on social media without violating the legal rights of the U.S. Olympic Committee;

d. The U.S. Olympic Committee exaggerated the strength of its legal rights by claiming “commercial entities may not post about the Games on their corporate social media accounts;”

e. The U.S. Olympic Committee exaggerated the strength of its legal rights by claiming businesses categorically cannot use its trademarked words and phrases, such as Olympic, Olympian, and Team USA, on social media and websites;

f. The U.S. Olympic Committee exaggerated the strength of its legal rights by claiming businesses may not wish good luck to Olympic athletes on social media;

g. The mere mention of the Olympics, Olympic results, and Olympic athletes, by a business not sponsoring the Olympics, is not necessarily a violation of rights of the U.S. Olympic Committee;

h. The USOC’s trademark rights in hashtags such as #TeamUSA, #Olympics, and #Rio2016, do not categorically prohibit businesses from using those hashtags to accurately reference these Olympic topics;

i. The USOC has misrepresented and exaggerated the authority granted to it under the Ted Stevens Olympic and Amateur Sports Act;

j. If the Ted Stevens Olympic and Amateur Sports Act were interpreted so broadly as to prohibit all businesses from non-commercial speech regarding the Olympics, the Act would be unconstitutional because it would restrict First Amendment rights;

k. The USOC violated fundamental Constitutional rights as set forth in this Complaint;

l. Speech is not commercial in nature merely because it is on a business’s social media account; and

m. A statement about the Olympics on social media, that does not propose a commercial transaction and reference a specific product or service, is not commercial speech and does not violate the USOC’s rights.

The post contains examples of tweets Zerorez would like to send out, but the USOC's new rules apparently forbid it from doing so and place it in danger of being on the receiving end of a lawsuit, rather than dishing one out.

Congrats to the 11 Minnesotans competing in 10 different sports at the Rio 2016 Olympics! #rioready

Are any Minnesotans heading to #Rio to watch the #Olympics? #RoadToRio

St. Cloud native Alise Post is an #Olympian competing in the #Olympic BMX events today. Follow her at @alisepost11

Good luck to our 11 Minnesota Olympians competing in #RIO2016.

All very innocuous, supportive and non-deceptive. And all the sort of thing the USOC says no one but official sponsors are allowed to do.

I'm not sure this is the sort of declaratory judgment filing Mike was asking for at the end of his post about how the USOC harms Olympic athletes with these stupid social media rules, but it's the only one we have at this point.

There are some interesting First Amendment issues tucked in between the USOC's outsized trademark assertions and the lower protections afforded commercial speech. There's zero chance this will even be viewed by a judge until after the Olympic games are underway and any decision will probably arrive after the games have finished.

But if it does contain enough actionable claims that the court doesn't toss it after the first motion to dismiss, there's a slim chance the USOC won't be able to be quite so overreaching in the future. If nothing else, Zerorez may find itself freed of USOC stupidity. If it does that, many other commercial entities and nonprofits will probably seek similar judgments of their own.

Permalink | Comments | Email This Story

A Louisiana sheriff has just inserted himself into a mess of First and Fourth Amendment violations by using his power to go after an anonymous blogger who claimed he was corrupt. Naomi LaChance of The Intercept has more details.

After a watchdog blog repeatedly linked him and other local officials to corruption and fraud, the Sheriff of Terrebone Parish in Louisiana on Tuesday sent six deputies to raid a police officer’s home to seize computers and other electronic devices.

Sheriff Jerry Larpenter’s deputies submitted affidavits alleging criminal defamation against the anonymous author of the ExposeDAT blog, and obtained search warrants to seize evidence in the officer’s house and from Facebook.

The target of this raid -- supposedly the blog's author (although he denies being behind it) -- is another law enforcement officer. Wayne Anderson works for the Houma Police Department. Taken from his home during the raid were five cell phones and two computers -- including his children's laptop.

Sheriff Larpenter is trying to use Louisiana's criminal defamation law to prosecute Anderson. Unfortunately for the overreaching sheriff, that law isn't going to work.

The Louisiana Supreme Court ruled the criminal defamation law unconstitutional "insofar as it attempts 'to punish public expression and publication concerning public officials, public figures, and private individuals who are engaged in public affairs.’”

Larpenter is trying to get around this by claiming the "investigation" was prompted by a citizen's complaint -- that of Tony Alford, an insurance agent named in the blog's posts. The blog's author alleges impropriety related to Alford's no-bid contract to provide insurance coverage for the parish via the agency he works for, Alford, Staples, Lapeyre & Robichaux. The corruption hook here is that Sheriff Larpenter's wife also works for the same insurance agency.

So, it's not really about Tony Alford. It's about Larpenter and his wife. The blog has also made allegations about improper relationships between the department and the town's most powerful government officials, including District Attorney Joe Waitz, Jr. Unsurprisingly, this is the same DA Larpenter wants to prosecute the case.

When Larpenter was asked whether there is a conflict in him investigating an alleged crime involving himself, he replied, "If you're gonna lie about me and make it under a fictitious name, I'm gonna come after you."

He went on to say that once he finished investigating the blog, he would turn the case over to District Attorney Waitz to determine if Waitz wanted to prosecute it or “hand it off.”

Waitz, to his credit, has recognized the conflict of interest and has chosen to pass it on to another office for possible prosecution. But the charge is unlikely to stick, even with Sheriff Larpenter's maneuvering. Larpenter's comments make it clear this attempted prosecution is personal ("lie about me") and is willing to use an unconstitutional statute to justify a search/seizure of personal electronics. But even his invocation of a supposed "private" individual (the insurance agent) to obtain search warrants isn't going to be enough to salvage this blatant attempt to shut down a critic. As the parish's main insurance provider, Alford is very definitely a "private individual engaged in public affairs." Beyond that, he's a public figure in his own right.

In addition to holding public contracts, Tony Alford is also the acting President of the Terrebonne Parish Levee and Conservation District Board of Commissioners, a public position that requires him to file annual personal financial disclosures with the Louisiana Board of Ethics.

Even the process used to obtain the search warrant to seize Anderson's devices was a bit shady.

The one they used to search Anderson’s home was signed Tuesday by Judge Randall Bethancourt, who was not serving as the on-duty judge for criminal cases that day.

This suggests a bit of magistrate shopping by the Sheriff's Office. Now that the warrant has been executed and devices seized, a motion to quash is in place. But that does little for Officer Wayne Anderson. Not only has he been suspended (with pay) by the Houma Police Department while this farce plays out, but the court is holding onto his computers and phones until a hearing on the motion can take place.

The First Amendment implications of Sheriff Larpenter's raid are clear. That the search warrant -- in pursuit of bogus criminal defamation charges -- has already been carried out means Sheriff Larpenter will be facing Fourth Amendment violations claims as well in the inevitable civil rights lawsuit that will follow this debacle. Sheriff Larpenter should have had no problem fighting speech he didn't like with speech of his own -- especially considering his position as a public figure who holds a powerful office. Instead, he has chosen to abuse his position and power to silence a critic, something that's not exactly helping him look any less corrupt.

Permalink | Comments | Email This Story

This is a compilation video of famed astrophysicist and MIT physics professor Walter Lewin demonstrating his chalkboard dotted line drawing skills. Apparently he provides just the right amount of angle and pressure on the chalk to make it skip and produce a dotted line. My college professors? My college professors had zero chalkboard skills. Of course we didn't have chalkboards, we had whiteboards, and I always got to class early to draw a penis on them before anybody else got there. The only thing my professors were good at was erasing them and lecturing us about how we were all too old to be drawing penises on the whiteboard. The thing is, you're never too old to draw a penis on a whiteboard. That's when I realized I'd never learn anything of value in these classes and dropped out. Just kidding, I stuck through and got a Master's. 'Why?' is the question I should have been asking myself then. Keep going for the video, as well as an hour long video of Lewin's last lecture at MIT in case you really want to stick it to the man today. Thanks to hairless, who was a total pro at taking the chalkboard erasers out and banging them against the side of the school building. Dude -- me too.

Politico has an article with a misleading title -- the return of the Luddite president -- which discusses how neither of the two major party Presidential candidates are even remotely tech savvy. The headline is an unfortunate oversell. Luddites aren't just people who don't know anything about technology. They're people who actively dislike certain technologies, in the belief that such advances will harm their own livelihoods. In a broader sense, the term is used to discuss people who generally dislike the march of technological progress. Again, that does not appear to be the case with either of the two candidates, who (at best) might just be described as agnostic to/indifferent to new technologies and somewhat ignorant on what that might mean from a policy perspective.

Clinton's tech travails are all over the headlines, including the lax security of her home-brewed email server and her documented struggles with fax machines — and the recently disclosed hacking of the Democratic National Committee's emails won't do much to burnish her party's image of cyber competence.

But Trump's hardly a candidate for the Geek Squad either, despite the prolific round-the-clock tweeting strategy he uses to dominate the headlines. He has boasted that he hardly ever sends emails — and, like Clinton, he often relies on staff to print news articles off the internet.

“I’m just not a believer in email,” Trump said during a news conference Wednesday where he criticized Clinton's use of a private server when she was secretary of State.

Of course, this is still problematic! Technological innovation is going to have a massive impact on a huge list of issues that any President is going to face over the next four years. And not understanding those issues, let alone how they may impact the policy choices that are being made is worrisome -- just not as worrisome as someone who actively dislikes technological progress.

Still, there are reasonable concerns here:

“These are two candidates who don't have their hands on the technology, and that’s unfortunate, because without that it’s difficult to understand this stuff on a deeper, more visceral level,” said Peter Leyden, a futurist and former managing editor of Wired who was an early Obama backer in Silicon Valley....

[....]

“We're on the verge of a fundamentally different economy that’s being absolutely transformed by the next wave of technology,” Leyden said. “It will have huge ramifications on society. And someone running the goddamn country has to know that."

Unfortunately, that doesn't seem likely. And that's probably going to keep us at Techdirt pretty busy for the next four years.

Permalink | Comments | Email This Story

There was a Mewtwo right between those tanks. Despite the fact its probably an ideal spot to catch ultra-rare evolved Pokemon, the Japanese government is encouraging Pokemon Go players to steer clear of the Fukushima Disaster Zone. You'd think that would be common sense, but if there's one thing Pokemon Go players have taught us, it's that there is no common sense when you're chasing Pokemon.

Tokyo Electric Power Company Holdings (Tepco) has requested that Pokémon Go developer Niantic and the Pokémon Company prevent Pokémon appearing in and around areas affected by the nuclear reactor meltdown in Fukushima to help prevent encouraging players to enter dangerous areas. Tepco said it has tested the Fukushima Daiichi plant, which was partially destroyed by the March 2011 disaster, the nearby Fukushima Daini plant and the Kashiwazaki-Kariwa plant in Niigata Prefecture and found Pokémon on-site.

Admittedly, that is a pretty serious oversight of the game's creators -- you can't have Pokemon spawning in radioactive locations. Now I'm not saying Niantic and the Pokemon Company should be held responsible and sued for this blunder, but I definitely didn't have this tail a month ago. Thanks to Jarod, who agrees they need to make a World Of Warcraft Go already.

In accordance with the new instructions to wrap its arms gingerly around transparency, the Office of the Director of National Intelligence is following the letter of the law in its tepid celebration of National Whistleblower Day.

The admission that this is something beyond the office's control doesn't appear until the fifth paragraph of the ODNI's "National Whistleblower Celebration Day" post -- which definitely gives it the appearance of being something it wouldn't have done if it had been given the choice.

The Senate Whistleblower Protection Caucus Introduced a resolution that designated July 30, 2016 as Whistleblower Appreciation Day. The resolution “encourages federal agencies to acknowledge employees who call attention to fraud waste and abuse and remind employees of their legal rights as whistleblowers.”

The lack of proper punctuation suggests this was copy-pasted from somewhere similarly comma- and enthusiasm-free. And while there are a few nods to the new mechanisms available to whistleblowers, the complaints will all end up in the ODNI's office sooner or later. This perhaps explains why there are so few of them, despite the program's supposedly "robust outreach" and "reprisal intake functions."

Ah. Robust. Eighteen blown whistles in two-and-a-half years, with zero landing before an outside review board.

On the other hand, there may be some sincerity in the post, seeing as Daniel Meyer -- the intelligence official quoted in the press release -- is probably in need of some whistleblower protection. Not only is he the Executive Director of IC Whistleblowing and Source Protection, he's also a customer:

The Obama administration’s top official overseeing how intelligence agencies handle whistleblower retaliation claims has lodged his own complaint, alleging he was punished for disclosing “public corruption.”

Daniel Meyer, who previously oversaw the Defense Department’s decisions on whistleblowing cases, also says he was targeted for being gay, according to records obtained by McClatchy.

Meyer made the allegations in a complaint before the Merit Systems Protection Board, an administrative panel that handles employment grievances from federal employees, after another agency rejected his claims.

There's also the matter of the elephant (who was once) in the room (but now resides somewhere in Russia). Despite there being widespread acknowledgment that Edward Snowden's leaks have been responsible for the first meaningful surveillance reforms in years, Snowden's name is nowhere to be found in the ODNI's celebratory post.

Maybe that's because the Presidential Policy Directive instituting better protections for intelligence community whistleblowers was issued in October 2012, well ahead of the initial Snowden leak. Maybe that's why the ODNI is completely restrained in its celebration of its most famous whistleblower. Then again, the PPD gave agencies 270 days to comply, which means most of them were forced to put this policy into effect just one month after Snowden's first leak, at the latest. That has to sting a little.

Whatever the case is -- whether it's a lack of actual wrongdoing or a system that still doesn't do quite enough to protect whistleblowers against reprisals -- the low number of complaints currently making their way through the system are being handled "lawfully," according to ODNI. This would put policy compliance in line with its multiple bulk interception/metadata programs, which have always been referred to as "lawful" during multiple "no comments" delivered in response to multiple leaks.

For all intents and purposes, it is Snowden Day, which now comes twice a year -- and will never be officially acknowledged once.

Permalink | Comments | Email This Story

By now, hopefully, you already know about Moxie Marlinspike, the security researcher/encryption guru/creator of the important open source encrypted messaging protocol Signal. However, it's still worth reading Andy Greenberg's big profile on Moxie over at Wired (and, no, he still will not reveal his original name or much more about his history). The whole thing is a good read, but there's one crazy part, where Greenberg asks an FBI official for their thoughts on the guy who is making encryption that he deliberately says he hopes will be used to keep the FBI from spying on certain conversations. The FBI, not surprisingly, is not a fan. But, still, it seems like quite a leap to then make an analogy with the KKK:

A spokesman for the FBI, when asked to comment on Marlinspike’s law-breaking philosophy, replied, “The First Amendment protects people who hold whatever view they want. Some people are members of the KKK. I’m not going to engage in a debate with him.”

This is insane on multiple levels. First off, what a weird thing to pull out. Here's someone building tools to help keep the public private and secure. Why would the KKK be the FBI's immediate go to in terms of talking about him? Second, what does any of this have to do with the First Amendment? I guess they're saying that Moxie is free to support the idea that it's good that people can break some laws. But, still, saying the FBI "won't engage in a debate" with Moxie is again missing the point.

I get that many in the law enforcement realm believe (incorrectly) that strong encryption makes us less safe. And, so I can understand that those misguided folks might not like Moxie at all. But it seems like a pretty big leap to go from that to bringing up the KKK.

Permalink | Comments | Email This Story

Law enforcement officers are pretty used to being able to stop nearly anyone and demand to know who they are and what they're doing. Sure, there are plenty of laws that say they can't actually do that, but the public is generally underinformed about their rights, and this works in cops' favor. As a recent Appeals Court decision pointed out, citizens are "free to refuse to cooperate with police before a seizure."

Obviously, this perfectly legal act of noncompliance just won't do, and it certainly won't be cops pointing out to citizens the rights they have available to them. New York City legislators thought they could force this transparency on the NYPD.

The bills, known as the Right to Know Act, require officers to identify and explain themselves when they stop people, and to make sure people know when they can refuse to be searched. These are timely, sensible ideas, echoing recommendations made by President Obama’s task force on 21st-century policing. Though the Right to Know Act has been bottled up in the Council for two years, it has broad support among Council members and community organizations, and sponsors say it would pass easily if it ever came to a vote.

It may have "broad support," but it didn't have support where it counts. Police Commissioner Bill Bratton expressed his displeasure with the idea of his officers having to respect the rights of citizens.

Mr. Bratton has denounced the Right to Know Act as an “unprecedented” intrusion into his domain.

As Scott Greenfield points out, Bratton could have dialed back his righteous indignation and applied these changes on his own.

Of course, there is nothing to prevent New York Police Commissioner Bill Bratton from telling his cops to do this anyway. But he didn’t. He won’t. It’s not as if he serves at the pleasure of New York’s most progressive mayor ever. But the big issue for Bratton isn’t that the ideas incorporated in the law are so dangerous and counterproductive, but cops just don’t like being told what they have to do.

"Broad support." "Would pass easily." None of this matters. The person in charge of routing pending legislation made this decision for the rest of the legislators who support the bill in its unaltered form.

But there has been no vote. The Council speaker, Melissa Mark-Viverito, essentially derailed it this month. She told members that she had quietly struck a compromise with the Police Department to adopt some, but not all, of the act’s reforms administratively. Under the deal, officers who want to search people but have no legal basis to stop them must ask permission and wait to hear “yes” or “no.” They have to explain that a person can refuse to be searched, and give a business card to people who are searched or stopped at a checkpoint or to anyone who asks.

Waiting for the NYPD to "adopt" reforms is like waiting to adopt a child. Days become weeks become months become years. Three years after Judge Shira Scheindlin ordered the NYPD to alter its unconstitutional stop-and-frisk program, officers still weren't fully informed of the new guidelines. The NYPD's "quiet adoption" of the agreement is more in line with dumping it into a foster home run by negligent caretakers.

The government has long depended on the ignorance of the citizens to maintain control. The killing of this legislation -- and Bratton's agreement to make it watered-down internal policy rather than actual law -- is more of the same. The less the public knows about what the police can or cannot demand from them, the more often this ignorance will be exploited by people with power.

Permalink | Comments | Email This Story

A few years ago, the United Arab Emirates (UAE) seriously clamped down on the internet, with new regulations designed to silence criticism on the internet. There have also been efforts there to ban the use of BlackBerries and other devices that offer encryption. So, perhaps it's of little surprise that the UAE has expanded a law that had originally been designed to block VoIP usage, to ban any use of a VPN or proxy that changes your IP address, and makes it all a crime that can get you jail time:

Article 1 provides for replacing the text of Article 9 of Federal Law No. 9/2012 as follows:

Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dh500,000 and not exceeding Dh2,000,000, or either of these two penalties.

Now, you could argue that there's a condition here: that the use needs to be "for the purpose of committing a crime or preventing its discovery," but, again, remember that lots of things are a crime in the UAE, including using a VoIP provider. As the folks at Private Internet Access explain, this is a pretty big expansion of the law:

Previously, the understanding of UAE internet law was that VPN or proxy use would be prosecuted under the Telecom Law only if it was used in connection to another crime – this is now going to be set law with a set fee and mandatory jail time. Now, with President Khalifa’s newest proclaimed laws, it is OK for the UAE police to go after individual VPN users for any criminal infraction. Currently, such crimes include accessing blocked services or websites, which can only be done with a VPN or proxy, use that the UAE considers fraudulent use of an IP address. That means watching pornography (a worry for tourists) and calling home on unlicensed VoIP services (a worry for most UAE residents) such as WhatsApp, FaceTime, or SnapChat. Internet users in the UAE, especially the large masses of immigrant labor, use VPN services to get past this geographical VoIP ban to talk to relatives and friends back home.

The PIA article does point out that there is an "approved" VPN from the two state approved telcos, Etisiat and du, but that it blocks lots of services itself and is prohibitively expensive. And while the natural assumption about any attempt to ban VPNs is that it's for surveillance purposes, that may just be a side benefit here. The key focus does appear to be very much about blocking access to VoIP services to prop up the two official telcos. In other countries, the concern about net neutrality was always that telcos would do things like block VoIP. In the UAE, the government goes so far as to not just support such blocking, but actively work to criminalize the use of a VPN to get around such blocks.

Permalink | Comments | Email This Story

The TSA is a multibillion dollar agency with nearly zero redeemable qualities. It can only act in hindsight, does almost nothing to make traveling safer, and seemingly devotes most of its screening efforts to toddlers, cancer patients, and ensuring carry-on liquids do not exceed three ounces.

What it lacks in competency, it makes up in misconduct. Lines at security checkpoints have slowed to a crawl. Making it through the tedious, invasive process sometimes means inadvertently "donating" expensive electronics to sticky-fingered agents. The TSA's morale is generally on par with Congress' approval rates. And, when it's all said and done, the people hired to protect travelers just plain suck at their job.

Despite the Transportation Security Administration's ten-point action plan to reduce long lines at airports across the country, lengthy queues remain. Now, the TSA's summer may be getting even worse: According to a recent report from the House Homeland Security Commission entitled "Misconduct at TSA Threatens the Security of the Flying Public", nearly half of the TSA’s 60,000 employees have been cited for misconduct in recent years.

As Katherine LaGrave of the Conde Nast Traveler points out, the problem is only getting worse. Complaints are up 28% over the last three years, with larger airports averaging a complaint a week. Long lines may be causing a spike in the complaints, but the misconduct detailed in the report has very little to do directly with this issue.

Attendance issues are part of the problem, but the offenses listed in the report range from missing work to smuggling drugs/humans to "engaging in child pornography activities." Although processes are in place to handle disciplinary issues, they are both bureaucratic and inconsistently applied. Worse, the investigation found that the agency has no specific process in place to fire problem employees.

But the obvious takeaway from this report is that the TSA is not improving. It's getting worse, despite the institution of an action plan and added layers of direct oversight. The report also cautions that this will never improve, at least not if the TSA continues to ignore internal issues. It notes that misconduct allegations have increased by nearly 29% in the last three years but opened investigations not increased, but have actually gone down 15% over the same period.

Then there's this:

Almost half of TSA’s entire workforce allegedly committed misconduct, and almost half of that number allegedly did so repeatedly. According to TSA data, from fiscal year 2013 through 2015, almost 27,000 unique employees had an allegation of misconduct filed against them. Moreover, about half of those employees had two or more misconduct allegations filed against them, with some employees having 14, 16, and 18 allegations. In fact, 1,270 employees had five or more misconduct allegations filed against them.

The TSA knows -- or should know -- who its problem employees are. It just isn't willing to do anything about them.

The TSA's toxic culture didn't form in a vacuum. It started at the top, thanks to legislators granting the agency far too much power and demanding far too little in terms of accountability in return. The TSA has crafted policies containing several exploitable loopholes for upper management to abuse. TSA officials are unwilling to fix internal issues, and have provided nothing to Congressional oversight when questioned about the agency's disciplinary problems.

On March 10, 2016, Chairman McCaul requested data from TSA on the number of directed reassignments that have taken place to understand the depth of this type of misconduct and to give TSA an opportunity to present information in its defense. However, almost four months later, TSA has only provided about half of the requested data stating that it has required manual review of case files. If this information is not readily available to provide to Congress, it is likely not readily available to TSA decision-makers, and indicates that TSA is not providing oversight of these types of reassignments.

The agency refuses to track misconduct on its own, suggesting it would rather have a bunch of warm bodies in place than anyone truly interested in the important job they've been entrusted with. Everything rolls downhill from there. If the agency is unwilling to do even the minimum to curb misconduct, it should come as no surprise that it's become host to a large number of misbehaving employees. Fifteen years of mismanagement has turned a response to a horrific attack into a playground for people who like lots of power and zero accountability.

Permalink | Comments | Email This Story